IT Resilience, covered. What about Business Resilience?

Over the past quarter century it has become easier and relatively cheaper for businesses to develop resilient IT infrastructures with breakthrough technologies. Most industry leading service providers have taken to cloud solutions, some offering core business IT solutions “as a Service”.

This has also simplified legacy IT organisations removing the need for in-house technical expertise across the array of technologies. There are of course some adverse effects, mostly overcoming the nervousness of handing responsibility for data assets to the supplier in a manner previously unimaginable.

Who’s Responsible?

Information Technology strives to keep pace with Cyber threats but what of the business organisation? The Resilience of your workforce is as important to the defence and recovery procedures as the biggest, brashest firewall. Regulating bodies are very clear that responsibility also rests with every member of staff, and driven from a board that embraces the responsibility for maintaining credibility, to its shareholders and customers.

The tools available for addressing both Cyber threats and the inevitable recovery of an attack are founded in a best practice that is relatively young compared to many businesses. Yet through such frameworks as the ISO, NIST and to some extent the governments Cyber Essentials, business resilience is a reality.

People are the Key to Prevention

These standards do not just address IT issues, they position business processes and policies at the head of preventative action. The misunderstanding is that Cyber Security is an IT problem, but it is the business and people who are key.

To address business resilience, an organisation must have a resilient culture. This is not achieved by creating multiple replications of the business data and the means to access it, or even a Business Continuity Plan. Like all things cultural, a resilient business requires champions and leadership, awareness and structure, policy and procedure.

Creating a Resilient Culture

Strong leadership is required that takes ownership and drives a resilient culture through the business, ensuring that awareness and responsibility permeates the whole business, its customers and partners.

The prospect of recovery from any catastrophe should not be daunting for the resilient business. The resilient business is organised, aware and prepared. The organisation should also be practiced in recovery and confident from board level to all areas of the enterprise that focus is on business continuity, not just the technical solutions that support the business function.

Creating a resilient culture starts top down, builds credibility and momentum, and then attains stability and cultural status. It is then important to maintain resilience by continually exercising business continuity practices. Continual vigilance and dedication to maintaining a resilient attitude are key to building robust defences.

Underpinning a resilient culture it is the champions and leaders owning the key functions within the organisation whose maturity and consistency deliver results.

Lastly, as with all successful business it is the simple things that shape and define a resilient business. Devote, build and maintain credible processes and policies. Provide foundations for each individual to aspire to personal improvement and ensure that everyone knows that their own development and aspirations are reliant on their contribution to building resilience within a successful, and robust business.