Every organisation must take responsibility for their ability to function and provide services to their customers, even in the most trying of circumstances.
It matters little to your customers if an IT outage was caused by a cyberattack or by a flawed software update, all they care about is that they are not disrupted.
One of the more heartening aspects of the global IT outage was the resilience displayed by many organisations. There were cases of airlines switching rapidly to manually check-in systems and reporting no flight delays despite the outage. Stories like that abounded but this experience was by no means uniform and there were also many instances of businesses and major facilities having to shut their doors.
This increases the importance of IT resilience and robust Business Continuity Plans (BCPs). IT resilience has now become a fundamental aspect of business operations, enabling organisations to quickly recover and maintain continuity in the face of unforeseen disruptions such as that caused by the global outage.
By embedding IT resilience into their core strategies, businesses can ensure that they remain operational and competitive, and continue to serve their customers even amidst growing complexities and vulnerabilities of the digital landscape.
‘Know’ how to build better resilience
The introduction of regulatory frameworks such as the NIS2 Directive and Digital Operational Resilience Act (DORA) makes IT resilience and BCPs even more important. Article 18 in the NIS2 Directive mandates that essential and important entities implement risk management measures, including advanced threat detection and continuous monitoring. Article 20 requires regular testing and updating of these measures to ensure effectiveness.
DORA, on the other hand, emphasises operational resilience in the financial sector, with Article 11 focusing on the need for thorough digital operational resilience testing, and Article 15 mandating comprehensive incident response and recovery plans. Organisations must foster a culture of resilience through regular employee training and the maintenance of redundancies across critical systems, ensuring quick recovery from disruptions.
By adhering to NIS2 and DORA, businesses can enhance their resilience, ensuring they remain operational and competitive amidst evolving digital threats and not just those related to cybersecurity.
In this respect, businesses should:
Armed with these five “knows” organisations will be able to recover quickly and continue to operate even during times of extreme disruption.
Summary
The widespread disruption caused by the global IT outage highlights the vulnerability of organisations around the world to a small number of major IT services and infrastructure providers. This may require new approaches to the quality assurance of new software releases and updates. It also highlighted the critical importance of IT resilience and business continuity planning for organisations to deal with unforeseen events and IT outages.