A pragmatic, visionary perspective —–
When a cyber attack wipes out an organization’s ability to conduct business, the question to the organization’s CEO becomes, “Have you properly maintained the organization’s infrastructure and its networks, so that it can still function as a viable business entity?”
What areas are you are supposed to manage back-up, and maintain? A CEO better know this for today’s cyber attack-infested marketplace.
A large cyber attack is to a corporate CEO, like a rogue snowstorm to a mayor facing re-election. If the plows and salt trucks don’t do their jobs and the city is left stranded from the ravages of the storm, the mayor does not get re-elected. On the corporate side, the CEO walks the plank.
Making a strategic assessment of an enterprise’s total business platform and its ability to withstand a cyber attack (or any disruption), is not for everyone. There are only a few quality firms that can approach this on an all-encompassing, strategic, executive view and not just an “outside techie” firm doing a review on the technical innards of a server farm or data center.
ESTABLISHING THE “RITE” APPROACH FOR AN ENTERPRISE
Each organization’s specific strategic assets need to be assessed for their susceptibility to corporate cyber-sabotage as well as other man-made or natural disasters. Let’s look at the various parts of the internal “Platform for Commerce” that supports an enterprise.
REAL ESTATE: What and where is the land that the enterprise sits on? Are there any issues/obstacles to be aware of? (Natural or Man-made)
INFRASTRUCTURE: What is in-place/ available/ accessible to the enterprise? What is the quality/redundancy of access to transportation? Rail? Airports? Power grid and network communications?
TECHNOLOGY: What technologies “run the business”? What in-place technologies are considered “Mission Critical”? Are there redundant network carriers providing Multi-Gigabit connectivity? Where else is redundancy needed? Where is it lacking? What other cyber/connectivity intelligent amenities are being used? What is the documentation?
Has the back-up systems ever been tested? (Sounds like a dumb question but you would be surprised at how many organizations have back-up plans as well as procedures and back-up hardware, but they have never been tested by the organization.)
ENTERPRISE CRITICALITY: How many applications are considered mission critical for the enterprise? To what level are these applications backed up and duplicated? How is it being funded in both its initial and operating phases? What impact do all the applications have on the enterprise’s regional sustainability? Global competitiveness?
There are more questions to ask and metrics to measure, but this gives you a good picture as to the methodology of the strategic Enterprise Assessment Framework (EAF) of what should be happening when it comes to assessing the internal “Platform for Commerce” within an organization or corporate enterprise.
CYBER ATTACKS ARE A MATTER OF WHEN, NOT IF THEY OCCUR
Cyber attacks are on the rise. According to a recent article on http://www.securityinfowatch.com :
According to the Identity Theft Resource Center (ITRC), there have been over 700 data breaches reported in the U.S. so far this year, a 26 percent increase over the same time period in 2013. Of the breaches that have been reported this year, the overwhelming majority have affected healthcare entities and businesses.
Corporate executives may not see this as a hot issue on their “Things to Do” List, but they should. This rise in cyber attacks is an indication it is going to become a “Top Five” issue with corporate CEOs and their executive staffs.
Famous last words in the mahogany CEO office suite, “This could never happen to us.”
When you look at any enterprise’s applications, you have to segregate them into various categories of criticality:
1. CRITICAL APPLICATIONS (Mission critical to the success of the enterprise. Should never be shut down or incapacitated. ALL of them should be totally redundant. (100% back-up))
2. NECESSARY APPLICATIONS (Everyday operations depend on these applications. Only a short period of Out-of-Service time can be tolerated.)
3. OPTIMAL APPLICATIONS (Could do without for a period of time. The business could still function.)
There is a shift going on now as more enterprises become more dependent on mission critical applications. Today, one out of every three applications are considered “Mission Critical” to the organizations. Moving forward, one out of every two applications will become “Mission Critical”. Design and operational heuristics must change to fit these new critical applications.
Selling products and services into this 21st century corporate “Platform for Commerce” environment requires an expertise in understanding multi-disciplinary skills and next-generation solutions. It is a multi-level sell when trying to promote new intelligent amenities for next-generation buildings, multi-venue entertainment centers, and intelligent business campuses.
With the growing threat of cyber destruction onto an enterprise’s intelligent infrastructure, CEOs cannot afford to take a wait-and-see attitude as to preventions, enterprise-wide assessments and applied security solutions. They also cannot depend on their legal or accounting advisors because those people have no real expertise in these matters. Get a broadly-focused, strategic technologist to assess your current situation.
CARLINI-ISM: When you’re sick, you don’t go to the cheapest doctor.
HIS VISIONARY BOOK AVAILABLE AT AMAZON –
BARNES & NOBLE
Follow daily Carlini-isms at http://www.TWITTER.com/JAMESCARLINI
Copyright 2014 – James Carlini