Continuing Strategies

Now that we have seen the threats to the security of an organization and various security models let us take the case of a successful attack. We have to decide on various continuing strategies. This refers to the way by which we can set up plans for recovering and restoring business after a hit. We say a company is hit when its security system is being breached. To counter attack such a situation an organization has to plan for its worst case scenario. For this reason they develop various plans like Incident Response Plan, Disaster Recovery Plan and Business Continuity Plan. There is a clear difference between an incident and disaster. The differentiation factor is the magnitude of the security breach or the amount and intensity of a hit. Initially one must perform a business impact analysis to identify what is the impact of the threats that are likely to occur. It may result in findings of what are those services that can be offered without any interruption and what other services will be brought down by the hit. There are various terminologies associated with such plans called hot sites, cold sites and warm sites. It refers to the place where the continuity of business has to be set up.