Disaster preparedness: Time is always running out

Just in case you've forgotten why you should be worried, here is a list of reminders and a plea for IT groups to get their act together.

Peter Glaskowsky
Peter N. Glaskowsky is a computer architect in Silicon Valley and a technology analyst for the Envisioneering Group. He has designed chip- and board-level products in the defense and computer industries, managed design teams, and served as editor in chief of the industry newsletter "Microprocessor Report." He is a member of the CNET Blog Network and is not an employee of CNET. Disclosure.
Peter Glaskowsky
4 min read

In the late 1970s, while attending the University of Miami in Florida, I became involved in the survivalist movement. I had been a Boy Scout--"Be Prepared," you know--so the survivalist attitude of "prepare for the worst" was an easy transition.

The members of the local survivalist community (at least the ones I knew) were good people: a high proportion of police officers and business professionals along with students like myself. What they had in common was a belief that something bad could happen to the United States.

The possible disasters included full-scale wars (nuclear, biological or conventional), limited local conflicts like an invasion by the Cuban army (after all, we invaded them some years earlier), and economic collapse.

These concerns seem sillier today than they did at the time. This was during the Cold War, remember--and even worse, during the Carter administration. There was an air of pessimism about the future. In the years since I've come to understand that our society and economy are more stable than we thought, and I no longer take those threats so seriously.

But since then, we've had the Chernobyl disaster; Hurricane Andrew in South Florida (65 deaths and $26.5 billion in damage); the attacks of September 11, 2001; the devastation by Hurricane Katrina in Louisiana and Mississippi (1,836 lives lost and $81.2 billion in damage); and a series of earthquakes near Indonesia that took 237,000 lives.

And since the 1970s, it's become increasingly apparent that the greatest risks we face as individuals may not be local risks at all. There are supervolcanos all over the world, including a half-dozen in the United States; one eruption some 70,000 years ago may have caused the near-extinction of the human race. Scientists using new imaging techiques have identified many gigantic craters left over from asteroid impacts. Massive undersea earthquakes can produce mega-tsunamis capable of inundating coastal cities thousands of miles away. (Tsunami waves from the great Chilean earthquake of 1960 killed 61 people in Hawaii after 15 hours of travel time). Individually, these are low-risk threats, but their potential to affect millions or billions of people worldwide increase their significance for disaster planning.

And then there are the biological threats. Influenza pandemics killed over 600,000 Americans in the 20th century alone. The current concern over the H5N1 strain of avian flu may turn out to be overwrought... or inadequate. Certainly medical care is greatly improved since the last great flu outbreak in the US in the 1960s. Good medical practices, including personal measures such as wearing masks and gloves, stopped the SARS pandemic from being much worse. But the course of any disease outbreak depends in part on the disease, and it's always possible that a new virus could emerge, able to overcome our preparations.

Which brings us to the relevance of disaster planning for the computer industry.

Our industry has unique characteristics. Most other jobs, such as those in personal services, manufacturing and health care, require a personal presence; many IT positions don't, so we can prepare to rely more heavily on telecommuting in certain kinds of emergencies. Although a really serious disaster would simply shut down most shops, some IT operations are too important for that. Telecommunications providers, for example, are like health care facilities--even in an emergency, they need to keep operating.

Computerworld's Patrick Thibodeau has been covering this issue for some time now. Earlier this month, Computerworld published a pair of articles revisiting the subject of disaster planning for an avian-flu pandemic (here and here). The articles described how few IT organizations have developed any kind of plan for dealing with this threat.

This weak response is even more troubling considering that Gartner analyst Ken McGee provided some specific guidance on the subject in December 2006 (see the Gartner report here, and a related Computerworld story here). His recommended goal of second quarter 2007 for pandemic preparations has come and gone with little notice.

Ostriches do not actually hide their heads in sand when threatened, and people shouldn't either. Hurricane Katrina showed us all that we have only ourselves to rely on in a major emergency. We're all responsible for analyzing the risks we face and developing appropriate plans. If your organization will be part of other people's disaster plans, you have a responsibility to live up to their expectations.

There may be almost 7 billion of us on this planet, but in a very real sense, the world is getting smaller. The Internet connects our ideas; air travel connects us in person. The benefits from this closeness can outweigh the risks, but only if we're prepared.