Five Layers of Risk

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

5 hours 33 minutes
Video Transcription
Hey, everyone, welcome back to the core. So in the last video, we just talked to some of the things we need to think through. As we're developing the disaster recovery plan and this video, we want to talk about the five layers of risk.
So where Number one is going to be the external risk. So I kind of think of these layers as lair, one being that more holistic view of things. And then once we get to later five, it's very, very truncated down into a specific thing, and you'll learn that once we get to learn five.
So layer one, thinking external risk things like a flood, a tsunami is we see picture here coming in. So what will actually affect our organization? We talked a lot about in this course disasters,
so natural disasters like earthquakes, hurricanes, floods, etcetera. So need to think through that. And we also need to think through what if our manufacturer, our supplier or some other business that we rely on closest down What are we going to do? Do we have a backup plan? We need to think through those things
layer to there's gonna be things affecting our local facility, right? So it could be weather to be natural. Disasters as pre prevalent could also be a fire in the building that destroyed the building. Could be some jerk calling in a bomb threat. Right. So these are things we need to think about on the actual local facility level.
Layer three is gonna be the data itself, right? So are we backing up the data? What are we doing with that data? Where's it being stored at? How are we using that data? How can we access that data when we need to? These are all things that we need to think through. Layer four is going to be more of the department level
type of thing, right? So what about accounting? How do we do things in accounting when
a disaster is occurring? How do we do thing on the sales team? How do we do things in the executive management team? How do we do things in the I t. Team? These are all things that we need to think through as a department level organization and develop plans for that.
And then later, five is finally your individual work areas. Whether it's a cubicle or open office sitting. It depends on your particular organization, but just think through what happens in your particular area. So let's say that I'm using cable Internet Excuse me, cable network in my organization and
the cable goes out of my particular cubicle. But it's working for everybody else.
What do I do in that situation? Well, in most cases, I just contact I tear through and help de stickin, and they come and they magically fix it for me, right? If I'm not a nice person, but what happens if it stays out? Or what happens if a floor of the building where your team is working in, what happens if that goes down?
Can people moved to another area? Do all those people just work remotely? What actually happened? So these are all things we need to think through what we're focused on
doing the risk. So what is the actual risk going all the way from the high level all the way down to our actual day to day work area?
So this video, we just kind of went through the five layers of risk a very high level, so again, always think of it as a cake like we have seen in the very first slide there. Right? So
we think of Layer one. Is that base that bigger base? Right, So that's our our big bass. And that big base is going to be the outside things that can occur, right? And the next layer up is gonna be the things that occur at our local facilities or individual building.
Next layer up is going to be the department level. Excuse me, The data level next layer up is going to be the department level. And then finally, we have our little office space guy or Milton from office space sitting in his cubicle, wondering what's occurring, or they're putting more boxes in this cubicle that affects his day to day operations.
Up Next