MailGuard Jul 26, 2024 5:49:33 PM 8 MIN READ

Ensuring Business Resilience: Lessons from a Global Outage

Let’s get something straight up front – we’re not fans of highlighting an incident or outage when it happens for any vendor, because as we always say, it can happen to any business, any time. And we stand by that. However, it would be wrong to pretend that last weeks outage didn’t happen, because there are valuable lessons for all of us.

Here’s a snippet from the Washington Post that gives an insight into the panic that had IT and security folks around the world springing into action:

It was 3 a.m. Friday when Tyson Morris got a wake-up call that would send him into crisis mode for days. Atlanta’s trains and buses were expected to be running in two hours, but all systems were down, showing the dreaded “blue screen of death.”

“It’s the one phone call a chief information officer never wants to get,” said Morris, CIO for the Metropolitan Atlanta Rapid Transit Authority. “I jumped out of bed, and my wife was wondering what was going on. She thought someone had died.”

Morris sprang into action to mobilize his team of 130 for an all-hands-on-deck operation. Was it a hack? Had an employee gone rogue and brought down their operations? For hours, no one knew.

“It was a heightened sense of stress that I haven’t experienced,” said Morris, who’s been in the industry for more than two decades. “Every second counts.”’

The incident impacted businesses across the globe, with estimates of lost revenues and insurance claims in the billions of dollars. Airports and airlines, healthcare providers and hospitals, telecommunications companies, emergency services, and many more were offline.

In Australia, the big four banks, Telstra and major media outlets like the ABC and Foxtel were impacted. The Conversation reported that DownDetector.com.au was displaying a wide cross section of the businesses hit.

downd

Image courtesy The Conversation

It was a big wake-up call for everyone. We certainly saw many people in our networks on social media sharing updates about emergency risk and incident committees scrambling to meet over the weekend.

So, it’s an opportune time to check in on the preparedness of your clients. As Winston Churchill famously said, “Don’t let a good crisis go to waste.”

The continuity of business operations hinges significantly on robust cybersecurity and incident response measures, and planning for the unexpected. Last weeks events underscored the vital importance of incident response (IR), disaster recovery (DR), and business continuity planning (BCP).

Here are some thought starters on maintaining business resilience amidst unexpected upheavals.

Understanding the Impact of Service Disruptions

Service disruptions, whether caused by cyberattacks, natural disasters, or system failures, can have catastrophic effects on business operations. The recent outage serves as a stark reminder of how vulnerable businesses can be when critical systems go offline. The implications are vast, affecting everything from service provision to communication and data access, and impacting customer trust, employees, and the financial stability of your operations.

bsod

Image courtesy The Conversation

Some Key Takeaways:

  • Disruptions can occur without warning, highlighting the need for preparedness ahead of time. Plus, often the source or nature of the disruption is unknown, yet urgent action is needed to support and protect your people, data and business while it gets sorted out.
  • Downtime can lead to significant financial losses, operational challenges and unforeseen complexity even amidst the uncertainty. And the disruptions may not be limited to your own business, but they can have knock on impacts for customers and others in your supply chain.
  • Maintaining trust requires prompt and effective communication, transparency and rapid recovery.

It all puts a spotlight on the readiness of the business in advance.

The Importance of Incident Response

An effective incident response plan (IRP) is the cornerstone of any robust cybersecurity and business continuity planning strategy. It enables businesses to quickly identify, contain, and mitigate the effects of an incident, minimising damages and ensuring a swift return to normal operations.

Critical elements of an Incident Response Plan (IRP) include:

  • Incident Response Team: Designate a team responsible for managing incidents, including representatives from IT, HR, and executive leadership, plus other parts of your operations that are deemed business critical.
  • Communication Protocols: Establish clear communication channels to keep employees, customers, and stakeholders informed throughout the incident.
  • Step-by-Step Procedures: Develop detailed procedures (beforehand) for identifying, containing, and mitigating different types of incidents.
  • Regular Drills and Simulations: Conduct regular drills to ensure the team is prepared and procedures are effective. Practise makes perfect, even if those drills may seem tedious in the good times. When the sh*t gets real, the business will thank you later.

