What the Gulf Oil Spill can teach CIOs about disasters

Max Huang gives three key questions for dealing with remote resources and connectivity in a disaster scenario.

While I'm by no means trying to take attention away from the horrific environmental and economic disaster that the now largest oil spill in U.S. history has caused, I can't help but see some lessons that I and other IT professionals can learn from it.

The massive amount of crude heading to the Gulf Coast is currently being met by an army of ships, clean-up vehicles and tens of thousands of people who are collecting and cleaning hundreds of miles of beaches. A unified command structure that is coordinating efforts of local, state and federal agencies alongside commercial assets is now in place, sifting and transmitting tons of vital information in near real time, to deploy resources where they can be most effective.

Most of this, of course, is occurring away from comfortable offices with stable infrastructure. Data is being transferred to and from remote operations via multiple channels, including landline, wireless and satellite technology. The connectivity issues alone are mind boggling.

Though there are plenty of other take aways from this tragic event, CIOs and CISOs would be remiss if they didn't use this incident to evaluate their current disaster recovery strategy. At the very least, contingency plans must be in place that answer these three basic questions.

How many additional access points will be needed and for how long? IT staffs must calculate these figures depending on how many people are displaced or in various locations at any given time. CIOs should also lean heavily on their service providers to get guarantees as to how soon they can add capacity should it be required. How quickly can those additional access points be made secure? One of the worst things a company can do is to increase its remote connectivity capacity at the expense of its security posture; the prospects for disaster will actually increase despite the opposite intentions. IT staffs must ensure that each new access point comes with the necessary VPN, Email and UTM filters. That will also mean identifying the suppliers to make that happen. How responsible are the backup systems under crisis conditions Test the off-site and off-line server farms to ensure that they can act as the primary network on no notice without any degradation to security or data integrity. It's a prudent idea for CIOs and CSOs do this periodically. With all the attention now being paid by policy makers and operators to ensure that the current Gulf Oil Spill never happens again, IT professionals should also follow suit and ensure that no matter what the crisis, their team is ready to respond to an increase in displaced or remote operations that will place a great deal of stress on its data networks. While the future will always be a bit uncertain, the ability to overcome IT issues should not.

About the author: Max Huang is the founder and President of O2Security, Inc., a wholly-owned subsidiary company of O2Micro. The company is a manufacturer and marketer of high-performance network security appliances and disaster recovery offerings for small- to medium-businesses as well as remote/branch offices, large enterprises and service providers. Max can be reached at max.huang@o2security.com.

Join the CSO newsletter!

Error: Please check your email address.

Tags data backupsecurityaccess control

More about etwork

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Max Huang

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place