Earthquakes are a Cybersecurity Topic

In the beginning of this year I was having a job interview at a company here in Gütersloh. I will not provide any names and such, but the IT Manager said natural desasters are not a topic of cyber security, when I mentioned it. I was shocked and did not say anything but now with Ciscos Network Essentials and while Preparing for Network+ I can verify that both are seing this as a cybersecurity topic.

Earthquakes, floods, and other natural disasters are a concern for cybersecurity—specifically in the context of protecting the availability of systems and data.

In cybersecurity, this is called a “physical threat” or “environmental threat.” While these events aren’t “hackers,” they can disrupt IT services, destroy hardware, or make data unavailable, which impacts the CIA triad (especially availability).

Network+ exam key point:
Natural disasters are classified as non-malicious threats (not intentional attacks) that can still exploit vulnerabilities—such as unprotected server rooms or lack of off-site backups.

Example:

• If a flood destroys your server and you have no backups (vulnerability), you lose critical data (risk to availability).

• Cybersecurity planning includes measures like backups, redundant power, fire suppression, and disaster recovery plans to protect against these threats.

Summary:
Natural disasters are absolutely part of cybersecurity planning, but as environmental (not human) threats to system availability.

One can clearly say why they were in need for a specialist. :)