What is a Critical Business Process (CBP)?
A Critical Business Process (CBP) is a business function or workflow that is essential for an organization to operate effectively. Disruption to these processes can result in significant financial, operational, or reputational impact.
CBPs are identified through Business Impact Analysis (BIA) and are closely tied to Critical Business Assets (CBA). They are often targeted in attacks such as Ransomware or Denial of Service (DoS / DDoS) campaigns.
What is a Critical Business Process (CBP) used for?
CBPs are used to define priorities for Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) strategies. They help organizations determine Recovery Time Objective (RTO) and Recovery Point Objective (RPO) requirements.
Protecting CBPs requires a combination of technical and organizational controls, including redundancy, Incident Response (IR) planning, and continuous monitoring through Security Operations Center (SOC) capabilities.