https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Services Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • MSP 501 Information Center
    • 2021 MSP 501 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • DE&I 101
    • Top Gun 51
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Services Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • MSP 501 Information Center
    • 2021 MSP 501 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • DE&I 101
    • Top Gun 51
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Security


Disaster Recovery

Ask a Security Expert: How Do I Get Started With DR?

  • Written by Gary Hayslip
  • July 17, 2018
In this edition, we look at the intersection of security and business resilience.

What are the first steps in creating a disaster-recovery policy? Are there any templates to use or best practices on what to include?

This one comes from Chris Cable, senior engineer and team lead at Techworks Consulting, who hears this question from his customers.

Chris Cable

We live in a world where headline after headline features yet another company that has fallen victim to a breach, leak or cyberattack. And we need no reminder that cybercriminals are not discriminatory when choosing their targets. Organizations of all sizes and across all industries are constantly faced with the reality of the threat landscape surrounding us today.

So, what can organizations do to ensure they are prepared for a cyber incident, such as a data breach?

The process of mitigating a disaster must begin well before a breach – or fire, flood or hurricane – happens. Successfully recovering from a security disaster requires proactivity, and it’s crucial that organizations establish a security/risk management program to stay ahead of potential risks.

Organizations seeking to develop an effective disaster-recovery plan should start with an existing risk-management framework to begin implementing proper cybersecurity policies and procedures. NIST’s Cybersecurity Framework, for example, is centered on five core functions of identify, protect, detect, respond and recover. When addressing how to create an effective disaster-recovery policy, it’s important to focus on four core functions for cybersecurity incidents.

  1. Identify – To adequately prepare for a security disaster, organizations must first determine and understand their critical systems, assets and data, as well as the risks they face.
  2. Protect – Organizations should then ensure that a proper cybersecurity program with appropriate security controls and capabilities is in place.
  3. Detect – Detection is a crucial part of disaster recovery, as organizations must be able to efficiently identify and investigate the occurrence of a cybersecurity event.
  4. Respond – Once a disaster is confirmed, organizations must take action to contain the impact of a cybersecurity incident.
  5. Recover – And finally, recovery. This involves keeping the company in operation and assisting efforts as it returns to normal business operations.

As the NIST framework shows, a successful disaster-recovery program does not start with recovery; on the contrary, it requires proactive planning and documenting of current controls and contingencies to remediate incidents.

Part of this planning involves being aware of new regulations, such as GDPR, that will drive the need for organizations to review and update their disaster-recovery policies. NIST’s five core functions provide a solid foundation for customers looking to not only comply with regulations, but also ensure resilient business operations and a successful recovery if and when a disaster happens. And if an incident does occur (an eventuality that every company should be prepared for), an MSP should first circle back and do a deep review of the incident to ensure the same problem doesn’t arise again. You might not be able to do much about Mother Nature, but you can help customers do better with patching or phishing prevention.

In addition to NIST’s framework, organizations should follow general security-related best practices to aid in disaster recovery, including:

  • Backing up all data.
  • Keeping all systems updated with antivirus and anti-malware security software.
  • Ensuring all computers are updated with current operating systems and security patches.
  • Securing wireless networks with encryption.
  • Implementing, monitoring, and auditing system and network logging.
  • Installing access control and authentication of sensitive data.
  • Training employees in cybersecurity awareness and proper use of business systems.

With today’s evolving threat landscape, it’s imperative that MSPs work with customers on disaster-recovery policies. NIST’s five core functions and general cybersecurity best practices are a great starting place for any organization looking to manage its risks and minimize the potential impact of a cyber incident. And once the process is started, don’t stop.

As Webroot‘s CISO, Gary Hayslip is responsible for the development and implementation of all information security strategies, including Webroot’s security standards, procedures and internal controls. As CISO, he also contributes to product strategy to guide the efficacy of the Webroot security portfolio.

