Disaster Recovery and Business Continuity

In the context of security operations, you’ll need to be familiar with the following concepts.

Disaster recovery components:

• Response – someone should be designated as the authority to declare a disaster or initiate BCDR activities (the plan).  
• Personnel – consists of identifying critical path personnel that are needed/required to continue operations (as opposed to response actions, these people would be for  keeping the business going).
• Communications – capabilities should be present to facilitate both internal and external communications during a disaster.  Internal communications need to consider a strategy for providing accurate operational and safety information to employees, and external communications need to delegate a single voice that is trained in media communications, such as a public relations group/individual.  
• Assessment – the damage must be examined for cost, cause, impact, and include subject matter experts.  Assessments are typically done by auditors or accounting personnel. The assessment is important due to its impact on stock price, criminal prosecutions, civil lawsuits, and reporting to regulatory bodies.
• Restoration – activities to bring operations back to the primary site or build a new one.  Note that this is different from contingency operations, which is a temporary site established for continued operations.  It’s especially important to know the difference between contingency, continuity, critical path, response, and restoration in the contexts of disaster recovery and incident management.
• Lessons Learned – meetings held to understand how to better prepare for the next event and how to improve the overall process.
• Training and awareness – specialized training modules or activities designed for BCDR personnel.

Here are the business continuity testing types:

• Read through or tabletop – conducting the test in a conference room while reading through scripts, plans, and scenarios, followed by a discussion.
• Walkthrough – same as tabletop with the added activity of walking to locations mentioned in the plan.
• Simulation – or a drill, such as a fire drill, or emergency communications drill.  Can include components of a walkthrough.
• Parallel – initiating and conducting operations at the alternate site.
• Full interruption – mimicking an actual event.  

Beware of the possibility that contingency tests may cause an actual event.

Site planning is also critical in addressing contingencies and disaster recovery efforts.

Alternate sites should be far enough away so that they are not affected by the same contingency of the primary site.  They should also be close enough so that key personnel can travel to the alternate site during a contingency. This is referred to as sufficient degree of separation between primary and alternate processing sites. Area wide disruptions are broad in geographic scope.

The alternate processing site can be either physical or cloud-based service provider, or other internally or externally provided service.  An organization can also consider geographically distributed architectures. 

Alternate sites that are controlled by external entities need to articulate any environmental conditions within the contract.  Environmental threats should also be defined in risk assessments.

***This page has been fully updated to align with the May 2021 CISSP CBK revision.