Chapter 23: Incident Response, Disaster Recovery and Continuity of Operations (Business Continuity)
Incident Response Plan
Documented incident types
Roles and responsibilities
Reporting
Escalation
Cyber-incident response teams
Incident Response Process
-
-
- Preparation
- Identification
- Containment
- Eradication
- Recovery
- Lessons Learned (Postmortem)
-
Disaster Recovery (when the meteor wipes your business off the Earth)
Recovery Sites
Hot
Warm
Cold
Order of Restoration
Backups
Copy
Full
Differential
Incremental
Geographic Considerations
Off-site backup requirements
Distance
Location
Legal
Data Sovereignity
Business Continuity
Tabletop exercises
After-action reports
Failover
Alternative processing sites
Alternative business practices