In truth, absolutely no one knows what will happen in the year 2000. The question is what do we do now, when we don't know what will happen in the future? How well are we prepared for whatever happens to our infrastructure in 2000 is dependent on what we think the risks are. Risk analysis is well understood.

Emergency planners know the frequency and strength of hurricanes in a certain area and so use this scientific data to convince others to give them resources to make preparations. Common sense is not helpful in uncommon situations. In our area, FEMA and local emergency measures organizations just completed a huge simulated flood disaster exercise. They will be well prepared if ever a flood does strike. And emergency measures organizations have lots of historical data to go from to give everyone confidence that their risk analysis for the future is accurate.

We have never had a disruption in information infrastructure everywhere in the world on the same day. This will be a first. What exactly is the risk? What things could go wrong? What should we prepare for? How much should we invest to protect our communities against failures that may or may not occur. The Challenger engineers went through risk analysis the night before its fatal launch. The odds of failure were miscalculated. What is the risk to our communities due to the y2k problem? We invest in tornado contingency planning, planning for pandemics, floods, all sorts of things which very rarely occur. Is the risk so low that we should not invest in any community y2k contingency planning?

I believe one reason we are not investing in y2k contingency planning is because this event has never occurred before. If this happened every 10 years, you can be sure, we would have planning in place to learn lessons from last time. And common sense would help us out each time. The challenge of y2k contingency planning is to get resources without any historical examples. This requires strong leadership or local activism as far as I can tell. Institutional inertia results in inaction until proven otherwise. Emergency contingency planners are a special kind of people, they have to worry about things that most of us would never imagine happening.

I worked on Mississippi flood relief with my son years ago. I was overwhelmed with what had to be done. The first thing the emergency crews did, as the water receded, was to have school kids paint the mailboxes. Why? Because emergency workers know that it is so important emotionally to home owners to see that something is getting better. Professional experience made an overwhelming situation livable. Volunteers would have been useless without organization that hooked up volunteers like me to the guy walking around with the clipboard and without the kitchen set up by the residents to feed the volunteers. This disaster got better because of professional disaster workers who had a plan and knew what was important and organized thousands of volunteers to help others out. Disaster recovery requires planning, organization and lots of volunteers.

Now look at Y2k. We don't know what will happen. Imagine a bad scenario plays out (that's what disaster planners do). What is our disaster plan? I have been asking around. There is no local y2k disaster plan. I don't believe there is a state or federal y2k disaster plan. Disaster planners have not scoped out what the y2k scenarios could be to see if there existing plans cover them. What is going on?

I believe there is a disconnect. Everyone thinks this is someone else's problem. Disaster planners didn't know they were expecting an information infrastructure breakdown kind of disaster. The IT community didn't know they should be contacting the emergency measures organizations to tell them the impact of information systems failing.

I am told it takes 18 months to create and test an emergency contingency plan. January 2000 is 19 months away.

Ian

Ian Wells http://www.tiac.net/users/mpadki/talky2k.htm ian@rsn.hp.com Disclaimer: Opinions expressed here are my own

-- Ian Wells (ian@rsn.hp.com), April 26, 1998

Answers

Your right, there is a disconnect. It had occurred to me to approach our local emergency management people about a month ago. It took about a week to get an appointment with the guy in charge. What I sat down with him, we talked for about an hour. Basically, he was aware that the problem existed, but was under the impression that was solely under the domain of the information systems department.

I got his attention by explaining a scenario under which a power plant could fail due to Y2K problems. I then gave him a copy of Ed's book, stated that it was the job of Emergency Management and Response to prepare contingency plans for scenarios with a low likelihood of occurrence but a high potential for loss or damage should an incident occur. I stated that it was my opinion that there was a non-trivial possibility for power failures in the local area with durations in excess of the fuel capacities of currently installed standby generators. He said he would get back to me.

Two weeks later I got a call from him. The book is now being read by his boss, and I am scheduled to give a presentation to the local emergency management and response council next week. He is also sponsoring me to speak to the statewide council later this summer. It looks like at least our local disaster preparedness people are going to take this seriously, now that they have a better knowledge of the situation. They weren't paying attention to this because no one bothered to connect the dots for them.

"It's not paranoia when your fears are based on facts." -Tom Sullivan-

-- Tom Sullivan (sullivantom@hotmail.com), April 29, 1998.