The times are hard, and the stakes are high. Whether it is cyberthreats, natural disasters or the COVID-19 pandemic, today’s agencies face a rogues’ gallery of intimidating problems.
Despite this, these agencies are responsible for more sensitive data about the citizens they serve than before. Now, every level of government must protect this information against a seemingly endless array of emergencies. Doing so only grows harder, though, the more workforces become a hybrid of in-office and remote employees.
On Wednesday, three government thought leaders explained how agencies can tackle this dilemma during GovLoop’s latest virtual summit. Two Health and Human Services Department (HHS) officials represented the public sector: Robert Tagalicod, Chief of Cyber Communications and Engagement in HHS’ Office of Information Security, and Gregg Treml, Assistant Inspector General at HHS’ Office of Management and Policy (OMP), Office of Inspector General (OIG). Brad Montgomery, Director of Presales Engineering, Federal Data Protection Sales at Dell Technologies, a cloud computing and computer hardware and software provider, represented the private sector.
The group shared three ways agencies can prepare for emergencies by increasing their organizational resilience:
1. Practice Makes Perfect
Individually or collectively, resilience is the ability to respond to, recover from and continuously function during disruptions. According to Treml, agencies should constantly drill for both physical and digital crises. Whether it is a cyberattack or severe weather, interruptions hurt both agencies and constituents.
“Practice them until they’re muscle memory,” he recommended while discussing emergency preparedness strategies. “Keeping them fresh so it isn’t labor-intensive is really important because we all know something is coming at some point.”
2. Take Advantage of Aid
Pride goes before a fall, and nowhere is that old saying truer than after a setback. Unfortunately, many agencies operate in silos that are isolated from potential allies after catastrophe strikes.
According to Tagalicod, silos prevent agencies from getting the assistance they desperately need after cyberattacks and similar misfortunes. Instead, Tagalicod recommended agencies lean on as many public- and private-sector partners as possible after mishaps.
“We can talk about technologies, but the collaboration and information sharing that happens is very important,” he said.
3. Go Beyond Backups
No matter the challenge, backups are a critical component of resilience. After all, duplicating valuables like data and records can shield agencies from unnecessary heartache.
But what if backups are not enough? According to Montgomery, agencies should consider cyber vaults for dealing with security threats. Cyber vaults copy agencies’ most valuable data and then separate it from their entire IT ecosystem. In turn, this isolation can benefit agencies when their other backups become compromised.
“The goal behind this is having a last resort in the event of a breach,” Montgomery said. “Bad actors may go after the backups first. Cyber vaults can expedite your recovery process.”
The Truth of the Matter
Like it or not, every agency eventually encounters circumstances that upend its routines. When these moments happen, emergency preparedness can mean the difference between a quick recovery and lasting immobility.
Ultimately, resilience requires agencies to continuously ensure their people, processes and technology are prepared for the worst.
This online training was brought to you by: