- February 27, 2018
- Business continuity
- 0 Comments
The crises that businesses and organisations faced over the past year were many and varied.
Kestrel Director, Sandra Pedersen, says companies today are faced with so many different potential threats and issues that it’s impossible to plan for every single scenario.
“Over the past 12 months we’ve seen companies deal with everything from cyber-attacks, to significant power outages, to a major pipeline leak to a false missile attack alarm in Hawaii and many other issues in between.
“With an infinite number of things that can go wrong, the companies that cope well are the ones that have sound crisis management structures and processes in place. Processes that are flexible enough to help manage whatever situation presents itself.”
Sandra says that when Kestrel plans a crisis exercise for a company, it looks at current known threats and the type of issues relevant to that industry and shapes a scenario to reflect a realistic risk.
With plenty of examples from around the globe during 2017 and early 2018, Kestrel has compiled a list of some of the issues companies faced, the impact and the learnings from this.
|Link to article on line
|Decontamination process causing interruption to business as usual.
Possible physical and mental impacts to staff involved
|Welfare of staff.
Interruption to business as usual.
|Third party disruption caused by human error
|Major multi-national cloud provider outage caused disruption around the world due to human error
NB: this organisation also had a major outage in 2016 due to a storm which caused damage to a substation and affected customers around the world
|Don’t rely solely on the cloud – third party failures can affect business operations.
|Wannacry Cyber attack
|Major disruption to UK National Health system.
|Hospitals and doctor’s surgeries had to cancel appointments.
Utility providers were also impacted throughout Europe.
|Scaffolding collapse possible injuries to public and staff, as well as damage to neighbouring buildings
|Reputational and financial impacts.
|Specialised equipment failure
|Baggage handling failure caused major delays at large airport
|Reputational and financial impacts. Reliance on specialised equipment with no backup.
|IT failure caused by third party failure
|Major IT failure for major airline causing disruption to thousands of passengers
|Reputational, financial. This incident escalated due to poor media response and company spokesperson.
|Petya Cyber Attack
|Disruption to organisation through customers being impacted by cyber attack
|Third party disruption creates disruption to business as usual.
|Fire in building
|Fire in computer server room cut access to electronically stored patient records.
|Reputational risk and disruptions for patients.
|Failure of critical infrastructure
|Major pipeline leak caused major disruption to airport and airlines
|Reputational and financial impacts for all involved.
|Overseas hackers forget smiley face (Cyber) on invoice payment email which vigilant staff identified
|Excellent awareness by staff prevents cyber-attack.
|Failure of internal building infrastructure
|Sprinkler failure in building causes damage to equipment and furnishings.
|Impacts on business as usual and highlights that you can’t be complacent even when you are in new premises.
|Major exercise failure due to human error
|Worker sent text message alert out to Hawaii residents warning of incoming missile attack in error causing terror and panic within the community.
|Creates reputational risk and highlights the importance of having controls in place during simulated exercises.