Secure Messaging in Incident Response and Business Continuity
Today’s businesses face unprecedented risks. As mass interconnectivity replaces operational silos, every aspect of business, from transportation and the supply chain to email, data storage, facilities management and financial transactions, are all vulnerable to compromise, disruption and human error. In addition to the people, processes and technology that are at risk in a crisis, so too are the communications mediums most commonly used for incident notification and response.
At the forefront of defining their organization’s risk management strategies, risk managers, board members, chief security officers and chief information security officers all have a responsibility to initiate both incident response plans and business continuity strategies that transcend the digital and physical worlds. After all, a digital threat can quickly evolve into physical damages and destruction while a physical event can negatively impact digitally-driven business operations. However, if the communications mediums through which companies collaborate and disperse important news and information are also compromised, challenging situations increasingly become more complex.
Secure Messaging’s Role in Incident Response & Business Continuity
All organizations must prepare for out-of-course events. Situations like acts of nature, data breaches or other compromises require planned responses under the assumption that one day they will occur. Yes, different situations will require a different chain of events to take place, but there is one thing that all incident response and business continuity plans have in common: the need for ongoing communication during and after the event.
Whether you represent a power company that needs to notify first responders and emergency managers of an unexpected power outage/grid loss, an IT department discussing a plan of action during and after a ransomware attack, a healthcare team in different parts of a university communicating information during an active shooter event, or an enterprise sending messages to employees during a blizzard, fast, efficient and secure communications are essential.
How risk managers keep their businesses safe, how stakeholders communicate with colleagues and clients during a crisis and how an organization continues operations as quickly as possible is of the utmost importance. In some settings such as healthcare, energy or even on a campus, business can’t stop. So how do we ensure that caring for patients can continue and that we are prepared for any type of incident, emergency or crisis?
The first step is certifying that your company’s communication plans are solid. No one should want to depend on a phone tree in which you never know if someone receives a voicemail, wonder if information sent via fax is shared after receipt, or worry if a text has been compromised.
That means instantaneous response is required. For example, an organization’s proactive incident response personnel can use their secure messaging platform to preemptively set up templates and pre-schedule a series of texts to notify first responders and emergency management offices as well as all field employees during a declared emergency. Replies to these automated communications can be routed to a specific mailbox or group for monitoring and response, or disallowed based on the type of communication and need, providing a central communication hub.
Many communications, even during an emergency, are confidential to the business. They must be retained for compliance and reporting purposes and need to be protected from leaks. Simply put, communications that require confidentiality and secure discussions do not belong on non-secure channels. In these situations, secure messaging platforms allow for rapid, secure notifications and response communications to meet corporate operating procedures and compliance mandates, without worry of third-party surveillance or leaks.
Every organization must proactively prepare to respond in a secure and efficient manner to minimize the impact to employees, clients and its bottom line. With email and SMS texts plagued with inherent risk, secure messaging platforms are emerging as the trusted option to ensure rapid, efficient and secure communications when they matter most.
Article originally posted on June 6, 2018 on Risk Management Monitor by Galina Datskovsky.