Where does data security fit into a disaster recovery plan?
Information security has a direct tie-in to incident response. Incident response is basically a number of steps you take to properly respond to data breaches, malware outbreaks and so on. Incident response in turn has a direct tie-in to business continuity (BC) and ultimately disaster recovery. The reality is if your information system is taken down for whatever reason: a flood, malware, hack attack, etc., you still have a business continuity and disaster recovery issue on your hands. You can look at it that way, and that’s a legitimate approach. I always tell my clients to be sure and include these components, especially security incident response, when building out your disaster recovery plans and your technologies, because you never know what’s going to happen. And you never know what steps you’re going to have to take to actually recover your environment. Again, if your systems go down or become unavailable, it still creates a business continuity situation, or a disaster. What tech
