Utilising information security to improve resilience
Abstract
When it comes to cyber-related events, the information security professional plays the same role as the business recovery professional. The more the business process recovery professional is closely tied to information security activities within the organisation, the more influence they will have on the development of information security countermeasures. This influence will allow these countermeasures to be better suited to the needs of the business process recovery programme. While the business recovery processes and the information security processes may, in most cases, be separate and distinct, it is vital that they be linked in order to provide the greatest level of resiliency. This paper will provide the framework for how to plan and address the effects of cyber-attacks to technology systems. In addition, the paper will also discuss the role of the information security professional in non-cyberrelated events. In all events, it is vital that the role of information security be incorporated in the organisation’s business recovery processes.
The full article is available to subscribers to the journal.
Author's Biography
Jennifer Bayuk is the Chief Information Security Officer for Bear Stearns & Co., Inc. She is responsible for information security policy, process, management and metrics. Jennifer has been a manager of information systems audit, a security consultant and auditor, and security software engineer at AT&T Bell Laboratories. She has written on information security and audit topics ranging from security process management to client/server application controls, including two textbooks for the Information Systems Audit and Control Association. She chairs the SIFMA Information Security Subcommittee and the FSSCC Technology R&D committee. She has lectured for organisations such as ISACA, NIST and CSI. She is a Certified Information Security Auditor, and Certified Security Information Manager. She has masters degrees in computer science and philosophy.
Kenneth Silverstein is currently Senior Managing Director in Operations Administration at Bear Stearns & Co. Ken is currently responsible for coordinating the business continuity activities of Bear Stearns. He has been with Bear Stearns for over 24 years and has extensive experience in the financial services industry. Prior to Bear Stearns, Mr Silverstein was an auditor for Coopers & Lybrand. Mr Silverstein is Chairman of the Security Industry and Financial Markets Association (SIFMA) Business Continuity Planning Committee. Mr Silverstein received his BBA from the University of Massachusetts and his MBA from New York University.
Citation
Bayuk, Jennifer and Silverstein, Kenneth (2007, October 1). Utilising information security to improve resilience. In the Journal of Business Continuity & Emergency Planning, Volume 2, Issue 1. https://doi.org/10.69554/KVRQ4052.
Publications LLP