Title Goes Here

2015 Risky Business Week

Welcome to the 2015 Risky Business Week presentation regarding disaster recovery.12015 Risky Business Week Agenda22015 Risky Business Week Types of Disasters3What is Disaster Recovery?4Corporate Disaster Recovery5Disaster Recovery Trends6Personal Disaster Recovery7Digital Risks8Action Plan9

2015 Risky Business Week 2Types of Disasters32015 Risky Business Week

NATURAL DISASTERS

Disaster Recovery is a critical necessity to have due to the increasing number of disasters organizations faceTo put this in perspective, for every $1 spent on hazard mitigation saves society $4 in response and recovery costsOf the Companies that had a major loss of business data, 43% never reopened and 29% close their doors within two years following the disasterThere are two types of disasters: natural and manmadeNatural disasters include hurricanes, volcanoes, tornados, tsunamisMan made disasters include terrorist attacks, oil spills, chemical plant explosions, etc.

2015 Risky Business Week 3What is Disaster Recovery?A set of policies and procedures to enable the recovery or continuation of technology infrastructure and systems following a natural or human disaster. Disaster recovery (DR) focuses on the technology systems supporting critical business functions.42015 Risky Business Week

Disaster recovery is a set of policies and procedures to enable the recovery or continuation of technology infrastructure and systems following a natural or human disaster. Disaster recovery (DR) focuses on the technology systems supporting critical business functions.For example in the insurance industry critical business functions may include creating a quote on a policy system or creating a claim. The technology systems would be those that support these functions.

2015 Risky Business Week 4

Digital Risks82015 Risky Business Week Do you keep all your contacts on your smartphone? Do you store a lot of photos or emails? Do you do online banking through your digital devices?

What would happen if you lost that information through either loss or theft of the device, someone installed a Keylogger or malware, a house fire, or your hard drive crashed?

Do you keep all your contacts on your smartphone? Do you store a lot of photos or emails? Do you do online banking through your digital devices?A lot of people use their digital devices to perform their day to day functionality. However they dont consider the risks if that digital device were unavailable.What would happen if you lost that information through either loss or theft of the device, someone installed a Keylogger or malware, a house fire, or your hard drive crashed?These are key risks we need to consider when using our digital devices

2015 Risky Business Week 8Disaster Recovery TrendsCloud based disaster recoverySecurity & Data Recovery concerns

Data breaches will continueIncrease in costs, fines, and lawsuits

62015 Risky Business Week

There have been a few trends on Disaster Recovery that have been gaining a lot of attention. The first trend is companies are turning to cloud based disaster recovery. This is where companies are storing their data with a provider in the cloud which essentially means off their premises. If a disaster happens they would need to work with this provider to recover the data. This trend has a lot of hype around it because it has a cost savings.However, there are some major concerns including security and data recovery. For example, is the data securely transferred and stored in the cloud? How are users authenticated to log onto the systems to view the data? Are passwords the only option to log on or is there some type of two-factor authentication to make it more secure? And finally does the cloud provider meet the regulatory requirements? With data recovery, companies need to be asking if there is enough bandwidth and network capacity to redirect all users to the cloud and if there is a disaster and they need to restore from the cloud to on-site how long will that take?The role of disaster recovery is evolving to include recovery from data breaches. Business that fail and have a disastrous data breach are getting a lot of publicity. In the last few years some of the biggest data breaches weve heard include Target, Michaels craft stores, Home Depot and PF Changs. It is realistic to accept that its a matter of when your organization will experience an information security breach, no if, and it wont be cheap. As of 2014, a study conducted by IBM stated that the average cost of a data breach for a company was $3.5 million which included costs, fine, and the lawsuits brought against companies. Companies need to minimize the risk by identifying risks and reassessing annually, review the organizations data to understand how it is used and protected to create a breach risk profile. They also need to perform test runs on how they need to respond if a breach were to occur.The disaster recovery trends are truly demonstrating how technology is evolving and needs to consider security risks. 2015 Risky Business Week 6Personal Disaster Recovery72015 Risky Business Week

When people think about DR one of the areas they overlook is whether they need to have a personal disaster recovery plan. As the cat in the picture says we definitely need a personal disaster recovery plan, however our plan will not be to buy extra cat food. One of the types of plans we should look at having in place is a digital plan planning for what happens if your digital device is unavailable. 2015 Risky Business Week 7

Action Plan92015 Risky Business Week Backups, backups, backups you cant have too many.

Document Critical Information Account UserIds and passwords, software license information, support phone numbers, contract numbers and the make, model and warranty information for all your devices.

Plan for Extended Downtime if the data is something you may need to have before a new device is available, such as contact information, consider keeping a hardcopy of the information.

Plan for Getting Back to Normal restoring your data from your backup files. This may take assistance from an external support team.

Its important to have a personal digital disaster recovery plan for when the unexpected happens. For example, if that device were unavailable.A disaster recovery plan in the digital sense is essential to recover the data you deem most important whether that be emails, photos, or contact information. With putting the plan together it doesnt have to be complicated. There are 4 strategies we recommend for putting together a personal DR Plan.Backups, backups, backups you cant have too many. Make sure to save that critical information, such as what is your mothers phone number if you have to reach her.Document Critical Information Account UserIds and passwords, software license information, support phone numbers, contract numbers and the make, model and warranty information for all your devices. Plan for Extended Downtime if the data is something you may need to have before a new device is available, such as contact information, consider keeping a hardcopy of the information. Plan for Getting Back to Normal restoring your data from your backup files. This may take assistance from an external support team.

2015 Risky Business Week 9102015 Risky Business Week

Prepare for Disaster: Recover Faster!

- Prepare for Disaster: Recover Faster! Disaster Recovery is a function within the Security Awareness effort. Thank you for listening to this presentation. 2015 Risky Business Week 10