Skip to content
English
Visit our website
  • There are no suggestions because the search field is empty.

Crisis Management: A Guide

Crisis management planning is essential in organizations of all sizes. Being attacked is a "when", not an "if", and the better your preparation the more likely you will be to recover from an attack quickly.

What is Business Continuity Planning (BCP)?
Business Continuity Planning (BCP) is a strategic process that ensures an organization, in this case, an educational institution, can continue its critical functions during and after a disruption or disaster. The primary objective of a BCP is to minimize the impact on operations, maintain essential services, and facilitate a quick recovery. It should cover topics like law enforcement, media communication, alternative locations for operations, offline payroll and finances, as well as technical continuity.

What is Incident Response Planning (IRP)?
Incident Response Plans (IRP) are a systemic approach that outlines how an organization will detect, respond to, and mitigate a cyber security incident. The IRP is likely to include detailed roles, responsibilities and procedures to minimize the impact of incidents, as well as, procedures for a swift recovery, and lessons learned including security mitigating features/factors moving forward. All users should know how to access the IRP in case they suspect an incident is occurring and want to take action.

What is Disaster Recovery planning? (DRP)?
A Disaster Recovery Plan (DRP) is a structured approach that outlines the processes, procedures, and tools to be used for the recovery of an organization's IT systems and data after a major disruptive event. This involves assessing potential risks, creating backup procedures, and establishing clear guidelines for removing critical infrastructure. A DRP should provide a roadmap for organizations to swiftly regain functionality and resume business operations.

Which is the most important?
The BCP, IRP, and DRP all cover different aspects of crisis management. They work together to give you a comprehensive plan for mitigating the impact of an attack. The BCP is crucial for maintaining essential business functions, IRPs focus on managing and mitigating the impacts of cyber incidents, while DRPs are essential for restoring IT infrastructure after major disruptions. To be considered prepared, you should have plans in all areas to give you the best chance of lessening the impact of a potential attack.

Where should I start?
Because of the theme and scope of these documents, a great place for an organization to begin is a BCP. This is because BCP considers continuity for the whole organization, not just technical responses. It will encourage you to think about all the actions you need to undertake post attack. For organizations that feel a continuity plan is too much to initiate right now, a natural precursor for a BCP is a Business Impact Analysis (BIA).

Business Impact Analysis (BIA)
BIA is a process that identifies and assesses the potential impacts of disruptions on an organizations critical business functions. It is a great starting point or concept for organizations pursuing crisis management planning as is provides insights into the dependencies, priorities, and recovery time objectives. This material assists in an organizations ability to priorities resources, minimize downtime, and plan for business continuity in the face of unexpected events.

Crisis management and insurance.
Having a well-defined and regularly updated IRP, BCP, and DRP demonstrates a commitment to risk mitigation and resilience, which can positively influence cyber insurance coverage terms and premiums. Insurers often assess the maturity and effectiveness of an organization's crisis management documentation before agreeing a policy as evidence of the possibility of swift recovery ultimately reduces the overall risk profile of an organization for cyber insurance providers.

Checklist
When considering crisis management, consider the following:

  1. Reach out to your county or state offices for resources and templates. You can also find resources online via a search engine.
  2. Start with a BIA before approaching a full BCP, IRP, or DRP.
  3. Ensure users at all levels - not just the network admins - are engaged in the creation and
    communication of plans
  4. Run regular table top exercises to validate your plans work as expected.
  5. Regularly review your crisis management plans as they will naturally change over time.