Showing posts with label Continuity of Operations. Show all posts
Showing posts with label Continuity of Operations. Show all posts

February 1, 2013

Biowarfare, A Means To Our End

The Wall Street Journal (1 February 2013) has an interesting book review on "The Soviet Biological Weapons Program."

Although 85 nations, including the Soviet Union, in 1975 signed the "Biological Weapons Convention" (BWC) pledging not to develop, produce, acquire or stockpile bioweapons or toxins for hostile purposes, the Soviet regime was "covertly expanding them."

In the following years, the Soviets "built the most extensive facilities for the weaponization of bacteria and viruses in history" with "tens of thousands of scientists and support personnel and guarded by hundreds of Ministry of Interior troops."

Both civilian and military laboratories were used under the guise of biotechnology, and factories that produce flu vaccines and pesticides for crops could relatively easily be converted to mass-produce deadly bioweapons to use against the West.

Apparently, motivating the Red Army were there own horrible experiences in the early 20th century when disease such as typhus and lice killed millions "mowing down our troops."

"Fighting disease became a priority...and such efforts morphed easily into weapons research."

While the Soviets could not financially keep pace with the U.S. and eventually lost the Cold War, they continued to funnel their military dollars into nuclear and bioweapons, where they could literally get the most bang for the buck!

Often I think that despite the safety we generally feel in this country surrounded on both sides by large expanses of Ocean and the freedoms that protect us within, we are really only a nuclear suitcase or bio epidemic away from great catastrophe and chaos.  

In such an event, would we know who to retaliate against, would we have time, and even if we do, what good does it do us with mass casualties and disruptions?

Make no mistake; being able to retaliate against the perpetrators is critical to bring justice and respite to the nation, to prevent the potential for national annihilation, and to deter other maniacal acts.

However, it is vital as well to protect us from ever getting hit by weapons of mass destruction in the first place and depending on treaties alone cannot be enough.

Rather, excellent intelligence, early warning systems, antimissile defense, stockpiles of antidotes and countermeasures, premier medical facilities, superbly trained first responders, a high state military readiness, and refined continuity plans are all necessary to keep us from a premature and horrible end--and ultimately to preserve the peace. ;-)

(Source Photo: here with attribution to Pere Ubu)

Share/Save/Bookmark

January 28, 2013

Safeguarding Our Electrical Grid

Popular Science (28 January 2013) has an interesting article on "How To Save The Electrical Grid."

Power use has skyrocketed with home appliances, TVs, and computers, causing a significant increase in demand and "pushing electricity through lines that were never intended to handle such high loads."


Our electrical infrastructure is aging with transformers "now more than 40 years old on average and 70% of transmission lines are at least 25 years old" while at the same time over the last three decades average U.S. household power consumption has tripled!


The result is that the U.S. experiences over 100 mass outages a year to our electrical systems from storms, tornados, wildfires and other disasters.


According to the Congressional Research Service, "cost estimates from storm-related outages to the U.S. economy at between $20 billion and $55 billion annually."


For example, in Hurricane Sandy 8 millions homes in 21 states lost power, and in Hurricane Irene, a year earlier, 5.5 million homes lost electricity. 


The solution is to modernize our electrical grid:


- Replace a linear electrical design with a loop design, so a failure can be rerouted. (Isn't this basic network architecture where a line network is doomed by a single point of failure, while a ring or mesh topology can handle interruptions at any given point?)


- Install "fault-current limiters" as shock absorbers so when there is a surge in the grid, we can "absorb excess current and send a regulated amount down the line" rather than causing circuit breakers to open and stop the flow of electrical power altogether. 


- Create backup power generation for critical infrastructure such as hospitals, fire stations, police, and so on, so that critical services are not interrupted by problems on the larger grid. This can be expanded to installing solar and other renewable energy resources on homes, buildings, etc. 


