Techastrophies

???????????????????

A 19 yr old engineer in Vietnam changes a configuration in a backend system and the internet is shattered for hours. Is it just a butterfly flapping its wings in the Amazonian rain forest somehow affecting the weather in Europe? Or is it something more? Out of proportion anyway, isn’t it?

?“On the highest throne in the world, we still sit only on our own bottom.” ―Michel de Montaigne

?Thankfully in IT, cloud infrastructure has taught us how to share the bottoms. But still, no matter how big your throne is, you still sit on a fragile conglomeration of infrastructure and network which you have no control over. There is a radical shift where leading organizations focus their energy on business value-intensive tasks and trust their partners for operational workloads which in turn trust their partners for operational workloads thus creating this complex cohesive environment for success aka failure. It is difficult to predict which fly(bug) where will impact whom, how, and for how long.

?If you look at the recent past in 2021, Verizon's major outage blamed fiber cut, Zoom reported issues due to network management activity. Microsoft struggled with DNS and authentication server issues. Google was disturbed on several occasions due to network configuration and IAM. Amazon suffered several outages and so did Facebook, and what tops the list last year was the CDN issue by Fastly followed by Akamai. These outages highlight the emanating complexities escalating via 1st, 2nd, 3rd, and nth tier partners

?On the data front, Facebook experienced a major data breach, at T-Mobile 100 million customers' information was claimed to be stolen and the personal data of 700 million LinkedIn users were on sale online. These incidents showed yet again how vulnerable companies collecting massive amounts of personal data can be for cybercriminals and present ongoing anxiety about the safety of our personal data.

?On the cybersecurity side, we have an ample number of Ransomware attacks such as Colonial Pipeline, Acer, CNA financials, Kia motors, and many more. To end the year Log4j vulnerability, a tiny server-software component is still giving sleepless nights to system administrators and IT security experts. There is a constant race between finding a security patch and breaking the patch again.

?This all proves that no one is too big to fail. While we rely on third-party services, we still need to understand the foundations of the network that our code and systems run on. Any change, manual or automated can result in a system failure, but don’t assume that only code bugs and infrastructure loads cause failure, that’s only the topmost layer to peel. It is therefore very important that we have a thorough monitoring and observability plan. Regular security/compliance assessments and employee awareness training are no longer optional. Businesses need an extensive and detailed cybersecurity budget. Cyber data breach insurance is a must, and the list goes on and on…. So what do we do?

Learn from Napoleon: Biographers of Napoleon Bonaparte talk about his ability to size up a situation with a single?coup d’oeil (pronounced koo-DOY), meaning “a stroke of the eye” or “glance.” Napoleon was so knowledgeable about his strategic situation—the landscape, the enemy, available technology, similar situations from the past—that he could understand and respond quickly to ever-changing circumstances. Napoleon sought always: “faire son theme en deux facons.”?(roughly translated as “To proceed with two options.”

Do what you have to do, but always be prepared for “What if”.