Business Continuity and Disaster Recovery
Business Continuity and Disaster Recovery Overview
In this episode, Rob and Mike discuss what topics will be covered in the rest of the series. They do a high level overview of the who, what, when, where and why of business continuity disaster recovery.
0h 8m
[MUSIC]
Hello, welcome to another exciting
episode here at ITPro.TV.
I'm your host, Mike Rodrick, and
today we're doing Business Continuity
& Disaster Recovery.
In studios, we've got none other than Mr.
Rob Carson with SemperSec here
to help us and talk about business
continuity and disaster recovery.
And we're gonna talk
about in this episode,
we're gonna take a look at what
we can expect over the next few
videos in this series.
And before we get started,
Rob, let's talk about you and
a little bit about your background.
Hey, thanks, Mike, and
I'm really excited to be here.
So my background, originally I was
a Marine Corps infantry officer, so
I did seven years in
the Marine Corps working with Oorah.
Oorah?
Yeah, Oorah, right?
And I spent quite a bit of time with the
Iraqi army as well as the leading platoon.
So organized chaos, a lot of craziness.
So understanding how to fight through
different high stress activities.
And then after I left that I started as
the VP of operations at a small managed
security service provider.
And then was also a director of
security in the back end of the cloud.
So unfortunately, or fortunately for
you, you get to learn from my lessons
learned this week, because none of these
things that I'm gonna give you this
week are what things I read in a book?
They're things that I made the mistakes
on and learned my lessons to help you.
That makes it a little bit easier for
us.
We'll let you go through the pain,
and then we'll just learn from you.
I like that.
Absolutely.
[LAUGH]
Absolutely.
All right, so
what are we gonna talk about here?
I know we've got several episodes we're
gonna talk about business continuity,
disaster recovery.
Break down what our plan is and
what we're gonna be going over here.
Absolutely, I'd love to.
So to get started here, we're gonna talk
about how to get Left of Bang, okay?
And that's an important piece to
think about is what we're doing is,
we're thinking about what happens before.
How do we plan so that we,
when Bang happens, when something,
when a disaster happens,
and it will, what do we do?
We already have that plan in place so
that we can act much more efficiently and
effectively and not be running around
trying to do things at that point,
cuz at that point you
already have enough to do.
We're in the middle of the bang,
or we're right at the bang,
and it's kinda too late at that point,
right?
[LAUGH]
Exactly,
it's not the time to work on marksmanship.
It's not the time to figure out which
systems to restore in what order,
because you should
already kinda know that.
If you don't,
this is what we're gonna talk about.
We're gonna build that.
And that's one of the great
things we're gonna do,
is we're actually gonna build
a BCP plan during this week.
We're gonna go all the way through it,
build it straight up.
And that way you actually see how it's
done from a pract app standpoint,
and you're not overcomplicating it.
And we'll try to talk about different
scales, so what it looks like for
an SMB, versus a large enterprise,
the differences, because there are.
Fantastic, cuz that's one of the things
I know when you're getting into this,
you can go out and you can find
templates and things like that.
But if you don't know what
information I need to put in here,
is this template right for
me, it becomes difficult.
So having you walk us through that
thought process of what do
I do to create this BCDR?
Where do I even start?
So fantastic,
we're looking forward to that.
No, you need everything.
And so let's talk about what as well.
So BCP is that framework, right?
So business continuity plan, for essential
business operation, is when things happen.
And what you wanna think about for
that is it's not just IT.
It could be pandemics.
It could be hurricanes.
It could be multiple things.
One of the last places I was at,
we had an office in Seattle.
I had to write about volcanoes.
Never thought I'd write about volcanoes.
But it turns out volcanoes are a thing, if
you live in Alaska, you live in Seattle,
you live in Hawaii.
And then ITDR is when IT happens.
And it's gonna happen,
cuz it is what it is.
And we'll talk about different ways
to build those kind of plans as well,
cuz those are really a subset of it.
And then we're also gonna talk about who.
So we're gonna talk about who are the
stakeholders involved with each and
who you need to involve at different
points in the planning process,
what rules they have and
things like that, and where?
So I have a great database
that I'll show you later which
we can do the research on what is relevant
to your location if you're looking from
a natural disaster standpoint.
So you're not just saying wow,
this could happen.
We have the FEMA documentation for what
they've declared disasters for by region.
So you actually have something
tangible that's not you going, well,
I think this could happen.
Well, a lot of things could happen.
I could grow hair, but might not.
[LAUGH]
So let's get there.
Yeah, good to have those facts
behind us so I'm not wasting time,
but I'm being productive and effective.
