Disaster Recovery

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
15 hours 43 minutes
Difficulty
Advanced
CEU/CPE
16
Video Transcription
00:00
>> Let's begin with our focus on disaster recovery.
00:00
Here we're just going to talk about
00:00
the different categories of disruptions.
00:00
Not everything counts as a disaster so we have to have
00:00
some criteria to determine what's a disaster,
00:00
and when we're going to implement our plan and if so,
00:00
what the various phases are of disaster recovery.
00:00
In risk management, and incident management,
00:00
we have to first define what an incident is.
00:00
An incident is a non-disaster.
00:00
It's a relatively short term.
00:00
Inconvenience might be a little light,
00:00
but it's something that's handled by
00:00
risk management, and incident management.
00:00
We very well may have disruption of service,
00:00
>> we may have devices malfunction,
00:00
>> but we're not talking about
00:00
a severe loss of function for the organization.
00:00
Now, sometimes incidence can lead to disasters.
00:00
They can become larger in scale and scope.
00:00
But generally when we're handling
00:00
something from our incident response team,
00:00
it tends to be smaller in scope.
00:00
Now, there are times when we have emergencies,
00:00
and emergencies have an imminent threat
00:00
to loss, or property.
00:00
>> It's that immediacy of
00:00
>> an emergency which allows any employee,
00:00
any person, anytime to declare an emergency.
00:00
Anybody can yell, fire, smoke, whatever.
00:00
We want anybody to be able to declare
00:00
an emergency,
00:00
>> because of the potential immediate threat.
00:00
>> But a disaster.
00:00
A disaster is generally considered when
00:00
the entire facility is unusable for a day or longer.
00:00
There are a lot of things that would be
00:00
categorized as disasters in that stake.
00:00
Here in the DC area,
00:00
sometimes we get a lot of snow.
00:00
Well, I'm actually originally from North Carolina,
00:00
so a lot of snow in
00:00
North Carolina is an inch of snow, and I can
00:00
guarantee you the entire state
00:00
is at a standstill, should we get that?
00:00
By the way, those of you snickering about
00:00
Southerners not being able to drive in the snow,
00:00
we actually can drive very well in the snow.
00:00
We just don't tell anybody, because we're
00:00
the ones that get to get out of work on snow days.
00:00
All you New Englanders that thumb
00:00
your nose at us, and those few North and South Dakota,
00:00
you can laugh, but we're sitting
00:00
at home watching soap operas while
00:00
you guys are slipping through the snow going to work.
00:00
I'm just throwing that out there.
00:00
But just getting back here, disasters,
00:00
they don't have to mean a crisis necessarily.
00:00
It just simply means that we're unable to
00:00
go to the office for a day or longer.
00:00
Now, all it means to declare
00:00
this a disaster is that we look to
00:00
our disaster recovery plan to tell us what to do.
00:00
We don't necessarily have to go through
00:00
all the phases of the disaster recovery plan.
00:00
We're going to look at those in just a
00:00
minute and I'll come back to it.
00:00
Then just want to mention here also,
00:00
the last category of disruption is a catastrophe.
00:00
Here in DC, we call that our scorched earth scenario.
00:00
Not a very good thing has happened.
00:00
With our disasters, again,
00:00
the building's unusable,
00:00
facility' unusable for a day or longer,
00:00
but there is partial, or complete destruction
00:00
in a catastrophe.
00:00
Senior leadership defines, and
00:00
then is able to notify of a disaster.
00:00
Just like anyone can declare an emergency,
00:00
only senior management can
00:00
declare a disaster, or a catastrophe.
00:00
Now, with our disasters,
00:00
like we said, it doesn't mean we're in crisis,
00:00
where fire and brimstone are coming from the sky,
00:00
dogs and cats are living together in sin,
00:00
none of that has to be.
00:00
Could just be some snow.
00:00
Could be that our power's out for
00:00
the day, and power lines cut something like that.
00:00
But whatever it is,
00:00
we go through three phases,
00:00
declaration, recovery, and reconstitution.
00:00
With declaration,
00:00
we have to have a way of communicating
00:00
>> to the employees.
00:00
>> ''Hey, we're in disaster phase 1.''
