PCWORLD, SEPTEMBER 10, 2011 (IDG) By Grant Gross, IDG News - The Sept. 11, 2001, terrorist attacks led to scores of changes in how U.S. residents live and do business, and the IT industry was not spared.

The 9/11 attacks, coming just after the late '90s Internet boom, were a wake-up call for many IT managers who hadn't contemplated the possibility of their entire computing systems being destroyed without warning, some IT managers and company executives said.

"Many companies maintained their systems under the basic idea that they could reconstruct the systems with only minor interruption to the enterprise," said Keith Payne, IT security officer at Javitch, Block & Rathbone, a law firm with offices in Ohio and three other states.

Losses of technology and intellectual property on "such a large scale" were considered unlikely before 9/11, Payne said.

"Before 9/11, our customers did not heavily evaluate the possibility that the entire firm could cease to exist with no pre-indicators," he said. "We have made large investments in identifying all assets in the scope of how they contribute to the overall ability to operate. No longer are the days of backup tapes being moved off-site weekly; now mirrored systems are maintained with geographical separation."

Ten years after 9/11 cloud storage and disaster recovery remain high-growth areas in the IT industry. ABI Research predicted the global market for business continuity and disaster data-recovery products would grow from US$24.3 billion in 2009 to more than $39 billion in 2015. The open networked disk storage market grew 15 percent between the second quarter of 2010 and the second quarter of 2011, rising to $4.8 billion in revenue, according to IDC.

The 9/11 attacks were a "tipping point" for IT and U.S. awareness of terrorism, added Chris Caldwell, CEO and co-founder of LockPath, a vendor of risk management and compliance software. "Prior to the attack, American companies may have been prepared for natural disasters -- 2011 events like the D.C. earthquake, Midwest tornadoes and Hurricane Irene -- but most didn't have terrorist activity on their radar at all," he said. "Now, most companies -- especially those on Wall Street -- have taken a hard look at their business continuity plans and disaster recovery practices."

Vineet Jain, CEO and co-founder of cloud storage vendor Egnyte, points to 9/11 and later major disasters as leading to the modern cloud storage industry. The attacks showed that a single data center is more vulnerable than backing up data at multiple locations, he said. The attacks also led to a discussion in business circles about cybersecurity, with raised data security expectations from customers, he said.

The attacks created a "classic turning point" where business customers became more concerned about data security and availability, he said.

The 9/11 attacks also led to new government demands for information from businesses. Civil liberties groups protested after revelations that major telecom carriers helped the U.S. National Security Agency monitor the communications of some U.S. residents, and the U.S. Patriot Act, passed in late 2001, expanded the use of so-called national security letters allowing the Federal Bureau of Investigation and other agencies to issue secret subpoenas for information about customers.

But for many businesses, 9/11 led to internal examinations about disaster response and recovery, executives said.

Now, even small and medium-sized businesses realize their entire operation can be wiped out in an instant, said Leib Lurie, co-founder and CEO of One Call Now, a provider of a mobile-phone messaging service and an Egnyte customer. U.S. businesses must now focus on preventing data loss and recovering quickly after a problem, he said.

"The depth and breadth of threats are astounding," he said. One Call Now had six employees in Joplin, Missouri, when a major tornado hit the city in May, but the company had the data backed up.

The 9/11 attacks "geared people toward a completely different way of thinking," Lurie said. "Everyone has always had backup and colocation and back-up plans, every large company has. After 9/11 and [Hurricane] Katrina and the string of other things, even a three-person law firm, a three-person insurance agency, a doctor with his files, if your building gets wiped out and you have six decades of files, not only is your business gone, not only is your credibility gone, but you're putting hundreds of lives at risk."

The loss of a doctor's records could be fatal in some cases, and with the loss of a law firm's records, "you could have people tied in knots legally until you find alternative records, if you find them," Lurie said.

In recent years, Lurie sees more IT vendors, including his company and Egnyte, focusing on emergency response and recovery needs of small and medium-sized businesses, with product pricing geared toward businesses with small budgets. In many cases, cloud-based storage can be cheaper than building a new data center, he said.

The attacks spurred the creation of more robust IT systems and led to a focus on disaster recovery, said Rich Arenaro, CTO at Stroz Friedberg, a digital forensics and investigations firm.

Even with an increased focus on the impact of disasters, Arenaro sees some "arrogance" in the IT industry about cyber-attacks not tied to disasters. The 9/11 attacks led to an awareness of the problems created by data losses, but many businesses still don't take cyber-attacks seriously enough, he said.

The 9/11 attacks showed that terrorists can hijack airplanes. Later cyber-attacks showed that simple-to-use hacking tools are available to people with limited IT skills, he said, even though ties between hacking and traditional terrorist groups are tenuous.

Cybersecurity plans can't be limited to filling out forms or thinking about the issue once or twice a year, Arenaro said. Businesses can't "convince ourselves that it can't happen to us, or it's unlikely to happen to us, or we're not important enough to be a target," he said. "We have to look at this as an industry, and say, it doesn't matter if you're the big guy or the small guy. We're only as strong as the weakest link."

