Katrina, a Category 4 storm when it hit landfall, has become the costliest natural disaster to occur in the United States. Experts say Hurricane Katrina caused about $35 billion in insured damage. When flood damage is included, the number could jump as high as $60 billion. Nearly 1,300 people died and thousands more were injured.
Early estimates for Hurricane Rita, a Category 3 storm, set the insured property damage at about $5 billion. This does not include flooding or offshore oil rig damage.
The business community was especially hard-hit when Katrina struck. Louisiana Governor Kathleen Blanco said the flood wiped out 40 percent of businesses. While some businesses may be operating in temporary quarters, many are in a holding pattern as they wait for federal assistance and insurance estimates.
Industry service provider Sungard Availability Services reported 128 alerts and 32 disaster declarations from Hurricane Katrina. With Rita, they had 153 alerts and 26 disaster declarations.
Brandon Bond, team member with the Disaster Medical Assistance Team CA-6 gives a first-hand account of his experiences. DMAT is a volunteer team organized under the National Disaster Medical System and operates under the U.S. Department of Homeland Security to provide emergency medical care during times of disaster.
Bond, a disaster preparedness manager for Kaiser Permanente in Oakland, Calif., was deployed to Houston, Texas, with his team on Sunday, Aug. 28, one day before Katrina made landfall on the gulf coast.
Names have been changed to protect both the innocent and the guilty. I am looking at the business continuity plan for Company A. I am not working for Company A or any organization that would have Company A as a critical vendor – although Company A’s services most definitely fall into the “critical vendor” category. So why do I have the plan on my computer? Someone at Company A breached corporate security.
I’m Honest, But . . .
The information on my notebook basically is Company A’s disaster response plan. In truth, it’s a pretty good plan.
If I was working for an organization that had Company A as a critical vendor, I would be delighted to see the plan.
If I was working in the agency that regulates Company A’s business, I would be delighted to see the plan.
By the same token, if I was a disgruntled Company A employee, ex-employee, competitor, or just someone who wants to make a “statement” at Company A’s expense, the plan could be just the tool I need.
DRJ’s pages have been the venue for plan security on several occasions, but none of those occasions addressed the “public plan,” a plan which meets client and regulator requirements but maintains the level of secrecy needed to protect the Company As of the world from prying eyes.
We need to find a way to create this “public plan” as painlessly and economically as possible.
What Does a Planner Need to See
Obviously, a planner would like to see the entire plan, from proposal to final deliverable.
What better way to improve the planner’s effort than by looking at others’ work?
The question, however, is what does the planner need to see to develop a reasonable level of confidence that the organization for which the plan was developed meets all the requirements.
Unfortunately, most companies think their existing data storage and back-up plans will protect them from massive data loss. Too often companies are caught unprepared or unaware of a hole in their process. When faced with data loss or corruption, the back-up archive is one of the most appreciated and loved objects in the entire universe. However, if backups only extend to the perimeter of the enterprise data center, a rude awakening may not be far off.
While we suspect this is true, we’re still faced with a perplexing problem: We’re now being forced to go beyond tradition enterprise data center backup – capturing users files on PCs, file servers, and various other forms of distributed and unstructured data – but we haven’t necessarily been given more resources or more time to do so. Effectively, we have more to do and less time to operate in to be sure our organizations can fully and quickly recover from a data-loss disaster.