Certified Cybersecurity Technician Business Continuity and Disaster Recovery PDF
Document Details
Uploaded by barrejamesteacher
null
EC-Council
Tags
Related
- Chapter 21 - 01 - Understanding BC and DR Concepts PDF
- Certified Cybersecurity Technician Business Continuity & Disaster Recovery PDF
- Understanding Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) PDF
- Mike Chapels Notes_CC (1) PDF
- ISC2 Security Exam Breakdown PDF
- CISSP All-in-One Exam Guide Chapter 23: Disasters PDF
Summary
This document introduces the concepts of business continuity and disaster recovery. It discusses various aspects such as business continuity management, business impact analysis, recovery time objectives, and recovery point objectives. The document also examines the goals of business continuity management.
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Business Continuity and Disaster Recovery Module Flow Understanding Business Conti...
Certified Cybersecurity Technician Exam 212-82 Business Continuity and Disaster Recovery Module Flow Understanding Business Continuity (BC) and Disaster Recovery (DR) Concepts Discuss BC/DR Activities Understanding Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) '(03 Copyright © by EC cll. All Rights Re! Understanding Business Continuity (BC) and Disaster Recovery (DR) Concepts The objective of this section is to introduce terminologies associated with BC/DR such as business continuity, disaster recovery, business continuity management (BCM), business impact analysis (BIA), recovery time objective (RTO), and recovery point objective (RPO). Module 21 Page 2312 Certified Cybersecurity Technician Copyright © by EG-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Business Continuity and Disaster Recovery Business Continuity /CI /Cl Business continuity (BC) \ Objectives of Business describes the processes and E’ Continuity procedures that should be followed to ensure the continuity of an organization’s critical @ Maintain the continuity of operations business functions during and during and after a disruptive incident after a disaster | Protect the reputation of an organization Business Business OQ According toto the According the ISO standard, standard, { by providing by providing continuous continuous services services Continuity Continuity “BCis the “BCis the capability ofof the the capability organization to continue the nimize inimize the effoff f the di b delivery of services or products — m'fefe ¢v _ee Minim ge OEES oCts 6Fof (e the Glsnster disaster byDy promoting disaster preparedness at acceptable predefined levels following a disaster.” Provide compliance benefits O BCis a business-centric strategy, @ B= = ': which emphasizes more on maintaining business operations Mitigate business risks and minimize )| \ K than IT infrastructure / @ financial financial losses | N y losses Business Continuity Business continuity is described as the processes, procedures, decisions, and activities that ensure continuity of organization’s business function irrespective of the potential risk, threat, or cause of an outage. As per the standard set by the International Organization of Standardization (1SO), “BC is the capability of the organization to continue the delivery of services or products at acceptable predefined levels following a disaster.” Hence, BC strategies aim at reducing the downtime following a disruption event. Business continuity is a business-centric strategy that emphasizes more on maintaining business operations. Business continuity strategies aim to reduce the downtime following a disruption event. In some organizations, downtime costs significantly exceed the cost of continuous availability; since these organizations are more exposed to losses, they have a higher motivation to spend on BC. In this context, it must be noted that fully redundant systems comprise a significant part of the BC spending. However, small-scale companies do not spend much on these systems owing to their low revenue generation. Regardless of the allocation, BC plays a significant role in organizations. Some of the objectives of BC are as follows: Objectives of Business Continuity = Maintain the continuity of operations during and after a disruptive incident: BC helps a company to continue its operations following a disaster, from a minor event to a major catastrophe such as hardware failure, virus and malware attacks, accidental damage, and natural disaster. = Protect organizational reputation by ensuring continuous service delivery: Companies that fail to manage disasters appear incompetent to the public. A good BCP helps companies to manage disasters and ensures a smooth disaster recovery. It facilitates the Module 21 Page 2313 Certified Cybersecurity Technician Copyright © by EC-Gouncil EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Business Continuity and Disaster Recovery continuous delivery of a company’s critical products and services while preserving its brand value and reputation. = Prepare organizations for disruptive events: An organization must design an optimal plan to mitigate the effect of a disaster and continue its critical business functions, and BC helps organizations to prepare for such disruptive events. * Provide compliance benefits: Organizations that are compliant with BC standards are perceived as reliable by the stakeholders. = Reduce business risks and financial losses: BC reduces both business and financial risks. The risk of a data breach can be avoided by setting up a resilient network and robust backup capabilities, and a good BCP can mitigate the financial losses associated with a disaster. Module 21 Page 2314 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Business Continuity and Disaster Recovery Disaster Recovery Q Disaster recovery (DR) refers to an organization’s ability to restore business data and applications after a disaster O DR activities include the recovery of systems and people responsible for rebuilding the data centers, servers, or other infrastructure damaged by a disaster QO O DR is data-centric strategy where emphasis is on quickly restoring organization’s IT infrastructure and data / Objectives of Disaster Recove:y\ / Recovery\ » Reduce the downtime faced by an organization during and after a disaster >» Reduce the losses accrued during and after a disaster >» Recover data that is damaged due to a \ hardware failure J / BRespons NG BN | e Monitoring Monitori ng Copyright © by EC-CouncilCil AN ANl Rights Reserved. Re Reprod Disaster Recovery Careful