7050_Week 3 Short Paper
docx
keyboard_arrow_up
School
Strathmore University *
*We aren’t endorsed by this school
Course
7000
Subject
Information Systems
Date
Nov 24, 2024
Type
docx
Pages
6
Uploaded by DukeMinkMaster907
THREAT MITIGATION
1
Threat Mitigation
Student Name
Wilmington University
July 19, 2023
THREAT MITIGATION
2
Threat Mitigation
Introduction
According to Tiernan et al. (2019), the goal and objective of every organization is
increasing revenue and making profits for its shareholders. However, organizations cannot
achieve the goal without mitigating threats. One of the ways of mitigating threats is by creating
data backup planning, disaster recovery planning, and business continuity planning. However,
organizations must ensure these plans have elements that enable them achieve the goal of threat
mitigation and prevention (Tiernan et al., 2019). Additionally, these plans are interdependent, a
factor which makes it possible to have them developed at the same time.
Data Backup Planning
Min et al. (2018) say that, today’s business environment is full of threats to data. Some of
the most threats are device failures, power failures, human error, malware, theft, and natural
disaster. Therefore, organizations, businesses, and individuals should have in place data backup
planning (Min et al., 2018). However, organizations may not achieve that without having in place
a data backup planning with specific elements. One of the most important element is the
determination of critical data. The first thing in having an effective data backup planning is to
have an element where data that needs to be backed up is identified and classified (Min et al.,
2018).
Regular data backups is also an important element. The element of regularly backing up
data is important because it determines the success of the data backup planning. When data is
regularly backed up, it can help in ensuring the data is always updated and readily available
when needed during a disaster (Min et al., 2018). Offsite data storage is also an important
element. Including the offsite data storage element helps in guaranteeing the data can be
THREAT MITIGATION
3
recovered immediately even if the onsite storage is impacted by a disaster. Finally, the element of
regular testing to backups is crucial. Regularly testing the backups guarantees the backup is
effective and is able to restore data when a disaster occurs (Min et al., 2018).
Disaster Recovery Planning
When it comes to the information technology (IT) infrastructure of every organization, a
disaster can happen at any time. Without organizations having in place disaster recovery plan,
data loss can happen, which could be detrimental to the organization (Sahebjamnia et al., 2018).
However, a disaster recovery plan should be thorough and ultimately successful and one of the
elements of such a plan is communication. Communicating effectively is key during a disaster
and having a communication plan easily understood by stakeholders can help maintain
communication (Sahebjamnia et al., 2018).
Another element of a disaster recovery plan is data continuity. The data continuity
element documents the specific needs to enable an organization maintain its continuity across all
its data. The element helps in ensuring that the disaster recovery plan goes according to the plan
as every component in the organization is accounted for (Sahebjamnia et al., 2018). An inventory
for all asset element should also get included. The element helps an organization to effectively
prepare for a disaster. The inventory should identify the technological equipment regularly used
in the organization. Finally, the element of data backup checks should be included. The element
is important to an organization especially when its data backup system is experiencing a
downtime (Sahebjamnia et al., 2018).
Business Continuity Planning
Business continuity planning is a crucial part of every organization. Disruptions and
threats happen and when they do, an organization can easily lose revenue which translates to a
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
THREAT MITIGATION
4
reduction in profitability (Niemimaa et al., 2019). Whether an organization is looking to address
a cybersecurity issue or a natural disaster, it is necessary to have a business continuity planning.
There are several elements for such a business continuity planning, one of which is the business
impact analysis (BIA) element. The BIA element helps an organization to identify time-sensitive
functions and their related resources (Niemimaa et al., 2019).
Recovery is also one of the most important elements of a business continuity planning.
Recovery is the element in which an organization identifies and implements a disaster recovery
strategy. The recovery element should identify the steps needed for recovering an organization’s
critical functions and processes. A third element of a business continuity plan is organization
(Niemimaa et al., 2019). The organization element is where the continuity team is created. The
created team is responsible for the management of the disaster. Lastly, there is the element of
training. The business continuity team has to be trained and tested. The training and testing of the
business continuity team are described in the training element. Additionally, the training element
discusses how the business continuity planning is to be exercised in the event of a disaster
(Niemimaa et al., 2019).
Interdependence of Data Backup Plan, DRP, and BCP
A data backup planning, disaster recovery planning, and business continuity planning are
interdependent. Although the three concepts are different, there are some areas in which they
overlap which means that they are more effective when their development happens
simultaneously (Hamadah, 2019). The three concepts are proactive strategies through which
organizations prepare for unplanned disasters. A data backup planning and a disaster recovery
planning are parts of the larger business continuity planning. This means that all the three
concepts can be used by organizations to prepare for both natural disasters and man-made
THREAT MITIGATION
5
disasters. The data that is backed up in the data backup planning is used for disaster recovery.
The disaster recovery plans are used to enable business continuity (Hamadah, 2019).
Conclusion
Although data backup planning, disaster recovery planning, and business continuity
planning are different, they have elements that make them crucial to an organization’s survival in
the event of a disaster. From the discussion in this paper, the three strategies have specific
elements without which they cannot help organizations overcome disasters in the form of data
loss. Additionally, it is clear that the three are interdependent which increase their importance in
every organization.
THREAT MITIGATION
6
References
Hamadah, S. (2019). Cloud-based disaster recovery and planning models: An overview.
ICIC
Express Lett
,
13
(7), 593-599.
Min, D., Park, D., Ahn, J., Walker, R., Lee, J., Park, S., & Kim, Y. (2018). Amoeba: An
autonomous backup and recovery SSD for ransomware attack defense.
IEEE Computer
Architecture Letters
,
17
(2), 245-248.
Niemimaa, M., Järveläinen, J., Heikkilä, M., & Heikkilä, J. (2019). Business continuity of
business models: Evaluating the resilience of business models for
contingencies.
International Journal of Information Management
,
49
, 208-216.
Sahebjamnia, N., Torabi, S. A., & Mansouri, S. A. (2018). Building organizational resilience in
the face of multiple disruptions.
International Journal of Production Economics
,
197
, 63-
83.
Tiernan, A., Drennan, L., Nalau, J., Onyango, E., Morrissey, L., & Mackey, B. (2019). A review
of themes in disaster resilience literature and international practice since 2012.
Policy
design and practice
,
2
(1), 53-74.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help