Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
PR.DS-11.3: The organisation shall maintain secure backups of business-critical data in a separate storage location to ensure data availability in case of system failure or data loss. Backup storage shall apply equivalent security controls as the primary environment. |
|
PR.DS-11.3 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p117 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_IMPORTANT_E_p83 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
The goal of this control is to ensure that the organisation can reliably recover its business-critical data in two key scenarios: - Natural disasters or physical damage to the primary site (requiring offsite or cloud-based backups). - Advanced cyberattacks, including ransomware or insider threats, where attackers may attempt to corrupt or delete backups (requiring isolated or tamper-proof backups). This control helps ensure that an organisation can recover its critical data if something goes wrong. It focuses on keeping backups separate and just as secure as the original data, making it especiallyuseful fororganisations that are still building up their cybersecurity capabilities (organisations with less mature security posture). - Backup Strategy to be considered - To meet these objectives, the organisation should implement a diversified and resilient backup approach, such as the 3-2-1 backup rule: - Maintain three copies of business-critical data. - Store these copies on at least two different types of storage media (e.g. local disk and cloud). - Ensure at least one copy is stored offsite or off-premises, in a physically separate location. - To protect against both physical and cyber threats, the organisation should consider the following backup types: - Offsite or Cloud Backups These backups are stored in a geographically separate location and help ensure recoverability in case of natural disasters or physical damage to the primary site. - Immutable Backups These are backups that cannot be altered or deleted for a defined period. They are especially effective against ransomware and insider threats, and can be automated to reduce manual effort. - Offline or Air-Gapped Backups These are backups stored on devices that are completely disconnected from any network, including the internet.This isolation ensures that even ifthe organisation’s network is compromised, the backup remains untouched. - Additional Considerations - GeographicSeparation: Backup locations should be in different physical regions to reduce the risk ofsimul- taneous impact from regional disasters. - Security Parity: All backup locations should implement the same level of security controls as the primary environment (e.g. encryption, access control, monitoring). - RegularTesting: Backup and recovery procedures should be tested regularly to ensure data integrity and operational readiness. |
|
A general note, for any purpose. |
The goal of this control is to ensure that the organisation can reliably recover its business-critical data in two key scenarios: - Natural disasters or physical damage to the primary site (requiring offsite or cloud-based backups). - Advanced cyberattacks, including ransomware or insider threats, where attackers may attempt to corrupt or delete backups (requiring isolated or tamper-proof backups). This control helps ensure that an organisation can recover its critical data if something goes wrong. It focuses on keeping backups separate and just as secure as the original data, making it especiallyuseful fororganisations that are still building up their cybersecurity capabilities (organisations with less mature security posture). - Backup Strategy to be considered - To meet these objectives, the organisation should implement a diversified and resilient backup approach, such as the 3-2-1 backup rule: - Maintain three copies of business-critical data. - Store these copies on at least two different types of storage media (e.g. local disk and cloud). - Ensure at least one copy is stored offsite or off-premises, in a physically separate location. - To protect against both physical and cyber threats, the organisation should consider the following backup types: - Offsite or Cloud Backups These backups are stored in a geographically separate location and help ensure recoverability in case of natural disasters or physical damage to the primary site. - Immutable Backups These are backups that cannot be altered or deleted for a defined period. They are especially effective against ransomware and insider threats, and can be automated to reduce manual effort. - Offline or Air-Gapped Backups These are backups stored on devices that are completely disconnected from any network, including the internet.This isolation ensures that even ifthe organisation’s network is compromised, the backup remains untouched. - Additional Considerations - GeographicSeparation: Backup locations should be in different physical regions to reduce the risk ofsimul- taneous impact from regional disasters. - Security Parity: All backup locations should implement the same level of security controls as the primary environment (e.g. encryption, access control, monitoring). - RegularTesting: Backup and recovery procedures should be tested regularly to ensure data integrity and operational readiness. |
|
A general note, for any purpose. |
