February 21, 2019 by Siobhan Climer
From hurricane floods to hardware failures, disasters come in many forms. One of the biggest threats to businesses of any size today is information security. The data your organization collects, stores, produces, and uses is the foundation of your success. Securing that data is essential. Encompassing data security into your disaster recovery plan is an enticing way to ensure business continuity in the face of a growing threat. Yet, since disaster recovery and cybersecurity have different objectives, it is important to develop independent strategies for each.
2018 saw hundreds of large data breaches and cyberattacks in every industry, and 43% of those attacks targeted small- and medium-sized businesses. Unfortunately, according to the 2018 Cost of Data Breach Study sponsored by IBM Security and conducted by the Ponemon Institute, attackers remain undetected with the business network for an average of 197 days – or more than 6 months – and takes more than two months, on average, to remediate.
Unlike a tornado or a flood, cybersecurity threats have a much longer life-cycle. Once infiltrated, the business loses priceless brand components, such as reputation and trust. There is also no guarantee that once detected and remediated, the data accessed by hackers will not threaten your organization in the future. Once the data is compromised, there is no going back.
Disaster Recovery And Cybersecurity Strategy: Why You Need Both
Despite this, it is important to note that disaster recovery and cybersecurity strategy are different. According to Marko Bourne, Principal and Director of Booz Allen Hamilton, “Security and disaster plans are related, but not always the same thing.” How do they differ? The purpose of each is objectively different. Disaster recovery is about business continuity and cybersecurity is about information asset protection. The way these different strategies are implemented may differ substantially, as well.
According to Inigo Merino, former SVP of Corporate Security and Business Continuity Unit at Deutsche Bank and current CEO of cybersecurity firm Cienaga Systems, a less obvious different “is that security incident response often requires detailed root cause analysis, evidence collection, preservation and a coordinated and – often – stealthy response.”
That’s the opposite of a solid disaster recovery implementation, which is often public, large-scale, and broader. These innate differences in each type of strategy support the notion that disaster recovery and cybersecurity should be separated.
Creating A Disaster Recovery Plan
When creating a disaster recovery plan in 2019, the first step is to take stock of where you are today. Using a technology roadmap assessment can help you determine where your business continuity practices (and protocols) currently reside. Coalescing this information gives you a current state picture. Check out our Ultimate Guide To Creating A Technology Roadmap for more information.
Be sure to align your backup and disaster recovery strategy to your business objectives, identify your DR Response Team, and ensure proper backup implementation, testing, and maintenance occur.
As the elements around your business change, so, too, should your disaster recovery plan. Implementing a change control process is vital to documenting and enforcing any changes as they crop up. The team should meet at least once every six months to assess your disaster recovery policy and keep it up to date.
Creating A Cybersecurity Strategy
The primary objective of a security recovery plan is to protect data assets after a breach. This includes the protection of personally identifiable information (PII) – such as social security numbers, state ID numbers, financial account access data – protected health information (PHI) – HIPAA-determined, such as name, address, birth date, medical record numbers, etc.
A vital step in developing a successful cybersecurity response plan is properly administer roles and responsibilities. Be sure to identify an Incident Response Coordinator to lead response processes.
One helpful way to develop a procedure around security response is to examine the incident response lifecycle:
Detect
Contain
Investigate
Remediate
Recover
Prepare
Documenting the response plan is an essential component of the process. Ensure it is distributed, understood, and that you provide appropriate training for all relevant staff members.
Disaster Recovery And Cybersecurity: Team Up For Better Results
While your DR and security response policies are by their nature very different, it is vital that you have both to be prepared for the various types of threats that put your business as risk. Mindsight’s expertise in disaster recovery and cybersecurity gives us a broad perspective on the proper process and implementation of these policies and the complex ways in which they interact. Learn from our experts by registering for a free Whiteboard Wednesday session. You get free expertise, lunch, and a chance to talk through the possibilities and potential risks of your disaster recovery and security policies.
Like what you read?
Contact us today to discuss disaster recovery and cybersecurity recovery strategies.
About Mindsight
Mindsight, a Chicago IT services provider, is an extension of your team. Our culture is built on transparency and trust, and our team is made up of extraordinary people – the kinds of people you would hire. We have one of the largest expert-level engineering teams delivering the full spectrum of IT services and solutions, from cloud to infrastructure, collaboration to contact center. Our highly-certified engineers and process-oriented excellence have certainly been key to our success. But what really sets us apart is our straightforward and honest approach to every conversation, whether it is for an emerging business or global enterprise. Our customers rely on our thought leadership, responsiveness, and dedication to solving their toughest technology challenges.
Contact us at GoMindsight.com.
About The Author
Siobhan Climer, Science and Technology Writer for Mindsight, writes about technology trends in education, healthcare, and business. She previously taught STEM programs in elementary classrooms and museums, and writes extensively about cybersecurity, disaster recovery, cloud services, backups, data storage, network infrastructure, and the contact center. When she’s not writing tech, she’s writing fantasy, gardening, and exploring the world with her twin two-year old daughters. Find her on twitter @techtalksio.
The Difference Between Disaster Recovery And Backups: Why You Need Both