The Impact of Technology Failures on Business Resilience
A small coding error recently took down almost 8.5 million devices worldwide and brought banks, supermarkets, aviation, manufacturing, healthcare and emergency services, stock exchanges, and telecom companies to a grinding halt. This infraction amounted to less than one percent of all Windows machines globally. What if this had impacted five percent or more? What if this had been a directly malicious cyberattack instead of an unfortunate error?
The fragility and interconnectedness of the digital world has become deeply concerning. Organizations are investing more and more of their precious assets into a smaller number of baskets, many of which have shadow ownership without direct control. And when those baskets unweave, the damage is far reaching and irreversible.
Business leaders and boardrooms are looking for answers — “Can this happen again?” “Can we predict or prevent it?” “How can we prepare?” And while there isn’t a single solution, government, or entity that can help mend this problem, there are some important factors to consider when trying to mitigate and counterbalance these risks.
-
Resilience
Resilience means developing an ability to adapt to change, to recover from setbacks, and to withstand adversity. In the context of cyber, resilience means embracing the inevitability of a cyberattack and preparing for an effective response. Fundamental steps for building cyber resilience include:
- Developing a situational awareness of one’s own business environment and attack surfaces.
- Identifying and prioritizing critical assets.
- Mapping out attack vectors, controls and processes.