In this Help Net Security video, Chip Gibbons, CISO at Thrive, illustrates the differences between a business continuity plan and a disaster recovery plan.
While these terms are often used interchangeably, there are important differences and it’s critical to have both plans in place to help mitigate the impact on business operations:
A business continuity plan refers to how a business continues to operate when key systems are down or an outage occurs. A business continuity plan is a must-have for every organization and keeps a business running effectively, even when faced with an unexpected disaster or tumultuous times like a global pandemic. The goal of a business continuity plan is to know what processes can be kept in place and which ones must be adapted. A plan allows you to prioritize what’s important – for instance, not being able to access email isn’t as critical as losing customer data that allows you to finalize an order or payment.
A disaster recovery plan refers to how specific platforms, data, and applications are restored following a cyber-attack, disaster, or other failures. In essence, a disaster recovery plan refers to the specific part of the business continuity plan to be followed during and after data loss. It’s most important to get systems back up and running following a data loss event, to minimize downtime and business disruption.