Commentary: What Do Coronavirus and PSPS Have in Common?

The COVID-19 (coronavius) outbreak has shown us how our world has become so tightly integrated across the oceans.

In California we have to also consider Public Safety Power Shutoff (PSPS) events, which will soon be part of our daily lives again. We learn to live in these scenarios, and flexibility has become an essential part of technology. Our new technology environments allow for this flexibility, as schools close and employers permit telecommuting. Cloud solutions allow us to access solutions from anywhere on the Internet at any time of the day. Implementing the use of more transactional authentication and authorization protocols, such as SAML (Security Assertion Markup Language) and OpenID Connect, also provides the same levels of security we are familiar with on intranet and internal scenarios, with a bit of additional multi-factor authentication rules applied.

However, I have come to realize, with these recent events, how our technology breaks down under distress.

I went to a Microsoft convention in Los Angeles in 2009 where I was first introduced to this new flexible and scalable, living, environment called Azure. The idea was things could be scaled dynamically, “on the fly,” to handle data and bandwidth requirements and stresses. Combined with elections, the COVID-19 event stirred the Internet and caused these stress points.

Websites and cloud solutions (are they really in the cloud?) began to lock and fail. The first question to strike my mind was: Why does the solution not scale dynamically? Then it dawned on me that solutions, not on-premise, are not necessarily in the cloud. Vendors host systems in their own environments and not in the cloud. In most cases, vendor virtual environments still require downtime to scale up. I suppose this might be good in some more secure requirements, but not a good solution for scalability on demand with a zero or low downtime requirement or Service Level Agreements (SLAs).

Dynamic, reactive technology, such as Google’s Dialogflow Knowledgebase BETA, allows us to immediately pull in FAQs from the Centers for Disease Control and Prevention (CDC) and the World Health Organization (WHO), for example, and scale chatbot technologies to current events and provide people with answers in minutes, where development time was required and took time before. This is yet another great reason for Google to take Knowledgebase live!

If you take a look at the National Institute of Standards and Technology (NIST) Cybersecurity Framework, you will find that many cyber virus resolutions are modeled after real virus activity, such as the COVID-19 outbreak. Just like a computer virus, if mitigation is not immediate, a spread will occur. This is what we see happening.

At this point, we cannot mitigate the situation and have to move to containment. We model IT solutions often around what we know, in our lives, as we move forward with technology. At the forefront of the Internet in the ’90s, viruses were new problems. I believe technology research and recommendations such as the Cybersecurity Framework released by NIST have matured enough now that we should reassess our real-life models for situations like virus mitigation and prevention.

There is still much work to be accomplished to ensure up time for solutions to provide better and quicker resolution of major events in the future. Major infrastructure issues were assessed during last fall’s PSPS events, most notably the loss of cellular networks. Many Internet providers also lost network connectivity in many areas. Unfortunately, our lives come to rely on immediate knowledge and news gained by accessing the Internet, whether via an ISP or cellular carriers. These resources have become essential to our safety and for first responders to provide immediate and best-case solutions.