The Next Steps After the CrowdStrike Outage: Strengthening Business Continuity Planning

The recent CrowdStrike outage was a stark reminder of the vulnerabilities that come with relying heavily on a single cybersecurity vendor, but at the same time, even cyber security vendors can get it wrong from time to time. While addressing the immediate fallout is crucial, the real question is:

What should businesses do next?

The answer lies in strengthening Business Continuity Planning (BCP) to ensure resilience against future disruptions. Does this sound familiar with the dawn of COVID-19. A reminder that the BCP is not shelf ware and must be review continuously.

Reinforcing Business Continuity Planning

1. Inclusion of Digital Outages:

• Explicit Reference: The BCP must explicitly reference digital outages. This ensures that organisations have predefined steps to manage and mitigate the impact of such incidents. By including digital outages, businesses acknowledge the increasing reliance on technology and prepare accordingly. The recognition is important in the BCP but then, build a disaster recovery plan to accompany the whole process of recovery.
• Scenario Planning: Incorporate various digital disruption scenarios into the BCP. These scenarios should cover a range of potential issues, including hardware failures, software glitches, cyberattacks, and vendor-specific problems. Planning for these scenarios helps organisations understand the potential impact and develop strategies to minimise disruptions.

2. Evaluation and Diversification of Vendor Dependencies:

• Risk Distribution: Diversify vendor relationships to prevent a single point of failure. This approach ensures that if one vendor’s solution fails, the organisation can rely on other vendors to maintain critical operations. Using multiple vendors for different aspects of cybersecurity and critical operations helps spread the risk.
• Continuous Monitoring: Regularly audit and test the systems provided by these vendors to ensure they are robust and can handle potential threats. Continuous monitoring helps identify weaknesses before they can be exploited and ensures that the organisation’s defenses remain strong. You are accountable and responsible for your information. You need to remain as proactive as you possibly can.

Key Elements of an Effective Business Continuity Plan

1. Risk Assessment and Business Impact Analysis (BIA):

• Identify Critical Functions: Determine which business functions are critical and what the impact of their disruption would be. This involves assessing the potential consequences of various disruptions and prioritising functions based on their importance to the organisation’s operations.
• Assess Risks: Evaluate potential risks and their likelihood, focusing on digital outages and cybersecurity threats. Understanding the probability and impact of these risks helps organisations allocate resources effectively to mitigate them.

2. Develop and Implement Strategies:

• Mitigation Measures: Develop strategies to mitigate identified risks. This includes diversifying vendors, enhancing cybersecurity measures, and preparing for digital disruptions. Mitigation measures should be practical and effective, reducing the likelihood and impact of disruptions.
• Response Procedures: Outline clear procedures for responding to disruptions, ensuring that all employees know their roles and responsibilities. Response procedures should be detailed and actionable, providing a roadmap for addressing incidents quickly and effectively.

3. Testing and Exercising the Plan:

• Regular Drills: Conduct regular drills and exercises to test the effectiveness of the BCP. This should include simulations of digital outages and cyber incidents. Regular drills help ensure that all employees are familiar with the plan and can execute it effectively during an actual incident.
• Review and Update: Continuously review and update the plan based on the outcomes of drills and changes in the business environment. This keeps the plan relevant and effective, adapting to new threats and organisational changes.

Connecting the Dots: Incident Response and Disaster Recovery

While Business Continuity Planning is critical, it is just one piece of the puzzle. Effective incident response and disaster recovery plans are also essential components that connect to and support the BCP. These plans ensure that organisations can quickly contain and recover from incidents, minimising downtime and disruption.

Future articles will delve into the specifics of incident response and disaster recovery, exploring how these elements integrate with the BCP to provide a comprehensive resilience strategy. Topics will include developing incident response teams, establishing communication protocols, and creating disaster recovery sites.

The CrowdStrike outage underscores the need for robust Business Continuity Planning that includes comprehensive strategies for digital outages. By reinforcing BCPs, diversifying vendor dependencies, and continuously testing and updating their plans,     organisations can better prepare for and mitigate the impact of future disruptions. As businesses move forward, a proactive and holistic approach to cybersecurity and continuity planning will be essential to maintaining operational integrity in an increasingly interconnected world. Adopting these strategies will help ensure that organisations are not only prepared to respond to incidents but are also resilient enough to recover swiftly and maintain business continuity despite the challenges. It also serves as a powerful reminder that no single vendor can guarantee complete security. It is imperative for organisations to take proactive steps, revisiting and refining their business continuity plans to protect against future disruptions and ensure long-term resilience.