security planning contributes toward mitigating the impact of disasters on organizations. Disaster recovery (DR) is an area of security planning that reflects an organization’s ability to restore business data and applications after a disaster. It involves a set of procedures and policies aimed at recovering or restoring the critical technology infrastructure following a disaster. Specifically, in the context of disaster management, it is a data-centric strategy focusing on the recovery and restoration of lost data, systems, IT, or people responsible for rebuilding the data centers, servers, or other critical components of the IT infrastructure. The objectives of DR are as follows: Objectives of Disaster Recovery = Reduce the downtime faced by an organization during and after a disruptive event: A longer recovery time worsens the effect of a disaster, which includes brand damage, customer dissatisfaction, and revenue loss. Therefore, an effective DRP should minimize the downtime and enable quick recovery from disruptions. = Reduce losses accrued during and after a disaster: A good DR should mitigate disruptions in business operations and minimize the losses associated with a disaster. = Recover the lost data: Data are lost due to a hardware failure, virus and malware attacks, accidental damage, and natural disaster. DR aims to restore the business data following a disaster. Module 21 Page 2315 Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Business Continuity and Disaster Recovery Business Continuity Management ' O Business continuity management (BCM) ensures that an organization’s operations are not affected 3 by disruptive incidents ' O ABCM is responsible for business recovery, crisis management, incident management, emergency ABCMis management, and contingency management BCM Goals Implications of BCM » Ensure organizational resilience to disruptive ¥ Identify potential threats, analyze possible incidents and disasters impacts, and take steps to build organizational resilience Equip an organization to respond effectively to Update the overall BCP based on employee threats from natural or man-made disasters, training, exercises, and reviews including technological disasters, and protect the business interests of the organization » Manage the recovery of applications and the continuation of business activities in the event of a business disruption Copyright © by by EC-Councll EC-Councll AN Rights Reserved. Reproduction ReproductionIs Strictly Prohibited Business Continuity Management Business continuity management (BCM) is a process that ensures the continuity of business operations after disruptive incidents. A BCM is responsible for business recovery, crisis management, incident management, emergency management, and contingency management. The framework of BCM enables organizations to anticipate risks and internal and external threats. Organizations that implement a BCM program respond in a timely and effective manner to security incidents or natural disasters. BCM includes the following: = (Crisis management: Crisis Management (CM) is the ability of an organization to respond Crisis under crisis, and thereby minimize the damage to its brand name, business operation, and revenue. A delay in the expedition of the CM plan by the senior management causes an overlap between the plans and responsibilities of the CM and BC processes. * Incident management: Incident Management (IM) enables an organization to analyze, identify, and respond to and prevent such incidents. In a structured organization, these incidents fall under the purview of the Incident Management Team (IMT), the Incident Command System (ICS), or the Incident Response Team (IRT). The lack of effective incident management may disrupt business operations as well as stakeholders. = Contingency planning: Organizations execute a contingency plan when their regular business operations are interrupted by a disruptive event. Contingency plans ensure continuous and prompt product and service delivery, on-site and off-site business operations, and customer satisfaction. = Business recovery: Business recovery refers to an advance plan, arrangement, and procedure implemented by the bronze or operational teams of an organization after a Module 21 Page 2316 Certified Cybersecurity Technician Copyright © by EG-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Business Continuity and Disaster Recovery disaster. It aims to recover the organization’s business processes around workspaces, personnel, equipment, and facilities, among others. Emergency management: It refers to the procedures and actions implemented after a crisis in order to safeguard people from harm. DR: It is a plan to restore important support systems such as hardware, IT assets, and communications, in order to reduce business downtime and accelerate the restoration of business operations. Goals of Business Continuity Management Ensure organizational resilience to disruptive incidents and disasters: The security requirements of an organization can be ascertained through a business impact analysis and CM, DRP, and BCP. These plans should motivate employees to contribute collectively toward improving their organization’s resilience posture. It must be noted that employees play a significant role in helping organizations develop resilience. Equip organizations to develop an effective response to threats: Organizations face threats from natural or man-made disasters such as technological disaster. An effective BCM program can protect the business interests of an organization. It can introduce appropriate resilience strategies to reduce the impact of threats and contribute toward the formulation of plans to respond to and recover from threats that cannot be mitigated or controlled. Implications of Business Continuity Management BCM ensures continuous operations and delivery of products and services at predefined levels during any disaster This is achieved by identifying potential threats, analyzing possible impacts, and taking steps to build organizational resilience. BCM safeguards the interest of an organization’s stakeholders, personnel, brand equity, and reputation. During a disaster, BCM ensures the effective execution of the DR and BC processes; the implementation of training programs, exercises, and reviews; and the upgradation of the BCP. BCM ensures that business applications are accessible to an organization’s customers even during disasters. Module 21 Page 2317 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.
