Coordination of investments
Spending more money on additional infrastructure or redundant cloud providers is not the solution. After all, after every major outage, Jayaprakasam says sales pitches promise zero downtime if organizations spend more on new platforms. He rejects these assertions. In a well-architected hybrid cloud setup, he says resiliency is more often a coordination problem than a spending problem, and distributing workloads between two cloud providers does not guarantee better results if the clouds rely on the same power grid or experience the same regional outage event.
He says the most effective approach is to strengthen coordination between IT, cybersecurity, business continuity and third-party providers. “The real question is whether you have the right contacts, processes and response models in place,” he says. This coordination includes creating a single view of dependencies, practicing joint response exercises, and ensuring that suppliers can be contacted and escalated in the event of an incident. You can gradually develop advanced mapping of your asset dependencies across borders to simulate potential impact radius scenarios.
Additionally, Jayaprakasam believes that many organizations already have robust response processes in place, but are simply enforcing them too strictly. Legal and compliance teams, for example, have well-established playbooks for cyber incidents, and these playbooks can also apply to operational disruptions.
