Feeds

Business continuity planning: will it save you?

Policy wonks

  • alert
  • submit to reddit

High performance access to file storage

Every year, security firm Pinkerton publishes a survey of the top threats that businesses believe that they have faced over that particular year writes Fran Howarth of Bloor Research.

In six out of the past seven years, workplace violence has topped the list of concerns. However, business continuity interruption or continuity planning has been placed as the second greatest threat perceived by businesses for four out of the past five years.

But just how seriously are companies taking the issue of planning for when disaster strikes? Research from Compass Management Consulting released recently shows that most companies in the UK are ill-prepared to deal with crises caused by physical or electronic disasters.

While the survey by Compass shows that 98% of an undisclosed number of FTSE 100 firms had a business continuity plan in place, only just over one-third of those companies that had suffered an IT disaster over the last five years (58% of all firms surveyed) had used the measures that they had put in place in the business continuity plan to solve the problem. Even those that had used the processes put in place as part of the business continuity plan failed to adequately protect themselves, with 71% of respondents reporting that their business was still impacted.

Compounding the problems, even those companies with plans in place were failing to review those plans on a regular basis - meaning that new potential areas of disaster were often not included, Compass reports.

These findings are echoed in other surveys and reports that have been put out recently on the subject. But it is not too late for companies to take action and this is the time to start budgeting for increased security in companies. And, fortunately, the lacklustre technology spending of the past couple of years appears to be at an end, with companies opening their purse strings once more. Just in time, perhaps, since companies are under greater threat than at any time before. Bloor's own visionary, Robin Bloor, has pointed out recently that the level of security breaches has reached crisis level, with 90% of companies experiencing security breaches of some sort in 2003 - and this is growing at a rate of 50% or more every year.

In addition, a whole host of legislation is either being passed or ratified at the moment - such as the Data Protection Act of the EU, which requires companies to apply a much higher level of protection to the data that the collect, hold in storage or even dispose of. In 2004, we can expect to see security driving a large part of technology spending. But no matter how good the technology protection that you put in place is, the onus is on the effective development of policies that will allow security officers and other personnel to react to minimise damage. A plan that is not enforced is not worth the paper that it is written on.

© IT-Analysis.com

High performance access to file storage

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.