- Replace outdated electrical grid components and install a smart grid and smart meters to "digitally monitor and communicate home power" and automatically adjust power consumption at the location and device level. Smart technology can help manage the load on the grid and shift non-essential use to off-hour use. The estimated cost for modernizing the U.S. grid is $673 billion--but the cost of a single major outages can run into the ten of billions alone. What will it take for this investment to become a national priority? 


I would add an additional solution for safeguarding our electrical grid by beefing up all elements of cyber security from intrusion detection and prevention to grid protection, response, and recovery capabilities. Our electrical system is a tempting target for cyber criminal, terrorists or hostile nation states that would seek to deprive us of our ability to power our economy, defense, and political establishments. 


While energy independence has become feasible by 2020, we need to make sure that we not only have enough energy resources available, but also the means for reliable and secure energy generation and distribution to every American family and business. ;-)


(Source Photo: Andy Blumenthal)

Share/Save/Bookmark

December 27, 2012

Resilience In The Face Of Disaster


This year when ball drops in Time Square next week to usher in the New Year, it will be a little different than in prior years, because rather than blanket cheer, there will be a good amount of consternation as we hit the debt limit of $16.4 trillion as well as the Fiscal Cliff where broad spending cuts and tax increases are to go into effect (whether in full, partial with some sort of deal, or in deferral).

Like the statue pictured here, the strength and resilience of the American people will be tested and we will need to stand tall and strong. 

In this context, it was interesting to read in Wired Magazine (January 2013) a interview with Andrew Zolli, the author of Resilience: Why Things Bounce Back, an exploration of the importance of resilience in the face of adversity. 

Whether in response to natural disaster like Hurricane Sandy or man-made ones like the financial crisis and terrorism, we need to be prepared to adapt to disaster, respond and continue operations, and recover quickly to rebuild and grow. 

According to Zolli, we need shock absorbers for our social systems that can "anticipate events...sense their own state...and can reorganize to maintain their core purpose amid disruption."

Adaptability is important, so that we can continue to operate in an emergency, but also vital is "self-repair" so we can "bounce back."

These concepts for resiliency in emergency management are similar to how Government Computer News (December 2012) describes the desire for building autonomous self-healing computer systems that can defend and recover from attacks. 

The notion is that when our computer systems are under cyber attack, we need to be able to defend them in an automated way to counter the threats in a timely fashion. 

Thus, acccording to GCN, we need IT systems that have situational monitoring for self awareness, real-time identification of an attack, continuous learning to adapt and defend againt changing attack patterns, and self-healing to recover from them. 

Thus, bouncing back from social and cyber disasters really requires similar resilience, and for some challenges, it may be sooner than later that we are tested. ;-)

(Source Photo: Minna Blumenthal)

Share/Save/Bookmark

April 10, 2011

The Twitter Miracle

Twitter is a crazy thing--little blue birdie...tweet, tweet, tweet.
Why do we even do it (tweet)?
Here are the "4 Stages of Getting Twitter" (Credit: Andfaraway):
  • Stage 1--It starts with utmost skepticism and even denigrating the tool (e.g. it's stupid, dumb, a time-waster...)
  • Stage 2--Then it moves to well why don't I just try it and see what all the commotion is all about--maybe I'll like it?
  • Stage 3--As the interaction with others (RT's, @'s and messages) start to flow, you have the ah ha moment--I can communicate with just about anyone, globally!
  • Stage 4--I like this (can anyone say addiction!). I can share, collaborate, influence--way beyond my traditional boundaries. This is amazing--this is almost miraculous.
Here are some other things I like about Twitter:
1) Like a journal, it's a way to capture your thoughts, experiences, feelings, likes/dislikes. (One thing I don't like about Twitter is there is no good way that I know of to archive or print them--I hope they fix this, please).
2) Another thing about Twitter (and Blogger and Wikipedia for that matter)...I imagine sometimes that this is an incredible social time capsule (i.e. knowledge repository) that we are putting together (almost unknowingly) that will carry humankind forward past any future natural or man-made disasters. Years ago, people would bury a few mementos in a treasure chest or something, as a time capsule, and what a find this would be for people years later when they would open it up and learn firsthand what life was like "those days." Now, imagine the treasure trove of the exabytes of information contributed to by hundreds of millions people from around the world. What is also fascinating to me is that people contribute enormous amounts of their time and energy and all for free--hey, this is even less than what Amazon's Mechanical Turks could do this for! :-)
Clearly, people want to express themselves and connect with others--and social media gives ever new meaning to this beyond physical space and time.

