Cyber-compromised data recovery : The more likely disaster recovery use case
Abstract
To extort a ransom payment, ransomware actors must make the threat sufficiently compelling that payment seems like the only option. This is achieved by encrypting or disabling a company’s data replicas and backups as well as its production data — data that are essential to the organisation’s success. To prevent this happening, it is essential to extend one’s thinking beyond the organisation’s cyber security incident response plan and disaster recovery programme and give active consideration to a cyber incident recovery risk management (CIR-RM) programme. This paper explores what this requires, including the right thinking, the right approach, the right team and the right plan.
The full article is available to subscribers to the journal.
Author's Biography
John Beattie is a principal consultant at Sungard Availability Services, where he advises clients on operational risk and resilience programmes encompassing business continuity, compromised data recovery, crisis management, and more. He previously held positions with News Corporation as Global Director of Business Continuity and Ernst & Young as a senior manager within the management consulting practice. John is a Fellow of the BCI.
Michael Shandrowski is a principal consultant at Sungard Availability Services where he advises clients on establishing and maturing their disaster recovery and business continuity programmes, and then enhancing them to address compromised data recovery. He was previously the business continuity programme leader for a global insurance company.
Citation
Beattie, John and Shandrowski, Michael (2020, December 1). Cyber-compromised data recovery : The more likely disaster recovery use case. In the Journal of Business Continuity & Emergency Planning, Volume 15, Issue 2. https://doi.org/10.69554/PNMD1651.
Publications LLP