The past month saw an unprecedented leap in natural disasters across the U.S. In an effort to prevent the spread of wildfires in California, power was shut down for days as a proactive and preventative measure. With climate change, comes a new disruptive norm. What does this mean for cybersecurity and corporate accountability, and can AI help with extreme weatherproofing? Credit: Thinkstock On Monday, October 28, the news in San Francisco was that Tuesday’s winds would trigger another round of power shutdowns. More than 1 million PGE customers in northern California have been affected by planned power outages, a proactive measure taken to protect against igniting or exacerbating on-going wildfires. All over the state, residents and businesses have been impacted by fires and the power shutdowns over the past few weeks. Although I live in Boston, this part of the United States is perhaps my favorite, and hearing about the destruction and impact of the fires from my friends who live there, has deeply saddened me.In the other regions of the country, October saw Boston battle a bomb cyclone while much of the East Coast experienced unplanned power outages and flooding due to Nor’easters while monster tornadoes struck Dallas. It has been a terrible month for many of us.Severe weather and natural disasters have been an issue companies and government officials have been dealing with on the power grid for a few decades but shutting down power as a proactive strike against natural disaster is something new. The changing climate and new norms in weather conditions likely means we’ll continue to see more power outages, both planned and unplanned, as well as weather events that wreak havoc on the critical infrastructure. As these disruptions become increasingly prevalent, what does that mean for cybersecurity and corporate accountability, and is this a problem that AI can ultimately solve?A security team impacted by Mother NatureSevere weather can impact our security systems in a number of ways: Power could be out in one location of the business, but not the business overall. Data and critical IT could be live but, the ability to securely monitor the network might be partially or completely disabled, leading to more vulnerable data and systems.An organization can be fully operational, but the company’s cloud-based security software or managed security provider(s) are unavailable because of an outage, despite claims of fully redundant systems with failover capabilities.Everything is up and running, but the security operations center is inaccessible or evacuated because of a weather-related condition (hurricane, flooding, downed trees, wildfires); despite the remote access capabilities, security teams may have limited ability to do their work because they don’t have full functionality off-site.These are weather-related situations that we have no control over. More and more often we can expect to have a blue-sky day in one state, only to have networks and data impacted by a weather incident happening on the other side of the country or world. Companies may not even realize the temporary loss of its ability to monitor for security threats.Shutting down the power grid to prevent fires is a relatively new phenomena – one that we may see happening more frequently, and it may happen without significant advance warning. This means organizations have to be ready at a moment’s notice and to take immediate action for how security is applied during planned outage situations. In addition to planning for power shutdowns to prevent wildfires, companies need to be prepared to expect other types of pre-emptive outages. Will a Verizon, BT or AT&T ever need to take a portion of their network offline to prevent or thwart a cyberattack? That might be an extreme case, but it’s time to start thinking about how we secure our systems when conditions are erratic and further out of our control than perhaps ever before.AI for extreme weatherproofingAI-based solutions are already being introduced into organizations to help meet staffing shortages. In the case of an extreme weather event, organizations can expect to have few, if any, people on hand. AI can provide the necessary backup for employees, when you can’t have physical staff on hand. Because AI is also largely based in the cloud, it can continue to help monitor a weather-impacted company’s data and network. In a perfect world, the combination of AI and a remote human element working together can provide a solid security response during a storm or outage.But we don’t live in a perfect world. And in the case of a perfect storm – it would be a hacker’s dream to have an event that would prevent security workers from getting on site, with some or all of the security defenses down, but with the data still up and running on the network. Granted, this is the absolute worst-case, doomsday scenario, but this is what we, as an industry, must increasingly be prepared for.To meet such a scenario, we need to think of the next level of intelligence, providing a backup instance that can automatically take action. There has to be enough redundancy, enough artificial intelligence so that if one data center or SOC goes down, the automatic failover is able to seamlessly defend without missing a step, and with the same level of accuracy.Weather-proofing your security requires building resiliency into your enterprise. We want to believe that everything is built to be resilient, but few things truly are, and we need to be prepared to handle the extreme weather situations and power outages we are now experiencing. As climate change continues to impact our infrastructure in unexpected ways and often without warning, we need to do more to ensure our security systems are resilient and are up to handling the disturbing new norms we are now facing. Related content opinion 2019 in review: data breaches, GDPR’s teeth, malicious apps, malvertising and more As 2019 draws to a close, it is time to reflect on what’s happened in cybersecurity over the past twelve months – and in some cases, what didn’t happen this year. By Rick Grinnell Dec 09, 2019 5 mins Data Breach Phishing Malware opinion Different conferences, common theme: How to best manage the disparate security solutions we’re using We need to unite the different islands of security solutions in both the physical and cyber worlds to provide the best level of protection. By Rick Grinnell Sep 24, 2019 5 mins Security opinion Sharks and phishers are circling, looking to snag a bite Security professionals need to work together to come up with effective threat strategies, better training and intelligence alert systems in effort to keep phishing attacks at a minimum. By Rick Grinnell Aug 06, 2019 5 mins Phishing Hacking Security opinion Emerging security threats at the half-year mark We’ve hit the halfway mark of 2019, and I’m sure that we have all noticed some interesting happenings in the cybersecurity world. I’d like to highlight a few that I’ve found interesting, but also disturbing – and I am s By Rick Grinnell Jun 17, 2019 6 mins Data Breach 5G Cyberattacks Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe