IT Disaster Recovery | DR

[DR] Disaster Recovery vs Ransomware Recovery: Why IT Disaster Recovery Need Both

Written by Moh Heng Goh | Jun 19, 2024 6:00:22 AM

Disaster Recovery vs Ransomware Recovery: Why IT Security and Disaster Recovery Professionals Need Both

Imagine a fire breaking out at a data centre, taking down critical systems.  This is just one example of a disruptive event that can cripple a business.  While ransomware attacks grab headlines, natural disasters pose a genuine threat.

This joint discussion is often discussed during BCM Institute's IT Disaster Recovery Expert Implementer course.  The key is their roles and responsibilities for the later threats of ransomware attacks.

This blog explores the critical differences between disaster recovery (DR) and ransomware recovery and why CISOs need a plan for both. It provides a simple summary of the two IT disruptions.

What's the Difference?
Disaster Recovery (DR)

It focuses on physical infrastructure, such as hard drives and networks, and aims to get things back online after a physical disaster.

Ransomware Recovery

Deals with data integrity and protection against cyber threats. The goal is to restore data and systems compromised by a ransomware attack.

Why You Need Both
Different Recovery Needs

A natural disaster might require replacing hardware, while a ransomware attack only requires a system reset.

Planning for the Unexpected

Natural disasters are tough to predict, but a good DR plan can mitigate some risks.

Building Resilience
Go Beyond Compliance

Do not just check the boxes for compliance; proceed to develop a holistic plan based on real-time data and security best practices.

Effective Backups are Key
The 3-2-1-1 strategy is recommended.

Three copies (primary and two backups) are stored locally in 2 formats, with one offsite copy in the cloud (immutable storage for an extra layer of protection).

Cloud Storage

Offers scalability and flexibility, with features like automated backups and multi-data centre replication.

Tape Backups

Provide reliable, affordable, long-term data archiving, especially for air-gapped storage.

Physical Backups

Keep hard copies of your DR plan alongside electronic versions for easy access if digital systems are compromised.

Prepared People

Well-trained engineers can minimize downtime during any incident.

Priorities During an Incident
Disaster Recovery

The focus is restoring infrastructure, relocating operations, and ensuring team safety. The standard procedure might involve failing over to a dedicated DR site.

Ransomware Recovery

Data recovery and cybersecurity measures take priority here. A DR site might create an isolated recovery environment to protect data integrity, prevent reinfection, and speed up containment.

Keys to Success
Asset Inventory

To ensure critical assets are recovered, a complete record of all IT assets (hardware, software, data, and network resources) must be kept.

Disaster Recovery Leader

Appoint someone with a strong IT background, project management skills, and business acumen to oversee the planning process.

Testing is Crucial

Regularly test your backups and recovery procedures to identify and fix weaknesses before an accurate disaster strikes.

Communication is Key

Develop an internal communication plan to minimize confusion during a crisis.

Summing Up ...

By following these steps, CISOs can build a robust disaster and ransomware recovery plan, keeping their organizations safe from various threats.

 

Reference: Andrada Fiscutean (2024), Disaster recovery vs ransomware recovery: Why CISOs need to plan for both, CSO.

 

More Information About IT DR 

Contact our friendly course consultant to learn more about our blended learning program and when the next course is scheduled.  They are the DR-300 IT Disaster Recovery Implementer [DR-3] and the DR-5000 IT Disaster Recovery Expert Implementer [DR-5].

Please feel free to send us a note if you have any of these questions.