Reduce the Risk of Natural Disasters and Cyberattacks to Your Business Continuity

In 2021, the U.S. suffered $152.6 billion in damages caused by 20 natural disasters. Even scarier, Gartner estimated the cost of downtime at $5,600 per minute or $336,000 per hour. How long could your organization survive? If you’re not prepared to withstand the wrath of Mother Nature, the event itself or the resulting utility outages could spell disaster for your organization.

How Natural Disasters Affect Your Enterprise

Remember the big Texas Freeze and the devastating ice storm that took out critical utilities? Widespread power outages and water-service shutdowns could have easily spelled disaster for the state’s data centers. As bad as things got, most data centers made it through okay. Competitors with more than enough resources shared them with those running low. It was a big eye-opener for organizations that relied solely on Texas-based data center facilities.

Power outages can cause a multitude of problems, including:

• Loss of essential data, company records, patents, customer records, and transactions.
• Taking down business-critical tools and services, servers, mail systems, ERP, and CRM.
• Shutting down customer-facing services, such as websites and customer portals.

The downtime resulting from a power outage isn’t just extremely expensive, it also puts the entire organization in a state of paralysis where nothing can really be done. To make matters worse, natural disasters can set the stage for cyberattacks, making it easier for bad actors to take advantage of systems in weakened states.

How Natural Disasters Affect Cybersecurity

Cybercriminals have become increasingly sophisticated and will take advantage of disasters to wreak havoc on critical infrastructures, including transportation, emergency response, water and sewer systems, and hospitals. The Multi-State Information Sharing and Analysis Center, a federally funded group that helps state and local governments prevent and respond to digital threats, has been involved in many virtual exercises. At least half of those included discussions about how to plan for the dual impact of a cyberattack and a natural disaster.

For example, after Hurricane Katrina hit, malicious hackers created fake donation websites and started fictitious phone scams where they asked for funds for disaster relief, only to take advantage of the personal information supplied by the victims. Similar behavior occurred during Hurricane Florence, where phishing scams spiked as hackers attempted to trick vulnerable people in North Carolina. Social engineering attacks target people, not systems. In addition to perimeter security challenges, your personnel may also be more susceptible to social engineering attacks during a crisis.

Best Practices for Mitigation and Prevention

Given all that, you must be proactive and prepare for natural disasters far in advance.

• Get your security experts and IT teams working together to ensure that all systems are up to date, and your data is protected. It’s essential to prevent any type of security issue, but it’s especially important in the event of a natural disaster. Your disaster recovery plan should include a comprehensive list of all systems and data that should be backed up, secured, and encrypted so they can’t be lost.
• Another highly recommended practice is to move all data and essential programs to a cloud computing service. If your office is damaged, your employees can work remotely, with access to the necessary programs and data anywhere. This also makes distributed data protection possible, where if an evacuation becomes necessary, you won’t scramble to find a way to transport your data securely. It will be available in different geographical locations so you can focus on the safety of personnel.
• Another advantage is that most cloud computing companies also have their own in-house teams that monitor your data in real time, which is especially important when you’re preoccupied with a natural disaster. And, of course, they will be on high alert for suspicious activity and potential cyber threats.
• Moving to the cloud or adopting a hybrid or multi-cloud strategy will enable you to continue operations even if the on-premises infrastructure is affected or taken down. Your hosted private cloud acts as a secondary data center. You can move some or all workloads to the cloud. You can retain the same tool sets, policies, and procedures. And in the event that your on-prem data center goes down, your hosted private cloud will get you back up and running quickly.

How OVHcloud Can Help Mitigate and Prevent Downtime

OVHcloud offers a range of disaster recovery and cybersecurity solutions, including vSphere, Veeam, vRack, and Zerto. That’s in addition to our 34 data centers across four continents, including in Hillsboro, Oregon, and Vint Hill, Virginia. Read our whitepaper to determine whether your organization is prepared to mitigate downtime.