Threats to Business Operations
Disasters are something that many of us would prefer not to think about. Many might see it as an unpleasant exercise or something that is safe to ignore. Sadly, disasters and incidents are something that we all will find occasion to deal with, and they are dynamic by nature. For example, mainframes face a different set of threats than distributed systems, just as computers connected to modems face a different set of threats than do wireless connected computers. This means that planning must be dynamic and able to change with time.
Threats can be man-made, technical, or natural; however, regardless of the source, threats have the potential to cause an incident. Incidents might or might not cause disruptions to normal operations. Incidents and disruptions come in many shapes and forms. Those foolish enough not to prepare could witness the death of their business. Categories of threats that should be provided for include
- Man-made/political—Disgruntled employees, riots, vandalism, accidents, theft, crime, protesters, accidents, and political unrest
- Technical—Outages, malicious code, worms, hackers, electrical power problems, equipment outages, utility problems, and water shortages
- Natural—Earthquakes, storms, fires, floods, hurricanes, tornados, and tidal waves
Each of these can cause an interruption in operations. The resulting interruption of services is defined as follows:
- Minor—Operations are disrupted for several hours to less than a day.
- Intermediate—Can cause operations to be disrupted for a day or longer. The organization might need a secondary site to continue operations.
- Major—This type of event is a true catastrophe. This type of disaster renders the entire facility unusable. Ancillary sites will be required while the original site is reconstituted or a new facility is found or built.