Copyright Security-Assessment.com 2006 S4 Conference Series BCP and DR. Timely Reminder Presented By...

Copyright Security-Assessment.com 2006

S4 Conference Series

BCP and DR. Timely Reminder

Presented By Peter Benson


• Consider the Conditions• Trends and Issues• Basic Frameworks

Timely Reminder Agenda


Environmental Conditions• Assume a hurricane has affected your main offices / building

and has wreaked significant havoc including smashing windows and damaging equipment. Assume that rainwater has entered the building through the broken windows and severely affected the computer systems.

• Assume your main premises have been affected by flooding and it has affected all systems and equipment located on the ground floor and lower ground floors. Assume also that any cables which pass through the ground floor are also affected and 'out of commission'.

• Assume main workplace affected by earthquake measuring 6.5 on the Richter scale with the epicentre only two miles away. Significant impact on local services and transportation and some injuries have been caused to some staff who's homes are located in the region. The earthquake has affected electrical power supplies, water and drainage. Telephones could still be operational.


Environmental (continued)• Assume electrical storm has affected the premises and the

lightning rods were ineffective. The direct hit has knocked out the internal electrical power and amazed at least 50% of the equipment (including IT hardware).

• Fire Assume that there has been significant fire and smoke damage affecting over 50% of the companies records and workspace. Assume also, if one is installed, that the automatic sprinkler system was activated, causing further damage.


Organised or Deliberate• A group of terrorists have exploded a car bomb outside your

main premises. There has been considerable damage to the building and equipment outside. Fortunately, there was no loss of life or injuries as the explosion occurred at 3 a.m.

• A disgruntled employee has planted some malicious code in your main systems and this has resulted in a complete shut down of your systems with probable loss of data and damage to data files.

• Over the weekend, your main office was broken into and a significant amount of computer equipment was removed. This has rendered the office unusable for at least five days.

• Your main warehouse has been burnt down through a deliberate fire. The warehouse and contents have been completely destroyed.

• Labour Dispute / Industrial Action


Utilities and Services• Electrical power failure (blackouts) (brownouts) Assume

electrical power completely affected. No heating, air conditioning, lights, PC's, terminals, networks, telephones and faxes available. Only pre-printed hardcopy of laptop / battery based equipment usable.

• Loss of gas supply A gas leak in the local vicinity has forced the Gas Utility Supplier to close down all gas services in the area.

• Loss of water supply Contamination has leaked into the local fresh water supply and there is unlikely to be water available for the immediate future.

• Petroleum and oil shortage OPEC has a major internal dispute and this is affecting oil supplies worldwide. This may continue for some time and adequate precautions should be taken. Rationing has already started and the shortage is seriously affecting transportation.


Utilities (continued)• Communications services breakdown Serious damage to

local cables has resulted in the telecommunications not being available today and for the immediate future. Predictions are for the service to be unavailable for seven days. This is affecting e-commerce sites, networks and Internet availability.

• Loss of drainage / waste removal Local flooding has caused serious problems for the local drainage system and debris has created a serious blockage affecting repairs. You are requested not to use the water drainage facilities for the next three days, by which time it may have been cleared.


Trends and Considerations• Over reliance on power supply systems / suppliers• Over reliance on network / internet providers• Over reliance on hosting providers• Telecommunications issues• Underestimating impact• Breadth of consideration low• Under planning for worst case scenarios• Lack of testing / plan maintenance• Backup issues


Considerations (continued)• Dependence on singular circuits (AK Power,

Telecommunications)• Triggers not just Technological (OSH)• Re-evaluation of old plans (cost escalations)• Backup systems / sites not up to spec for security• Upstream and Downstream Service Provider SLA’s (capabilities,

obligations)


Standard Frameworks NIST• Develop the contingency planning policy statement • Conduct the business impact analysis (BIA) • Identify preventive controls • Develop recovery strategies • Develop an IT contingency plan • Plan testing, training, and exercises • Plan maintenance.


Standard Frameworks ISO17799• Understanding the risks the organization is facing in terms of

likelihood and impact in time, including an identification and prioritisation of critical business processes

• Identify all the assets involved in critical business processes• Understand the impact which interruptions caused by

information security incidents are likely to have on the business and establishing the business objectives of information processing facilities;

• Consider the purchase of suitable insurance;• Identify and consider the implementation of additional

preventive and mitigating controls;


Planning a Course of Action• Identify sufficient financial, organizational, technical, and

environmental resources to address the requirements;• Ensure the safety of personnel and the protection of

information processing facilities and organizational property;• Formulate and document business continuity plans addressing

requirements;• Regular testing and updating of the plans and processes put in

place;• Ensure that the management of business continuity is

incorporated in the organization’s processes and structure;


Questions ?

http://www.security-assessment.com

[email protected]

Copyright Security-Assessment.com 2006 S4 Conference Series BCP and DR. Timely Reminder Presented By...

Documents

Transcript of Copyright Security-Assessment.com 2006 S4 Conference Series BCP and DR. Timely Reminder Presented By...