- The $US5 billion that Wall Street spent to address the Y2K problem is now paying off with last week's terrorist attack on New York's financial district, IT managers say.
But there have been other issues, from communications to personnel management, that in many cases were never considered in past disaster planning, experts say.
Gregor Bailar, CIO at the National Association of Securities Dealers, Nasdaq's Washington-based parent company, says he was glad the Y2k planning gave his company the chance to rehearse a disaster before last week's devastation.
Nasdaq's Liberty Plaza offices weren't seriously damaged by the collapse of the World Trade Center only hundreds of feet away, but power and normal communications were cut off to the building, and around 200 Nasdaq employees were relocated to the company's headquarters in Connecticut and to an alternate office in New Jersey provided by WorldCom.
"We've got staff that have been here pretty much since the disaster occurred," Bailar says. "And it's been critical to have [communications] with senior managers. My pager was smashed in the evacuation of the market site...but I had communications with them through our crisis [telephone] line."
It's been an exhausting week for IT managers and workers who have been splicing back together or rerouting the spaghetti of data and voice wires that were cut or overloaded with traffic after the attacks on the World Trade Center, which took out a major Verizon Communications switching station that served millions of customers. Cellular phone communications were also hampered by the overload of calls last week.
John McCarthy, former deputy director of the National Y2k Information Coordination Center in Washington, says if not for Y2K planning, the financial services community wouldn't have been as well prepared for last week's attack as it was.
Y2K brought the concepts of continuity management and risk planning out of the "trenches where IT folks were" and into the boardroom. With continuity management, companies take a close look at their staff, processes, technology and information and what areas would be vulnerable in various disaster scenarios.
The devastation from the terrorist attack created a new benchmark in disaster planning and has probably changed the direction of disaster planning discussions in the coming weeks and months.
"If I'd gone into a company and said I want you to pay for a contingency plan for two planes crashing into your building...they would have told me no thanks," says McCarthy, now a senior manager in risk management at McLean, Virginia-based KPMG Consulting.
Some companies found their resources were strained when they simply tried to determine how many and which of their employees had been lost to the destruction. Managing IT workers who weren't physically harmed in the attacks was also a trying task, IT managers says.
"It's been a tragic, emotional event with the country at war," says Bailar. "The pain and exhaustion that comes from that alone was quite different, but the coordination and precision involved in what we're doing almost distracts you from that. We know what we have to do, and we're doing it. I'm very proud of the team and the industry."
Cynthia Bonnette, assistant director of the Federal Deposit Insurance's Bank Technology Group, says one lesson she learned from the attacks is that the reactions of employees need to be addressed more thoroughly in disaster planning.
Bonnette says one area that's not often taken into consideration is the panic factor, which creates "all types of confusion and problems with communications."
"That's where including personnel planning is important. If you can't reach key people, or certain phone systems aren't working, what would you do?... Also, if certain individuals are not around, who'd be the next person to go to?" she says. "A lot of the little details will perhaps come out of this experience."