Disaster Recovery in Emergency Management. No, Not That Kind!

Disaster Recovery in Emergency Management. No, Not That Kind!

Brent A. Olson, CEM, Director, Office of Homeland Security and Emergency Management, City of Phoenix

Brent A. Olson, CEM, Director, Office of Homeland Security and Emergency Management, City of Phoenix

Mention the term Disaster Recovery in Emergency Management circles and the first thing that comes to mind is recovery after a disaster like a hurricane, tornado, or earthquake. It makes sense, right? Afterall,that is what Emergency Managers have been trained to thinksince we took our first NIMS steps. We have the FEMA National Disaster Recovery Framework, the Guidance for Pre-Disaster Recovery Planning, and the Recovery mission area, all focused on natural and man-made disasters.

There is another perspective we must consider,butrarelyponder: Information Technology. In that realm, Disaster Recovery means something quite different, the recovery of Information Technology systems after a catastrophic incident. We use the same term, but it is a vastly different kind ofdisaster recovery.

Organizations rely on information systems for just about every part of their operations. The loss of these systems, whether due to a natural disaster, cyber-criminal activity, or simply equipment breakage, couldhave severe consequences.In terms of risk categorization, these events are low frequency, high impact events organizations may be unprepared for. Ask any organization that has been the target of ransomware attacksor catastrophic loss of key facilities and equipment how disruptive and damaging it was to their business operations.

What role does Emergency Management have in preparing for an IT Disaster? Think Continuity of Operations and Continuity of Government, or in the private sector, Business Continuity. An IT disaster directly impacts the ability organization to continue normal operations, but is not well planned for, regarded as an IT specific issue. Think again!

As an Emergency Management Coordinator several years ago in another organization, I asked departments what they would do if they lost all computer resources. The first response was, “IT has a back-up, don’t they?”When I explained there was a plan, but it may take some time to restore all the systems damaged in a serious IT disaster. The response was, “We can’t function.” This was clearly not the answer I was looking for. The system had been so robust and stable, they hadn’t considered it could be disrupted or even disabled.

Continuity planning focuses on continuing essential functions and in our IT based environment, loss of systems must be planned for. The response, “We can’t function,” or “We’re done!” is not a plan for how to continue essential functions, and most likely is not accurate. Emergency Management must help facilitate the discussions and help develop a plan that will accomplish the most important functions, without the needed computer resources.

We rely on computer technology for so many functions within our organizations. Operating without them may be uncomfortable, howeverit could happen. Computer equipment breaks down.It can be hacked.It can be destroyed in natural, technological, and human-caused disasters. We need to help our organization becomeprepared to ensure continuity of our critical functionsfor our constituents and our customers.

Pose the question during continuity planning. Facilitate discussion around strategies for that day when network resources are not available. Encourage practice so departmentscan do what needs to be done. Exercise the plans so a culture of preparedness is developed for this and all hazards that could be on the horizon.After it happens is simply too late.

Weekly Brief

Read Also

The Cure For 'Quiet Quitting'

Glenn Hasteadt, IT Director, County of Onslow

Tennessee's Evolution to Banking on Data

Christin Lotz, Director at Tennessee Office of Evidence and Impact

Launching the 1950 Census Website: Innovation and Collaboration at the National Archives

Pamela Wright, Chief Innovation Officer, U.S. National Archives and Records Administration

Leverage Technology to Elevate Emergency Management Practices

Cassandra Libal, Director of Emergency Management, Milwaukee County

Changing the Model The Role of the CISO in the Next Generation of Cyber Security

Shane M. Barney, Chief, Information Security Division, USCIS

The Product Verse Project Approach To Government Technology Services

Philip Savino, Director, Information Technology Department, Arapahoe County Government