Article
Executive Resource
Insight Hub
Ext. Publication
VideoCell Service Is Down, Is Your Cyber Resilience Plan Up?
Never miss a thing.
Sign up to receive our insights newsletter.
While snow days are rare in Dallas, Texas, the freedom they afford is similar to a cell carrier’s infrastructure outage once the panic subsides. Questions like “How do I get in touch with the world?” and “Is Wi-Fi working as a backup?” slowly turn to thoughts of technology independence.
Around 7 a.m. (CST) on February 22, Downdetector.com, a website that tracks consumer reports about system outages, recorded over 73,000 user reports of AT&T availability issues. While a number of technicians and engineers presumably rallied to find a fix, the normal commute for others was likely disrupted with minor inconveniences such as failures to load map routes and podcasts that wouldn’t stream. When a consumed service doesn’t work, our minds can immediately jump to a suspicion of digital foul play. However, our time might be better spent channeling that same suspicion toward a thoughtful examination of our own resilience capabilities.
Long-standing warnings have been delivered from security industry professionals and federal security professionals at DHS CISA that cybersecurity hygiene is paramount to our national cyber defense. The message continues with the recent comments from FBI Director Christopher Wray. He notes the realistic threat that covertly planted malware could have already been deployed at critical infrastructure across the country waiting to be triggered. While we may want to distance ourselves from the worst-case scenarios, reasonable preparations can be made today to establish and enhance the capabilities necessary to respond to security incidents and ensure resilience of operations. This includes consideration of the full supply chain – Who do we depend on? Who depends on us?
Time to reflect: which questions are you asking?
| Ask Something like This… | Hopefully We’ve Already Answered This… |
|---|---|
| How quickly can we confirm back-up connections are working as intended with our primary and secondary partners? | Where is the list of organizations that can help with this, and how do we get in contact to purchase help? |
| Do we have confirmation that primary or alternate response resources are fully deployed across all functions as planned? | Who has the list of the people we need to get in touch with to fix this issue? |
| Based on our insurance policy, we could gain additional resources through a claim. Do we want to proactively notify our carrier regarding this matter? | Do we have insurance terms that will help resolve these issues and cover most of the cost? |
Ensuring the timely support for resilience capabilities can go a long way in not only providing real peace of mind but also the smoother response efforts that help ensure a ‘bend don’t break’ mentality on tough days. Further, intentionally testing response efforts now (e.g., table-top exercise), contributes to a more confident team (including executives and third parties) should there be a future call to action.
Feel free to browse our resources or reach out (via any working means) if we can help support your conversations on cybersecurity and resilience. Weaver has a free Incident Response Checklist to equip leaders within our executive resource center.
Authored by Trip Hillman and Shelby Mathers.
© 2024