• United States




Why we continue to fail: lessons learned from the Atlanta Airport fiasco

Jan 02, 20185 mins
Business ContinuityCyberattacksData Center

Five basic failures happened that make the Atlanta airport a softer target for future attack.

Airport departure sign with airplane flying over
Credit: Thinkstock

The recent Atlanta airport FIASCO paints a clear picture of how to screw up EVERYTHING! As an information security professional (with more than 15 years’ experience on the battlefield, literally), I was dumbfounded by the lack of adherence to the most basic best business practices related to business continuity and disaster recovery operations.

Five basic failures happened that make the Atlanta airport a softer target for future attack.

1. Lack of a coherent, acceptable, and tested business continuity/disaster recovery plan

It would appear that airport and city officials only planned for a best-case scenario. They co-located or used same channel connections to both primary and alternate power sources. While air traffic control was able to issue a ground stop and divert flights, those already on the ground were stuck for hours on the tarmac or at the gate. It took at least five hours before passengers stranded on the tarmac deplaned. 

The fact that Air Traffic Control maintained power suggests a lack of coordination between city agencies, federal agencies, Georgia Power, and Delta. If ATC can maintain power, common sense, suggests it was possible to have a third emergency power source. Furthermore, the amount of time it took for airport and airline employees to react and provide support to passengers inside the airport provides even greater proof that officials failed to plan.

Solution: When devising any business continuity/disaster recovery strategy remember the acronym P.A.C.E. – Primary, Alternate, Contingency, Emergency.

2. Train as you fight

As a young Soldier, this was drilled into me from day 1. While we expect a certain amount of chaos during an incident our staffs should be executing plans that have been devised, tested, revised, and retested. Every employee working in that airport should have had a predefined role to execute during the incident. Instead the widespread perception is that employees were hard to find. This suggests that they were looking for management, so they could be told what to do.

Solution: BCP/DRP plans must be developed, tested in real time, revised, and executed in real time again.

3. Communication

Preparing the world’s largest airport for a potential disaster requires clear, coordinated, real time, out of band communication across several agencies. Earlier I suggested a P.A.C.E. plan when developing your BCP/DRP. This also applies to communications. Once the power goes out you cannot send emails, charge batteries for walkie-talkies, charge batteries for cell phones, or use VOIP phones for communications. Subsequently, we have to revert to face to face and good old copper wire telephone communications. It appears that ATL officials also failed in this respect.

Solution: establish an emergency coordination and command cell that stands up immediately in a declared emergency. Automatically route all calls to this control center so they can exercise command and control over the emergency. It should be staffed with representatives from all agencies and businesses vital to airport operations.

4. Delayed reaction time

According to media reports, it took anywhere from 5-11 hours before passengers stranded on the tarmac were deplaned. Why? Obviously, officials were trying to figure out how to communicate, how to deliver resources and where to get them, and probably figuring out who was in charge. These factors are a dream for any potential terrorist. While everyone is figuring out what to do and how to respond they will execute their attack. They will also have time to further delay first responders by executing additional attacks.

Solution: All employees must have clearly defined roles, responsibilities, and action they take when an emergency is declared.

5.  Infrastructure upgrade

Points 1 thru 4 naturally lead to investing in an upgraded infrastructure. Atlanta is one of our nation’s premiere cities, the largest metropolitan area in the deep south, and home to the world’s busiest airport. Yet last Sunday it was a scene we would expect to see in a third world country lead by a dictator who maintains control by terrorizing people with random power outages. Investing in a solution that seamlessly and naturally implements all the above is needed. If city and state officials can raise money to upgrade infrastructure for the Summer Olympics then sure city, state, federal, and a multi-billion-dollar corporation can invest in much needed infrastructure upgrades.

Solution: Acquire and implement updated infrastructure that support your BCP/DRP requirements. 


Last Sunday’s blackout at the Atlanta airport was leadership amateur hour at the city, state, federal, and corporate level (Delta Airlines). It was an across the board failure that represents a significant and present danger to the security of the airport but our national security as well. It is time for us to demand an accountability from our elected leaders regarding such debacles. We should also demand accountability from businesses such as Delta by choosing to spend our money elsewhere until they get it together.


TJ Trent is an expert in organizational compliance and governance for organizations in the cyber universe. His focus is on people, processes, and systems, which provides the foundation for understanding the true place of technology in the cyber world.

TJ works fiercely and passionately to prevent, detect, and eradicate cyber threats. ​During his 13 year career he has witnessed the information technology field burgeon into a powerhouse industry intertwined ​with the fabric of our lives. ​As the lines have blurred between technology and our lives, cyber security and cyber awareness are at the forefront of media attention. The last two years we have been inundated with breach after breach. From healthcare and banking violations to our most sensitive and private photographs. It seems like nothing is safe anymore.​

A super high achiever dedicated to learning and continually improving. TJ has been able to rise to the elite levels of success in his career. With over nine years of leadership experience, TJ has helped many organizations and individuals reach milestones within their careers. As a result, he is also uniquely suited to help you turbo charge your career within the information technology field.

TJ's credentials include a Bachelors of Science-Information Systems Security, Certified Information Systems Security Professional, GIAC Security Essentials (SANS 401), GIAC Certified Enterprise Defender (SANS 501), GIAC Certified Incident Handler (SANS 504), GIAC Certified Intrusion Analyst (SANS 503), GIAC Certified Forensic Examiner (SANS 408), GIAC Certified Critical Controls (SANS 566), and GIAC Certified Network Systems Auditor (AUD 507). TJ will complete his Masters of Business Administration-Technology Management in February 2016.

The opinions expressed in this blog are those of TJ Trent and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.