xx The State of the BCP and Network Disaster Recovery Industry: Where Are We and Why?
The State of the BCP and Network Disaster
Recovery Industry: Where Are We and Why?
The events of September 11, 2001 resulted in Chief Information Officers
(CIOs) scrambling to implement business continuity and disaster recov-
ery planning. Such business continuity investments appear to have been
only a spike after that dreadful date. Unfortunately, business continuity
has continued to slide downward on the priority scale when CIOs and
senior management are forced to make tough business choices in today’s
instant-on, ever-changing business environment. Gartner analyst Roberta
Witty estimated as late as July 2003 that even after the terrorist attacks on
the United States, less than 25% of large enterprises had comprehensive
business continuity plans [1].
We all know that disasters can result in large monetary losses, legal
ramifications, loss of customer confidence, and, in some extreme cases, the
company’s existence. Organizations therefore need to have plans to recover
their assets, which include people, facilities, business applications, pro-
cesses, and IT systems, so they’ll be able to return to normal business oper-
ations as soon as possible. This requires sensible business continuity and
disaster recovery plans, and sensible management that takes the contin-
gency plans seriously. Disasters requiring these types of plans can be caused
by natural events such as floods, fires, and earthquakes, or by systems-
related causes, such as network problems and power or telecommunica-
tions failures. Human and malicious causes, such as hackers, viruses, ter-
rorism, disaffected employees, and theft, also require planning and
preventative measures.
Historically, BCP has resided in the Information Technology (IT)
department of most organizations. For this reason, most companies have
some disaster recovery alternatives in place for their IT systems. The most
common disaster recovery alternative used is offsite data storage, in which
data is backed up on a regular basis onto a tape or disk and kept at a remote
location. Although several other technology alternatives for IT recovery are
available, such as hot and cold sites, electronic vaulting, shadowing, mirror-
ing, and disk-to-disk remote copy, all of which we will discuss later in this
book, they are not used by as many corporations as you might think. In this
tough economic environment, it is very tempting to cut resources for BCP.
Many enterprises mistakenly view BCP as an insurance policy for which
they will likely never have to place a claim.
However, we all know that disasters can happen at any time and any
place, and it is recommended that CIOs make contingency planning a high
Get Business Continuity and Disaster Recovery for InfoSec Managers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
