Skip to main content
Search
Practice paper

Cyber-compromised data recovery : The more likely disaster recovery use case

John Beattie and Michael Shandrowski
Journal of Business Continuity & Emergency Planning, 15 (2), 114-126 (2020)
https://doi.org/10.69554/PNMD1651

Abstract

To extort a ransom payment, ransomware actors must make the threat sufficiently compelling that payment seems like the only option. This is achieved by encrypting or disabling a company’s data replicas and backups as well as its production data — data that are essential to the organisation’s success. To prevent this happening, it is essential to extend one’s thinking beyond the organisation’s cyber security incident response plan and disaster recovery programme and give active consideration to a cyber incident recovery risk management (CIR-RM) programme. This paper explores what this requires, including the right thinking, the right approach, the right team and the right plan.

Keywords: cyber crime; cyber attack; ransomware; malware; data recovery; disaster recovery; immutable backups; cyber incident recovery; cyber incident response

The full article is available to subscribers to the journal.

Already a subscriber? Login or review other options.

Author's Biography

John Beattie is a principal consultant at Sungard Availability Services, where he advises clients on operational risk and resilience programmes encompassing business continuity, compromised data recovery, crisis management, and more. He previously held positions with News Corporation as Global Director of Business Continuity and Ernst & Young as a senior manager within the management consulting practice. John is a Fellow of the BCI.

Michael Shandrowski is a principal consultant at Sungard Availability Services where he advises clients on establishing and maturing their disaster recovery and business continuity programmes, and then enhancing them to address compromised data recovery. He was previously the business continuity programme leader for a global insurance company.

Citation

Beattie, John and Shandrowski, Michael (2020, December 1). Cyber-compromised data recovery : The more likely disaster recovery use case. In the Journal of Business Continuity & Emergency Planning, Volume 15, Issue 2. https://doi.org/10.69554/PNMD1651.

Options

cover image, Journal of Business Continuity & Emergency Planning
Journal of Business Continuity & Emergency Planning
Volume 15 / Issue 2
© Henry Stewart
Publications LLP