1 / 13

Zero Tolerance for Downtime

Zero Tolerance for Downtime. Why InfoSec and Business Continuity Must Forge a Partnership. Pat McGregor WITSA General Assembly Meeting 26 February 2002 Adelaide, Australia. 5 Mins/YR!. Key Ideas.

bruce-bean
Download Presentation

Zero Tolerance for Downtime

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Zero Tolerance for Downtime Why InfoSec and Business Continuity Must Forge a Partnership Pat McGregor WITSA General Assembly Meeting 26 February 2002 Adelaide, Australia

  2. 5 Mins/YR! Key Ideas • In a world of 99.999% reliability, we can no longer rely on “disaster recovery” – business continuity admits no downtime • Threats to our infrastructure are more complex and more destructive than ever • Need a combination strategy: • Prevention • Detection • Response McGregor/InfoSec-BCDR

  3. Security & Business Continuity — Critical Partners • Security deflects and detects • Business Continuity keeps us running if we get hit No matter what the cause, business interruption and/or loss of information assets is a real disaster McGregor/InfoSec-BCDR

  4. It’s a new world – inside and out But we’re more exposed with every new capability McGregor/InfoSec-BCDR

  5. Can We Protect the Biz Without Stopping It Cold? Response Prevention McGregor/InfoSec-BCDR

  6. Can We Recover the Biz Without Grinding to a Halt? McGregor/InfoSec-BCDR

  7. Can We Recover the Biz Without Grinding to a Halt? McGregor/InfoSec-BCDR

  8. Some Key Learningsfrom 9 Sept • Of all the data centers in the WTC, only the NASDAQ had practiced a major disaster drill within the last six months. They were the only ones up within 5 days. • Among the data centers in the WTC, two had only partial backups of their data; of those two, one could not reload any of the tapes. • The telephone lines running beneath the WTC represented a single point of failure for 22 million customers in the Northeast. McGregor/InfoSec-BCDR

  9. More Key Learningsfrom 9 Sept • 80% of the data centers in the WTC and surrounding areas had not updated their DR/BC plans since Dec 1999 • A major insurance co. located next to the WTC lost their data center from flying debris; their paper records of coverage were stored in the same building. They are currently paying death benefits based on claims of dependents, but they cannot verify who has paid premiums and who hasn’t. McGregor/InfoSec-BCDR

  10. Security Strategy People Physical Security Intellectual Assets Integrity of Data The Brand BC Strategy Business Processes “Keep the business running” Recovery standards BC Tools standards Crisis mgmt Minimize outage duration “People” BC & Support Issues How Do We Work Together? McGregor/InfoSec-BCDR

  11. What Can IT Associations Do? • Get your members on the defensive now • Educate senior management on risks of business disruption and cyberwarfare • Help them make InfoSec & BC top priorities • Help them to beef up security technology • Work with other companies, gov’t agencies • SAINT (EU) • IT ISAC (US) McGregor/InfoSec-BCDR

  12. Questions? McGregor/InfoSec-BCDR

  13. Thank you! Pat McGregor pat.mcgregor@intel.com +1 916 356 3558 McGregor/InfoSec-BCDR

More Related