How low are you willing to CybeRTO and CybeRPO? Part 2 of 3
Intrigued by the notion of learning more about new industry terms? In the first part of this series, we discussed CybeRTO (Sigh Ber To) and CybeRPO(Sigh Ber Po) and the general meanings of both. In the second part of the series, we will take a deeper look at the two different ways to address the particular aspects of CybeRTO.
A couple of ways to address the security definition of CybeRTO is with a SIEM(Security Incident and Event Management) or SOC(Security Operation Center). In both cases, there is a piece of software, aggregation of logs from the critical pieces of infrastructure, and a human that must evaluate the alert and take the appropriate action to mitigate the risk that has been identified. The time in which the human or automated processes take to remediate the risk is the CybeRTO.
The other way CybeRTO can be defined is the amount of time that is required to restore services after a cyber security event. Do you have a Remote Machine Managemen(RMM) software for automated patching that could patch all the infrastructure impacted by a vulnerability? If so this could greatly reduce your CybeRTO. Do you have a Disaster Recovery site that has replica copies of all your servers? How quickly can you spin them up if you were to get hit by ransomware that impacted all the servers?
Thrive has solutions to address your particular business requirements as every situation is unique and our engineers can help to architect the correct solution for your business. Make sure to keep an eye on our blog for part three