Seven Steps To Create An Effective Disaster Recovery Plan

Uploaded on 2021-07-12 in TECHNOLOGY--Resilience, FREE TO VIEW

All IT and senior management need an effective Cyber Disaster Plan to reduce the chances of a cyber attack, criminal hack or ransomware demand. An effective  disaster recovery plan should include identifying critical IT systems and networks, highlighting the recovery time objectives, and outlining the steps needed to restart and recover the systems and networks. 
 
End-to-end cyber security solutions provider Quorum have identified seven critical steps an organisation that assists with IT systems recovery. They will also help in creating a disaster recovery plan so you can ensure that your organisation is protected against a worst-case scenario. 
 
1. Central to this process is identifying all critical applications and servers that need to be backed up:   Be thorough, exclude nothing and don’t assume that you know what is best for your users. Make sure to include ancillary systems like domain servers, as well as other network equipment, circuits and locations. 
 
2. This is where you define key targets like recovery time objective (RTO) and recovery point objective (RPO), two important but often misunderstood terms:   Your RTO refers to the maximum time a server, application or system           can be down before it results in unacceptable damage to the business. Your RPO refers to the maximum acceptable age of the backup files that are to be used during a disaster recovery incident. This number tells you how often your data must be backed up. 
 
3. In an emergency, it is critical for everyone to know their role in advance.
 
4. Regularly updating your plan is as critical as creating it:    Your plan should be revisited and updated every time you test your DR system, change infrastructure and/or key personnel, any time an employee involved in the plan leaves the organisation or a new employee is hired who will have a roll in the plan going forward. 
 
5. Modern technology has changed that, making it easy to perform realistic tests with little to no disruption to your business’ function:    Businesses in different vertic als will have different best practices when it comes to test schedules. However, a good rule of thumb is to do a partial test monthly and a full at least once per year. 
 
6. What parts of the process (including software and other DR solutions) could be improved to make your DR process faster, more reliable, more efficient, or easier to perform? 
 
7. Now it’s time to evaluate whether you have the ideal disaster recovery solution in place and does it meet all the correct organisational needs. 
 
Quorum:         Image: Unsplash
 
You Might Also Read: 
 
Paying Cybercriminals A Ransom Will Double Your Recovery Costs:
 
 
« Russian Military Hackers Accused Of Global Campaign
India’s New National Cyber Security Strategy »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CIO

CIO

CIO provides technology and business leaders with insight and analysis on information technology trends

Trust Guard

Trust Guard

Trust Guard services provide complete security for your website.

AFCERT

AFCERT

AFCERT is the national Computer Emergency Response Team for Afghanistan.

Centre for Cyber Security (CFCS) - Denmark

Centre for Cyber Security (CFCS) - Denmark

The Centre for Cyber Security is the Danish national IT security authority, Network Security Service and Centre for Excellence within cyber security.

Guidewire

Guidewire

Guidewire Cyence™ Risk Analytics is a cloud-native economic cyber risk modeling solution built to help the insurance industry quantify cyber risk exposures.

CERT NZ

CERT NZ

CERT NZ supports businesses, organisations and individuals affected by cyber security incidents, and provide trusted and authoritative information and advice.

Cyber Craft

Cyber Craft

CyberCraft is an innovative and dynamic software development, outsourcing and consulting company. Services offered include penetration testing.

Cog Systems

Cog Systems

Cog Systems offer an embedded solution built on modularity, proactive security, trustworthiness, and adaptability to enable highly secure connected devices.

Luxembourg Office of Accreditation & Surveillance (OLAS)

Luxembourg Office of Accreditation & Surveillance (OLAS)

OLAS is the national accreditation body for Luxembourg. The directory of members provides details of organisations offering certification services for ISO 27001.

DarkLight

DarkLight

DarkLight is a cybersecurity platform that mimics human thinking at scale to build resiliency to Advanced Persistent Threats.

Dynics

Dynics

The Dynics ICS-Defender is an Industrial Control System Security Appliance for OT or OT/IT convergent environments.

Securix

Securix

SECURIX AG delivers holistic IT security solutions that are tailored to the specific challenges and requirements of your company.

Cysurance

Cysurance

Cysurance is a next-generation risk mitigation company that insures, warranties and certifies security solutions.

Securin

Securin

Securin offers a comprehensive portfolio of solutions including Attack Surface Management, Vulnerability Intelligence, Penetration Testing, and Vulnerability Management.

Vultara

Vultara

Vultara provides web-based product security risk management tools for electronics manufacturers.

Ionize

Ionize

Ionize offers solutions to help you uplift your capability across the full-spectrum of cyber security - assessment, remediation, monitoring, governance and ongoing education.