Share/Save/Bookmark

September 19, 2010

Doomsday Clock Architecture

There is something fascinating to me about the doomsday clock—where we attempt to predict our own self-destruction and hopefully prevent it

The chart in this post from the Mirror in the U.K. shows the movement of the Doomsday Clock over the last 60 plus years.


Currently in 2010 (not shown in the chart), we stand at 6 minutes to midnight (midnight being a euphemism for the end of the world or Armageddon).


Since 1947, The Bulletin of Atomic Scientists has hypothesized and visualized with the dials on the clock how close they believe mankind is to self-extinction.

The closest we’ve gotten is 2 minutes to midnight in 1953 after the U.S. and Russia test the first nuclear devices.

The furthest we’ve gotten from midnight is 17 minutes in 1991, when the Cold War was over, the Strategic Arms Reduction Treaty (START) was signed, and the U.S. and Russia took their fingers off the hair-trigger alert on their nuclear arsenals pointed at each other.



While some may take the Doomsday Clock as a morbid or pessimistic reminder of our human frailties, missteps, and movement toward potential calamity, I see it as a tool that attempts to keep us—as humankind—from going over the edge.


This is very architecture-like, to me. We look at where we are and (implicitly here) set targets for ourselves to move the hands backward away from Armageddon. The architecture piece that we need to concentrate on is a crystal clear plan to get those hands on the clock way back to where we can feel more secure in our future and that of our children and grandchildren.


Wired Magazine (October 2010) has an article called “Suspend the Deathwatch,” calling for the measurement of “a wider variety of apocalyptic scenarios” and for the addition of a “Doom Queue, with a host of globe-killing catastrophes jockeying for slot number one.” The main idea being that we “do more than predict The End; it would organize our collective anxieties into a plan of action.”


I definitely like the idea of a plan of action—we need that. We need to plan for life, continuity, and a flourishing society that goes beyond the limits of sustainability of our situation today.


We are aware of the world’s growing population (aka the population explosion), the scarcity of vital resources like water, energy, arable land, etc. and the potential for conflict that arises from this. We need to plan for the “what ifs” even when they are uncomfortable. That is part of responsible leadership and a true world architecture. That is a big, but meaningful job indeed.

Share/Save/Bookmark

September 7, 2010

Enterprise Architecture Panel - Snowmaggedon and the End of the (Desktop) World: The Mobile Workforce


[Pictured (Left to Right): Andy Blumenthal, Chief Technology Officer, Bureau of Alcohol, Tobacco, Firearms and Explosives; Ms. Doreen Cox, Chief Enterprise Architect, U.S. Customs and Border Protection; Mr. Rod Turk, Chief Information Security Officer, U.S. Patent and Trademark Office.]

Introduction:

Good afternoon. I'm Andy Blumenthal, the Chief Technology Officer at the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF). It's a great honor for me to be here with you today to talk about telework and how EA is shaping it's adoption.

Just coming out of the blazing hot summer, the blizzard this past February seems like ages ago. Yet this storm brought the federal workforce in D.C. to a halt for 6 days, costing more than $100 million in lost productivity per day. This was offset only by the 1/3 of the federal workforce which was teleworking.

Just in case you don't remember take a look at this:

I still remember Snowmaggedon because that was when we shoveled out the wrong car because the snow was so high we couldn't see which was ours.