The goal of this control is to ensure that the organisation can reliably recover its business-critical data in two key scenarios: • Natural disasters or physical damage to the primary site (requiring offsite or cloud-based backups). • Advanced cyberattacks, including ransomware or insider threats, where attackers may attempt to corrupt or delete backups (requiring isolated or tamper-proof backups). This control helps ensure that an organisation can recover its critical data if something goes wrong. It focuses on keeping backups separate and just as secure as the original data, making it especiallyuseful fororganisations that are still building up their cybersecurity capabilities (organisations with less mature security posture). • Backup Strategy to be considered o To meet these objectives, the organisation should implement a diversified and resilient backup approach, such as the 3-2-1 backup rule: - Maintain three copies of business-critical data. - Store these copies on at least two different types of storage media (e.g. local disk and cloud). - Ensure at least one copy is stored offsite or off-premises, in a physically separate location. • To protect against both physical and cyber threats, the organisation should consider the following backup types: o Offsite or Cloud Backups These backups are stored in a geographically separate location and help ensure recoverability in case of natural disasters or physical damage to the primary site. o Immutable Backups These are backups that cannot be altered or deleted for a defined period. They are especially effective against ransomware and insider threats, and can be automated to reduce manual effort. o Offline or Air-Gapped Backups These are backups stored on devices that are completely disconnected from any network, including the internet.This isolation ensures that even ifthe organisation’s network is compromised, the backup remains untouched. • Additional Considerations o GeographicSeparation: Backup locations should be in different physical regions to reduce the risk ofsimul- taneous impact from regional disasters. o Security Parity: All backup locations should implement the same level of security controls as the primary environment (e.g. encryption, access control, monitoring). o RegularTesting: Backup and recovery procedures should be tested regularly to ensure data integrity and operational readiness. |
|
A general note, for any purpose. |
<div><p>The goal of this control is to ensure that the organisation can reliably recover its business-critical data in two key scenarios:</p><ul><li>Natural disasters or physical damage to the primary site (requiring offsite or cloud-based backups).</li><li>Advanced cyberattacks, including ransomware or insider threats, where attackers may attempt to corrupt or delete backups (requiring isolated or tamper-proof backups). This control helps ensure that an organisation can recover its critical data if something goes wrong. It focuses on keeping backups separate and just as secure as the original data, making it especiallyuseful fororganisations that are still building up their cybersecurity capabilities (organisations with less mature security posture).</li><li>Backup Strategy to be considered<ul><li>To meet these objectives, the organisation should implement a diversified and resilient backup approach, such as the 3-2-1 backup rule:<ul><li>Maintain three copies of business-critical data.</li><li>Store these copies on at least two different types of storage media (e.g. local disk and cloud).</li><li>Ensure at least one copy is stored offsite or off-premises, in a physically separate location.</li></ul></li></ul></li><li>To protect against both physical and cyber threats, the organisation should consider the following backup types:<ul><li>Offsite or Cloud Backups These backups are stored in a geographically separate location and help ensure recoverability in case of natural disasters or physical damage to the primary site.</li><li>Immutable Backups These are backups that cannot be altered or deleted for a defined period. They are especially effective against ransomware and insider threats, and can be automated to reduce manual effort.</li><li>Offline or Air-Gapped Backups These are backups stored on devices that are completely disconnected from any network, including the internet.This isolation ensures that even ifthe organisation’s network is compromised, the backup remains untouched.</li></ul></li><li>Additional Considerations<ul><li>GeographicSeparation: Backup locations should be in different physical regions to reduce the risk ofsimul- taneous impact from regional disasters.</li><li>Security Parity: All backup locations should implement the same level of security controls as the primary environment (e.g. encryption, access control, monitoring).</li><li>RegularTesting: Backup and recovery procedures should be tested regularly to ensure data integrity and operational readiness.</li></ul></li></ul></div> |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
PR.DS-11.3 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Secure offsite backup storage |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
The organisation shall maintain secure backups of business-critical data in a separate storage location to ensure data availability in case of system failure or data loss. Backup storage shall apply equivalent security controls as the primary environment. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
http://cyfun.data.gift/data/CyFun2025_delta_BASIC_to_IMPORTANT |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
The number of triples associated with the subject. |
19 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 21 of 21
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1