Building a Disaster Recovery Plan (DRP)

A Disaster Recovery Plan (DRP) focuses on restoring critical IT systems and data after a disruption. Given the increasing frequency and severity of cyber incidents and natural disasters, having a well-defined DRP is also essential.

The Key Components of a Disaster Recovery Plan include:

  • Risk Assessment: Identify potential threats and their impact on the business’s operations.
  • Critical Data and Systems: Prioritise planning for data and systems that are vital to business continuity.
  • Backup Solutions: Implement robust backup solutions, including cloud-based services like MailGuard’s SafeGuard, to ensure email and data availability and retrieval.
  • Recovery Site: Establish a secondary location or cloud environment where critical systems can be restored and operated. If business operations are forced to relocate, a service like MailGuard Live can be useful to minimise disruptions.

Ensuring Business Continuity

Business Continuity Planning (BCP) goes beyond disaster recovery by ensuring that essential business functions can continue during and after a disruption. It involves a holistic approach that covers all aspects of business operations.

Steps to Develop a Business Continuity Plan include:

  • Business Impact Analysis (BIA): Assessing the potential impact of different types of disruptions on business operations.
  • Continuity Strategies: Developing strategies to maintain operations, such as remote working capabilities and alternative supply chain arrangements.
  • Communication Plan: Creating a comprehensive communication plan to keep all stakeholders informed and engaged during a disruption, and
  • Testing and Maintenance: Regularly testing and updating the BCP to ensure its effectiveness and relevance over time.

Integrating Cybersecurity into Business Continuity

Last week’s events highlighted the critical need to integrate digital and cybersecurity measures into business continuity planning. While last week’s incident was not a cyberattack, nonetheless its effects were much the same and it demonstrated the need for businesses to ensure that their cybersecurity defenses are robust and capable too, of withstanding and quickly recovering from disruptions.

Enhancing Cybersecurity for Business Continuity:

  • Email Security: Deploy advanced email security solutions like MailGuard to protect against phishing, BEC, and ransomware attacks.
  • Multi-Factor Authentication (MFA): Implement MFA to add an extra layer of security for accessing critical systems.
  • Continuous Monitoring: Use continuous monitoring tools to detect and respond to threats in real-time, and
  • Employee Training: Regularly train employees on cybersecurity best practices and how to recognise and respond to threats.

The outage last week serves as a powerful reminder of the importance of comprehensive incident response, disaster recovery, and business continuity planning. By integrating all three into a cohesive strategy, businesses can enhance their readiness and resilience, ensuring they are prepared for any disruption.

For partners as trusted advisors to your business customers, offering robust business continuity and disaster recovery solutions can significantly enhance your value proposition to clients. Planning and preparedness are the keys to navigating the uncertainties of business. Businesses must expect the unexpected, and investing in robust cybersecurity measures and comprehensive continuity plans to safeguard their data, people and operations in the face of future disruptions.

Nine out of ten cyberattacks start with an email. Speak to a MailGuard expert about the cyber readiness of your customers businesses, by reaching out to expert@mailguard.com.au, or call 1300 304 430.

Keeping Businesses Safe and Secure

Prevention is always better than a cure, and one of the best defences is to encourage businesses to proactively boost their company’s cyber resilience levels to avoid threats landing in inboxes in the first place. The fact that a staggering 94% of malware attacks are delivered by email, makes email an extremely important vector for businesses to fortify.

No one vendor can stop all email threats, so it’s crucial to remind customers that if they are using Microsoft 365 or Google Workspace, they should also have a third-party email security specialist in place to mitigate their risk. For example, using a specialist third-party cloud email solution like MailGuard.   

MailGuard provides a range of solutions to keep businesses safe, from email filtering to email continuity and archiving solutions. Speak to your customers today to ensure they’re prepared and get in touch with our team to discuss fortifying your customer’s cyber resilience.

Talk to us

MailGuard's partner blog is a forum to share information; we want it to be a dialogue. Reach out to us and tell us what your customers need so we can serve you better. You can connect with us on social media or call us and speak to one of our consultants.

Australian partners, please call us on 1300 30 65 10

US partners call 1888 848 2822

UK partners call 0 800 404 8993

We’re on Facebook, Twitter and LinkedIn.

Keep Informed with Weekly Updates