Introducing Preparis IT Disaster Recovery Planning
Read more
Improve Your Incident Response with Mitratech IT Disaster Recovery Incident Manager
Incident response is one of the most complicated practices in modern cybersecurity. There’s a lot of communication across stakeholders, managing the work of response teams, and tracking blockers through regular standups and check-ins. The extensive coordination required often distracts incident responders from the important work of achieving recovery time objectives (RTO) to get the business functioning again.
No matter how well-designed the plan, there is often limited insight into the on-the-ground work of recovering from a cyber incident. At Mitratech, we’ve built systems that enable teams to centrally store their IT disaster recovery plans and assign specific roles and responsibilities to the appropriate team members. These runbooks provide the visibility necessary to identify which users are responsible for recovery duties and when they are assigned. However, teams still find themselves relying on emails and meetings for communication during active incidents or exercises.
No longer. Today, we’re proud to announce the Mitratech IT Disaster Recovery Incident Manager. This new product, part of the Mitratech BC/DR Platform, empowers IR teams to assign roles for cyber events, automatically communicate with downstream dependencies, and maintain clear and auditable records for senior leaders or external auditors.
Visibility into Incident Response Progress
The new incident management functionality within the Mitratech IT Disaster Recovery solution provides crisis managers with intelligence on recovery task progress from a central dashboard. Having a “command center” for incident management ensures that crisis managers can see how many recovery activities have been completed, how many are in progress, and where any blocks may occur (Figure 1).
Figure 1: The incident management dashboard
At-a-glance process visibility enables incident managers to report more effectively on recovery time objectives and any obstacles the response team faces. One of the major challenges in managing incident response is obtaining reliable, immediate intelligence on the situation. This update to the Mitratech BC/DR platform ensures that crisis managers have the insight they need at the moment they need it.
Communicate Roadblocks with Downstream Dependencies
Effective communication during a cyber incident can make the difference between achieving recovery time objectives or falling short. Response teams often struggle with communicating issues promptly, relying on check-in calls and emails when team members should be focused on their recovery tasks.
With the Incident Management module of the Mitratech IT Disaster Recovery solution, crisis team members can eliminate the need to write update emails or attend sync meetings. Notes related to each technology are automatically shared based on recovery tasks, keeping recovery team members on downstream technologies informed about any blockers interfering with recovery goals.
Figure 2: Communicating with downstream dependencies
This asynchronous method of updating ensures that incident responders know what’s happening upstream of their recovery tasks and can reprioritize as needed. Crisis managers with a centralized dashboard can also see the blockers at each recovery point, empowering them with unparalleled insight into disaster recovery progress.
Crisis team members can also see which technologies need to be recovered upstream of their individual assignment (Figure 3), ensuring they can track any blockers on their recovery tasks. They also know who depends on their work to complete additional downstream tasks.
Figure 3: Individual technology dashboard
Crisis team members can also see the recovery checklist on their technology assignment page, which is helpful for new and experienced team members alike. Everyone can then work on the same process at the same time and update their colleagues on progress.
Integrate Incident Response with Continuity Plans
With the new release of the Mitratech IT Disaster Recovery Incident Management module, organizations can integrate their incident management plans directly with their IT disaster recovery and business continuity plan workflow. This functionality enables teams to host incident response runbooks in the same platform as the IT disaster recovery plan and gives them direct visibility into who is responsible for what without switching to a different tool.
Figure 4: Assigning incident response tasks in planning
Linking incident management with the continuity and disaster recovery plans creates a cohesive workflow for crisis teams. With this capability, teams now have complete visibility into which steps of the recovery checklist (Figure 5) have been completed and the status of unfinished tasks.
Figure 5: The recovery checklist
The unified workflow also includes reporting functionality that allows crisis managers to export data on incidents or exercises for auditor review. The ability to report on incident response exercises efficiently ensures that companies can demonstrate compliance with relevant resilience guidelines.
Exercises Drive Preparedness and Continuous Improvements
Mitratech IT Disaster Recovery enables you to build a roadmap of exercises for different technologies and business functions. You can leverage a library of ready-to-use exercise scenarios ranging from cyber security incidents to physical disasters or customize your own exercise scenarios based on your highest technology and operational risks.
Teams can safely activate and fully exercise their plans with exercise mode in Incident Manager, enabling them to simulate crisis communications, activate and execute continuity plans and runbooks to recover technologies within the scope of each exercise, track their progress, measure their ability to meet recovery time objectives (RTOs) and conduct retrospectives to identify and implement enhancements or bridge gaps where needed. Data on each exercise is stored and auditable for regulatory compliance.
Conducting exercises in the exercise mode of Mitratech IT/DR Incident Manager helps teams build the muscle memory required to improve their preparedness for real life incidents.
Exercising and testing Disaster Recovery and Continuity plans is a requirement to comply with several regulations and industry standards, including FFIEC and the European Union’s Digital Operational Resilience Act (DORA). Mitratech’s incident manager helps teams easily produce an audit report for each exercise and incident to save time preparing for the next audit.
The Power of Comprehensive Incident & Exercise Management
With the Mitratech IT Disaster Recovery Incident Management module, organizations now have a centralized place to manage active cyber incidents and run coordinated exercises in-house. Teams that have used Preparis Planner and Preparis IT Disaster Recovery to create the plans and runbooks can now self-manage the work that needs to be done for active incidents.
Crisis managers can report on activities for auditors, ensure communication flows readily for active incidents and exercises, and monitor progress from a central dashboard. With Mitratech Preparis IT Disaster Recovery Incident Management, teams can be confident in managing incidents and meeting their recovery time objective.
Sign up for a demo today to learn more about the Mitratech IT Disaster Recovery Incident Management module.