Tags: Agents Cloud Service Providers MSPs VARs/SIs Best Practices Mobility & Wireless Networking Security Strategy Technologies

Most Recent


  • money
    'An Era Has Ended': Inside the $61 Billion Broadcom-VMware Deal Rocking the Software Industry
    "VMware was in a quandary," an analyst told Channel Futures.
  • Business megaphone
    Departing Microsoft Channel Chief Rodney Clark Announces New Job
    We know where Clark is headed after surprisingly leaving Redmond.
  • Layoffs, unemployed
    Lacework Confirms Layoffs Impacted 20% of Workforce
    Last November, Lacework raised $1.3 billion in growth funding.
  • focus a camera
    Knowledge 2022: ServiceNow Focused on Partner Experience to Drive Growth
    ServiceNow will roll out a reimagined partner program early next year.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Paying ransomware
    Feds Seize Most of Ransom Paid in Colonial Pipeline Ransomware Attack
  • IPO
    6 Things to Know About the Upcoming SentinelOne IPO
  • Acquisition fish eating little fish
    Deloitte Joins Cloud Cybersecurity Craze with CloudQuest Purchase
  • Qualys Philippe Courtot Obit
    Security Industry Mourns Death of 'Pioneer' Philippe Courtot

Upcoming Events

View all

Channel Partners Europe

June 14, 2022 - June 15, 2022

MSP Summit

September 13, 2022 - September 16, 2022

Galleries

View all

‘An Era Has Ended’: Inside the $61 Billion Broadcom-VMware Deal Rocking the Software Industry

May 26, 2022

Knowledge 2022: ServiceNow Focused on Partner Experience to Drive Growth

May 26, 2022

The Gately Report: Cybereason Helps MSSPs Provide Unified Security, Details Massive Espionage Ring

May 26, 2022

Industry Perspectives

View all

Increased Cybersecurity Vulnerability = Increased MSP Opportunities

May 25, 2022

Leverage Your MSP’s People Power

May 24, 2022

How SD-WAN Helps Secure the Expanding Network Perimeter

May 19, 2022

Webinars

View all

Simplifying SaaS Security for MSPs

April 27, 2022

How to Supercharge The Network to Support Your IT Superhero Moves

May 3, 2022

The 2022 MSP Challenge: Scale Service Delivery Despite the Talent Gap

April 21, 2022

White Papers

View all

Work Goes Remote – (and Other Top ITOps Trends)

May 25, 2022

The New Bottom Line: How MSPs Can Meet the Healthcare Crisis While Evolving Their Businesses

April 19, 2022

How to build a Security Operations Center (on a budget)

April 4, 2022

Channel Futures TV

View all

AT&T, Microsoft, Cisco, ThreatLocker on Unlocking Partner Potential

Agents Share ‘Secrets,’ Industry Opportunity

May 11, 2022

Vonage Addresses Potential Partner Opportunity via Acquisition by Ericsson

May 5, 2022

Lumen Technologies ‘Built for Growth and Scale’

May 4, 2022

Twitter

ChannelFutures

.@Lacework lays off 20% of workforce. #cloudsecurity dlvr.it/SR7Jsl https://t.co/Mg3OVXHAhe

May 26, 2022
ChannelFutures

#Know22: @ServiceNow focused on transforming #partnerexperience to foster more growth. dlvr.it/SR7Hbj https://t.co/J1BhmT3OzS

May 26, 2022
ChannelFutures

Departing @msPartner exec @rodneyc55 to become @johnsoncontrols chief commercial officer. dlvr.it/SR7HZN https://t.co/v0eVGBMKbQ

May 26, 2022
ChannelFutures

Everyone's talking about the massive Broadcom-VMware deal. @AnuragTechaisle, @Dataprise, @Carousel_Ind, @imlazar an… twitter.com/i/web/status/1…

May 26, 2022
ChannelFutures

Our latest Gately Report features @cybereason on MSSPs and growth, @Hornetsecurity acquisition, @marketsandmarkets… twitter.com/i/web/status/1…

May 26, 2022
ChannelFutures

“The ‘on premises versus cloud’ debate is dead” @DellTech @DellTechUK @DayneTurbitt explains the opportunity for… twitter.com/i/web/status/1…

May 26, 2022
ChannelFutures

.@Broadcom's acquisition of @VMware comes as the chipmaker reports that infrastructure software accounted for 23% o… twitter.com/i/web/status/1…

May 26, 2022
ChannelFutures

Are your #MSP clients struggling to handle their cybersecurity vulnerability? #cybersecurity #cyberthreats… twitter.com/i/web/status/1…

May 25, 2022

MSSP Insider

Business advice for MSSPs and news from the broader security channel.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X