3.4.4 Testing
Tabletop, fail over, simulation, parallel.
Security testing assesses the effectiveness of disaster recovery (DR) plans and technical controls to ensure organizational resilience and site redundancy.
Types of Resilience Testing - Tabletop Exercise: A discussion-based session where stakeholders gather in a conference room to walk through a simulated disaster scenario. This identifies gaps in policies and communication without disrupting live operations. - Simulation: A more hands-on test where participants perform some recovery actions in a non-production environment. This evaluates how teams use tools and respond to specific threats like ransomware or hardware failure. - Parallel Processing: A high-confidence test where the recovery site is brought online and processes actual data alongside the primary site. The main system remains active to ensure there is no service interruption if the recovery system fails the test. - Failover: The process of automatically or manually switching from a primary system to a redundant secondary system during a failure. A full failover test involves shutting down the primary site to verify the secondary site can handle the entire production load.
Reliability and Recovery Metrics - MTBF (Mean Time Between Failures): The average time a repairable component is expected to operate between failures. It measures the reliability of systems that are fixed rather than discarded. - MTTF (Mean Time to Failure): The predicted lifespan of a non-repairable component (e.g., a standard hard drive or light bulb). This represents the point when the device must be replaced. - MTTR (Mean Time to Repair/Recovery): The average time required to troubleshoot, fix, and restore a failed system to full functionality. Low MTTR is critical for high-availability environments.
Strategic Testing Considerations - Data Sovereignty: When testing cloud-based recovery sites, organizations must ensure that secondary locations comply with local laws. For example, data stored in Ireland is subject to EU law, while data in the US is subject to US law. - Key Recovery: Redundancy testing must account for encrypted data access. A Recovery Agent is used to retrieve lost keys or decrypt data when the original owner is unavailable, preventing permanent data loss during a site failure. - Threat Assessment: Effective testing uses Threat Hunting and Vulnerability Scans to identify the most likely failure scenarios, such as external web server attacks versus internal hardware degradation.
Quick recall - Tabletop: Low cost, no downtime, purely discussion. - Parallel: Simultaneous operation; safest way to test live data. - Failover: Full transition to backup; highest risk/accuracy. - MTBF vs. MTTF: Repairable (Fixed) vs. Non-repairable (Replaced). - MTTR: Metric used to measure the "speed of the fix."