Length: 2 Days
Disaster Recovery and Business Continuity Training
Disaster Recovery and Business Continuity Training is a 2-day course where participants learn about the main concept of disaster recovery and identify the different types of disasters.
Participants also learn to understand the threats and vulnerabilities in information security networks as well as recognize the vital data and be able to preserve the security of the data.
Analysts contend that resiliency has become critical for organizations facing an array of threats, from natural disasters to the latest round of cyber-attacks. In this climate, business continuity and disaster recovery have relevance than ever before.
Every organization, from small operations to the largest enterprises, is increasingly dependent on digital technologies to generate revenue, provide services and support customers who always expect applications and data to be available.
Of course, before organizations can develop effective disaster recovery and business continuity plans, they need to understand the difference between them.
While a business continuity plan focuses on defining how business operations should function under abnormal circumstances during a disaster or emergency, a disaster recovery plan focuses on getting applications and systems back to normal.
A disaster recovery and business continuity plan is a comprehensive strategy set that consists of related policies, technologies, and staff, aiming to minimize the effect on an organization’s critical business caused by random disasters, and gets service delivery back within a tolerable period of time, just as is expected.
A business continuity plan is actually a series of strategies and procedures that focus more on giving stable business operations guarantees, which works to minimize service interruption time to an acceptable level.
Business continuity covers a wider range that links to every part of an organization’s day-to-day operation, from the IT environment, and personnel, to the communication channel.
A disaster recovery plan can be seen as a part of business continuity plan, which includes a list of tactics that mainly aims to help organizations implement effective restoration of mission-critical servers, systems and applications after disasters.
So compared with business continuity, the issue that a disaster recover plan wants to solve is purely IT-focused: using data backup and recovery to ensure high integrity and availability of important business files.
Experts in this area believe it’s important that a disaster recovery plan can be seen as a part of business continuity plan, which includes a list of tactics that mainly aims to help organizations implement effective restoration of mission-critical servers, systems and applications after disasters.
Among the different types of business continuity plans, the cybersecurity business continuity plan has reached a new level of importance due to rampaging cyber-attacks and data breaches.
A cybersecurity business continuity plan (sometimes known as an incident response plan) can help your business to identify a range of cyber risk and outline how to prevent or mitigate incidents where possible.
It should also outline the actions that should be taken to minimize business disruption during a cyber emergency.
A business continuity plan should address all aspects of an organization, such as:
- Employees
- Communication channel
- IT infrastructure
- Stakeholders
- Offices
Disaster Recovery and Business Continuity Training By Tonex
Disaster Recovery and Business Continuity Training course helps you understand a variety of topics in disaster recovery and business continuity such as: introduction to disaster recovery, concept of disasters, introduction to business continuity, disaster recovery processing plans, risk management techniques, facility protection during disaster recovery period, data/system recovery, incident response and public service effect in disaster recovery plan.
Disaster recovery is one of the most important topics in computer security, where a lot of IT operation companies are lacking of preparation for recovery plans after natural or man-made disasters. Therefore, a comprehensive training in this field is needed to train all the IT operators in order to prepare themselves for any type of disaster.
By taking the Tonex Disaster Recovery and Business Continuity Training, you will understand the main concept of disaster terminologies, nature of disasters, classification of disasters, natural and man-made disasters, and managing disasters.
You will also learn about business continuity, business resumption plan, ISO organization, risk analysis effect on business continuity and resource development effect on business continuity.
Through the Tonex disaster recovery and business continuity training course, our instructors will teach you the process of disaster recovery from defining rules, risk assessment, data verification, business impact analysis, awareness, testing and training of disaster recovery plan to implementation of disaster recovery plans.
By the end of this seminar, you will master in the principles of risk modeling, risk analysis, estimation of risks, vulnerability analysis, and risk identification metrics.
In addition, the Tonex disaster recovery and business continuity hands-on seminar will train you about the main facilities during the disaster recovery plan such as: power plants, water supplies, buildings and methods of ensuring the disaster protection for main facilities.
As you might already know, recovering data is the most important task after the disaster and thus this training helps you discover the main component of data recovery, main steps of data recovery, data protection methods, recovery management, physical data recovery and logical data recovery.
