There has certainly not been a lack of headline-grabbing ransomware attacks and disruptive events (both manufactured and natural) over the last few years. And even though we believe in the importance of business continuity planning and being prepared when disaster strikes, do we really understand what that entails in a real-world scenario? Below we consider 4 real-life business continuity events – both the incident and the concomitant damage – in light of which we discuss how downtime could have been minimized or avoided after these critical events as well as what
To avoid becoming another statistic, let’s evaluate what we can learn from businesses who recently fell victim to disruptive events.
1. Things we lost in the fire - Fire ruins office of managed services provider
Incident: Lightning struck a two-story office building in Mount Pleasant, South Carolina, causing a fire to break out. The burning office was that of Cantey Technology, an IT company that hosts servers for more than 200 clients.
The damage: The fire incinerated Cantey’s entire network infrastructure, it melted cables and computer hardware and destroyed equipment beyond repair. After the fire, the office was rendered unusable.
The outcome: Cantey Technology’s 200 clients experienced no service interruption because Cantey (i) implemented a business continuity plan of which part entailed (ii) moving client servers offsite and scheduling continual data back-ups.
2. The outbreak - virus infects UK hospital network
Incident: A network of hospitals in the United Kingdom, the Northern Lincolnshire and Goole NHS Foundation Trust, was crippled by a cyberattack. The virus took down the network’s systems and resulted in operations at three separate hospitals ceasing for five days.
The damage: Patients were either turned away at the door or referred to other hospitals in severe medical cases such as trauma or childbirth. Only critical emergency patients were admitted and ultimately more than 2 800 patient procedures and appointments were canceled because of the attack.
The outcome: The county was warned to take greater steps to defend itself in cyberspace and be prepared for disruptive events.
3. The devil went down to Georgia - major electric company experienced data line failure
Incident: A major electric company in Georgia experienced failure with one of its data lines.
The damage: The company experienced minimum disruption due to an unstable WAN connection.
The outcome: Even though the company’s initial WAN problem was minimal, the incident made this list as one of the companies that took to heart planning ahead to prevent a worst-case scenario and ensure business continuity. The company took several proactive steps to safeguard its critical systems from future interruptions including implementing automatic failover of Internet connections, dynamic bandwidth utilization, and efficient data routing tools at its main site and linking two connections to achieve redundancy. Additionally, it replicated its mission-critical servers offsite.
4. Delta Force I - Infrastructure failure
Incident: Delta suffered a critical IT infrastructure outage at their Technology Command Center causing a surge to the transformer and a loss of power. Despite it being stabilized, critical systems and network equipment didn’t switch over to backups resulting in instability in these systems
The damage: There was a severe delay in the backup systems kicking in, which cost the airline over $100 million in lost revenue, reputational damage and more than 1 800 flights were grounded.
The outcome: The company invested in technology infrastructure upgrades including backup systems and a BCDR strategy.
What we have learned from these incidents
No matter how careful you are, no organization is exempt from disaster striking or a disruptive event. Further, without a proper business continuity and recovery strategy, you may never get your business up and running again – which is why 40% of SMBs fail after a natural or man-made disaster. In fact, considering the incidents highlighted above it is clear that they were all the result of one or a combination of the following factors: no business continuity plan, no risk assessment conducted, an absent business impact analysis, and simply no prevention planning.
For this reason, business continuity planning should be the cornerstone of any successful organization’s business continuity strategy. Plan4Continuity’s business continuity plans go beyond the traditional disaster scenarios to address disruptions while documenting key business functions you need to get operational as fast as possible and the resources you'll need to do so.
Read more about Plan4Continuity: