Definition
Disaster recovery is the set of policies, procedures, and tools a business puts in place to restore its critical systems and data after a major disruption. That disruption could be a cyberattack, a hardware failure, a natural disaster, or a catastrophic human error. A disaster recovery plan defines what needs to be recovered, in what order, how quickly, and who is responsible for each step. It typically includes off-site backups, failover systems, communication protocols, and regular testing to ensure the plan actually works when needed.
Why It Matters
Every business depends on digital systems to some degree, and any extended outage carries real costs — lost revenue, damaged reputation, regulatory penalties, and in extreme cases, business closure. A disaster recovery plan is not about preventing disasters (that falls under general IT security) but about minimising the damage when one occurs. The two key metrics are recovery time objective (how quickly you need to be back online) and recovery point objective (how much data you can afford to lose). Without a plan, recovery is chaotic, slow, and often incomplete. With one, it is a structured process with a known timeline and outcome. The businesses most likely to survive a serious incident are those that planned and practised for it.
Example
A logistics company’s primary data centre experiences a catastrophic power failure that destroys several servers. Their disaster recovery plan kicks in: critical applications fail over to a secondary cloud environment within 30 minutes, and the most recent database backup (taken two hours earlier) is restored. Customers experience a brief service interruption, but operations resume the same day. Without the plan, the company estimates it would have taken two weeks to rebuild and would have lost significant client contracts in the interim.