Risk Scenarios to be covered by a Disaster Recovery Plan

Every company must identify the risks it wishes to cover in a DRP context, which can include:

  • Natural Disaster: Windstorm | Forest Fire | Earthquake | Flood
  • Fire: Datacenter Fire, Building or Site Fire
  • Utility Failure: Air Conditioning Stop | Datacenter Power Outage
  • Human Crisis: State Terrorism Attack | Strike
  • Cyber Attack: Phishing, ransomware, Ddos, …
  • Complex IT Incident: Hypervisor failure

These risks will then be translated into risk scenarios for IT and business operations.

The concept of prolonged unavailability, characteristic of a DRP, differs from the concept of temporary unavailability, which is addressed by critical incident management of its high-availability information system architecture.

For each company, this boundary between temporary and prolonged unavailability can range from a few hours to a few days.

The objectives of operational crisis management of a cyber-origin crisis

Compared to other crisis scenarios that may require the activation of a DRP, cyber crises have their own characteristics:

  • Immediate impacts (stopping of certain activities, inability to deliver services, etc.).
  • Uncertainties regarding the scope of the compromise.
  • Complexity in deciding what can be restarted in DRP mode or not, and in what order, this being related to:
    • The vector of the attack: is it a ransomware commanded from the outside, …
    • Potential propagation to other external organizations due to the interconnection of IT systems.

In the first few hours, it can be difficult to distinguish an IT incident from a cyber incident. Technical teams must attempt to detect weak signals to shut down systems if necessary.

Nuabee's contact

65, rue Hénon
69004 Lyon - France
Contact Us - Homepage top right - OK