Resilience Isn’t an Option - IT Systems Must Be Ready Before Crisis Hits

Crises rarely give advance notice. They strike before holidays, during peak operational periods, or in the middle of the night. For critical IT infrastructure, readiness must be constant 24/7.

The real question is not whether disruption will happen, but how well-prepared organisations are to maintain operations when “business as usual” suddenly disappears. For large infrastructure operators, the threat landscape has grown increasingly complex. According to Priit Koppel, Head of IT at Tallinna Sadam, organisations today must be prepared for everything from cyberattacks and energy instability to global software failures.

He points to the recent CrowdStrike incident that disrupted international logistics chains, as well as widespread power outages on the Iberian Peninsula, where ports were forced to operate on generator power for days. “Logistics is unique in that beyond the immediate impact, disruptions can ripple through supply chains for months,” Koppel explains.

Cyber Threats Never Pause

Although Tallinna Sadam has not experienced a full operational shutdown in recent years, smaller incidents have reinforced the importance of preparation. “A few years ago, just before Midsummer’s Day, a core network device failed. Our ticketing system was disrupted, and queues formed quickly,” Koppel recalls. Cyberattacks, however, are a daily reality. “Threat actors are constantly testing our defences,” he says. Beyond conventional attacks, the port has also faced hybrid threats such as GPS spoofing  where vessel traffic systems detect ships that do not actually exist.

Rising Awareness of Risk

For Levira, a broadcast and infrastructure provider, the most significant risks facing organisations today include connectivity failures, extended power outages, and cyberattacks designed to overwhelm services. “We design every layer of service delivery with redundancy,” explains Margus Uustalu, Head of IT Services at Levira. “Whether it’s satellite links, fibre optics or radio connections, duplication is built into the architecture.” Over the past 18–24 months, Levira has seen a significant increase in client awareness around resilience and risk mitigation. Business continuity is no longer a theoretical discussion it is a board-level priority.

Crisis planning extends well beyond the server room. At Tallinna Sadam, even “offline scenarios” have been rehearsed. “If an energy disruption exceeds battery capacity, we move to manual operations, lifting barriers and assuming internet services are unavailable,” says Koppel.  Each scenario is assessed operationally and financially. In some situations, it is more practical to absorb financial loss or temporarily provide services free of charge rather than bring operations to a complete halt.

Recent synchronization changes in the Baltic electricity system provided a valuable real-world test. “In a crisis, energy consumption can exceed generator capacity. That means identifying and prioritising core services that absolutely must remain operational,” Koppel explains. He also references Ukraine’s experience, demonstrating that even in wartime conditions, ports can continue operating when procedures are simplified and clearly prioritised.

Plan B Is Not Enough - You Need a Plan C

According to Uustalu, Levira’s infrastructure can operate on generator power for more than 100 hours. “We have secured fuel partnerships and a clear escalation strategy. If resources become constrained, we systematically shut down non-essential services to preserve critical capacity,” he says. In the event of Baltic Sea cable disruptions, the situation would be serious but not without alternatives. In addition to satellite connectivity, Levira has established direct line-of-sight radio links between Tallinn and Finland via the TV Tower, ensuring cross-border resilience.

Distributed Infrastructure Is the New Standard

Data decentralisation is now fundamental to resilience strategy. Tallinna Sadam operates across multiple data centres to ensure information is never confined to a single geographic location. “Depending on the system, we use either real-time replication or secure backups in alternative locations,” Koppel explains. Ukraine again provides a powerful example: certain operations were migrated to international cloud environments, ensuring continuity even if headquarters were compromised. However, resilience must remain pragmatic.

“If the physical port or production facility no longer exists, data alone will not keep operations running,” Koppel notes. Levira follows a similarly distributed model, operating two broadcast centres in Estonia and one internationally. Yet relocating data “just in case” to the other side of the world is not always the right strategy. Regulatory requirements, cost considerations, and geopolitical risk all matter. Certain data cannot legally leave the European Union, and over-reliance on intercontinental backbone connections may introduce additional vulnerabilities.  Resilience must be strategic not reactive.

Satellite Connectivity as a Critical Lifeline

To mitigate connectivity risks, Tallinna Sadam has built alternative communication channels into its crisis planning. “Backup connectivity is part of our resilience framework. We use operational radio communications between locations, and our next fallback for data exchange is Starlink,” says Koppel. The solution has already proven itself in extreme conditions Starlink operates successfully aboard the icebreaker Botnica, even in Arctic environments. Levira works closely with clients to implement satellite connectivity solutions, including Starlink and satellite phones, as part of comprehensive resilience planning. “Business-critical applications and data must be duplicated. Alternative connectivity whether satellite internet or satellite telephony must be part of the conversation,” Uustalu emphasises.

Levira supports organisations not only with infrastructure, but with consultancy and fully integrated end-to-end solutions tailored to their risk profile.

A Strategy Only Works If It’s Tested

“A plan that hasn’t been tested is just a document,” concludes Koppel. “We have tested some scenarios four times before we were satisfied.” Disruption is inevitable. Attackers will eventually find vulnerabilities. The defining factor is not whether incidents occur  but how quickly operations can be restored.

True resilience is not about preventing every crisis. It is about ensuring continuity when disruption occurs.