An incident response (IR) plan without a business continuity component is like a house without a roof — seven months out of the year you could be just fine, but when winter comes, you’re in trouble. The incident response plan reviews and responds to any cybersecurity incident or attack which may, or may not, disrupt business operations. Either way, including a business continuity component is the proactive way to support business operations and critical infrastructure.
Having some critical steps related to business continuity can mean the difference between costly downtime or a barely noticed disruption. Business continuity as a part of your incident response plan prepares you to minimize the impact of an attack while finding and fixing the cause to prevent further damage.
While business continuity often lives within the IT department, when an incident results in an intrusion, the cybersecurity team is a key partner in minimizing the impact on the business. With this in mind, this checklist outlines how to incorporate business continuity steps within your incident response plan.