Denmark is Dangerously Unprepared – Are You?

Denmark is not prepared for IT disasters and attacks. The state auditors have chosen 13 out of the approx. 4,200 public IT systems and looked at their recovery plans and procedures. A few were fairly well prepared, most were not, and one system was completely unprepared for anything to go wrong.

None of the recovery plans were adequately tested, and five systems had not tested their recovery plan at all in the last three years. For outsourced systems, half of the contracts did not require testing the recovery plan (!).

But at least the Danish state has an office that examines these things and issues a report. Who is responsible for evaluating the disaster recovery plans for critical systems in your organization? You cannot leave that to the individual system owners.

Are You Sure Your Backup System Works?

Why did all the trains in Denmark stop on Saturday? Russian hackers may or may not have been involved, but Danish incompetence was.

The Danish State Railways (DSB) has digitized all the paper that a train driver used to carry. That’s temporary speed restrictions, track works, and deviations from the standard schedule. They have also outsourced their digital solution to an amateurish vendor, and neither the vendor nor DSB had a backup solution. So when the vendor shut down the system due to an unspecified “security issue,” the trains stood still.

I’ve boarded a Delta Airlines flight with a hand-written boarding card on a scrap of paper. A professional organization continues to run, though slower, without its computers. An unprofessional organization like DSB is paralyzed. Are you like Delta Airlines or like the Danish State Railways?