The plans typically include ways to defend against those risks, protect critical applications and data and recover from breach or failure in a controlled, measurable way.
There’s also the issue of exponentially increasing data volumes.
The IBM Cyber Resilience Services approach uses advanced technologies and best practices to help assess risks, prioritize and protect business-critical applications and data.
These services can also help business rapidly recover IT during and after a cyber attack.
The plan should cover how to reestablish office productivity and enterprise software so that key business needs can be met.
Manual workarounds should be outlined in the plan, so operations can continue until computer systems can be restored.Applications such as decision support, data warehousing, data mining and customer resource management can require petabyte-size investments in online storage.An IBM Redbooks Business Continuity planning guide points out that the typical yearly growth of new data in an enterprise is in the range of 40% to 70%. Data recovery no longer lends itself to a one-dimensional approach.The 1980s saw the growth of commercial recovery sites offering computer services on a shared basis, but the emphasis was still only on IT recovery.The 1990s brought a sharp increase in corporate globalization and the pervasiveness of data access.At the same time, business continuity planning was becoming more complex because it had to consider application architectures such as distributed applications, distributed processing, distributed data and hybrid computing environments.Organizations today are increasingly aware of their vulnerability to cyber attacks that can cripple a business or permanently destroy its IT systems.Also, digital transformation and hyper-convergence creates unintended gateways to risks, vulnerabilities, attacks and failures.Business continuity plans are having to include a cyber resilience strategy that can help a business withstand disruptive cyber incidents.The complex IT infrastructure of most installations has exceeded the ability of most shops to respond in the way they did just a few years ago.Research studies have shown that without proper planning, businesses that somehow recovered from an immediate disaster event frequently didn’t survive in the medium term. It’s important to have a business continuity plan in place to identify and address resiliency synchronization between business processes, applications and IT infrastructure.