Monthly Archives: August 2024

Lessons from a Global Technology Outage

As we saw two weeks ago, our entire world is dependent on technology. The global technology outage precipitated by a faulty software update rollout by Crowdstrike illustrates how a small problem can have enormous repercussions. The recovery will likely be difficult and expensive for many companies but especially for small to medium-size businesses. Read on to learn about how a technology advisor can help your company mitigate damage from and even prevent technical issues

 

The Outage and its Impact

 

On July 19, 2024, a global technology outage resulted from a faulty software update from technology firm CrowdStrike upended operations across multiple industries. Flights were canceled and delayed, medical care interrupted, and businesses large and small were unable to operate. Large businesses will have a difficult time recovering, but what about small to medium-size businesses with less technical support? Smaller businesses dealt with missed deadlines, possible loss of customers and the inability to pay workers. What lessons can companies learn from what happened? 

 

How a Technology Advisor Helps

 

Although some incidents are out of a company’s control, they still need to be prepared for the consequences of technology problems. A technology advisor is an expert in their field who advises, guides and supports businesses needing help with technology-related decisions. These decisions can include strategic ones, such as how to implement automation and develop a framework for cybersecurity. Or the advisor can assist in planning and navigating software updates to smooth the rollout process. Training and support of workers to give them the knowledge and skills to effectively and safely use technology tools.  

 

The software update responsible for the outage was believed to have not undergone rigorous testing–including for compatibility with common software systems. Technology advisors can help a company develop a framework for rigorous testing of updates to prevent problems that can spread to stakeholders; this includes cybersecurity issues. 

 

What Your Company Can Do

 

Of course, a technology advisor doesn’t do all the work. A collaborative approach in your company, where the IT department works with other business units, contributes to the knowledge of all. For example, while some departments may be enthusiastic about automation of processes, another can provide needed caution–no technology is infallible.  A  technology advisor can help  the company plan an automation strategy. Not to mention, the advisor can remind the company of the need for human oversight of automation.

 

July’s global technology outage has shown us all how digital transformation can introduce risks. Small to medium-size businesses may need a technology advisor to help them with a plan to mitigate these risks. For further assistance, contact your trusted technology advisor today.

Adopting a Risk Management Approach to Your Business

Doing business in today’s world doesn’t come without risk. Anything can happen, from a brief power failure resulting in two hours of downtime, to a days-long global technology outage precipitated by a CrowdStrike software update. How will you know what risks your business is most subject to, and how to mitigate those risks? Read on to find out what types of risks can threaten your company, and how to protect yourself.

 

Multiple Risks to Your Business

 

According to an article from CompTIA, risks come in various forms. Some are within a company’s control, and others come from outside. But all pose some threat to productivity, security or reputation–or all of these. Types of risk include:

 

    • Strategic: These have to do with deviations from a company’s strategy or model. Using automation, for example, can benefit operations, even facilitating software updates. However, problems can occur if human oversight isn’t part of the process. 
    • Competitive: negative consequences of a competitor’s actions, which can cause a loss of business for your organization. Even a competitor’s offering of a better product or service can negatively impact your business. 
    • Compliance: This involves failure to comply with government data security regulations, and can consist of data storage and even data breaches. 
    • Reputational: Events that can damage your image, and public perception of your brand. Perhaps a too-quick rollout of a product or service, a data breach, or a compromised website, can affect trust from customers and other stakeholders. 
    • Financial: This type of risk is anything that might cause loss of revenue. Loss of customers due to compromise of your company’s reputation, or downtime costs from even a brief system outage, can cause loss of earnings.
    • Operational: Anything that affects the operation of your business or other businesses that work with you. A faulty software update can have global consequences, as was seen recently. 
    • Global: Can include global conflict, supply chain disruption, or nation-state cyber attacks. 

 

Any or all of these have a potential impact on cybersecurity, though some are more likely. An outage can result in downtime (operational and financial risk), or a data breach (financial, compliance and reputational). Certain risks intersect, like financial, operational and reputational in the case of a data breach. Depending on how your company handles risk, your brand can weaken, or become stronger than ever.

 

How You Can Prepare

Assess and Document Your Biggest Risks

 

Prioritize risks most likely to affect your company’s operations, revenue or reputation. Your business may be more likely to be subject to risks of regulatory compliance failure than to global conflict. Any source of risk can impact your company, however unlikely it seems. 

 

Assemble a Strong Team

 

By including people from each department, your company gets different perspectives on what can happen and how it might affect your business. For instance, sales and marketing can point out risks posed by competitors. Your leadership personnel can watch for strategic risks. Anyone can be on the alert for social engineering (“phishing”) emails.

 

Prepare an Incident Response Plan

 

All the documentation and planning will go into an incident response plan. This plan comprises the most likely risks,  action plan for each, and the person or persons responsible for specific tasks. Such a plan will help you respond quickly and efficiently to possible disasters, or even keep a minor problem from becoming a major disaster. 

 

Risk management is becoming a more common stance in companies all over the world. To learn about evaluating risks and developing a response plan, contact your trusted technology advisor today.