MIL1 requirements
a. Continuity plans are developed to sustain and restore operation of the function if a cybersecurity event or incident occurs, at least in an ad hoc manner
b. Data backups are available and tested, at least in an ad hoc manner
c. IT and OT assets requiring spares are identified, at least in an ad hoc manner
MIL2 requirements
d. Continuity plans address potential impacts from cybersecurity incidents
e. The assets and activities necessary to sustain minimum operations of the function are identified and documented in continuity plans
f. Continuity plans address IT, OT, and information assets that are important to the delivery of the function, including the availability of backup data and replacement, redundant, and spare IT and OT assets
g. Recovery time objectives (RTOs) and recovery point objectives (RPOs) for assets that are important to the delivery of the function are incorporated into continuity plans
h. Cybersecurity incident criteria that trigger the execution of continuity plans are established and communicated to incident response and continuity management personnel
i. Continuity plans are tested through evaluations and exercises periodically and according to defined triggers, such as system changes and external events
j. Cybersecurity controls protecting backup data are equivalent to or more rigorous than controls protecting source data
k. Data backups are logically or physically separated from source data
l. Spares for selected IT and OT assets are available
MIL3 requirements
m. Continuity plans are aligned with identified risks and the organization’s threat profile (THREAT-2e) to ensure coverage of identified risk categories and threats
n. Continuity plan exercises address higher priority risks
o. The results of continuity plan testing or activation are compared to recovery objectives, and plans are improved accordingly
p. Continuity plans are periodically reviewed and updated
In connection with the data systems listing, we describe for which systems we are responsible for the implementation of the backup. The organization’s own backup processes are documented and an owner is assigned to each. The documentation includes e.g.:
The media used for backups and the restoration of backups are tested regularly to ensure that they can be relied on in an emergency.
Accurate and complete instructions are maintained for restoring backups. The policy is used to monitor the operation of backups and to prepare for backup failures.
Sometimes an unexpected event, such as a fire, flood, or equipment failure, can cause downtime. In order to be able to continue operations as quickly and smoothly as possible, continuity planning is carried out, i.e. planning the operations in advance for these exceptional situations.
Each continuity plan shall contain at least the following information:
For example, when the fault tolerance of a telecommunication network is critical, it can be further improved by procuring basic network services through several routes and through several service providers.
In Cyberday, all frameworks’ requirements are mapped into universal tasks, so you achieve multi-framework compliance effortlessly.
.png)
Elevate Your Knowledge with Exclusive Access to Weekly Webinars, Video Courses, Help Articles, and Blogs.
