Certified: The Security+ Prepcast

In this episode, we are focusing on two vital strategies for business resilience—continuity of operations planning and capacity planning. Together, these practices help ensure that an organization can maintain essential functions and services, even in the face of unexpected disruptions. For the Security Plus exam, understanding how continuity and capacity intersect with cybersecurity and operational risk is key to mastering this part of the domain. More importantly, these topics teach you how to keep organizations running under stress, which is the ultimate test of any cybersecurity strategy.
Let us start with continuity of operations planning. Often shortened to the acronym COOP, continuity of operations planning is the process of preparing an organization to maintain its core functions during and after a disruption. These disruptions could be anything from a power outage, cyberattack, or natural disaster, to a global pandemic. The focus is not just on restoring service after an incident but on ensuring that the most critical operations never go offline in the first place.
A solid continuity of operations plan identifies the essential services an organization must maintain at all costs. These are sometimes referred to as mission-essential functions. For a hospital, this might include maintaining access to electronic health records and emergency communication systems. For a government agency, it might be the ability to distribute critical public information or maintain law enforcement databases. Once these core functions are identified, the plan outlines how they will be preserved, what alternative facilities or tools may be needed, and how responsibilities will be delegated in a crisis.
A well-designed COOP includes redundancy in systems and personnel, clear communication channels, and rapid decision-making authority. It may designate secondary sites, assign emergency roles to staff members, and detail how operations will shift if primary systems fail. It also involves regular testing and tabletop exercises to make sure everyone knows their role before an actual emergency hits.
Let us consider a few real-world examples. During the early months of a global pandemic, many organizations had to implement their continuity of operations plans on the fly. Some organizations had already prepared by equipping employees with laptops and secure remote access systems. When physical offices shut down, these companies were able to pivot quickly to remote work without major interruptions. Others, however, were caught unprepared. They lacked clear communication protocols, had no remote access strategy, and struggled to maintain even basic operations.
Another example comes from the public sector. A regional emergency services department suffered a severe flood that took down its main data center. Thanks to its COOP, the agency had a hot site ready in another city. Within hours, the emergency call center and dispatch systems were back online. This rapid recovery helped save lives during an ongoing crisis. The organization had practiced their COOP procedures regularly and was able to execute them smoothly under pressure.
These stories show why continuity of operations planning is not just about compliance or checklists. It is about building resilience into the DNA of an organization so that it can survive and adapt when the unexpected occurs. As a Security Plus candidate, you should understand how COOP supports system availability, data integrity, and organizational trust. Expect exam questions that describe business disruptions and ask how critical functions can be preserved or restored.
Now let us move on to capacity planning. Capacity planning is the process of making sure that an organization has enough resources—both technical and human—to meet its current and future demands. While continuity of operations planning focuses on staying functional during a crisis, capacity planning focuses on staying responsive and effective during normal fluctuations, unexpected spikes, or long-term growth.
In a cybersecurity context, capacity planning might involve questions like: Do we have enough bandwidth to support a sudden surge in remote users? Are our servers able to handle peak traffic during a product launch? Do we have enough cybersecurity analysts on staff to manage incident response during a major event? Capacity planning forces organizations to think ahead and align resources with business goals and risk tolerance.
There are three primary areas to consider in capacity planning: people, technology, and infrastructure. For people, the organization must assess its staffing levels and skill sets. Do team members have the right training to scale up during high-demand periods? Are there on-call procedures or cross-training programs in place to cover for absences? These questions are especially important for security operations teams, which must remain responsive even during staffing disruptions or turnover.
For technology, capacity planning includes evaluating the performance and scalability of systems. Are servers under constant strain? Are cloud services configured to auto-scale during spikes in demand? Can the current network architecture handle increased data flow from new services or remote offices? These considerations become even more important as organizations move to hybrid environments that combine on-premises systems with cloud infrastructure.
Infrastructure planning focuses on the physical and logistical side of operations. Are there enough backup generators and network failovers in case of power or connectivity issues? Are cooling systems in place to support hardware expansion? If a new office is added or a major event is planned, can the existing infrastructure handle the additional load without causing service degradation?
Let us walk through a scenario. A streaming media company expects a major spike in traffic during a live event. They use predictive analytics and past data to estimate the load and pre-scale their cloud servers to handle the demand. They also ensure their content delivery network can absorb the spike without performance loss. Meanwhile, their security team increases monitoring and staff availability to handle any incidents that might occur. This is a textbook example of capacity planning—forecasting demand and adjusting resources before problems arise.
Another example involves a cybersecurity consultancy that wins a large government contract. As part of capacity planning, the firm evaluates whether it has enough certified staff members to meet the client’s service level agreement. They also check that their systems can securely store and process the additional data. When gaps are found, they begin hiring and upgrading their infrastructure before onboarding the client. In both examples, success depends on preparation and foresight.
On the Security Plus exam, you may encounter questions that describe sudden increases in demand or questions that ask how to prepare systems to remain functional during rapid growth. Be ready to recognize terms like "scalability," "resource forecasting," "load management," and "demand spikes." These usually indicate a question focused on capacity planning. Similarly, when you see phrases like "ensure operations continue," "preserve critical functions," or "designate backup roles," the topic is likely continuity of operations planning.
Here is a tip to help you on the exam: If the scenario involves long-term preparation for growing needs or managing normal workload spikes, the right answer is likely related to capacity planning. If the question is about emergency readiness and sustaining critical functions during disruption, continuity of operations planning is probably the focus. Look carefully at whether the issue is about scaling or surviving—the distinction will guide you to the correct concept.