Back to course

Disaster Recovery Planning

Cyber Security Mastery: From Zero to Hero

Ensuring Business Continuity

Disaster Recovery (DR) is the process, policies, and procedures related to preparing for recovery or continuation of technology infrastructure after a disaster (natural or human-caused, like a major cyberattack).

Key DR Metrics

  1. RTO (Recovery Time Objective): The maximum amount of time a business can tolerate before a system or service must be fully restored and operational.
  2. RPO (Recovery Point Objective): The maximum amount of acceptable data loss, measured in time (e.g., 4 hours of lost transaction data).

Business Continuity Plan (BCP)

The BCP is broader than DR. It focuses on maintaining essential business functions during and immediately after a disaster. It involves non-IT operations (staffing, physical location, communication).

Testing: DR plans are useless if they are never tested. Regular, often mandatory, testing ensures the RTO and RPO targets can actually be met.