Online Courses
Cyber Incident Response
Online Courses
Cyber Incident Response
  • Cyber Incident Response
  • Incident Response Fundamentals
    • Introduction to Incident Response
    • Why is incident response needed?
    • Incident Response Phases
    • Business Continuity and Disaster Recovery roles
    • Building an IR playbook
    • Building and IR team
    • Quiz
  • Stages of Incident Response
    • Incident definitions and severity criteria
    • Identifying threats and vulnerabilities
    • Incident Response assets inventory and identification
    • Incident identification
      • Incident Response classification levels
      • Communication/notification of an incident
      • Identification tools and techniques
    • Incident containment
      • Determining status of infected/affected computing resources
      • Containment actions
      • Containment tools and techniques
    • Incident investigation
      • Investigation data sources
      • The role of Digital Forensics
    • Incident eradication
      • Cleanup and verification
      • Notification
      • Eradication tools and techniques
    • Incident recovery
      • Service and System restoration
      • Certification and validation of Business Continuity
      • Recovery and restoration tools and techniques
  • Follow Up / Lessons Learned
    • Assessing the team and processes' effectiveness
    • Implementing improvements
    • Feedback from other teams in the organization
    • Quiz
  • Understanding the Incident Response process and tools quiz
Powered by GitBook
On this page
  • Relationship to IR
  • Shared resources
  1. Incident Response Fundamentals

Business Continuity and Disaster Recovery roles

PreviousIncident Response PhasesNextBuilding an IR playbook

Last updated 8 months ago

Business continuity is all about making sure that a company can keep running smoothly even during a disaster or incident. It focuses on how to continue operating as an organization when something unexpected happens.

On the other hand, disaster recovery deals with the vital support systems of a company, like communication systems and IT assets. Its main goal is to minimize the downtime of the business and get things back up and running as quickly as possible.

So, the relationship between business continuity, disaster recovery, and incident response is that they all work together to handle incidents and ensure that the business can continue operating effectively. Each phase of incident response, such as preparation, identification, containment, eradication, and recovery, may involve considerations for business continuity and disaster recovery.

By collaborating with the business continuity and disaster recovery teams, the incident response team can benefit from their expertise, tools, and processes. This collaboration can help streamline the incident response process and ensure a faster and more efficient recovery.

Overall, business continuity and disaster recovery are essential components of incident response, as they help organizations maintain their operations during and after a crisis.

Relationship to IR

Preparation

DR/BC should be considered even this early in the process

Identification

Is the identified incident a disaster?

Containment

How will containment affect continuity of business operations?

Eradication

Can disaster recovery tools, techniques and personnel help here?

Recovery

Another opportunity to bridge DR

Shared resources

Personnel

BC/DR personnel may be helpful in restoring things

Processes

The process of rebuilding systems and getting them back operational

Relationships

Who's got the magic keys and magic access to everything?

Software and tools

Can we borrow/share some of the tools used by BC/DR

Recovery

BC/DR definitely have a pedigree in this area

5MB
Section 3: Business continuity and disaster recovery roles.pdf
pdf