Business Continuity – What to Do About Cyber Security during a Global Pandemic?

Business Continuity – What to Do About Cyber Security during a Global Pandemic?

  • 30 Apr 2020
  • Written by David

According to a recent article, over 50% of companies do not have any business continuity plans in place to deal with emergencies such as the COVID-19 outbreak. Every year brings new threats to business and human life. Such threats include wars, natural disasters and pandemics so organisations need to be as prepared as possible for these unforeseen risks.

In modern-day business, organisations also risk the impact of global economic and political instability, cyberattacks and terrorism.

The priority for businesses now is to find a way to continue being in business during one of the worst economic periods. Current business constraints haven’t stemmed from economic or political issues. It’s a physical one in most cases – many businesses cannot physically carry out business as usual. Most companies have employees working remotely so among other challenges, cyber security should be a concern. In this blog, I’ll discuss cyber security considerations to include in a business continuity plan.


So, how can you plan to continue business safely and efficiently?


In tricky times, you need more than a cyber security policy to continue doing business. Astute companies know that in the event of an emergency, such as COVID-19, the continuity of business depends on the ability to access IT systems and data.


Many businesses, however, do not have a business continuity plan. It’s often not because they don’t see the need but more a lack of time and perhaps resources. The current crisis has revealed how crucial it is to have such a plan. You should set out in writing how you will cope if a crisis occurs. Such a plan should include (as a minimum):


  1. Steps you will take to change the working environment (without compromising your security), such as remote working;


  1. Ensure that you have appropriate support and maintenance agreements that protect your IT systems and the emergency contacts during an incident;


  1. Details of your insurance, how to contact them in an emergency and any requirements of your policy;


  1. How you will reach your customers (along with templates) if your systems fail e.g. you might have paper copies of your email list or customer database;


  1. How you will ensure that your employees have all the training that they need to implement the steps in the business continuity plan.


Business Continuity cyber security global pandemic


Remember, the point of this plan is to have a detailed process of how to deal with a critical event in the business to save everyone running around like headless chickens and panicking when the unexpected happens. By producing a plan when the pressure isn’t on means you can take the time to think it through carefully with a cool head. The more detailed your plan, the more value it will give you when you really need it.


How do you know that your business continuity plan will work?


The next step is to test your business continuity plan. It’s difficult (and often impractical) to ‘properly’ test your BCP due to the level of disruption that would need. Instead, Tabletop test exercises are usually the best way to do this.


Gather your team (hint: all these people should be named in the plan) and together think about what could have the most negative impact on your business and what is the most likely disruption to occur in the current business environment. Walk through the steps in the plan to find any gaps or flaws. It's surprising how often team members will point out something like “That won’t work because before I do X, John has to do Y”.


  1. Make sure that your plan contains actions to take in these eventualities.


  1. Act out the different scenarios, ensuring that each employee knows their role in each emergency.


  1. Look at the steps that each person takes. Are they the correct ones?


  1. Is the order of the steps the most efficient way to mitigate the risks posed by the emergency?


  1. Make changes to the plan as appropriate and regularly review if your business goes through changes e.g. move to a new office, changes to business structure, acquires new equipment, changed to key staff members etc.


Finally, ensure that you print out your business continuity plan and store it safely. Your key staff should know how to access it and in what circumstances that they need to activate it.


If you’d like to find out more about how Nimbus Blue and our partners can work with your business to address cyber security, contact us on 01224 608190 or This email address is being protected from spambots. You need JavaScript enabled to view it..

Got a question?

Speak to our friendly team about keeping your IT systems secure and running smoothly.

Get in touch