U.S. and Australian cyber agencies issued new resources that businesses could use to recover following a cyberattack.
On Monday, the Cybersecurity and Infrastructure Security Agency and the Australian Cyber Security Centre unveiled the Business Continuity in a Box, a set of instructions for organizations that have become victims of a cyber incident.
The Business Continuity in a Box is comprised of two core components, each focusing on two important aspects of continued business operations.
The Continuity of Communications package provides information on how an organization can maintain correspondence when usual channels such as emails are unavailable. The section offers a step-by-step guide on how to set up a temporary Microsoft 365 Business Standard tenant and how to redirect all emails to the new tenant.
Meanwhile, the Continuity of Applications package focuses on business-critical software such as office productivity suites and human resource management and payroll systems. The resource kit provides an implementation framework for infrastructure-as-a-service deployment to manage business resources such as networks, servers and data storage.
According to CISA and ACSC, the Business Continuity in a Box can be used in conjunction with a Business Continuity Plan. The agencies warned that the box cannot replace the BCP, which has a more comprehensive and tailor-made guide on how to prepare for a cyber incident.
The Business Continuity in a Box is available for download on CISA.gov and Cyber.gov.au.