Summary

The website content discusses the importance of understanding the impact of cybersecurity measures, including Business Continuity Plans (BCPs), on employees and the necessity of resource availability to effectively manage and recover from cyber attacks.

Abstract

The article emphasizes that the primary determinant of an organization's maximum tolerable outage (MTO) is the availability of resources, such as diesel fuel for generators. It highlights that despite initial calculations, disaster recovery scenarios often present unforeseen challenges in resource availability. The piece underscores the acceleration of events during a cyber attack, drawing from recent incidents affecting everyday activities like purchasing fuel or books online. It suggests that by defining the change impact on people, organizations can better manage cybersecurity challenges. The article references PROSCI's approach to change management, advocating for breaking down change into manageable parts to facilitate adoption. It introduces PROSCI's change impact canvas as a tool to assess how cybersecurity changes affect employees and the importance of involving the business side in incident response planning. The text concludes by advocating for strong relationships between cybersecurity teams and the business to foster mindset shifts that contribute to better cyber attack prevention and response.

Opinions

The author believes that resource availability is critical during cybersecurity incidents and that unexpected factors can significantly impact these resources.
The author opines that cyber attacks are becoming increasingly relevant, affecting not only direct targets but also indirectly related activities and services.
The article conveys the opinion that defining the impact of cybersecurity changes on employees can potentially slow down or prevent cyber attacks.
It is suggested that change management strategies, such as those proposed by PROSCI, can ease the adoption of cybersecurity measures by breaking them down into smaller, more digestible components.
The author expresses that involving business employees in cybersecurity planning is essential, as they play a crucial role in both preventing and responding to cyber attacks.
The article emphasizes the importance of building working relationships between cybersecurity teams and the business to enhance the effectiveness of Business Continuity Plans (BCPs) and incident response plans.

Cybersecurity, BCP’s, Mindsets and Time

Defining People Change Impact

The main factor that determines maximum tolerable outage is available resources. The main variable affecting the ability to operate in a cybersecurity recovery site (after a cyber attack has occurred), is adequate resource availability, such as diesel fuel to operate generators. Although resources would be taken into account during initial calculation of the maximum tolerable outage (MTO), circumstances associated with disaster recovery frequently have unexpected impacts on availability of resources. As a result, the expectations may not be met during real-world events (ISACA).

No truer statement has ever been uttered, in the wake of the healthcare cyber attacks going on, in North America.

Photo by sippakorn yamkasikorn on Unsplash

When you’re going through a cyber attack, my guess is everything speeds up. I’ve never been in one, thankfully, but I have absolutely been impacted by cyber attacks. At the gas station, trying to order books online. I’m sure there will be more indirect situations to come, and unfortunately, likely direct situations as well.

But if we can start defining the impact to people on the change cybersecurity brings with it, that could be one way to slow down a cyber attack — or even avoid it altogether.

PROSCI has a webinar on Defining Change Impact to Accelerate Adoption. In summary, what PROSCI advises is

Change isn’t easy.

And nobody likes change. No matter how good it can be for us.

But just like everything that is good for us, there are ways we can break it down into bite-size chunks, to make change easier to manage, and thus adopt.

“It May Take Time to Define Impact Clearly”

PROSCI has this brilliant took called a change impact canvas. Where you take a look at how your change will impact 10 facets of an employee’s role.

And cybersecurity, as well as a BCP within an Incident Response plan, are changes to most employees. Especially those on the business. And you definitely will need their help if you’re going through a cyber attack — or trying to avoid one.

PROSCI — Define Change Impact to Accelerate Adoption Webinar

When you go through this exercise, be patient, because new details might come out throughout. But it’s better to do this before an attack — than discover you don’t actually have the resources you thought you did, as part of your incident response plan.

On Mindsets

I think the main reason the business rarely gets involved in designing incident response plans, is because it’s really hard to see their mindset. Not change it — see it. They’re not aware of how important they are in protecting your company from a cyber-attack. And likely you might not know how to reach out to them and build a working relationship with them. But you can try to build one by asking them questions about how they percieve their roles would be impacted by your incident response plan.

Which is designed to protect/support them.

To sum up

Available resources play a huge role in determining your MTO, as well as building out your incident response plan. But they’re also key in building out your cybersecurity Business Continuity Plan (BCP). And when you take the time to build solid working relationships with the business, you can help to shift mindsets, such that they help you protect your company from the very cyber-attacks you hope you’ll never have to use your incident response plan for.

Happy leadership.