Raygeena Franchesca Ashley K.

Fernandez
BSIT 3B
IAS101: Information, Assurance, and Security 101

Learning Activity 5:
Instructions:
Cite at least five IT related companies in the Philippines and identify each what is their top
cybersecurity concern? Also know the company’s disaster recovery plan and when was it
reviewed and updated?

1. Accenture Philippines – is a global professional services company firm with a large

presence in the Philippines. It offers IT consulting, outsourcing, digital and technical
transformation services to provide benefits to their clients in terms of transforming their
business and improving client’s capabilities and business’ operations better. Accenture’s
top cybersecurity concern is the threat of cyber attacks and data breaches. Due to the
number of information and data stored and processed by organizations, everything is at
risk and it is Accenture’s job to immediately address these problems by implementing
cybersecurity strategies including use of advanced technologies, employee training and
awareness programs, and risk assessments.

Accenture’s disaster recovery plan wasn’t shown in public prior to confidentiality and
company’s privacy. These are considered confidential information. However, it consists
of comprehensive set of policies and procedures which includes data backup, alternative
work locations, and contingency planning. There’s a dedicated team responsible for
managing and reviewing the plan regularly to ensure that it remains effective and up to
date in minimizing the impact of threats among user clients and employees. The exact
date for updating and reviewing is not publicly disclosed.

2. Cisco Systems Philippines – is a global technology company that also located here in
the Philippines which focuses in designing, manufacturing, and selling networking
hardware, software, and services. As the worldwide leader in IT and networking, the
company’s networking products and solutions are created to focus in helping
organizations to connect and collaborate securely and efficiently in their networks. Cisco
Systems largest-made product is the “Secure, Agile Networks” segment offering
products for routing, switching, etc. Cisco System’s top cybersecurity concern is the
threat of cyber attacks on their client’s networks and data. As one of the largest provider
of networking and security solutions, it is their commitment to ensure protection on
user’s data and information against a wide range of cyber threats. Under this security
solutions provided are firewalls, intrusion prevention systems, endpoint security, and
threat intelligence and analytics tools.
 Cisco’s disaster recovery plan depicts the cycle of stages that lead through a disaster
back to state of normalcy. This is based on Cisco Public Information document of Cisco
Systems Inc. Here is the figure of Enterprise Operations Cycle of Disaster Recovery:

Image Source:
https://www.cisco.com/en/US/technologies/collateral/tk869/tk769/white_paper_c11-453495.pdf

This disaster recovery plan also leaves some key elements under Cisco’s operations. Cisco
conducts regular business impact analyses (BIAs) to identify disaster risks/threats, build risk
assessment, prioritize their critical business and systems and evaluation of disaster recovery
mechanisms. The results are used to develop and update their disaster recovery plan. They
also use variety of data backup solutions and conduct regular test to ensure security and
protection among networks. They also have redundant systems and failover mechanisms as
part of their recovery solution to check if their operations are still working perfectly. Designated
alternative work locations and regular training programs for employees are also provided for
better work environment. Prior to its update and review, Cisco Systems is also doing a regular
test and reviews to their disaster recovery plan.

3. Facebook Philippines – is also one of the most popular IT-related companies found
here in the Philippines located at Fort Bonifacio, Taguig. Filipinos are on the list of top
Facebook users nowadays. It is one of the several branches existing around the world.
Facebook is considered as the most popular social media platform consisting of over 2.8
billion monthly active users worldwide. Facebook’s top cybersecurity concern is
protecting its users’ data and privacy. It is very important for Facebook to keep data
secure and prevent unauthorized access or hacking attempts to user’s accounts.
 Facebook is the primary target for cyber-attacks and has faced criticism regarding its
data handling.

Facebook’s disaster recovery plan is designed to ensure that the company can continue
to operate amidst of the disasters. The plan includes protocols for restoring critical
systems, maintaining communication with employees and stakeholders, doing risk
assessments through identifying potential risks and vulnerabilities to Facebook’s
infrastructure, applications, and data, and ensuring the safety of users and employees.
Similar with Accenture Philippines, Facebook Philippines’ disaster recovery plan is
confidential and not available in public. Facebook regularly reviews and updates it
disaster recovery plan to ensure that it remains effective and up to date with the latest
technologies and practices.

4. Google Philippines – is a multinational technology company, who also formally opened

its headquarters here in the Philippines. Similar with Facebook, the Filipino audience has
been a large target market of Google when it comes to providing internet-related
services and products. Google offers wide range of services, including search engines,
advertising technologies, cloud computing, and hardware. Google falls under Big Data.
With its billions of users and massive data storage, Google is at risk of cyber attacks and
threats. That’s why its top cybersecurity concern is protecting user’s data and privacy
and it is Google’s duty to ensure that everything is under control once a disaster
occurred.

Google focuses the production of their disaster recovery plan in backup and recovery.
Google have its 3 discovery patterns instilled for backup and recovery; we have:

A. Cold Pattern: Recovery to Google Cloud

B. Warm Standby: Recovery to Google Cloud

C. Hot HA across on-premises and Google Cloud

Images’ Source:
https://cloud.google.com/architecture/dr-scenarios-for-applications
 Strengthening their disaster recovery plan focusing on backup and recovery, Google
recently introduced Cloud Backup and Disaster Recovery (DR). It consists of
centralized backup management directly from the Google Cloud console, enabled by
users. This new backup and recovery service is designed to work with cloud storage
repositories, databases, and applications. Google also conducts regular drills and
exercises in terms of updates and reviews.

5. IBM Philippines – also known as International Business Machines Corporation, is also

a multinational technology company located in Taguig City, Philippines. As the leading
supplier of Information Technology hardware, software, and services, including cloud
computing, artificial intelligence, and cybersecurity solutions, in the country, IBM’s
success became very evident in the tech industry. IBM’s popularity also has a
disadvantage. Client’s sensitive data and intellectual property under IBM are directly at
risk from cyber threats such as data breaches, ransomware attacks, and insider threats.
As an answer, IBM won’t let these threats be the superior. They created a dedicated
cybersecurity division in response to these cybersecurity risks which are at stake.

IBM’s disaster recovery plan was created with 13 sections (based from: Disaster
recovery plan - IBM Documentation | https://www.ibm.com/docs/en/i/7.1?topic=recovery-
disaster-plan). It contains IBM’s template to use when you also create your own disaster
recovery plan. This was last updated and reviewed on August 31, 2021. The 13
Sections are:

Section 1. Major goals of this plan

Section 2. Personnel
Section 3. Application profile
Section 4. Inventory profile
Section 5. Information services backup procedures
Section 6. Disaster recovery procedures
Section 7. Recovery plan–mobile site
Section 8. Recovery plan–hot site
Section 9. Restoring the entire system
Section 10. Rebuilding process
Section 11. Testing the disaster recovery plan
Section 12. Disaster site rebuilding
Section 13. Record of plan changes
 Under these sections are the set of policies, guidelines, and processes which they
follow and apply before, during, and after a disaster such as cyber attacks or disruptive events
happen.

References:
- https://www.wired.com/2016/11/facebook-disaster-response/
- https://cloud.google.com/architecture/dr-scenarios-for-applications
- https://www.cisco.com/en/US/technologies/collateral/tk869/tk769/white_paper_c11-
453495.pdf
- https://www.ibm.com/docs/en/i/7.1?topic=recovery-disaster-plan
- https://www.accenture.com/ph-en
-