Ask your local cybersecurity junkie about the likelihood of an attack on your company and 90% of the time they will tell you, “The question is not if, but when.” However, ask them what you should do in response to a critical disruption and their answer will likely be a much more uncertain: “Well, that depends.”
What to do when IT literally goes down the drain was the topic of a panel discussion at the Digital Government Summit in Los Angeles on August 13. Representatives from the public and private sectors spoke about their individual experiences and the pitfalls to avoid.
Among the challenges that come with any technological disruption is figuring out exactly what went wrong, explains Devon Winthrop, chief architect at AT&T, adding that it generally boils down to one of four main areas: cyberattacks, natural and man-made disasters, and new technologies.
“COVID caused enormous disruptions in your network, changing the way you work and your daily life. The impact is still felt today,” he said as an example.
Lillian Russell, privacy officer for the Los Angeles County Chief Executive Office, added that human staff can also cause unexpected disruptions, noting that the introduction of new tools such as electronic signatures and Microsoft Teams initially caused resentment among some employees.
“We have seen in the public sector that services are disrupted, so social services, because business processes have to adapt to technology. And then there have been emergencies where staff did not know how to do their work differently…” she said.
While this type of disorder probably doesn’t make headlines, it still needs to be addressed through education, training and operationalization, Russell noted.
Dean Gialamas, former general manager of the Los Angeles County Internal Services Department, said that in addition to training employees to use the new technology, it is also challenging to engage the range of other stakeholders that must be considered when responding to a crisis.
Russell agreed, pointing out that this long list of stakeholders ranges from elected officials and the media to internal technical teams – all with different information needs and clearances.
“I think that people who have a technology-focused role sometimes pay a lot of attention to the technology emergency and not so much to these other actors because they’re dealing with a problem that’s in front of them, with the machine in front of them, with the system in front of them,” she said. “They’re not thinking about, ‘OK, further down the river, who else is going to be affected?’ or ‘What do I need to tell them?'”
Winthrop noted that for AT&T, proactive coordination and planning are critical not only to ensure continuity of overall service, but also to protect the right systems in the right order. Operations like emergency services and public safety response centers (PSAPs) are a priority for obvious reasons.
In addition, this coordination helps ensure that the company does not pull away technicians who could be personally affected by natural disasters such as wildfires, keeping them away from their homes and families, Winthrop said.
All three participants agreed that coordinating with supplier partners before an emergency occurs is an ideal approach for any organization, but the second best solution is to involve them early in the response effort.
“The reality is that anyone who has a network has to expect that their network will fail at some point. And who are those parties? What numbers do I immediately pick up and call? You know, where’s my red phone?” Winthrop said.
Russell encouraged attendees to contact their company’s cyber insurance provider, which often has a list of pre-approved providers and resources, as well as the legal department.
“On the technology side, we need to make sure that not only is there a business continuity plan, but that we actually test it and validate it, and that we test different components of it from year to year,” Gialamas said, adding that ensuring redundant, protected and accessible systems is a key element of any successful response effort.
