BCP and DRP

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
14 hours 39 minutes
Difficulty
Intermediate
CEU/CPE
13
Video Transcription
00:00
>> Glad you made it back from
00:00
that cliffhanger of the last section,
00:00
and I had laid out the question for you.
00:00
What happens if risk management fails?
00:00
What happens with risks you fail to identify?
00:00
What happens with mitigation
00:00
>> strategies that don't work?
00:00
>> What if you underestimate the impact of a risk or
00:00
even the probability in that risk
00:00
materializes and there's tremendous loss?
00:00
Basically what I'm asking you is,
00:00
what keeps your organization moving
00:00
forward when risk management does fail?
00:00
The answer is business continuity planning.
00:00
Sometimes you'll hear continuity of operations planning.
00:00
We must have a business continuity plan
00:00
to help our organization continue to move forward,
00:00
at least with their most critical services,
00:00
no matter what, in the event of
00:00
a disruption of any type of scale.
00:00
Of course, this is going to go to the responsibility of
00:00
senior management and the assumption is,
00:00
again, that they've been entrusted
00:00
with the assets of the organization,
00:00
so no matter what,
00:00
they have to provide protection.
00:00
Sometimes you will hear business continuity and
00:00
disaster recovery plan may be used
00:00
interchangeably or not used quite right.
00:00
The business continuity plan really is
00:00
an overarching document that
00:00
has lots of little plans and one of those little plans,
00:00
if not necessarily little,
00:00
but one of those plans is a disaster recovery plan.
00:00
The disaster recovery plan focuses on
00:00
returning operations to normal,
00:00
in the order of criticality.
00:00
Disaster recovery planning is all about getting
00:00
our most critical services back up and running.
00:00
But ultimately, the goal is
00:00
to get us completely restored to service.
00:00
We want to get back to the state that we were,
00:00
or really let's say get back to a state of permanence.
00:00
We don't necessarily want to get to the state that we
00:00
work as we've just been subjected to a disaster.
00:00
But we do want to get back to a state of permanent.
00:00
The business continuity plan,
00:00
you can think of as much longer-term in-focus.
00:00
The disaster recovery plan
00:00
is in that immediacy of the disaster.
00:00
We got to get going [NOISE] and get
00:00
those critical resources back up and running.
00:00
I will also point out to you that
00:00
the disaster recovery plan tends to be IT-focused,
00:00
where the business continuity plan
00:00
incorporates everything about the business.
00:00
You might have a business recovery plan
00:00
or a process recovery plan.
00:00
You'll have part of your business continuity plan,
00:00
things like occupant emergency plans,
00:00
crisis communication plan.
00:00
You'll have lots of plans
00:00
that are part of the business continuity plan.
00:00
Now, definitely some terms you want to know.
00:00
We've got recovery time objective,
00:00
we've got acceptable interruption window
00:00
and recovery point objective.
00:00
Now at the disaster recovery site.
00:00
We're going to assume that we've
00:00
had a disaster and we have a plan to
00:00
switchover operations
00:00
to an offsite facility 50 miles away.
00:00
Our recovery time objective is the amount of
00:00
time necessary to return to full operation.
00:00
That's what the disaster recovery plan's all about.
00:00
I can set this for a particular system or for a process,
00:00
or for the whole offsite facility,
00:00
what is going to
00:00
happen before we're up and running at full capacity?
00:00
Now the acceptable interruption window is the amount of
00:00
time in which basic functionality must be restored.
00:00
As in, we're out of the interruption of business,
00:00
we're operating with our most critical systems.
00:00
We're not at full recovery yet,
00:00
but we are processing.
00:00
Again, basically,
00:00
this comes around to most critical systems.
00:00
Now I've mentioned that several times.
00:00
Does anybody remember the document
00:00
that's necessary that's going to help us
00:00
prioritize which systems are
00:00
most critical senior management has to sign
00:00
off and has to help with the prioritization?
00:00
But that document was called wait for it.
00:00
What is it? Business impact analysis.
00:00
I know you all had that on the tip of your tongue,
00:00
but it's the business impact analysis that
00:00
prioritizes all business processes based on criticality.
00:00
When we get to those recovery time objectives,
00:00
when we get to the acceptable interruption windows,
00:00
those elements are going to be important to know.
00:00
Usually, these terms are wrapped up
00:00
in the business impact analysis.
00:00
Then the last one, recovery point objective
00:00
is how current your data must be.
00:00
If you're willing to lose an hours worth of data,
00:00
one hour will be or RPO.
00:00
Now if you really think about it,
00:00
an organization that only does a nightly backup,
00:00
how much are they saying they're
00:00
willing to lose as far as data goes?
00:00
We're 9-5 sharp,
00:00
we do a nightly backup every evening at 11 o'clock.
00:00
We're pretty much saying we're willing to
00:00
lose a full day's worth of data.
00:00
That's our recovery point objective.
00:00
Sometimes when we talk about it in those terms,
00:00
we might have senior management say, wait,
00:00
we can't lose a day's worth of transactions.
00:00
Well, then we need to do something other than
00:00
just backing up once a day.
00:00
We might need to use database shadowing,
00:00
where data is written to
00:00
multiple databases, at least two.
00:00
We could do batch transactions,
00:00
or shift it to an offsite facility.
00:00
But bottom line is,
00:00
what our recovery point objective is,
00:00
is going to dictate how frequently we
00:00
backup or use some other means
00:00
to create redundancy of data.
00:00
Those terms really big, got to know them.
Up Next