For many companies, IT is an indispensable function for business operations. Developing and implementing an IT BCP (Business Continuity Plan) is crucial for enhancing corporate resilience.

 

In Japan, where I live, natural disasters such as earthquakes pose significant threats. Additionally, the COVID-19 pandemic, which began in 2019, became a major challenge. As a result, many Japanese companies have developed BCPs based on earthquake and pandemic scenarios. However, reports indicate that only about 30% of companies have established BCPs specifically for cybersecurity incidents.

 

To highlight the differences between general incidents and cybersecurity incidents, we can analyze them from the following perspectives:

 

• Cause

• Early warning signs

• Scope of impact

• Damage

• Preventive measures

• Incident response

• Governance