If we don't have a common occurrence
of earthquakes in the area,
I probably don't need to
include that in my BCDR.
Exactly.
And we're gonna talk about why.
Why is an interesting one.
Sometimes it's hard to get people to
focus on those before the disaster.
It always seems to be one of those,
man, I wish we would have.
But this is an important part and
it has to be done before
that bang happens, right?
Absolutely, and why is huge,
because it's hard.
One of the challenges you will have
is getting people to spend money
on something that's gonna
sit there just in case.
It's like when you buy insurance, right,
you pay all this money and
nothing happens.
But when something does happen,
you're really glad you have it.
But it may not happen for
two or three years.
So and the problem with technology,
too, as you'll find,
is that technology has to be updated.
And you have to continue to invest in it
and keep it going, especially as you grow.
And that's one of the things we'll
talk about is how to manage your ITDR
while you scale, so
that you are in parallel paths moving up.
So if your DR capacity is here, and your
regular production capacity is here,
it moves in those parallel paths.
Okay.
Cuz if you don't,
what happens is you wind up here,
and this may not be acceptable.
And getting that buy-in from
the upper levels, as you were saying,
can be challenging when there's
really no immediate need for it.
That's gotta be tough.
Absolutely, and change happens,
so you think about a small company,
they may not have enough
business where it matters.
Or so it's like, hey, if the website goes
down, website goes down, no big deal.
But as you grow,
that could actually impact you.
So that's why we talk about how you have
to constantly evaluate it and test it and
does it map to where you are today?
And I like what you have
on your slide there, too,
about prioritizing the information.
Not everything in the company needs
the same level of protection,
is that what we're saying there?
That's absolutely true.
I mean, from a security standpoint,
you can buy employees LifeLock,
you can't buy them new jobs.
Right, [LAUGH].
So you have to think about, I'm not
saying don't protect employees' data.
But I'm saying that there are things that
are gonna have higher priorities than
others, because what keeps the lights on,
what keeps the revenue coming.
Because at the end of the day,
that's what employees want, right?
That's what we all want.
And that's part of your messaging
campaign is, make it relevant to them.
We're not doing this just because,
we're doing this because we wanna
make sure we all stay employed.
And change happens, right?
The world changes.
So how do we do stuff?
And we've gone to the cloud but what does
the cloud mean from an ITDR standpoint?
Cuz I can tell you having sat
on the back end of the cloud,
it's not all magical gumdrops and
unicorns.
It sounds like it.
Sometimes they make it
out to sound that way.
Sure does.
It's like, take what's in the cloud,
it'll be fine.
We'll talk about that, how it's maybe not
always the case, and what to look for.
And we're gonna go into how.
How yeah, how do we even start,
where do we start?
How do we do all of this?
Absolutely, and it's gonna be great
because we're gonna go in detail how do we
do this, who do you involve, what
are the messages you want to push out?
And you guys get to learn from
my lessons of things that, hey,
if I had to do it over again,
this is how I would have done it.
Or here is what you're gonna experience.
Here are the problems you're gonna have.
You're not alone, you're not special.
I hate to say it, I know everyone's
special and you all get a trophy.
But in this case,
these are common challenges that
any professional has that
you have to work through.
Because it can be exciting for
about a week, and then guess what happens?
The business takes off, you're like, yeah,
yeah, yeah, but we gotta go make money.
So you gotta make it relevant.
All right, Rob,
sounds great, exciting stuff.
As you can see, we've got a plan for
you here in this series coming up with Mr.
Rob Carson and
SemperSec, and covering that business
continuity and disaster recovery.
I hope you guys are ready, stay tuned.
Signing off for ITPro.TV,
I've been your host, Mike Rodrick.
And I'm Rob Carson.
And we'll see you soon.
[MUSIC]
Overview
Planning, creating, maintaining and testing a Business Continuity Disaster Recovery plan can be a daunting task. If you have been assigned this responsibility, you are in the right place. We have Rob Carson from SemperSec in the studios to lend his considerable expertise. With 10+ years in the Information Security industry, Rob is able to provide guidance and real world examples to help you understand how to create and manage BCDR in your organization.
Learning Style
On Demand
Length of course
5h 22m
19 Episodes
Here are the topics we'll cover
- Business Continuity and Disaster Recovery
Learning Options
Options for this course
Train your team
Stay ahead of the curve and future-proof your business with training programs designed for you.
Channel & Reseller
Transform your experience and integrate with our unique evolving library of Audit, Cybersecurity, and Information Technology courses.
Individual learners
Learn at your own pace and get your certification training.