Business Continuity / Disaster Recovery and ... RVs?
I was watching a YouTube video on RV's, a nice Pervost with an upper tag in the millions. Yikes. During the video however, it dawned on me (again), how often we disregard business continuity and disaster recovery in our personal lives. Hearing the presenter explain the sheer amount of redundancy in the RV reminded me of how crucial it is to pay attention to the little things that make everything work. Whether you are at work, at home, or in this case, the RV.
The RV was built with multiple redundant components across different physical mediums, a testament to thoughtful design. For instance, the RV's lighting and A/C systems weren’t just controlled via the iPad (Wi-Fi); they also had a dedicated physical controller. If that failed, you could still rely on the manual switch directly on the A/C or light itself. Three layers of redundancy. Remarkable. Every essential and critical function of the RV was designed with this level of fail-safety in mind. Prevost had prioritized continuity of operations, clearly understanding the needs of their operators.
As cybersecurity professionals, we must adopt a similar mindset. It’s crucial to have a deep, evolving understanding of our critical systems, to plan for disaster response, and to ensure multiple layers of contingency. And, above all, to never overlook the most critical step: regular testing.
Your plan doesn't need to be complicated, it doesn't need to be 100 pages long, it just needs to be tested, and it just needs to work. Simplicity is always King. The simpler your approach to BCDR, the better the outcomes and the more likely your team will test it. Now some organizations with more capacity may opt for a more robust approach and that is perfectly fine as long as it is properly executed and maintained.
For organizations that I have worked with directly, the BCDR plan developed was not overly complicated, our table-top testing was done in real-time with key stakeholders partaking in the exercise. It is critical to include all personnel that have any level of responsibility in your plan. Their perspective is crucial, they see things and issues that may happen that others may not realize even exist.
I strongly recommend real-time diagramming of the Disaster Response workflow. Using a tool like Draw.io or Visio enables staff to clearly visualize the potential impacts and disruptions to their processes, enhancing both understanding and readiness. This visual approach not only clarifies each step but also helps identify critical points where swift response is essential. We gained so much understanding across teams from this simple approach, and on top of it, we had a diagram now that we could add to our arsenal for our future response.
Remember, an untested plan is nothing more than an illusion—promising in theory but unreliable until put in practice. Test it. Understand it. Build upon it.