As an industry professional, you're eligible to receive a printed copy of the journal.

Fill out your address below.






Please reset your password to access the new DRJ.com
Reset my password
Welcome aboard, !
You're all set. We've send you an email confirmation to
just to confirm you're you.

Welcome to DRJ

Already registered user? Please login here

Existing Users Log In
   

Create new account
(it's completely free). Subscribe

Everyone knows they should be prepared for disasters that could disrupt their business. We implement safeguards for cyberattacks, power outages, equipment failures, and natural disasters — all events that happen frequently enough to warrant our attention and where the threats and impacts are well-understood.

But how do you prepare for a disaster that catches everyone — businesses, governments, even the World Economic Forum (WEF) — completely off guard?

According to the WEF’s Global Risks Report 2020, the risk of infectious disease outbreaks isn’t among the top 10 most likely disasters. It barely made the cut for the top 10 most impactful events. Yet, here we are in the midst of a world-altering global pandemic.

So, how do you equip your business for a potentially devastating event like the COVID-19 pandemic when its likelihood seems remote? How do you balance that need against the need to prepare for more common and frequent disruptions like extreme weather and natural disasters?

It’s tough. Our inherent optimism bias leads us to downplay potential threats – especially if we can’t envision them impacting us directly. After all, how many of us looked at early COVID-19 maps depicting the spread in countries in the Far East and Europe and remained convinced the United States would be spared major impact?

Recency effect leads us to prioritize threats we’ve most recently encountered. We’re much more likely to pay attention to pandemic planning and readiness in the future than we once were.

The simple truth is you should be ready for a broad range of risks which can impact your business. Obviously, there are limits to budgets and resources, and every company has its individual priorities, but if you want to be prepared for the unexpected, you should prioritize three principles.

1. Balance risks and costs

Even if you had an infinite budget, you’d still have to prioritize your applications and systems based on how critical they are to your business. Preparing for the unknown is about striking the right balance.

Start by identifying your priorities and budget. You can base your decisions around events which are most likely to happen and which ones are going to have the greatest impact on your business, but you can’t – especially given what we’ve experienced with COVID-19 – discount the possibility of disasters that come out of the blue.

Weigh the impact each disaster will have on your business and utilize your resources accordingly to reduce risk.

2. Have a plan and test it

What would happen if a disaster strikes and one-third of your workforce couldn’t make it into work? Would you still be able to run your systems? Would you still be able provide the services your customers need? Would you be able to recover?

When a disaster hits, if you haven’t taken the necessary precautions, it’s too late to act effectively. You’ll find yourself in reactive mode, playing catch-up instead of implementing a response.

It starts with a defined business continuity and disaster recovery plan.

Know what your most mission- and business-critical applications are and make sure they’re protected. Map out your application dependencies and determine how your systems impact each other.

Plan for various scenarios to make sure you’ve got all the bases covered. Make sure everyone understands the plan and knows their role once it’s enacted. Then continuously test your plan and make necessary changes as your IT environment progresses and the threat landscape evolves.

The muscle memory you develop in testing will speed your response when a disaster arrives. Ideally you can do this upfront, building the flexibility required to respond quickly if and when you encounter those situations.

3. Diversify your risk

If you’ve heavily invested in developing the skills to successfully execute your BC/DR plan, then perhaps you may have invested in the technology capabilities to handle your DR in-house.

However, as I mentioned before, what happens if a disaster cuts off a considerable number of your workforce? Every plan needs contingencies, and it’s possible you might not have your point people available to carry out the plan.

Diversify your risk. Think about what responsibilities you can hand off to a third party so in the event of an emergency, you’re not scrambling to carry out the plan. By having a diversified set of capabilities in place, instead of putting all your eggs in one basket, your business has a higher chance of survival.

Take a broad point of view

The latest WEF Global Risks Report didn’t even feature infectious disease on the list of most likely risks. But if we’ve learned anything from the COVID-19 pandemic, it’s that all businesses should be prepared, even for disasters that don’t seem likely.

It’s impossible to plan for every single scenario; unexpected events happen. But if you’ve balanced risks, resources, and costs; tested and practiced your plan to the point it becomes second nature; and diversified your risk, you’ll be better able to respond to any disaster and maintain or quickly return to business as usual.

ABOUT THE AUTHOR

Girish Dadge

Girish Dadge has more than 15 years of experience unravelling data backup, restore and recovery challenges, as well as architecting and implementing IT infrastructure and advanced recovery solutions across several industries. He currently serves as director of product management at Sungard Availability Services.

How to See Gray Rhinos
The COVID-19 pandemic was not a “black swan” (catastrophic event that came out of the blue and no one saw...
READ MORE
Cookie cutter vs. custom plans
Cookie cutter plans defined "COOKIE CUTTER" (or "template") plans where all the planner has to do is fill in the...
READ MORE
Cybersecurity: What to Expect in 2021
The year 2020 witnessed a seismic physical, economic and cultural shift among global organizations, as businesses adapt to working during...
READ MORE
The Advancement of Social Media
"Obscurity of the situation is the rule. Seldom will one have exact information of the enemy… However to wait in...
READ MORE