DRBC Consulting Services

Traditional DRBC plans include two phases:

• Disaster Recovery (DR) defines how an organization's IT department will recover from a natural or manufactured disaster. The processes within this phase have included server and network restoration, copying backup data, and provisioning backup systems.
• Business Continuity (BC) focuses on the business operations side of DRBC. It has involved designing and creating policies and procedures that ensure essential business functions and processes are available during and after a disaster. BC has included staff replacement, service availability issues, business impact analysis, and change management.

DRBC plans based on the National Institute of Standards and Technology (NIST) from 2010 included strategies to deal with the business impact of up to 72 hours of system/network downtime, which was a reasonable assumption at the time.

Today's DRBC plans must consider a more significant business impact.

Ransomware attacks have extended potential downtime beyond 72 hours, up to 30 days or more. Healthcare organizations must therefore re-evaluate their DRBC plans to consider extended downtime.

The possible scenarios are dramatic and require critical business strategies that go beyond technology and systems. For example, extended downtime can impact patient safety, not just information technology.

Does your organization have an updated DRBC plan based on extended downtime?

If not, you should consider hiring subject matter experts. Our team understands how to help. We start by assessing the current state of your plan and work with your team to update it. And we provide ongoing recommendations for change management.

While there are no guarantees for preventing an attack, ComplyAssistant can help you reduce risk and be prepared to respond. Therefore, we highly recommend that if you haven't already taken steps, the time to begin is now, before the attack.