Tonex disaster recovery and business continuity training includes many in-class activities including hands on exercises, case studies and workshops. During the disaster recovery and business continuity training, students bring in their own sample work and projects and through our coaching, develop their own disaster recovery and business continuity action plans.
Finally, the disaster recovery and business continuity training will introduce the incident response topics such as: types of incidents, viruses, attacks, hackers, accidents, denial of service threats, incident management team, incident recovery plan, and incident handling response.
Audience
The disaster recovery and business continuity training is a 2-day course designed for:
- All individuals who need to understand the concept of disaster recovery and business continuity.
- IT professionals in the areas of information security and disaster recovery
- Cyber security professionals, network engineers, security analysts, policy analysts
- Security operation personnel, network administrators, system integrators and security consultants
- Security traders to understand the software security of web system, mobile devices, or other devices
- Investors and contractors who plan to make investments in security system industry
- Technicians, operators, and maintenance personnel who are or will be working on cyber security projects
- Managers, accountants, and executives of cyber security industry
Training Objectives
Upon completion of the disaster recovery and business continuity training course, the attendees are able to:
- Implement a business continuity management plan for a system
- Perform the business impact analysis
- Understand the main concept of disaster recovery and identify the different types of disasters
- Understand the threats and vulnerabilities in information security network
- Recognize the vital data and be able to preserve the security of the data
- Understand the concept of risk, modeling techniques and analysis approaches
- Coordinate and response to an incident in computer network
- Describe a system recovery and backup plan for information security system
- Perform the data recovery plans for lost data after any type of disasters
- Preserve the main facilities of a cyber-world against disasters
- Conduct risk management techniques to a cybersecurity system
Training Outline
The disaster recovery and business continuity training course consists of the following lessons, which can be revised and tailored to the client’s need:
Introduction to Disaster Recovery
- Terminologies
- Types of disasters
- What will disasters do to the system?
- Establishing a need for disaster recovery
- Operational disruption and disasters
- Disaster recovery definition
- Principles of disaster recovery and business continuity
- Activities regarding disaster recovery
- Disaster recovery and business continuity program
- Solutions to disaster recovery
- Practices in disaster recovery and business continuity
- International strategies for disaster reduction
Introduction to Disasters
- What are disasters?
- Nature of disasters
- Classification on disasters
- Natural disasters
- Earthquakes
- Volcanoes
- Forecasting disasters
- Tsunami
- Landslides
- Hurricanes
- Floods
- Wildfires
- Power outages
- Pandemics
- Communication outages
- Accidents
- Terrorism
- War
- Chemical disasters
- Biological disasters
- Radiological disasters
- Nuclear disasters
- Droughts
- Consequences of disasters
- Managing disasters
- Safety measures of disasters
Business Continuity Introduction
- Business continuity management
- Business resumption plan
- Occupant emergency plan
- Incident management plan
- Disaster recovery plan
- Planning for business continuity
- Objectives of business continuity
- Main resources
- Planning steps for business continuity
- International Organization for Standardization (ISO)
- Some important ISOs for business continuity
- Risk analysis
- Risk assessment
- Elements of risk assessment
- Business impact analysis
- Threat analysis
- Risk analysis and business impact analysis
- Crisis management
- Resource development
Disaster Recovery Planning Process
- Defining rules
- Defining processes necessary for disaster recovery
- Information processing for telecommunication resources
- Establishing a planning group
- Risk assessment
- Performing risk assessment and audits
- Establishing priorities for applications and networks
- Developing the recovery strategies
- Preparing inventory and documentation of the plan
- Analysis sheet applications
- Verification data development
- Plan implementation
- Classification of applications in disaster recovery process
- Mission critical applications
- Critical applications
- Essential applications
- Non-critical applications
- Developing the business contingency planning policy
- Risk assessment application
