The CrowdStrike Crisis: Lessons in Preparedness
Recently, CrowdStrike's botched security update caused a global upheaval, affecting 8.5 million computers and leading to massive disruptions across various industries. The aftermath included grounded planes, stranded travelers, and billions in lost revenue and remediation costs. As business leaders, the pertinent question is: Can we prepare for such unprecedented disasters? The answer is a resounding yes.
Proactive Technology Leadership: The Blueprint for Preparedness
Experienced technology leaders plan for crises by focusing on operational, financial, and technical readiness. The key is not to predict every possible disaster but to systematically prepare using robust frameworks based on business outcomes and critical processes. This involves:
Monetary and Process Value: Understanding the financial and operational importance of each process.
Information and Functional Requirements: Identifying the necessary data and processes for optimal functionality.
Performance Metrics: Defining what successful performance looks like.
These elements enable the creation of comprehensive risk assessments and disaster recovery plans. Effective technology leadership involves simplifying complex scenarios into actionable strategies, prioritizing process and discipline over intuition.
Operational Planning for a Technology Disaster
Identify the core processes essential for your business's functionality. Like a clock, you must know when your business is not "keeping good time." Define acceptable performance levels to monitor key business functions effectively. Recognizing underperformance early allows for proactive interventions rather than reactive fixes.
A solid business continuity plan is vital. It keeps your business running while the underlying technical issues are addressed. Complement this with a disaster recovery plan detailing the technical steps required for recovery and regular testing.
Financial Planning for a Technology Disaster
Ensure your organization has the financial resources to respond to unexpected events. Allocate part of your IT budget to cover emergency expenses, such as repairs, temporary staffing, and additional resources. Secure appropriate insurance policies, including cyber, business interruption, and property insurance, to mitigate financial losses.
Maintain financial reserves to cover immediate recovery costs and sustain operations during disruptions. Regularly conduct cost analyses and impact assessments to understand the financial implications of various disasters. This data helps prioritize investments in disaster preparedness and mitigation.
Technical Planning for a Technology Disaster
Strategic technical planning involves developing a disaster recovery and business continuity plan aligned with your business objectives. Identify critical systems and data, establish recovery time and point objectives (RTOs and RPOs), and ensure robust failover mechanisms. Coordinate with other departments and external vendors to ensure a unified response during incidents.
Low-level technical preparations require creating detailed run books outlining response procedures for specific incidents, such as system failures or data breaches. Regularly test these run books through drills and simulations. Additionally, set up redundant systems, ensure regular data backups, and implement real-time monitoring tools.
Distinguishing IT Management from Technology Leadership
IT Directors focus on day-to-day IT operations, managing teams, ensuring network security, troubleshooting, and maintaining hardware and software. Their role is tactical, ensuring technology systems support business goals effectively.
Chief Information Officers (CIOs) operate at a strategic level, aligning IT strategy with business goals to drive innovation and growth. They set the vision for leveraging technology to achieve business objectives, manage IT budgets, and ensure IT initiatives align with long-term goals.
Having both roles ensures operational efficiency and strategic growth. IT Directors maintain a stable, efficient environment, while CIOs drive innovation and competitive advantage.
Embracing Risk-Aware Leadership
Understanding the impact of outages, breaches, and other major incidents is critical for a company's stability and growth. Effective technology leadership applies this understanding to risk management, preparing for incidents like the CrowdStrike crisis. You can’t prevent every disaster, but you can minimize damage and expedite recovery with strong leadership and strategic planning.
If your company lacks a risk-aware CIO, consider fractional leadership to guide your technology organization. The absence of such leadership exposes your company to unacceptable risks. Prepare now to safeguard your company's future.
Contributed by Greg Kutzbach, CISSP MR2 Solutions Technology Advisor / vCISO
For 20 years, I've helped people and businesses with technology. Passionate about people, I ensure clients achieve business goals through informed decisions and targeted implementations. I served 10 years as IT Director in corporate real estate, focusing on GRC, SOX, ISO27001, and SOC2. I formalized my expertise with a BS in CIS, emphasizing Cyber Security and Digital Forensics.
For 5 years, I've specialized in digital forensics, cyber strategy, and risk management, aiding SMEs and legal firms in managing risk and building strong cases.
Comments