Anyone remotely familiar with scouting knows the motto "be prepared." The recent CrowdStrike event, affecting 8.5 million Microsoft Windows devices, is a stark reminder these two words apply to more than starting campfires and foraging for dinner. For businesses, the test of just how prepared the enterprise is can come down to the strength – or existence of – the business continuity and disaster recovery plan (BCDR) designed to keep it operating and quickly rebound after major disruptive events.
As organizations of myriad shapes and sizes woke up on July 19 to dysfunction plaguing some or all of their workstations and servers (both on-premises and cloud-based), it didn't take long to realize that the latest test of organizational resilience was underway.
This was not, after all, the first time the interconnected nature of the global supply chain has triggered an event with far reaching consequences. Anyone who's been around very long has experienced a cyberattack, abrupt component shortages, natural disasters, a pandemic, and other disruptive events. Situations that have disrupted the flow of critical information include the Heartbleed cyber bug, exploitation of Log4, and many other supply chain issues and attacks.
Organizations quickly fell into one of two camps. Those with robust and tested recovery plans were already recovering backups or overriding the overnight updates while enacting their crisis communications measures to assure a skittish public that the situation was under control. Those unprepared faced serious consequences that required far more than a reboot to overcome.
Resilience in the wake of such events doesn't happen by accident. And, disaster recovery isn't an afterthought. In a connected world, recovery plans should never collect dust and regular pressure testing is essential. These actions could be the difference between maintaining mission operations vs. suffering a shutdown. Proactivity is the best way to ready the organization for the next global disruption.
Keys to creating a winning BCDR
AlixPartners has significant experience helping enterprises plan for the worst. Our framework includes understanding:
Inputs
- Review plans and identify the existing components necessary for effective recovery
Current state and potential impact
- Analyze historical operational performance to identify the influence disruption would have on continuity
Plan for BCDR refresh
- Detail gaps, spelling out recommendations, and constructing a remediation plan
Get started now
The CrowdStrike incident has many organizations asking how to limit exposure to an event that is potentially crippling or catastrophic. The answer is to ensure the effective continuity of operations via robust planning and unbiased preparation. This requires everything from cross-functional collaboration to the ability to rapidly implement change. Once you've answered the question of how to protect the organization there is only one more question to answer: What are you waiting for?
Reach out to get a conversation started with one of our experts.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.