.svg)
Key Point:
You must be prepared to restore your organisation’s essential functions following an adverse incident.
Overview:
This outcome focuses on ensuring that your organisation is well-prepared to recover and maintain the operation of essential functions during and after an incident. Key steps involve identifying critical systems and understanding their interdependencies.
How to Meet the Requirement:
Understand which information, networks, and systems are critical to the operation of your essential functions. Prioritise systems based on their business importance, identify the dependencies between them, and establish the order in which they should be restored. Incorporate threat intelligence sources into your preparations to stay informed about emerging risks and how they might impact your recovery strategies.
Ensure you have robust business continuity and disaster recovery plans that account for potential disruptions and outline clear steps for restoring services.
Evidence to Provide:
Submit evidence such as:
Your evidence should demonstrate a clear understanding of critical systems, dependencies, and your ability to recover from incidents.
Indicators of Good Practice:
Key Point:
Design your organisation’s networks and systems to be resilient to cyber security incidents, minimising single points of failure.
Overview:
This outcome focuses on ensuring that your systems are designed to withstand potential cyber security incidents, including addressing single points of failure, network segregation, and resource limitations.
How to Meet the Requirement:
Identify and document single points of failure that could disrupt your essential functions and develop improvement plans to address them. Implement network segmentation to separate critical systems from enterprise systems, placing critical assets in a highly secure zone. Consider geographical constraints to ensure that critical systems are not all in one location, preventing system-wide failures in case of a localised event.
Evidence to Provide:
Submit documents such as:
Your evidence should show that your network is designed with resilience in mind, reducing the impact of incidents.
Indicators of Good Practice:
Key Point:
Maintain current, accessible, and secure backups of data needed to restore your essential functions.
Overview:
This outcome ensures your organisation maintains effective backup procedures to recover essential services in case of a disruption. It covers backup frequency, security, and testing to ensure data is recoverable when needed.
How to Meet the Requirement:
Establish a backup strategy for important data that considers the frequency of backups, recovery point objective (RPO), and recovery time objective (RTO). Follow best practices like the 3-2-1 rule (3 backups, on 2 devices, 1 offsite) and the offline rule (ensuring one or more backups are offline). Regularly test your backups to confirm they can restore essential functions, and document any issues found during testing along with the plan to address them.
Evidence to Provide:
Provide evidence such as:
Ensure your documentation proves that backups are tested, accessible, and secure to restore essential functions in the event of an incident.
Indicators of Good Practice:
At Periculo, we ensure your networks and systems are not only resilient to cyber threats but also designed for rapid recovery. From planning and designing secure systems to implementing robust backup solutions, we help you prepare for the unexpected. Contact us today to fortify your organisation's resilience!
Contact Periculo for expert cyber security solutions tailored to the digital health industry.
