From Y2K to CrowdStrike: Why Business Continuity Planning is Your Secret Weapon.

I began my career in emergency management in 1999. Back then, a primary concern was the potential world-ending collapse of systems due to Y2K and computers not recognizing the year 2000. At the time, I felt all the fuss was rather silly, especially since no world-ending incidents occurred. However, the focus on our reliance on technology was not misplaced.

Now, 25 years later, we are significantly more dependent on technology, making any potential outage a catastrophic event. The recent CrowdStrike incident and the subsequent global system failures serve as a stark reminder of this vulnerability.

Planning to mitigate these vulnerabilities is absolutely essential. For my first job in EM, I worked with small businesses and non-profits helping them think through their continuity of operations, define their critical business functions and systems, understand the capabilities of their third-party vendors and create system redundancies. This simple planning process was not rocket science by any means, but it proved invaluable when disruptions inevitably occurred.

Unfortunately, business continuity or disaster recovery planning is often an afterthought. If you are one of those organizations still struggling to recover from the CrowdStrike incident, you are now intimately familiar with the organization’s critical functions and systems and the LACK of redundancies. You are truly feeling the pain in real-time.

To make matters worse, operation disruptions and immediate revenue loss are not the only risks you need to consider. Think about the impact on your organization's brand if you do not have plans in place to respond quickly. Customers affected by a protracted business interruption are likely lost forever.

What should you do?

CrowdStrike is the most recent example of a threat to your organization. Whether you were impacted or not, take this opportunity to dust off your plans or begin the planning process. Start by taking a look at the organizations that quickly recovered from the CrowdStrike incident; they likely had business continuity and disaster recovery plans in place, backup vendors on speed dial, and redundant systems to support their critical functions. 

For your planning, focus on the following:  

  • Determine what your critical systems are and what would cause a significant disruption to your business operations

  • Conduct a vulnerability assessment of each critical system

  • Work with each critical system vendor to ascertain their level of recovery and redundancy planning

  • Consider redundant services 

  • Train employees on smart cyber security practices  

To accelerate your planning, TRI is offering our Disaster Recovery Plan Template for 50% off for a limited time.

Lastly, TRI is always here to provide our expert guidance. Request a free consultation today.

Andrea E. Davis

Andrea Davis is the Founder, President & CEO of The Resiliency Initiative (TRI), a certified Woman-Owned Small Business helping communities and organizations strengthen their ability to prepare for, respond to, and recover from crises. With over 25 years of leadership experience in emergency management, business continuity, and public health—including senior roles at The Walt Disney Company, Walmart, and FEMA—Andrea brings both global expertise and a passion for community resilience. She currently serves as Board Chair for the Northwest Arkansas American Red Cross and as a member of the advisory boards for I-DIEM and the Dr. Lucy Jones Foundation.

https://www.linkedin.com/in/andreaeileendavis/
Previous
Previous

Critical Training for Active Assailant Response: A Personal Account and The Resiliency Initiative’s Mission

Next
Next

Quarterly Resiliency Forecast-Summer 2024