Your SlideShare is downloading. ×
BusinessContinuity.ppt
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

BusinessContinuity.ppt

4,780
views

Published on


0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
4,780
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
262
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Business Continuity
  • 2. Business Continuity
    • Continuity strategy
    • Business impact
    • Incident response
    • Disaster recovery
    • Business continuity
  • 3. Continuity Strategy
    • Contingency planning
    • Incident response planning
    • Disaster recovery planning
    • Business continuity planning
  • 4. Contingency Planning
    • Contingency planning consists of:
      • Incident response plan
      • Disaster recovery plan
      • Business continuity plan
    • Incident response involves:
      • Notification of key people
      • Documenting the incident
      • Contain the damage due to the incident
  • 5. Contingency Planning Diagram
  • 6. Contingency Planning Timeline
  • 7. Contingency Planning
    • Primary goal is to restore all systems to pre-failure level
    • CP requires support of:
      • Upper level management
      • IT people
      • Security people
  • 8. Business Impact Analysis
    • BIA is the first step in CP
    • Takes off from where risk assessment ended
    • Main steps in BIA are:
      • Threat attack identification
      • Business unit analysis
      • Attack success scenarios
      • Potential damage assessment
      • Subordinate plan classification
  • 9. Business Impact Analysis
    • Threat identification includes:
      • Attack name and description
      • Known vulnerabilities
      • Indicators preceding an attack
      • Information assets at risk from the attack
      • Damage estimates
  • 10. Business Impact Analysis
    • Business Unit Analysis includes:
      • Prioritization of business functions
      • Identify critical business units
    • Attack success scenario includes:
      • Known methods of attack
      • Indicators of attack
      • Broad consequences
  • 11. Business Impact Analysis
    • Potential damage assessment includes:
      • Actions needed immediately to recover from the attack
      • Personnel who will do the restoration
      • Cost estimates for management use
    • Subordinate plan classification includes:
      • Classification of attack as disastrous or non-disastrous
      • Disastrous attacks require disaster recovery plan
      • Non-disastrous attacks require incident response plan
      • Most attacks are non-disastrous, e.g., blackout
  • 12. Business Impact Analysis Diagram
  • 13. Incident Response Plan
    • Responsible people aware of IR plan details
    • Periodic testing of IR plan as a desktop exercise
    • Goals to remember (Richard Marcinko):
      • More sweat in training means less bleeding in combat
      • Preparation hurts
      • Lead from the front and not the rear
      • Keep it simple
      • Never assume
      • You get paid for results not your methods
  • 14. Incident Response Plan
    • Incidents are usually detected from complaints to help desk
    • Security administrators may receive alarms based on:
      • Unfamiliar files
      • Unknown processes
      • Unusual resource consumption
      • Activities at unexpected times
      • Use of dormant accounts
  • 15. Incident Response Plan
    • Additional incidence indicators:
      • IDS system detects unusual activity
      • Presence of hacker tools such as sniffers and keystroke loggers
      • Partners detect an attack from the organization system
      • Hacker taunts
    • How to classify an incident as a disaster?
      • Organizational controls for an incident are ineffective
      • Level of damage to the system is severe
  • 16. Incident Response Plan
    • Incident reaction involves
      • Notifying proper personnel
        • Involves notifying people on the alert roster
        • Notification could be accomplished using a predefined tree structure
        • Notification is pre-scripted to activate relevant portions of the incident response plan
      • Designated personnel start documenting the incident
  • 17. Incident Response Plan
      • Activate incident containment strategies such as:
        • Take system offline
        • Disable compromised accounts
        • Reconfigure firewall as needed
        • Shut down specific applications such as email or database
        • Might necessitate shutting down the system completely
  • 18. Incident Response Plan
    • Post-incident actions
      • Preserve evidence
      • Activate recovery procedures
      • Assess damage
  • 19. Disaster Recovery planning
    • Prioritize recovery of components
    • Crisis management
    • Activate recovery from backup data
  • 20. Business Continuity
    • Service Level Agreements
    • Software escrow
    • ISO 17799 addresses business continuity management
    • Cold / warm / hot site
    • Restoration vs. recovery
    • FARM (Functional Area Recovery Management) specifies plans for operational area recovery
  • 21. References
    • Disaster recovery planning exchange http://www.drie.org/bcaw2k5/DCEOAdvice.doc
    • Disaster Recovery: http://www.dri.ca/
    • COBRA
    • http://www.ca-systems.zetnet.co.uk/risk/
  • 22. References
    • Natural Disasters preparedness http://www.colorado.edu/hazards/informer/informerupdate.pdf
    • Crisis management http://security1.gartner.com/story.php.id.152.jsp
    • Business Continuity Plan glossary http://www.drj.com/glossary/glossleft.htm
    • Avaya white paper on Business Continuity http://www1.avaya.com/enterprise/whitepapers/lb2258.pdf