More seriously though, telework benefits federal agencies in many ways:

1. Increases productivity
2. Enhances work-life balance and morale
3. Helps the environment by keeping cars off the road
4. Can save the taxpayer money by reducing the agency's footprint


Data from the Telework Research Network indicate that telework could save agencies and participants as much as $11 billion annually (on such things as real estate, electricity, absenteeism, and employee turnover) and that if eligible employees telecommuted just one day every other week, agencies would increase productivity by more than $2.3 billion per year (driven by employee wellness, quality of life, and morale).

According to OPM telework adoption is growing. As of 2008, telework increased 9% over the previous year and now slightly more than 5% of the federal workforce are teleworking.

Telework got a boost when the House and the Senate passed similar bills--in May and July respectively--to expand telework opportunities. The two chambers now must reconcile their versions before a final bill heads to President Obama for approval. The Telework Enhancement Act would make employees presumptively eligible and require that agencies establish telework policies, designate a telework managing officer, and incorporate telework into agency's continuity of operations plans.

Five years ago nobody would've thought that EA would inform the discussion on telework. EA was still primarily a compliance only mechanism and didn't have a real seat at the decision table. Now thanks to the efforts of all of you, it's strategic benefit is recognized, and
EA is playing a vital role in planning and governing strategic IT decisions such as in investing and implementing telework solutions for our agencies.


Our distinguished panelists here today will discuss how EA is informing the discussion of telework from both the policy, systems, and security perspectives.

Share/Save/Bookmark

June 21, 2009

Making More Out of Less

One thing we all really like to hear about is how we can do more with less. This is especially the case when we have valuable assets that are underutilized or potentially even idle. This is “low hanging fruit” for executives to repurpose and achieve efficiencies for the organization.

In this regard, there was a nifty little article in Federal Computer Week, 15 Jun 2009, called “Double-duty COOP” about how we can take continuity of operations (COOP) failover facilities and use them for much more than just backup and business recovery purposes in the case of emergencies. 

“The time-tested approach is to support an active production facility with a back-up failover site dedicated to COOP and activated only during an emergency. Now organizations can vary that theme”—here are some examples:

Load balancing—“distribute everyday workloads between the two sites.”

Reduced downtime—“avoid scheduled outages” for maintenance, upgrades, patches and so forth.

Cost effective systems development—“one facility runs the main production environment while the other acts as the primary development and testing resource.”

Reduced risk data migration—when moving facilities, rather than physically transporting data and risk some sort of data loss, you can instead mirror the data to the COOP facility and upload the data from there once “the new site is 100 percent operational.”

It’s not that any of these ideas are so innovatively earth shattering, but rather it is their sheer simplicity and intuitiveness that I really like.

COOP is almost the perfect example of resources that can be dual purposed, since they are there “just in case.” While the COOP site must ready for the looming contingency, it can also be used prudently for assisting day-to-day operational needs.

As IT leaders, we must always look for improvements in the effectiveness and efficiency of what we do. There is no resting on our laurels. Whether we can do more with less, or more with more, either way we are going to advance the organization and keep driving it to the next level of optimization. 


Share/Save/Bookmark

January 17, 2009

Decentralization, Technology, and Anti-Terror Planning

Given that 9/11 represented an attack on geographically concentrated seats of U.S. financial and government power, is it a good enterprise architecture decision to centralize many or all government headquarters in one single geographic area?

Read about Decentralization, Technology, and Anti-Terror Planning in The Total CIO.


Share/Save/Bookmark

Decentralization, Technology, and Anti-Terror Planning

Even though there hasn’t been a successful terrorist attack against the United States since 9/11, we are all aware that terrorists continue to seek ways to harm us. Of course, we have assets deployed nationally as well as internationally to protect our interests. However, there is always more that can be done. And one thing that immediately comes to my mind is decentralization.

