Resilience and Recovery

Refers to a group of interconnected computers or servers that work together as a single system. It is often used for high availability. If one node fails, another node can take over ensuring that there is no interruption in service.

Clustering

Involves distributing IT resources and sites across different geographic locations. Helps in mitigating risks associated with local disasters or threats. By spreading our resources, it ensures that an incident in one location doesn't disable the entire operation.

Geographic dispersion

The use of different technologies or vendors in an environment such as a company using Cisco network equipment alongside Linux and Windows servers to reduce the chance that one vulnerability affects every system. However, it is complex to manage and set up.

Platform diversity

An environment where an organization uses two or more cloud service providers (like AWS, Azure, or Google Cloud) to host applications, data, or services instead of relying on just one provider. Means spreading your cloud resources across multiple cloud companies.

Multi-cloud systems

Refers to an organizations ability to continue its essential functions, even in the face of a major disruption or disaster. It minimizes downtime, ensures that key business processes and IT services remain available and functional during ot after a cyber incident.

Continuity of operations

Involves forecasting and preparing for the future resources needed to manage information security effectively. Ensures that organizations have adequate resources, and capabilities to handle current and future cybersecurity challenges.

Capacity planning

Ensuring an organization has enough skilled cybersecurity professionals to handle various tasks, including incident response, risk assessment, and system maintenance.

Capacity planning - People

Implementing security tech technologies that can scale with the organizations growth and evolving threat landscape. Investing in emergency technologies, such as AI and machine learning which can enhance cyber security capabilities.

Capacity planning - Technology

Ensuring the IT infrastructure can support both current and anticipated future cyber security needs.

Capacity planning - Infrastructure

The process of intentionally simulating a system failure to confirm that backup systems correctly take over without disrupting operations. Testing if your backup system actually works when the main system goes down.

Fail over test

Running primary and backup systems at the same time to compare results and validate the backup system works correctly.

Parallel processing

Are copies of data and systems that are stored separately from the original, designed to be used for restoring the original in case of data loss, corruption, or a disaster.

Backups

Backups at the same physical location as the primary data source. They offer quick and easy access for data restoration. Example: Backing up company files to a local server or external drive in the same office however risky if the building ends up damaged (flood, natural disaster)

Backups - Onsite

Backups stored in a different physical location from the original data. These backups provide additional security against disasters that could affect the primary site however it may take longer to restore or access.

Backups - Offsite

How often your data is saved in case something goes wrong. These backups depend on the criticality of the data and the rate of which changes.

Backups - Frequency

This is crucial for maintaining the confidentiality and integrity of backed up data. It should be applied during transmission and while the data is at rest in the backup storage.

Backups - Encryption

A saved “freeze-frame” of a system at a specific point in time used for quick rollback or recovery. Are fast to create and useful for quick recovery, especially in virtualized environments.

Snapshots

Involves processes and plans to restore data and systems from backups, efficiently, and effectively after a data loss incident.

Recovery

The process of continuously copying and syncing data from one system or location to another in real time or near real time so a backup copy is always up to date.

Replication

Is a method that keeps track of changes made to the data since the last full backup. Used on databases to restore to a point in time. Allows for fast recovery, by only applying the changes recorded in the journal to the last stable state.

Journaling

Provide an alternative power source in case of a power outage. They are essential for long-term power failures, where the main supply is interrupted. Ensure that critical systems like servers remain operational during extended power outages. However, it can take a little time to start.

Generators

Is a short-term backup power when electricity fails.Provides immediate power back up in the event of a power failure, allowing for a safe shutdown of systems or bridging the gap until a generator kicks in.

Uninterruptible power supply (UPS)