[ISN] Y2K plans aided in recovery, but more planning needed

From: InfoSec News (isnat_private)
Date: Fri Sep 21 2001 - 00:41:32 PDT

  • Next message: InfoSec News: "[ISN] U.S. could use cybertactics to seize bin Laden's assets"

    September 19, 2001
    The $5 billion that Wall Street spent to address the Y2k problem is
    now paying off with last week's terrorist attack on New York's
    financial district, IT managers said. But there have been other
    issues, from communications to personnel management, that in many
    cases were never considered in past disaster planning, experts said.
    Gregor Bailar, CIO at the National Association of Securities Dealers
    Inc., Nasdaq's Washington-based parent company, said he was glad the
    Y2k planning gave his company the chance to rehearse a disaster before
    last week's devastation. .
    Nasdaq's Liberty Plaza offices weren't seriously damaged by the
    collapse of the World Trade Center only hundreds of feet away, but
    power and normal communications were cut off to the building, and
    around 200 Nasdaq employees were relocated to the company's
    headquarters in Connecticut and to an alternate office in New Jersey
    provided by WorldCom Inc.
    "We've got staff that's been here pretty much since the disaster
    occurred," Bailar said yesterday. "And it's been critical to have
    [communications] with senior managers. My pager was smashed in the
    evacuation of the market site...but I had communications with them
    through our crisis [telephone] line."
    It's been an exhausting week for IT managers and workers who have been
    splicing back together or rerouting the spaghetti of data and voice
    wires that were cut or overloaded with traffic after the attacks on
    the World Trade Center, which took out a major Verizon switching
    station that served millions of customers. Cellular phone
    communications were also hampered by the overload of calls last week.
    John McCarthy, former deputy director of the National Y2k Information
    Coordination Center in Washington, said if not for Y2k planning, the
    financial services community wouldn't have been as well prepared for
    last week's attack as it was.
    Y2k brought the concepts of continuity management and risk planning
    out of the "trenches where IT folks were" and into the boardroom. With
    continuity management, companies take a close look at their staff,
    processes, technology and information and what areas would be
    vulnerable in various disaster scenarios.
    The devastation from last Tuesday's terrorist attack created a new
    benchmark in disaster planning and has probably changed the direction
    of disaster planning discussions in the coming weeks and months.
    "If I'd gone into a company and said I want you to pay for a
    contingency plan for two planes crashing into your building...they
    would have told me no thanks," said McCarthy, now a senior manager in
    risk management at McLean, Va.-based KPMG Consulting Inc.
    Some companies found their resources were strained when they simply
    tried to determine how many and which of their employees had been lost
    to the destruction. Managing IT workers who weren't physically harmed
    in the attacks was also a trying task, IT managers said.
    "It's been a tragic, emotional event with the country at war," said
    Bailar. "The pain and exhaustion that comes from that alone was quite
    different, but the coordination and precision involved in what we're
    doing almost distracts you from that. We know what we have to do, and
    we're doing it. I'm very proud of the team and the industry."
    Cynthia Bonnette, assistant director of the Federal Deposit Insurance
    Corp.'s Bank Technology Group, said one lesson she learned from the
    attacks is that the reactions of employees need to be addressed more
    thoroughly in disaster planning.
    Bonnette said one area that's not often taken into consideration is
    the panic factor, which creates "all types of confusion and problems
    with communications."
    "That's where including personnel planning is important. If you can't
    reach key people, or certain phone systems aren't working, what would
    you do?... Also, if certain individuals are not around, who'd be the
    next person to go to?" she said. "A lot of the little details will
    perhaps come out of this experience."
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Fri Sep 21 2001 - 03:31:55 PDT