The concept of decentralization is very simple. Rather than concentrating all your vital assets in one place, you spread them out so that if one is destroyed, the others remain functional. The terrorists already do this by operating in dispersed “cells.” Not only that, but we know that very often one “cell” doesn’t know what the other one is doing or even who they are. All this to keep the core organization intact in case one part of it is compromised.

Both the public and private sectors understand this and often strategically decentralize and have backup and recovery plans. However, we still physically concentrate the seat of our federal government in a geographically close space. Given that 9/11 represented an attack on geographically concentrated seats of U.S. financial and government power, is it a good enterprise architecture decision to centralize many or all government headquarters in one single geographic area?

On the one hand the rationale for co-locating federal agencies is clear: The physical proximity promotes information-sharing, collaboration, productivity, a concentrated talent pool, and so on. Further, it is a signal to the world that we are a free and proud nation and will not cower before those who threaten us.

Yet on the other hand, technology has advanced to a point where physical proximity, while a nice-to-have, is no longer an imperative to efficient government. With modern telecommunications and the Internet, far more is possible today than ever before in this area. Furthermore, while we have field offices dispersed throughout the country, perhaps having some headquarters outside DC would bring us closer to the citizens we serve.

On balance, I believe that both centralization and decentralization have their merits, but that we need to more fully balance these. To do this, we should explore the potential of decentralization before automatically reverting to the former.

It seems to me that decentralization carries some urgency given the recent report “World At Risk,” by The Commission on the Prevention of Weapons of Mass Destruction Proliferation and Terrorism—it states that “terrorists are determined to attack us again—with weapons of mass destruction if they can. Osama bin Laden has said that obtaining these weapons is a ‘religious duty’ and is reported to have sought to perpetuate another ‘Hiroshima.’

Moreover, the report goes on to state that the commission “believes that unless the world community acts decisively and with great urgency, it is more likely than not that a weapon of mass destruction will be used in a terrorist attack somewhere in the world by the end of 2013.”

Ominously the report states “we know the threat we face. We know our margin of safety is shrinking, not growing. And we know what we must do to counter the risk.”

Enterprise architecture teaches us to carefully vet and make sound investment decisions. Where should we be investing our federal assets—centrally or decentralized and how much in each category?

Obviously, changing the status quo is not cheap and would be especially difficult in the current global economic realty. But it is still something we should carefully consider.


Share/Save/Bookmark

June 13, 2008

What Goes Around Comes Around and Enterprise Architecture

As an enterprise architect, I have always wondered about the trend of outsourcing our manufacturing jobs out of country-- where as a nation we erode our manufacturing base and ship this capability to China, India, Mexico, and other countries where labor is plentiful and cheap.

Yes, in the short term we are taking advantage of the lower costs of manufacturing in other countries, but long term, I always questioned the viability of this strategy thinking that surely every nation needs to maintain a core of critical manufacturing and service capabilities and infrastructure to guarantee self-sufficiency, protect itself from eventual global disruptions, and ensure the continuity of its existence.

I believe that some day (and maybe relatively soon), we will regret the near-sightedness of our decisions to move production abroad for the sake of the dollar today.

Interestingly enough, I read in the Wall Street Journal today, 13 June 2008, that “stung by soaring transport coasts, factories bring jobs home again.”

“The rising costs of shipping everything from industrial-pump parts to lawn mower batteries to living-room sofas is forcing some manufacturers to bring production back to North America and freeze plans to send even more work oversees.”

I thought to myself—Hallelujah!

No, I am not happy that oil prices are soaring and that inflation is looming everywhere, but I am cautiously relieved that perhaps, we as a nation will wake up in time to secure our economic interests at home and not send our entire manufacturing base and capabilities out of country.

Ironically (da!), the further we move our factories away, the more it costs now to ship the goods back home.

“The movement of factories to low-cost countries further and further away has been a bitter-sweet three-decade long story for the U.S. economy, knocking workers out of good-paying manufacturing jobs even as it drove down the price of goods for consumers. But after exploding over the past 10 years that march has been slowing. The cost of shipping a standard 40-foot container from Asia to the East Coast has already tripled since 2000 and will double again as oil prices head toward $200 a barrel…In the world of triple-digit oil prices, distance costs money.”

