Current headlines from Ukraine have many companies concerned about the safety of employees or contractors residing there. Events like this highlight the importance of developing contingency plans based on events in the world that can impact businesses.\n\nBusiness continuity is an essential part of the planning process for CIOs and CTOs. Black swan events can impact businesses in significant ways. Some of these events cannot be anticipated \u2013 but some can be planned for, even expected, beforehand. Business continuity is about assessing the threat landscape and having plans in place. This helps address foreseeable threats and builds operational resiliency against threats.\n\nThe threat landscape\n\nA best practice for leadership teams is to constantly think about the threat landscape, identify potential problems, and prepare for them. Not doing so can result in significant financial impact on companies.\n\nA non-exhaustive set of events that may need to be planned for are:\n\nSome of these threats require implementation and execution up front. Others require a plan in place to ensure the team knows what the key objectives are and actions to be taken in the face of a threat. CIOs and CTOs need to constantly monitor the threat landscape and update them as necessary. Inspections like SOC-2 certifications are good forcing functions that allow an external inspection of some of the threat surfaces.\n\nPlanning for geopolitical threats\n\nAt my company, Inflection,planning for possible business disruptions related to Ukraine started a year and a half ahead of the actual conflict. We formulated a set of principles and built out a plan based on those principles. In this case, the key principles we used were:\n\nThese proactive steps allowed us to prioritize employee safety while ensuring business continuity. In addition to these principles, there was a detailed plan to ensure how we would cover for employees unavailable for extended periods of time.\n\nContinuity planning in practice: a deep dive on software availability planning\n\nAn example of proactive planning is related to natural disasters. What is your organization\u2019s plan if a disaster (e.g., an earthquake) were to strike the region in which your data center is located and cause a network partition? The example below will work through the thinking assuming you are using a public cloud vendor.\n\nA starting point for planning availability is the promise you make to customers regarding uptime. The standard SaaS uptime benchmark is 99.95% availability, which corresponds to 4h 22m 58s of allowed unavailability annually. In planning this out, you need to think about:\n\nThere are different cost-complexity tradeoffs for these questions. Smaller companies may choose to avoid greater complexity, whereas that might not be an option for larger enterprises.\n\nThe goal of planning is to have a clear posture for each of these questions.\n\nShould you support high availability via multiple availability zones? For most organizations, this is a simple decision: Supporting multiple availability zones in AWS is not complex and can be done with relatively little expense and complexity.\n\nWhat should you do if there is a regional outage \u2013 a disaster recovery (DR) situation? Doing cross-regional synchronization is complex and expensive. Fewer organizations choose to do this. Instead, you could choose to back up your data to another region, and have your RTO\/RPO reflect the fact that your tradeoff is longer recovery for a simpler architecture.\n\nWhat if there is a complete outage for a cloud vendor? Doing cross-vendor deployments is extremely complex and expensive. In most cases, a backup of your data to a different cloud provider is sufficient. But if you are operating a large enterprise, you will probably want to be in multiple cloud vendors both for cost and scale reasons.\n\nTaking all of this into account, a plan needs to be formulated and agreed upon by company executives. Communication plans need to be put in place when an event does occur (e.g., how will we inform customers?), and most importantly, the plans need to be tested. These plans will be meaningless unless they are practiced regularly.\n\nAt Inflection, we chose to make the following decisions:\n\nPlanning for directed threats\n\nThreats like ransomware have increased significantly in the past few years. These threats need to be met head on. At Inflection, we do so by:\n\nPre-mortems\n\nA useful exercise for leaders to consider is a \u201cpre-mortem.\u201d In thinking about business continuity, it is best to be proactive rather than reactive.\n\nA pre-mortem is the opposite of a post-mortem (more details in my writeup on Root Cause Analysis). While a post-mortem allows us to analyze what went wrong - after it has already happened - a pre-mortem asks, \u201cWhat could go wrong? How could we prevent that from happening?\u201d Pre-mortems allow deeper planning of business continuity and a \u201cdon't make me think\u201d approach to reacting to actual incidents because they were already planned for.\n\nConclusion\n\nPlanning business continuity is a requirement for executives. Companies who wait until disaster strikes will not be able to react quickly. Your executive team must agree on the principles and cost\/complexity tradeoffs.