Following a decade of costly cataclysms, including Hurricanes Katrina and Sandy, floods throughout the Midwest, tornadoes, wildfires, and more; FEMA revised its flood zone maps and flood insurance rates. As FEMA acknowledged during the revision process, “[flood insurance] subsidies are no longer sustainable.”
To rewind a bit, in 1968, Congress initiated flood insurance subsidies via the National Flood Insurance Program (NFIP) for homeowners across the U.S. However, the subsidization of risk inevitably encouraged higher risk consumption. Consequently, over the past several decades, Americans flocked to coastal areas and floodplains without bearing the full price, or completely comprehending the implications, of the weather risks involved. Over time, FEMA’s debt rose to $24 billion, while its liability soared to over $1.25 trillion.
A Bad Hangover
FEMA released revised flood zone maps in 2013 to account for shifting weather patterns while also re-calibrating pricing in line with the Bigger Waters Flood Insurance Act of 2012, which mandated use of actuarial risk. Thousands of gobsmacked Americans awoke one day to stratospheric flood insurance rates for their homes. In some flood-prone areas, rates skyrocketed ten-fold, overstretching the budgets of homeowners, while also making it almost impossible to sell their land (at least until Congress stepped in with a short-term solution to blunt the impact).
So, what does this have to do with Businesses, CISOs, and IT Managers?
To avoid negative surprises, minimize the impact of threats, and to better align actual risk with risk appetite, businesses should routinely and proactively perform risk assessment surveys and event-based business impact analysis. Factors businesses may, and should, assess can range from the age of your servers to local weather / weather changes (i.e. has your workplace experience more flooding events in the past couple years than over the previous twenty years?). Businesses should also consider the potential legal impacts of acting/non-acting. Working knowledge of a business’ risk landscape can then guide implementation of business continuity and disaster recovery planning (BCP / DRP), which will consist of people, processes, and technology.
Fortunately, when it comes to the tech side of things, business of all sizes and budgets (from SMBs to large enterprises) can today avail themselves of a panoply of powerful business continuity and recovery solutions. Cloud-powered solutions, known as recovery as a service (RaaS), simplify continuity, recovery, and backup in the face of flood, fire, and even equipment failure, at the workplace. By leveraging RaaS to virtualize the entire production environment, in the event of a disaster, staff can nimbly relocate to another site, or work from home—as long as there is internet access.
Thankfully, many businesses will never experience a natural disaster of any kind. However, system and equipment failures, or malware, can be just as devastating.
Regardless of disaster or risk scenario, cloud architecture confers significant benefits that make it ideal for enabling business continuity, aiding in disaster recovery, and providing businesses with an extra layer of assurance. These features include:
- Enhanced flexibility and reliability
- Failover and data mirroring
- Real-time replication and portability
- High-availability built-in
In a future article, I will talk about hybrid recovery, which leverages the capabilities of on-premise backup and cloud recovery technologies to provide the best of both worlds.
Matt Miller is Senior Manager, Marketing Communications at Accelerite. His experience and interests traverse cloud, cybersecurity, economics, privacy, and risk management.