Nfina is proud to have been an Anchor Sponsor of the Alabama Digital Government Summit that was held in Montgomery, AL. The Alabama Digital Government Summit brings together technology focused public-sector professionals with leading industry partners to connect on innovative approaches and discover new technologies.
Future-Proofing IT Strategies for Resilience and Continuity Panel Discussion
I had the opportunity to take part in a panel discussion about Future-Proofing IT Strategies for Resilience and Continuity at the Alabama Digital Government Summit. Joining me on the panel were Jay Moseley, the Director of the Alabama Fusion Center and Homeland Security Advisor for the Alabama Law Enforcement Agency, along with Scottie Orr, the Regional Director for Cybersecurity in the Public Sector at Fortinet. The discussion was expertly moderated by Frank Yarnell, the Director of Information Security at the Office of Information Technology for the State of Alabama.
During the session, the main topic was the significance of establishing an incident response plan or COOP (Continuity of Operations Plan). Such plans serve as a tactic to guarantee that an agency or organization can maintain its crucial operations during a crisis, such as natural disasters or cyber-attacks. Out of the 70 IT experts present, only six indicated they had already implemented a COOP for their organizations’ IT systems when asked. A summary of several questions and answers presented by the panel is provided below.
Q: What are the most critical elements of a successful IT continuity and recovery?
For those without a plan in place, the most essential step is to create one. It is recommended to consult with departments that already have a response plan and see if they are willing to share it as a reference for developing your own. We emphasized the significance of involving all stakeholders in the planning process and ensuring that each documents their procedures thoroughly to ensure clarity of purpose. All responsibilities should be assigned according to designated roles. To avoid potential issues, it is advisable for employees to undergo cross training in case others are unable to fulfill their duties.
Q: Communication Plan with timings for executive management / leadership?
A significant factor contributing to the breakdown of incident response plans is communication failure. Often, the individuals responsible, like the department head or CIO, may not be present to make the critical decision to activate the incident response plan. It’s essential for your plan to clearly outline roles and responsibilities for such scenarios.
Q: What steps can organizations take to improve resilience against both natural and cyber disruptions?
Safeguarding your organization from natural and cyber-threats requires distinct approaches. For cyber-threats, this involves adhering to the NIST Cybersecurity Framework. Your strategy should cover risk identification, protection, detection, response, and recovery. It also entails adopting a Zero Trust security model, which mandates rigorous identity authentication for all individuals and devices attempting to access network resources. These criteria apply regardless of whether they are inside or outside the network. In the face of both types of threats, what if your plan proves unsuccessful? It is prudent to always have a contingency plan (Plan B) in case any aspect of your strategy falters.
Q: Share an example where strong resilience and continuity planning helped your organization recover quickly from a disruption?
Recently, one of Nfina’s clients faced a challenging situation when their server rack was moved to a new location. Unfortunately, due to an improper connection to the UPS power supply, an unexpected rolling blackout led to a sudden shutdown of their servers, storage, and Datto backup NAS, resulting in data corruption. Their initial recovery strategy involved restoring from the backups stored on their NAS; however, these backups were also compromised by the power outage. Seeking help, they contacted Nfina. Fortunately, since we had been taking snapshots at the storage array-level and sending them to a geo-redundant location, our engineering team was able to swiftly execute a failover, restoring their systems in less than thirty minutes. This successful outcome demonstrates the importance of having a solid Plan B in place for incident response situations.
Q: How do you maintain and test your continuity plans to ensure they stay relevant as risks evolve?
A continuity plan should never be regarded as complete after its initial creation. Incident response plans must be treated as living documents that require regular review and revision. Although an annual review is advisable, more frequent assessments are preferable. This is due to the constant evolution within IT departments, which includes the introduction of new or updated software, hardware changes, and updates or patches to operating systems. Consequently, any changes within the department should prompt an update of the plan to ensure that all adjustments are incorporated and that someone is designated with responsibility for them.
Your continuity plan should incorporate backup testing. It is also advisable to secure an audit of these backups to ensure compliance with potential regulatory obligations.
The attendees had a very positive response to the session. One participant shared their thoughts in the survey, saying, “There were some great points and clarifications made on incident response plans that I plan to integrate into our current plan. Great session!”.
Nfina is excited to continue our support for the Alabama Digital Government Summit and can’t wait to see everyone in 2025!