00:00
That literally could simply mean
00:00
that we notify our employees by phone,
00:00
by social media, whatever.
00:00
If it's snowing, here's my list of how to
00:00
go about in the radio stations,
00:00
TV stations, that I contact. We're done.
00:00
The important thing is I shouldn't
00:00
be in doubt as to whether we're in disaster state,
00:00
or not as a senior leader, because we have
00:00
predefined criteria of what a disaster means.
00:00
Now here in the Washington DC area,
00:00
what a lot of
00:00
organizations do when we're talking about closing for
00:00
weather, most organizations look
00:00
to see what the government does.
00:00
If the government shuts down, we shut down.
00:00
As somebody who is able to
00:00
declare a disaster in relation to snow,
00:00
that's very easy for me.
00:00
Hey, government shutdown.
00:00
Notify everybody that we're not coming to work today.
00:00
Now, depending on the nature of the business,
00:00
we may have to pick up at another location.
00:00
We may have critical services that
00:00
have to get back up and running.
00:00
I might have a group of employees that
00:00
work from home and VPN in.
00:00
I might have a set of employees
00:00
that are designated to come in.
00:00
Those critical employees that are designated to come
00:00
in regardless of the weather
00:00
or the disaster, the situation.
00:00
I might have an offsite facility that we move to in
00:00
the event that there's some disruption to the business.
00:00
That recovery phase, recovery is always going
00:00
>> to focus on
00:00
>> getting the most critical elements
00:00
of the business, backup and running.
00:00
When we talk about critical, critical again,
00:00
time sensitivity, where do we suffer
00:00
the greatest loss when these resources are unavailable?
00:00
Now the last phase of a disaster is reconstitution.
00:00
This is a tough one because when we're in recovery,
00:00
we're trying to get those most critical services
00:00
backup and running.
00:00
But we're not trying to necessarily
00:00
restore full operations.
00:00
We're just trying to get by till
00:00
the immediacy of the disaster is over.
00:00
But with reconstitution, we're trying to
00:00
get back to full operations.
00:00
So if there's been a wide scale disaster
00:00
or even a catastrophe,
00:00
reconstitution is going to be very challenging.
00:00
In recovery, we bring up
00:00
the most critical services first.
00:00
The areas where we're suffering the greatest loss.
00:00
Remember while we're in reconstitution,
00:00
we already have those critical services running.
00:00
Now we're trying to get back to a state of permanence,
00:00
so those most critical services are running.
00:00
We're going to perform reconstitution
00:00
by bringing the least critical elements first.
00:00
If that works okay,
00:00
we'll bring back the more critical,
00:00
>> and the more critical.
00:00
>> Different focuses their. Recovery,
00:00
let's stop the loss.
00:00
Reconstitution, let's make sure we're in
00:00
a stable environment before we come back on line.
00:00
Now with disaster recovery planning
00:00
and business continuity planning,
00:00
we often look at guidelines or frameworks.
00:00
There are several different organizations that
00:00
provide guidance on how we
00:00
should begin our business continuity planning processes
00:00
and our disaster recovery processes.
00:00
These aren't all testable,
00:00
but just have listed some places
00:00
that you can go to learn more about
00:00
continuity and disaster recovery planning because this
00:00
is a field that is growing and expanding.
00:00
Again, we're short staffed on folks that are
00:00
competent in restoring business operations
00:00
in the event of a major disruption.
00:00
So these are some good locations that you can go,
00:00
some good sites that you can search out on the web.
00:00
Now what I will point out of these
00:00
two or out of this list,
00:00
look at the bottom one,
00:00
ISC2.orgs for processes and
00:00
business continuity, so of course,
00:00
out of everything, ISC square
00:00
provides for us the CISSP exam so
00:00
that's where we're going to be focusing our efforts.
00:00
We talked about disasters and
00:00
the different categories of business disruptions.
00:00
Talked about the phases of a disaster,
00:00
or the phases of disaster recovery planning,
00:00
and then we wrapped up just by mentioning
00:00
some business continuity,
00:00
>> and disaster recovery frameworks
00:00
>> that we could go to the sites for each of
00:00
those frameworks, and gather
00:00
a little bit more information.
Up Next