Computerworld - War. Is there a more sobering word? A more terrifying prospect? Today, the threat hangs heavy in the air, clouding conversation, darkening our doorways and liable to fall upon all our heads at any moment.
As the Bush administration marches resolutely into the stiff wind of global disapproval, we're all steeling ourselves for the impact -- of what we don't yet know.
For reservists, it could mean a call to duty. As a neighbor once said to me, "It may look like we're just fooling around out here one weekend a month, but we're not. This is serious stuff." Indeed. He got called up almost a year ago.
Although most of us won't be slinging an M-16 over our shoulders, the threat of war changes everything. Especially for IT. Sure, we've already spent the past two years operating under some very trying circumstances, so you might wonder how much tougher it can get.
That depends mainly on two things: how prepared you are to secure and defend your company's digital assets and infrastructure, and whether, and how long, we go to war.
Duct tape and plastic sheeting aside, there are real steps you can take. The key for IT leaders, notes French Caldwell, a research director at Gartner, is that in an era when events in the physical world are reflected online, systems connected to the Internet are particularly vulnerable. Take Delta Air Lines' estimate of 500 attempts daily to break into its systems or the recent theft of an estimated 8 million credit card numbers from Data Processors International. Remember the speed and reach of the Slammer worm.
The issue seems less the much-hyped cyberterrorism, and more the need to secure critical enterprise infrastructure and data from hactivists, new viral strains and physical assault.
And yet Gartner last week said that one-third of the 250 businesses it surveyed face the loss of critical data or operating capability in the wake of a "severe calamity." Another research firm, Meta Group, estimates that only 20% of the Global 2,000 have truly effective business continuity plans -- capable enough to enable their organizations to survive a disaster without lasting adverse effects.
Even without war, you'd better
• Develop a business continuity plan, and appoint a cyberincident response team.
• Nail down a serious security plan. Don't just put the manual in a corner.
• Create an "air gap" between critical infrastructure control systems and mission-critical applications and the Internet.
• Develop an e-mail policy. Last week's revelation about the sendmail vulnerabilit
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
