The cyber challenge – business continuity in the digital age

Add to: Digg Add to: Del.icio.us Add to: Facebook Add to: Furl Add to: Google Add to: Live Spaces Add to: MySpace Add to: StumbleUpon Add to: Twitter
Tuesday June 18, 2013 at 9:00am
Many SME’s rely heavily on their ‘e-commerce’ websites to drive their business models. Indeed traditional forms of sales and marketing can be ‘semi-redundant’ with today’s fast, on-line search functions and retrieval methods. In the digital age business continuity is all about having robust IT systems and secure online operations.

However, SME’s appear to be somewhat behind the game in considering the ‘risks’ associated with their online activities and their reliance on information technology. Often, I have encountered owner-managers with limited IT experience, relying heavily on outsourced contractors, not just to deliver a service but to make them aware of any potential pitfalls. At Parker Management Consultants we have direct experience to be able to state that many web developers and IT contractors do not, and in fact in some cases cannot, offer that kind of service, and certainly shouldn’t be relied upon to fully address your business continuity challenges.

So, what should an owner-manager consider doing where greater volumes of business are now conducted ‘online’, or indeed where IT is at the heart of the business operation? How can you ensure business continuity?

Guidance for SMEs on IT and online business continuity challenges
Firstly, it is wise to consider a strategic ‘risk assessment’ of your operations and the impact upon your business if critical activities or processes cannot operate as required, because of systems failures or systems related ‘black-outs’. It is also worth remembering the commercial impact upon reputation due to poor customer service and delivery.

We always recommend that our clients prepare a high level risk assessment based upon denial of service and the consequential impact and associated disruption to your commercial activities. It is worth inviting in your IT representative if you have one. If not, your IT contractor to gauge and ascertain their views on whether all risk have been considered.

Secondly an independent review of the defenses that your enterprise has deployed to assure the executive function that IT systems and associated applications are operational and being maintained.

Thirdly, we recommend a review of any IT / service related contracts that might be in place with external contractors. Check whether the key issues pertaining to ‘cyber security’ are adequately codified within any supplied narrative. Sadly, at Parker Management Consultants we find all too often that such arrangements are all too often vague.

Fourthly, we suggest that regular formal management meetings covering IT security should be adopted. The senior executive should attend and Chair such conclaves, and relevant interested parties such as your IT contractor should be invited if appropriate. Clear decisions can then be formally minuted, which is very useful from an audit trail perspective.

By adopting the above measures and ensuring that adequate professional advice is input into regular, formal IT Management Reviews, senior management can start to demonstrate stronger governance arrangements in this hitherto un-codified and potentially dangerous area of cyber security.

Marcus Allen
Parker Management Consultants

Comments on this post:

There aren't any comments for this post yet. Why not be the first to comment?

Share your experiences:

Your Name  
(to appear with your comment)
Email Address  
(will not be published)
Comments:  
Human Validation Check  
In the box below, please type the characters that you see in the picture. This helps us to ensure a real person (and not a crafty computer!) is submitting this form.

Enter the code shown to the left:

Parker Management Consultants, 1st floor, Dominion Court, 43, Station Road, Solihull, B91 3RT Contact us here