The BC guys and gals often complain the security folks don't invite them to the party. Security folk complain about how BCP tries to be the directors in the crisis matrix. Nobody (particularly stakeholders and shareholders) wins when the bickering and dickering sours the matrix.
Does anyone have experience or ideas they might share as to how we can 'all just get along'?
I like to look at business continuity and security globally in the context of ERM or ORM (organizational risk management).
There are so many little bits and pieces of threats and vulns that can bite you in the @$$ ets
A BCP person can often broaden the scope of looking at the risks and work in conjunction with organizational security.
Thankfully, the BCDR community are wising up to cyber threats, supply-chain threats, and reputational risk from catastrophes either wrought by humans or (super)natural forces and are trying to have playbooks supporting or working in tandem with information security.
However, I still feel like the guy in Prufrock:
I get you,
I don't understand why so many organisations have two teams rather than having it all in one either, but for whatever reason, that seems to be the norm these days.
But hey ho. I work with what I have in forn tof me, or try to change what's in front of me, given the chance.