When a strong earthquake occurred on Russia鈥檚 eastern coast on 30 July, tsunami alerts went out from Japan to California. The 8.8 quake, one of the strongest this decade, followed other large ones in Myanmar and Taiwan. Earthquakes this powerful are not just destructive on the ground鈥hey can also shake the digital systems that people need daily.
Natural disasters can really cause damage to necessary infrastructure such as power grids, mobile networks and data centres. The moment these systems stop working, the things that protect against hacking and data breaches may also stop. This then makes it easier for attackers to slip through gaps that would normally be closed.
During a disaster, communication is so so important. But when phone lines and internet connections fail, emergency workers and government departments can struggle to share accurate information quickly. That confusion can make it easier for hackers to cause more damage. Scammers may even impersonate relief organisations to steal money or private data through fake messages.
听
What Happens To Data During Disasters?
听
Floods, fires and earthquakes can physically destroy servers and data centres. If there are no backups stored safely in other locations, years of records can vanish in an instant. This can affect hospitals, banks, schools, or even police services trying to respond to the disaster.
There is also the question of money. When organisations have to spend large sums repairing buildings and restoring electricity, cybersecurity often drops down the list. Yet this delay can leave systems exposed for longer, especially when hackers know there is less protection in place.
Supply chains also come under pressure because a factory damaged in one part of the world, for example, can slow production everywhere. These disruptions make it harder to track goods and detect fraud, and can also reveal weak points in digital networks that link suppliers together.
听
Experts Share: How Can Startups Help?
听
We鈥檝e asked experts how startups can protect essential infrastructure in the wake of natural disasters. This is what they think鈥
听
Mark Edgeworth, CEO, Hicomply
听
听
听
鈥淪tart-ups bring agility that鈥檚 often lacking in traditional providers. They can rapidly innovate, adapt to new threat environments, and deploy tailored solutions at speed. This is a critical advantage when physical and digital infrastructure is under simultaneous pressure. But to have meaningful impact, they must operate within supportive ecosystems that promote risk-taking and enable rapid scaling.
鈥淔or example, in the UK, policy shifts like the forthcoming Cyber Security and Resilience Bill and initiatives such as the Regulatory Innovation Office are creating the conditions for scale-ups to thrive. Investment in regional tech clusters and sovereign cybersecurity capabilities is helping start-ups stay close to infrastructure needs while reducing reliance on complex international supply chains.
鈥淏ut this isn鈥檛 just about national strategy. Globally, we need to think beyond compliance and look to control, stability, and long-term security. Cybersecurity start-ups that embrace this moment by innovating fast, collaborating across borders, and focusing on resilience over reaction.
鈥淚n turn, start-ups need to be embraced, encouraged and apportioned the correct recognition 鈥 and, crucially, investment 鈥 as they carve out their place within disaster response.鈥
听
More from News
- From Workouts To Managing Jetlag: The British Tech Scale-Up That Just Hit One Million Users Globally Appoints New CEO
- Hackers Tricked Instagram鈥檚 AI To Leak Your Log In Details 鈥 How Can Users Stay Protected?
- New Research Reveals The UK鈥檚 Top 10 鈥淔uture-Ready鈥 Cities
- New Research Shows How Elections Are Impacting The Job Market 鈥 Here鈥檚 How
- Is London Becoming The World鈥檚 Next AI Capital?
- Google鈥檚 AI Can鈥檛 Even Spell 鈥淕oogle鈥 鈥 So Why Is It Replacing Search?
- Will AI Labels Actually Save YouTube From AI Slop?
- The Rise Of 鈥淣ew Brand鈥 Cybercrime Groups And The Business Of Ransomware
Adam Seamons, Head of Information Security, GRC International Group
听
听
鈥淭he real problem in a disaster is that security often gets ignored. People focus on speed, access, and recovery. Security becomes a 鈥榥ice-to-have鈥. That鈥檚 the real risk.
鈥淭his is why systems need to fail secure, not just fail safe. It鈥檚 not enough for things to keep running. They have to stay secure even when everything else is falling apart.
鈥淪tartups can help by building tools that:
鈥淲ork under pressure without relying on users to remember the secure way
鈥淗ave security built in from the start (encryption, access controls, audit logs)
Keep working even when connectivity is patchy or central systems are down
鈥淩ely on proper load balancing and redundancy so you don鈥檛 end up with a single point of failure at the worst possible time, proactive SPoF prevention at the design phase often pays off.
鈥淕ood disaster tooling assumes people will take shortcuts. Great tooling assumes infrastructure will fail too. If your product still protects the business when both happen, you鈥檙e doing it right.鈥
听
Niels Hofmans, Head of Security and IT, Intigriti
听
听
鈥淚f a startup is following a compliance standard framework such as ISO27001 or NIS2, they should already be taking natural disasters into account. Starting from ISO27001:2022, global warming has to be taken into consideration in your risk assessment.
鈥淵our businessYour business continuity policy should then detail what the potential damage could be to your daily business operations (from incident to disaster), and then reflected in your Disaster Recovery Policy.
鈥淕oing cloud-based shifts a lot of the responsibility to the cloud provider. And surprise: they鈥檙e quite good at running the infrastructure for you.
鈥淏ut the same best practices apply as any other architecture; there is a distinction between zones and regions. A zone could be one or more data centers, and if you don鈥檛 design your infrastructure to allow for zonal failures, you could still see the impact of natural disasters.
鈥淎llow for architectural flexibility, both from a physical perspective and a software perspective. Let the cloud provider do the heavy lifting for you as much as possible, and design around their standards.
鈥淭he context of natural disasters could also be abused by threat actors to target startups. What we saw with COVID-19 was a lot of targeted spear phishing attacks.鈥
