« Security Processes | Main | Database Encryption and Threat Models »

Disaster Recovery/Business Continuity

Why isn't disaster recovery and business continuity included in the dozen security processes?

Disaster recovery and business continuity (DR/BC) is generally included in the theoretical information security agenda. It is a core domain in the CISSP body of knowledge. For many organizations, though, DR/BC is actually handled outside of the information security department. Typically, the information security team is focused on controlling risk due to malicious adversaries: worms, hackers, etc., and the skill set of a typical information security team reflects this focus.

IT business continuity teams have a different set of skills. They are first and foremost focused on getting the necessary IT infrastructure up and running as quickly as possible after a disaster. Information security has a role to play here, without a doubt, but it is often not a role in the driver's seat. Because of this, I don't include it in the twelve security processes.

Plus, have thirteen security processes seems to be just asking for trouble.

Kevin Kenan on February 18, 2008 in Building a Security Program |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d83420496153ef00e5503a10e98833

Listed below are links to weblogs that reference Disaster Recovery/Business Continuity:

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Endundstailladddf

The scope of pharmacy
tramadol hydrochloride practice contains far more regular roles such as compounding and dispensing drugs, and it also includes much more modern providers associated to wellness treatment, including clinical providers, reviewing drugs for safety and efficacy, Buy Soma facts. Pharmacists, for that reason, are the specialists on drug therapy and are the key well being experts who optimize medication use to give individuals with optimistic well-being outcomes.

Posted by: Endundstailladddf | February 01, 2012 at 12:09 AM

Verify your Comment

Previewing your Comment

Posted by:  | 

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

About

  • A blog by Kevin Kenan about technology, security, and the ancient craft of programming.

    You might also be interested in checking out TeXTARIUM, where I chat about fiction, music, and the pursuit of the perfect shot of espresso.

My Book

  • Cryptography in the Database: The Last Line of Defense

    My book on using cryptography to protect information stored in a database. Published by Addison-Wesley and Symantec Press. Read more at the book's site. The source code is available for download.

Categories

Dedication

  • My grandfather had a wonderful shop in his basement. To me, it was a place of mystery and fascination, and I would spend hours wandering through it, looking at all the tools and projects in various states of completion. Not being much of a wood worker, I've never had the need for such a shop (not to mention that I lack a basement), but recently it occurs to me that my gear, computers, and software are my shop. This site is for my late grandfather and everyone else who takes personal pride in carefully executed work.
Subscribe to this blog's feed