The other thought that always kept coming to mind was that as we continue to move manufacturing abroad, the increasing demand for labor would drive the cost of labor up, and eat away at the cost differential making the overseas move a moot point.

Again, I read today in the Journal the story I always felt was bound to be told and to continue to unfold: “The cost of doing business in China in particular has grown steadily as workers there demand higher wages and the government enforces tougher environmental and other controls. China’s currency has also appreciated against the dollar…increasing the cost of products in the U.S.”

One problem with trying to bring the jobs back home…

“Much of the basic infrastructure needed to support many industries—such as suppliers who specialize in producing parts or repairing machines—has dwindled or disappeared.”

What goes around, comes around. The jobs (some) are coming home (although net-net, we’re still losing manufacturing jobs). As a country, we‘ve benefited in the short-term from outsourcing, but in the long-term, I believe we’ll have done ourselves a good deal of harm.

Does this sound unfamiliar?

Think national deficit—big time. Think gargantuan problems with social security, Medicare, health care, and so on.

All too often, we behave with short-sightedness and like infants, the desire for immediate gratification. But as enterprise architects, I believe we need to think long term and often defer gratification for long-term competitiveness, self-sufficiency, and survival.


Share/Save/Bookmark

March 21, 2008

Telework and Enterprise Architecture

Telecommuting, e-commuting, e-work, telework, working at home (WAH), or working from home (WFH) is a work arrangement in which employees enjoy limited flexibility in working location and hours. In other words, the daily commute to a central place of work is replaced by telecommunication links. Many work from home, while others, occasionally also referred to as nomad workers or web commuters, use mobile telecommunications technology to work from coffee shops or myriad other locations. Telework is a broader term, referring to substituting telecommunications for any form of work-related travel, thereby eliminating the distance restrictions of telecommuting. (Wikipedia)

Is telecommuting a good architecture decision or not?

The Wall Street Journal (WSJ), 28 February 2008, reports that “Some Companies Rethink The Telecommuting Trend.”

“A few big promoters of home-based and mobile-office work arrangements, including AT&T, Intel, Hewlett-Packard, and parts of the federal government, have called some home-based workers back to the office.”

Why?

  1. Consolidation of operations—organizations are centralizing operational functions and bringing people back in, believing that telecommuting is unnecessary. For example, “Hewlett-Packard, the company that invented flextime, called a significant number of home-office information-technology workers back to the office in 2006, during a consolidation of its 85 data centers.”
  2. Teamwork—belief that “teamwork improves when people work face-to-face” and through “impromptu dialogues, collaboration, and mentoring.”

Another reason not cited by the WSJ is continued management apprehension about losing control. Management fears that workers are either not working as productively or doing what they want them to do when they are out of sight. It’s a trust issue, and unfortunately, some employees who misuse telework programs ruin it for others who are diligent and honest putting in their hours and doing their work.

Despite these issues with telework, “U.S. corporate employees working full time from home are still rising, gaining 30% since 2005 to 2.44 million in 2007, says Ray Boggs, a research vice president with IDC.”

What are some benefits of telework programs?

  1. Cost savings—including corporate office space, furniture, equipment, and utilities.
  2. Recruiting and retaining employees—providing telework options is a benefit for workers and can aid in recruiting and retention—it can save employees money on transportation and work wardrobe, enable more flexible hours, and can provide accommodation to enable some people who could not get to a regular office setting (due to childcare or eldercare responsibilities, disabilities, or other personal situations) the opportunity to be productive human beings.
  3. Flexible work force—“teleworkers are easy to fire and relocate…because they’re not visible.”
  4. Greener environment—telework saves people from having to commute to work and reduces pollution from their vehicles.
  5. Continuity of operations—having an offsite workforce helps protect an organization continue operating even when disasters (natural, accidental, or malicious) strikes the corporate offices.

