Synergy potential between business continuity management and incident response management and the resulting added value to strengthen the competitiveness of companies in the market
Abstract
To identify the synergy potential between business continuity management (BCM) and incident response management (IRM), the two concepts must be considered in the business context of cyber resilience management. A professional information security management focuses on protecting the confidentiality, integrity and availability of data and information during normal operations. Its main process is through proactive risk management to minimise possible failures and threats. BCM unfolds its protection of core business processes in the event of a cyber incident by swift detection, response and recovery. IRM is the technical process of cyber crisis management, whereby existing IRM processes are activated in the event of a cyber incident. Besides the key differences in terms of the protection goals or type of measures, several synergy potentials can be identified between BCM and IRM. Furthermore, both BCM and IRM place great importance on employee awareness in cyber risk and continuous improvement. These are key elements to sustainably strengthen cyber resilience in the continuity and stabilisation phase. Both a business-orientated BCM and an IT-focused IRM mitigate the consequences of a cyberattack. Utilising the synergies of BCM and IRM ensures optimum business continuity, minimal loss impact and rapid restoration of normal operations. This article is also included in The Business & Management Collection which can be accessed at https://hstalks.com/business/.
The full article is available to subscribers to the journal.
Author's Biography
Christoph Clavadetscher is a Cyber Risk Expert at the Cyber Risk Competence Centre of La Mobilière Insurance. Mutually structured and active in all lines of insurance, La Mobilière is the oldest private insurance company in Switzerland, with business operations focused on its home markets of Switzerland and the Principality of Liechtenstein. Christoph has a broad wealth of insurance experience of more than 20 years in product and service development and underwriting, including eight years in cyber risk. He holds a Master of Arts HSG specialising in risk management and insurance from the University of St. Gallen and a Master of Advanced Studies in cyber security from the School of Computer Science of Lucerne University of Applied Sciences and Arts. His MAS thesis on the topic of cyber resilience management submitted in 2024 was awarded a top grade.
Peter E. Fischer is a Professor Emeritus at Lucerne University of Applied Sciences and Arts, School of Computer Science. With a strong background in information and cyber security, Peter’s research and lecturing focus on business and service continuity management, as well as fraud prevention and detection. He mentored Christoph Clavadetscher on his MAS thesis, from which this paper is a brief excerpt. Before returning to academia, Peter held key roles in global corporations and a major Swiss bank, and he served as Chief Information Security Officer (CISO) at Siemens during the era when information security followed the BS7799 standard (the precursor to ISO 27002). Peter holds a PhD in physics, where his research elucidated superconductivity in high-temperature superconductors.
Citation
Clavadetscher, Christoph and Fischer, Peter E. (2025, August 17). Synergy potential between business continuity management and incident response management and the resulting added value to strengthen the competitiveness of companies in the market. In the Journal of Business Continuity & Emergency Planning, Volume 19, Issue 1. https://doi.org/10.69554/CDTA8583.
Publications LLP