- Business impact analysis application
- Developing the business impact analysis
- Developing business continuity and recovery strategies
- Awareness, testing and training of disaster recovery plan
- Testing flow charts
- Testing methods
- Commence training programs for disaster recovery
- Maintenance of disaster recovery plan
- Monitoring of disaster recovery plan
- Implementation of disaster recovery plan
- Disaster recovery life cycle
Business Continuity Management
- Business continuity Management (BCM) vs. disaster recovery
- The importance of a BCMS
- Overview of ISO 22301
- Determining organizational risk appetite
- Defining the operational environment
- Determining the needs of interested parties
- Identifying stakeholders
- Analyzing stakeholder needs
- Mapping stakeholder relationships
- Identifying mission-critical continuity needs
- Setting priorities based on time horizons
- Performing Business Impact Analysis (BIA)
- Identifying threats
- Assessing risks to the enterprise
- Identifying business-critical activities
- Prioritizing infrastructure requirements
Risk Management in Disaster Recovery Plan
- Characterizing risks
- Defining and identifying the sources of risk
- Choosing a risk assessment method
- Communicating risks across the organization
- Developing appropriate responses
- Matching the response to the risk
- Taking preventive action
Incident Response
- Creating the incident response plan
- Defining roles and responsibilities
- Responding to incident scenarios
- Directing the incident response team
- Setting up the command center
- Planning and conducting communications
- Connecting with emergency services
- Team actions following an incident
- Meeting varied user-recovery needs
Testing, and Improving Business Continuity Provisions
- Rehearsing business continuity arrangements
- Testing plans with a step-by-step process
- Developing test scenarios and using test results effectively
- Considering the impact of testing on the organization
- Maintaining and improving the BCM
- Ensuring normal developments are accounted for
- Leveraging test results to improve organizational practices
- Managing organizational change
Facility Protection in Disaster Recovery Plan
- Main facilities to be protected
- Water supplies
- Fire Extinguishers
- Power supplies
- Ventilation
- Air conditioners
- Buildings
- Protection of facilities, introduction
- Problems regarding facility protections
- Measures of protection
- Checklist for security assurance
- Ensuring the protection
- Monitoring and report
Data Recovery
- Difficulty with the Data
- Differences of data sharing
- Relevance of data
- Data finding
- Annual frequency of security incidents
- Consequences of security incidents
- Safeguards
- Types of Data Recovery
- Logical Data Recovery
- Physical Data Recovery
- Selecting the best data recovery plan
- Disk-to-Disk-to Disaster Recovery (3DR) Concept
- Steps in Data Recovery
- Recovery Management
- Recovery Management Evaluation Metrics
- Recovery Time Objective (RTO)
- Role of RTO in Disaster recovery
- Recovery Point Objective (RPO)
- Network Recovery Objective (NRO)
- Recovery Management Model Layers
- Data Protection Continuum
- Best Practices in Data Recovery
System Recovery and Backup
- Assessing the necessity of backup
- Different types of backup
- Incremental backup
- Differential backup
- Hot backup
- Cold backup
- Bare metal recovery
- Bucky backup
- System administrator for backup
- High availability disaster recovery (HADR)
- Centralized and Decentralized system recovery
Incident Response
- Types of incidents
- Viruses
- Accidents
- Hacker intrusion
- Fire
- Denial of Service
- Theft property information
- Incident response and business continuity planning
- Business continuity recovery terms
- Incident Management Team (IMT)
- Incident Response Team (IRT)
- Preparation for IRP
- Identification of incident
- Limiting incidents
- Analysis and eradication of incidents
- Incident recovery
- Ex-Post response
- Incident detection technologies
- Logs to collect and monitor incidents
- IT detect incidents
- Employee’s response
- Chain of Custody law
- Containment
- Incident handling response
- Incident management metrics
Hands-on and In-Class Activities
- Labs
- Workshops
- Group Activities
Sample Workshops Labs for Disaster Recovery and Business Continuity Training
- How to Identify the disaster impact on critical business functions
- Risk Management workshop: Assessing risk: exposure, vulnerabilities and threats
- Disaster Recovery workshop: Developing appropriate countermeasures
- Incident response workshop: Organizing teams during incident response
- Contingency management workshop: Assessing contingency options
- Assessing threats and avoiding disasters training
- Recovery plan training from the disaster incident response
Disaster Recovery and Business Continuity Training