Prior to any cyber attack, an organization should already have a solid crisis management plan and set of disaster recovery precautions in place. In addition to this, a risk analysis should be carried out involving a holistic approach and careful investigation of information systems and the overall environment. The purpose of such an analysis is to evaluate all endpoints that could potentially fail in a disaster or cyber-attack. (Pfleeger & Pfleeger, 2007) The analysis should describe the current state of an organization’s security approaches and examine areas of the company’s infrastructure as well as external factors.
In order for an effective crisis management program to work, a solid team must be established with key personnel assigned to various roles supporting it. The crisis management team will lead all activities as well as coordinate with dependent departments such as utilities, infrastructure, and emergency communications management. The crisis management team will ultimately be responsible for coordinating table-top scenarios and tests, coordinate communication with the organization, and plan for disaster recovery circumstances that may require alternative site setup.
(Robinson, Narin, & Elleman, 2014) describe three different scenarios for recovery using virtualized cloud technology, which include pilot light, warm standby, and multi-site. In traditional data centers, cold site, warm site, and hot sites are options for the organizations depending on cost and overall risk determined. All of these considerations should take into account existing business policies and processes as well as the underlying security plan for the organization.