Ways for teleworkers to keep working from home: “perform well…increase your visibility…make an effort to collaborate.”

For federal employees, “Section 630(a) of Public Law 105-277 (Flexiplace Work Telecommuting Programs) authorized certain Executive agencies to spend a minimum of $50,000 for fiscal year 1999, and each fiscal year thereafter, to establish and carry out a flexiplace work telecommuting program.” (www.opm.gov)

As an enterprise architect, I firmly believe that we need to plan and implement robust telework programs—that the benefits outweigh the costs. The human capital perspective that I espouse for enterprise architecture demands that we build in programs, such as teleworking, that create a more flexible and diverse workforce and provide cost savings and other positive impacts. Of course, telework programs and teleworkers need to be structured and managed so that goals are understood and met, and collaboration and teamwork is not impeded.


Share/Save/Bookmark

February 8, 2008

Internet Apocalypse and Enterprise Architecture

It is the 21st century and we are a nation dependent on everything internet. We rely on the internet for communications, like email, text messaging, and even voice over IP. We also use the internet for getting news and information, social networking, storing and sharing blogs, videos, music, and photos, accessing various applications, shopping, and conducting financial transactions.

What happens if the internet is attacked or otherwise fails us?

This is the question asked in ComputerWorld, 21 January 2008: “If the internet goes down will you be ready?”

ComputerWorld states: “It’s likely that the internet will soon experience a catastrophic failure, a multiday outage that will cost the U.S. economy billions of dollars. Or maybe it isn’t likely. In any case, companies are not prepared for such a possibility.”

The Business Roundtable says: “The threat is ‘urgent and real.’ There is a 10% to 20% chance of a ‘breakdown of the critical information infrastructure’ in the next 1o years brought on by ‘malicious code, coding error, natural disaster, [or] attacks by terrorists and other adversaries.’”

What will be the effect of a major internet interruption?

An internet meltdown would result in reduced productivity and profits, falling stock prices, erosion of consumer spending, and potentially a liquidity crisis.” It would disrupt our everyday ability to communicate, get and share information, work and conduct transactions. And let’s not forget the effect on the human psyche—there would be chaos.

Why have we not prepared ourselves adequately?

The Business Roundtable says that “business executives often fail to realize how dependent they have become on the public network—for email, collaboration, e-commerce, public-facing and internal Web sites, and information retrieval by employees.”

Where are we most vulnerable?

The Internet Corporation for Assigned Names and Numbers (ICANN) says that “the Internet is pretty robust at the physical layer. There are just too many alternate paths available. But the Internet is not so robust at other layers.” Hence, the risk of operating system failures, penetration by worms, and denial of service attacks.

Is there any reason for optimism?

The CIO of Yuma County, Arizona, reminds us that the Internet “having been based on the Arpanet [from DoD] and designed to keep functioning when pieces are broken, it seems less likely that the entire Internet would stop working.”

What can enterprises do to prepare for the worst?

Of course, all organizations need to fully address security concerns in terms of managerial, operational, and technical controls.

They need the best and brightest security personnel.

Additionally, they need to perform regular risk assessments, vulnerability testing, intrusion detection and prevention, back-up and recovery.

They need to have strict access controls, security awareness training of employees and contractors, and an IT security policy.

Our organizations need a comittment to continuity of operations planning (COOP).

ComputerWorld points out that the financial services sector is out in front in making preparations Here’s some of the architectural preparations that financial companies have undertaken:

  • Dedicated networks—“set up dedicated networks independent of phone companies.”
  • Guaranteed diverse routing—“negotiate more aggressively with communications companies to guarantee diverse routing.”
  • Geographic dispersal—“separate data centers and communications centers more widely geographically.”

In general, enterprises need “diversity and redundancy” of communications.

Most importantly, we need to recognize the risks out there and prepare, prepare, prepare.


Share/Save/Bookmark