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is grant_gross@idg.com.

9-11 report worries Collins [Bangor Daily News (ME)] (Bangor Daily News (ME) Via Acquire Media NewsEdge)


WASHINGTON U.S. Sen. Susan Collins said her biggest concern over a recent report card that assesses successes and shortfalls of the federal 9-11 Commission is the nations failure to take seriously the problem of homegrown terrorism.

As the ranking Republican on the Homeland Security and Governmental Affairs Committee, Collins closely analyzed the 10th anniversary report card submitted by the Bipartisan Policy Center.

The Homeland Security Committee first sounded the alarm about homegrown terrorism five years ago, during my chairmanship, and has held more than a dozen hearings on the topic, Collins said in a statement Wednesday. As the result of our investigations, we learned that some individuals within the United States, in both our prison system and our communities, are being inspired by al-Qaida's violent Islamist extremism to plan and execute attacks, often acting as lone wolves without direct orders from abroad.

Although the report card lists successes in the 10 years since the worst terrorist attacks in the nations history including improved airline passenger screening and better information-sharing across agencies it also highlights recommendations that have yet to be implemented.

Among those are: ensuring that a unified command is adopted for incidents involving multiple agencies or jurisdictions; increased assignment of radio spectrum for public safety purposes; and creating a single, principal point of oversight and review for homeland security.

In Maine, Robert McAleer, director of the Maine Emergency Management Agency, said his organization has received and invested more than $128 million in federal Homeland Security grants since 2002. Among other things, he said, the money has been used to protect critical communications infrastructure, to build and improve emergency operations centers across the state, and to provide training for emergency response teams.

In addition, McAleer said, federal dollars have enabled the purchase of equipment, including four state-of-the-art mobile command units, generators for emergency power supplies, and Bangors ill-fated hovercraft which suffered a damaged propellor shortly after its purchase and has been unusable ever since.

MEMA also has invested in a large number of emergency communications radios.

Weve bought an awful lot of radios, McAleer said. Thats because any radio made before 1998 wont be usable after January 2013 when emergency responders will be assigned to a new, narrow-band frequency, he said, and also to ensure that all the radios in the state are able to talk to each other.

As a result of the investment in radio units and other equipment, McAleer said Maines communications interoperability is in pretty good shape. Maine also has made good progress in implementing incident command protocols in large-scale emergencies, ensuring a coordinated and more effective response, he said. And MEMA has invested in a secure system for credentialling emergency workers, minimizing the likelihood of infiltration of the emergency response team by terrorists.

I think were in pretty good shape, he said.

But at the national level, Collins lodged her concerns.

I am troubled that the White House has not named a lead federal agency to coordinate disparate efforts to combat homegrown terrorism, said Collins. I urge the [Obama] administration to establish a unified front against this important and evolving threat.

In the last two years, the number of homegrown terrorist plots has escalated sharply. The Congressional Research Service has reported that between May 2009 and July 2011, arrests were made in connection with 31 homegrown plots by American citizens or legal permanent residents of the United States. By comparison, in the more than seven years from Sept. 11, 2001, through May 2009, there were only 21 such plots.

The Bipartisan Policy Center is chaired by former U.S. Rep. Lee Hamilton, a Democrat from Indiana, and former New Jersey Gov. Tom Kean, a Republican.

The centers 9-11 report card concludes that the United States is undoubtedly safer than it was a decade ago but urges a continual reassessment of priorities and expenditures going forward.

One of our major deficiencies before the 9-11 attacks was a failure by national security agencies to adapt quickly to new and different kinds of enemies, the report stated. We must not make that mistake again. (c) 2011 ProQuest Information and Learning Company; All Rights Reserved.


American architect Minoru Yamasaki designed the towers, whose narrow vertical windows -- heavily influenced by Gothic architecture -- helped humanize (barely) the towers' sleek, minimalist look and feel. Interestingly, the man who envisioned New York's tallest buildings had a fear of heights. Photo: Stan Wayman/Time & Life Pictures/Getty Images

Middle Photo: Current rendering of the Freedom Tower released June 27, 2006. Image courtesy of the Lower Manhattan Development Corporation, SPI, and SOM.

Extreme Right photo, B/W: Another view of the towers on their way up. Photo: Keystone/Getty Images

Built: 2006-2018 Cost: $2,000,000,000 Designed by: Skidmore, Owings & Merrill Type: Skyscraper Stories: 82 Maximum Height: 1,776 feet / 541 meters Maximum width: 200 Maximum length: 200 Location: One World Trade Center, New York, United States. Stories: 82 Maximum Height: 1,776 feet / 541 meters Maximum width: 200 Maximum length: 200 Location: One World Trade Center, New York, United States of America

Chief News Editor: Sol Jose Vanzi

All rights reserved