Contingency Planning Fundamentals

Overview

While it's best to be proactive and prevent security threats from being a problem as early as possible, you cannot prevent everything. Eventually, something will go wrong, and it's important to prepare for that. Cyber security breaches are on the rise and having a solid process for responding and containing the incident, can save companies millions of dollars in damages and prevent catastrophe. Contingency Planning is the process of preparing a company to detect, react to, and recover from threats to assets. The main goal is to bring the company back to a state of normal operations following a disruptive event.

There are 3 key parts to contingency planning:

Incident Response: The process of detecting and responding to to limit consequences of a malicious, unintentional, or circumstantial cyber attack against an organization’s information systems(s).

Business Continuity: A predetermined process that describes how an organization’s mission/business processes will be sustained during and after a significant disruption.

Disaster Recovery: A predetermined process that details how critical applications and processes will be restored to normal operations at the primary business site in the event of a major hardware or software failure or destruction of facilities.