Business Continuity Management
Business continuity is the ability of an organization to be able to deliver products or services again at an acceptable, predefined level, with the necessary quality and at the right time after an incident. Business continuity management is therefore a holistic management process that identifies potential threats to an organization and their impact on business processes. The necessary measures are defined in order to protect business interests. These include, in particular, key processes and people, the company's reputation, the value chains as well as applications and IT systems.
Business continuity management plays a special role in the healthcare sector. Unlike in the retail or manufacturing sectors, damage is not limited to financial losses. If a clinic is paralyzed, patients cannot receive targeted treatment or operations have to be postponed. In logistics with just-in-time deliveries, failures also lead to losses not only in your own company if supply chains break down and production stops. In contract logistics in particular, agreements often include high contractual penalties if deliveries are not made. Of course, practically all companies in all sectors are affected by losses in the event of failures.
Emergency Planning
We can support you in the following points as part of your emergency planning:
Preparation of the Emergency Manual
An emergency manual contains all the points that need to be considered in an emergency. This includes a restart plan for the IT systems, a communication guideline for employees, but also the planning of resources in order to be able to quickly access replacement IT systems in an emergency and to have enough employees available to reinstall or restore the IT systems.
The emergency manual should also define an emergency operating level that must be reached as quickly as possible in order to ensure stable operation of your organization even with restricted IT. To this end, particularly critical processes and dependencies on IT systems must be identified.
It also makes sense to plan how to maintain emergency operations until the emergency operating level is restored and to prepare and provide any necessary resources.
Planning and Conducting Emergency Drills
Emergency drills are used to rehearse procedures and processes in the event of an emergency. These include dry runs, in which the processes are run through on paper, but also real emergency drills in which, for example, individual systems have to be restored or processes are carried out without IT.
Planning the Crisis Communication
Special attention should be paid to crisis communication. Even seemingly harmless messages can be misunderstood and lead to negative consequences for the company or uncertainty among the population, e.g. in the event of a hospital closure.
We therefore work with communications professionals who can prevent a communications disaster even before a catastrophe occurs through preparatory discussions, handouts and formulation aids.
In the Event of a Disaster
Of course, we are also at your side in the event of a disaster.
Forensic Analysis of the Incident
In the event of an attack by a third party, e.g. a ransom virus or a hacker attack, the cause of the compromise must be identified before the system is put back into operation. If the gateway is not closed, a new compromise can occur within a short period of time.
As part of a forensic analysis, we examine IT systems and evaluate log files to determine the cause and consequences of an attack.
Communication with Authorities and Third Parties
Communication with authorities should be structured and coordinated. Law enforcement officers expect competent contacts who can prepare and quickly deliver important information. In the event of data protection breaches, there are critical deadlines (e.g. GDPR 72 hours) within which supervisory authorities must be informed.
Negotiating with Blackmailers
Today, ransomware viruses no longer only encrypt IT systems. A so-called "double extortion" often takes place, i.e. business-critical, confidential or personal data is copied first and then systems are encrypted. The attackers can then threaten to publish data and extort protection money, even if backups are available.
Experience shows that the management should never speak directly to the blackmailers, but that a representative should always act as an intermediary. If only to gain time when the negotiator wants to consult with the management. Experienced negotiators trained in psychology also have a better chance of reducing the ransom if necessary or ending the extortion completely.
Coordination of the Recovery
We also help you to coordinate your system partners when restoring systems. Especially in an emergency, which can never be fully planned, experience is an advantage that should not be underestimated.
Our Service
We work with you to develop your emergency manual. We help you draw up your recovery plans and your crisis communication. We create emergency drills for you and carry them out with you.
In the event of a security incident, we support you in restoring your system, coordinate suppliers and service providers, carry out forensic analyses and communicate with authorities and, if necessary, extortionists.