Peer to Peer: ILTA's Quarterly Magazine
Issue link: https://epubs.iltanet.org/i/1496203
11 I L T A N E T . O R G By far, the most critical component during and after a disaster is communication. • Have multiple communication methods and test those methods regularly. I cannot stress the importance of having multiple methods (such as backup email services like Mimecast, a mass texting solution, or an organizational app) to communicate during a disaster. • Letting management know what is happening early and often during a disaster will help greatly. • Gathering the response team as fast as possible—it's the People! • Letting everyone in the company know what is happening and providing regular updates cannot be delayed. The more severe the event/problem, the more often an update is required. For example, if all systems are down, an update every 30 minutes is usually necessary. • Control who is authorizing announcements for regular updates. Designate who should send out those regular updates and ensure the messaging is consistent. • Anger management. If you take part in the recovery operations, you'll need to stay calm and help others stay calm. There will be a lot of angry, frustrated folks. If they see you panicked or flustered, their anger will grow exponentially. Whenever possible, always stay hopeful—hope is a powerful human feeling that helps folks carry on through adversity. • Accounting for your people. Do your best to keep track of your people. • Talking to service providers and getting consultants on the hook. Having a list of your critical service providers and trusted consultants' contact information goes a long way when you need urgent assistance. All the time spent trying to track down the software account manager's name is time not spent doing more meaningful recovery tasks. Train how you'll Fight! • Because you'll fight how you trained. If you fail to train/practice, the recovery operation will be difficult and might just fail. • At a minimum, an annual deep assessment and tabletop exercise can make the difference between a chaotic response and "ok, let us hold our freakout long enough to execute our planned steps." • NIST 800-34 Chapter 3 has the "TT&E" section— Testing, Training, and Exercises. Without TT&E, having a written plan is just a bunch of empty promises. • Monday morning quarterbacking causes a lot of angst—meaning, everyone has an opinion on what should have been done or handled after a disaster [has ended] is done. The blame game is rampant. To avoid some of this rigamarole, you can: • Have purposeful After Action meetings, and don't wait to have these meetings; start having them even before the disaster is over. The lessons learned and future action plans are best developed while you are still working the problem(s). • Immediately get to work on applying adjustments to the plan.