How would you execute on your disaster recovery and business continuity plan if you had less than 30 percent of employees available and no idea how to locate the rest?Do you know if your emergency generators have enough fuel to last more than 24 hours? On what floor are they located?Is CISD part of your disaster recovery plan? Do you even know what CISD is?If you don’t have solid answers to these kinds of questions, the bad news is that your disaster recovery plan is lacking. And you’re not alone. According to a recent survey, 22 percent of CIOs don’t even have a disaster recovery plan and of those who do, only 31 percent rate that plan as extremely or very effective. The good news, said Paul Saffo, is that in this post-Katrina, pre-flu pandemic environment, there’s a brief window of opportunity for you to do something about it.Saffo moderated this panel made up of eight CIOs from across the country – some affected by the devastation in the Gulf, others whose organizations are helping in the recovery – along with representatives from first responder and government entities. They talked about their recent — often very personal — experiences with natural disasters and offered hard won advice. After the panel, the audience broke up into work groups to brainstorm about ways CIOs can help each other and first responders in dealing with disasters. Following are some snippets from the eye-opening panel and audience discussion.* What most surprised you during or after Katrina hit?“The biggest surprise was just how little sleep the human body needs to function normally.”David Clarke(who joined the panel by phone)Vice President & CTOThe American Red Cross “That the issues identified after 09/11 hadn’t been fixed.”Bob DayChief, Command, Control & Communications Div., Pacific RegionUS Coast Guard “We have disasters all the time in California so there were no big surprises. But the hardest thing was tracking and locating employees.”Andy GeisseCIOSBC Communications, Inc. “We realized we had business continuity plan, but we didn’t have a community continuity plan.”Randy KrotowskiGeneral Manager, Enterprise Architecture ProgramChevron “The biggest surprise for me was [that] people were surprised that so many organizations were not prepared.”Andy PurdyActing Director, National Cyber Security DivisionDepartment of Homeland Security (DHS) “The biggest challenge was how to operate when so many management employees were not there to pull together as response to the crisis. So we had to create a temporary organization to do the recovery work.”Jan RideoutInternal Information Services Vice President & CIONorthrop Grumman Ship Systems Sector “The biggest surprise was the 30-foot storm surge.”Julia Harwell SegarsVice President & CIOAlabama Power “I was surprised it wasn’t followed by pestilence,” Shield said to a round of laughter. “The real challenge was getting data out of the impacted areas.”Brian ShieldExecutive Vice President & CIOThe Weather Channel “We had a good business recovery plan. But 30 of my family members lost their homes due to Katrina. I came to realize how going home and sleeping on air mattress affects your ability to execute on the plan.”Patrick ThompsonSenior Vice President, Administration & CIOThe Shaw Group Inc.Some other issues that arose during discussion included:* Interoperability or Lack ThereofPaul Saffo pointed out that first responders and businesses speak totally different languages and think about things in completely different ways. That can prevent a collaborative response to disasters. Krotowski of Chevron says they do emergency exercises involved local governments and first responders to create a “core of connectedness” before disaster strikes.* Working Without a NetThomson of the Shaw Group was quite candid about working as a contractor to DHS, FEMA and local governments after Katrina hit. “You start realizing how paralyzed you really are in helping people,” he said. “Contracts aren’t in place ahead of time to facilitate the speed of recovery. It’s like you are literally handcuffed and prevented from helping people in need. But you wind up going ahead and saving lives, pumping out millions of gallons of water out of New Orleans, putting 50,000 blue roofs (tarps) on houses.” His biggest piece of advice: “The earlier we can get these relationships in place, the better prepared we will be to take on disasters and terrorist acts in the future.”* The Power of PeopleRideout of Northrop Grumman Ship Systems Sector lost her home in Katrina. Twenty five percent of her company’s employees were displaced. And there was extensive damage to their shipyard in Mississippi, including loss of data center, one-third of the desktops, and most of network and telecom infrastructure in. “We had to immediately start to rebuild that with staff in a state of shock,” Rideout said. “It’s amazing how people rise to occasion. Even though they were grieving, they were working 24 hours a day to make sure things payroll still ran even though their own homes were destroyed.”* Critical Incident Stress DebriefingA quick survey of audience members revealed that only 2 conference attendees had even heard of the acronym CISD. But Day of the U.S. Coast Guard said these psychological services were critical in the first days after the storm when his staff was responding to a situation he described as “their worst nightmare.” “They were encountering dead bodies and they had to leave them there to focus on other people they could help, which was mind boggling to them,” Day said. “ Having counselors available to them when they came in for a warm meal after 22 hours of work – to assist them and talk about things – was critical. If you don’t do that, you’ll have additional casualties among your first responders. It’s a major thing that gets forgotten in disaster recovery plans.* MatchmakingWhen disaster strikes, there are corporations all over the country that could assist the first responders at the federal, state and local level. But figuring out who can provide what resources remains a problem. Purdy of DHS alerted the audience to a new web site they’ve set up called the National Emergency Resource Registry, which will help match up the resources that are needed and the resources that may be available from the private and public sectors.* Lines of CommunicationFinding ways to communicate in the aftermath of Katrina was a particular challenge for the Red Cross. Clarke explained (by phone) that they had to create lots of impromptu communication channels from satellite to land lines to cell phones. Even HAM radios played a big part. “We used anything we could make work,” Clarke said. “We tried everything but smoke signals.”Interoperability of communication, however, continues to be a big issue. Day of the Coast Guard said DHS is trying to figure out a solution but isn’t there yet. He put out a call for the community of CIOs to think about possible solutions.* Anticipating the UnanticipatedNo disaster recovery plan can cover every possible contingency. The best plan, said Rideout of Northrop Grumman, is a flexible one. “There are always going to be things you have to decide on the fly,” she said. “You shouldn’t get a false sense of security from your ‘fantastic’ disaster recover plan, but next time you’ll probably get hit by something totally different.”The Red Cross’s Clarke echoed that sentiment. He said the scenario that keeps him awake at night is the multiple disaster – a natural disaster like a hurricane followed by a major denial-of-service attack. That’s why you must create detailed but flexible plans. “Anticipate the unanticipated,” he warned.–Stephanie Overby Related content brandpost Sponsored by Catchpoint Systems, Inc. Gain full visibility across the Internet Stack with IPM (Internet Performance Monitoring) Today’s IT systems have more points of failure than ever before. Internet Performance Monitoring provides visibility over external networks and services to mitigate outages. By Neal Weinberg Dec 01, 2023 3 mins IT Operations brandpost Sponsored by Zscaler How customers can save money during periods of economic uncertainty Now is the time to overcome the challenges of perimeter-based architectures and reduce costs with zero trust. By Zscaler Dec 01, 2023 4 mins Security feature LexisNexis rises to the generative AI challenge With generative AI, the legal information services giant faces its most formidable disruptor yet. That’s why CTO Jeff Reihl is embracing and enhancing the technology swiftly to keep in front of the competition. By Paula Rooney Dec 01, 2023 6 mins Generative AI Digital Transformation Cloud Computing feature 10 business intelligence certifications and certificates to advance your BI career From BI analysts and BI developers to BI architects and BI directors, business intelligence pros are in high demand. Here are the certifications and certificates that can give your career an edge. By Thor Olavsrud Dec 01, 2023 8 mins Certifications Business Intelligence IT Skills Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe