Understanding backup requirements
A great way for your organization to understand its backup requirements is to conduct a business impact analysis (BIA). Conducting a BIA will allow us you assess the potential risks and impacts on the Mathaholics platform of a cybersecurity incident – for example, one that damages data integrity or, potentially, takes the platform completely offline. A deep dive into BIA techniques is beyond the scope of this chapter but a great place to start is the National Institute of Standards and Technology (NIST). The NIST interagency report called Using Business Impact Analysis to Inform Risk Prioritization and Response, available at https://csrc.nist.gov/publications/detail/nistir/8286d/final, explains how a BIA can be used to build an appreciation of the following:
- What functions should go right and why – for example, sustain 99.999% uptime since this is a contractual obligation.
- What might put essential functions in jeopardy. A...