Michael Flannery is president of Windstream Enterprise.
The headlines have become all too familiar: Wildfires burning entire towns to the ground, taking with them homes, businesses and vital infrastructure. Hurricanes submerging whole communities, bringing local and regional commerce to a halt. Tornadoes and freak storms leveling buildings and ruining personal, business and public property.
Lives, livelihoods and business revenue have been lost, supply chains have been disrupted and businesses have neem damaged, often irreparably, as a result of increasingly frequent disasters like these. And the cost is immense.
As of early September, the National Centers for Environmental Information calculates there have been 20 billion-dollar weather and climate disaster events in the U.S. in 2024. The total estimated cost of these events? $53 billion. And that was before Hurricane Milton wreaked havoc in parts of Florida.
What’s more, in a world in which businesses depend on digital infrastructure to stay connected with customers, employees, partners, suppliers and the public at large, the network downtime caused by weather-related events and other disasters can carry a massive cost—$9,000 per minute for large organizations and $5 million an hour for higher-risk enterprises in industries like finance and healthcare, according to a recent article by my Forbes Technology Council counterpart David Flower.
There’s also what a recent report dubs a “compound cyber-physical threat” to account for—a cyberattack purposely timed with a heat wave, for example. “Cyber-attacks are more disruptive when infrastructure components face stresses beyond normal operating conditions,” the report says.
Given the stakes, this is no time to be caught without a resilient, disaster-ready network infrastructure or without a business continuity plan that details how your organization intends to protect its communications infrastructure, data and other valued assets when disaster strikes. Because for many businesses, it is a matter of when, not if.
Here, based on my company’s work helping businesses in a wide range of industries protect their communications networks and data, is a look at six critical technology and network communications-related measures for organizations to prioritize:
Conduct a formal risk assessment.
Before disaster strikes, proactively take stock of your organization’s current communications and IT infrastructure to identify any vulnerabilities and exposures, perhaps with support from a third-party expert and/or operational resilience assessment software. Then, take the necessary steps to address those vulnerabilities.
Develop a plan.
Based on the aforementioned risk assessment, develop a detailed plan that prioritizes communications with various parties, as well the integrity of your operations. Be sure your plan identifies and prioritizes protective strategies for on-premises hardware and brick-and-mortar IT infrastructure (such as data centers), as well as digital infrastructure. Also, be sure to revisit the plan at least annually, updating it as necessary based on any shifts in organizational risk profile.
Move IT infrastructure and apps to the cloud.
Legacy networks that rely on on-premises IT technology are especially vulnerable during a disaster, particularly those with a single point of failure. By moving networks and other key platforms (unified communications and contact center, for example) to the cloud, organizations gain operational and IT resilience, redundancy in communications channels, plus an elevated level of cybersecurity.
Cloud-based networks (such as SD-WAN, a software-defined wide area network) have the resilience and flexibility to preserve connectivity with critical business functions and apps, so organizations can maintain communications with customers, suppliers, etc., especially with employees who may be working remotely.
Keeping the lines of communication open across multiple channels internally and externally is especially important in the aftermath of a disaster in order to stay engaged with customers and suppliers, and to maintain employee productivity.
Prioritize cybersecurity to protect against the disaster-cyberattack double whammy.
Disasters can create cyber vulnerabilities in your IT infrastructure that hackers are always ready to exploit. It’s why more organizations are finding that their best defense is a unified, multilayered security architecture such as SSE (security service edge) or SASE (secure access service edge).
These solutions work by converging multiple security measures within a single software stack that secures all endpoints, users and applications on an enterprise’s network, with the ability to counter today’s most sophisticated and persistent cyber threats better than a stitched-together assortment of security platforms, patches, policies, hardware and software can. Your business continuity plan should specify the cybersecurity risks your organization faces and the defenses it will employ to address them.
Add a third-party expert to your IT team.
With IT talent in short supply, many IT teams are running lean or short-staffed, as evidenced by a recent study from Forrester Consulting and Windstream, which found that 59% of U.S.-based organizations lack internal IT capacity. Some organizations might prefer their IT team to focus on value-adds.
In either case, it could be worth handing responsibility for managing the communications network and other aspects of IT infrastructure to a managed services provider (MSP). The MSP functions as part of an organization’s own IT team.
Test your network.
With a business continuity plan in place, now it’s time to see how that plan—and your IT infrastructure—perform under simulated disaster conditions. To do so, conduct a simulation, then address any shortcomings it identifies.
An organization without a fully functioning network becomes practically invisible to the outside world. Proactive planning and strategic IT upgrades will go a long way toward preserving the operational and communications integrity of your business here in this new normal.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
