ORSYS le mag 2025 logo

The training and skills medium

Home > Cybersecurity glossary > Disaster Recovery Plan (DRP) 🟩 Tool

Disaster Recovery Plan (DRP) 🟩 Tool

A Disaster recovery plan (DRP) is a strategic document that describes the procedures and actions to be implemented to enable an organisation to resume its critical activities as soon as possible after a major IT security incident (cyber attackequipment failure, natural disaster, etc.).

It aims to minimise downtime (Recovery Time Objective - RTO) and data loss (Recovery Point Objective - RPO), guaranteeing the resilience operational.

Differences with BCP

The Business Continuity Plan (PCA) is broader and includes DRP. BCP focuses on maintaining activities during a crisis, while DRP focuses on recovery after a shutdown.

BCP (Business Continuity Plan) DRP (Disaster Recovery Plan)
Maintains activities for a crisis (e.g. switching to an emergency site) Restore activities after a total shutdown (e.g. restoration of backups)
Proactive approachAnticipating risks to avoid downtime (redundant infrastructure, communication plans) Reactive approach : acts after the incident to restore systems
Cover all aspects (IT, HR, logistics, legal) Mainly targets IT systems and data

 

Google - Noto Color Emoji 15.0 (Animated) How it works

The PRA is based on 6 key steps :

  1. Impact analysis (BIA) Identify vital processes (e.g. payment systems, customer databases).
  2. Risk assessment mapping threats (e.g. ransomwarefire) and their financial/reputational impact.
  3. Recovery strategies :
    • Automated backups (daily/weekly).
    • Redundant infrastructure (cloud, data centres secondary).
    • Agreements with third-party suppliers (e.g. crisis centres).
  4. Drafting the plan details of procedures, timescales (RTO < 4 hours for critical systems) and those responsible.
  5. Regular tests simulations of cyber-attacks or disasters to validate effectiveness.
  6. Maintenance and updates adapting to new technologies (AI, IoT) and threats (deepfakesattacks zero-day).

👉 Examples

  1. Cyber attack :
    • Saint-Gobain (2021) : Victim of ransomware ContiThe company was able to restore its data within 48 hours thanks to a disaster recovery plan that included offline backups.
    • Accenture (2023) : Front page content data leakage via a DRP incorporating AI to detect anomalies in real time.
  2. Natural disasters :
    • Orange (2022) After a fire in a datacentre, the disaster recovery plan made it possible to switch customer services to servers located in Belgium.
  3. Human failure :
    • Facebook (2021) A BGP configuration error led to a 6-hour global outage. The DRP lacked procedures for this rare scenario.

Benefits

  • Reducing losses 24-hour recovery limits losses to 20 % of sales (IBM study).
  • Compliance respect for RGPD (fines of up to 4 % of worldwide turnover) and sectoral standards (e.g. ISO 22301).
  • Customer confidence 78 % of companies with a tested DRP retain their customers after a crisis (PwC study).

Disadvantages

  • Costs A complete DRP costs between €50,000 and €500,000 per year for an SME (source: CESIN).
  • Complexity 40 % of companies fail to restore their data despite a DRP (Veeam study).
  • Obsolescence 60 % of DRPs are not adapted to cloud risks (McKinsey).

Typical structure of a DRP

  1. Objectives RTO, RPO, criticality thresholds.
  2. Inventory of assets Servers and applications, sensitive data.
  3. Trade-in procedures :
    • Priority 1: Payment systems (RTO < 1h).
    • Priority 2: Emails and CRM (RTO < 4h).
  4. Crisis team IT manager, lawyer, communications director.
  5. Communication : Sample messages for customers and the media.
  6. Appendices Emergency contacts, insurance contracts.

Best practice

    1. Involving management the governance must support the DRP to guarantee the necessary resources. 80 % of effective DRPs have an executive committee sponsor (Forrester).
    2. Training staff Employees must be familiar with procedures in the event of a crisis.
    3. Clearly document procedures Precise instructions make it easy to get back to work quickly.
    4. Automate backups: companies that automate their backups reduce their losses by 90 % (Veeam).
    5. Automate backups Companies automating their backups reduce their losses by 90 % (Veeam).
    6. Considering extreme scenarios Plan for hybrid attacks (e.g. cyber attack + power failure).
    7. Review the plan regularly : Technological developments and new risks require frequent updates.

📊Key figures

  • France :
    • 70 % of companies suffered a cyber attack in 2023 (+10 % vs 2022, ANSSI).
    • 25 % of French SMEs close after an attack without a DRP (CPME).
    • Average cost of ransomware: €350,000 (CESIN).
  • World :
    • 54 % of organisations have a DRP, but only 35 % test it annually (Gartner).
    • 94 % of companies using the cloud have reduced their RTO by 50 % (AWS).
Back to Glossary

field of training

Cybersecurity

associated training

Systems and network security, level 1

Hacking and security, level 1

Information systems security, summary

BEST

Towards the ORSYS Cyber Academy: a free space dedicated to cybersecurity