Business continuity planning has never been more relevant, and every executive should be thinking about the threats that lie beyond COVID-19
Business continuity planning is an exercise in risk management. The probability of an event multiplied by its impact dictates the urgency and need for a response plan. Probability matters: People on the US East Coast roll their eyes when West Coast headquarters asks what they plan to do about an earthquake. Impact is equally important: Most of us don’t worry about things that can easily be replaced.
Continuity exercises look at natural disasters, off-site backups and sometimes mitigation scenarios like a prohibition on multiple executives taking the same flight.
AND THEN THERE’S UKRAINE. Years of hyperinflation in the 1990s culminating in the worst financial crisis of any European country after WWII; political unrest during the orange revolution; financial crisis in 2008; the bloody Maidan revolution in 2013/14 followed by war; cyberattacks taking down almost the complete payment infrastructure in 2017; and now COVID19 – it seems the country can’t catch a break, at least not one that is longer than a few months.
Maybe this is the reason why Ukrainian companies tend to be hard-core about their continuity planning:
• Legal entities in multiple jurisdictions.
• Networks that cross borders and constantly replicate critical data.
• Infrastructure instantly recoverable on fresh hardware.
• Cybersecurity teams routinely defending against nation-state attacks.
Call it extreme paranoia, but Ukrainian IT companies today are more resilient than many governments.
I was an ELEKS customer long before joining as CTO, and it was no surprise that business continuity was high on the company’s priority list. It was refreshing to see this same thinking extended to its clients. During an early visit to Ivano-Frankivsk, the suggestion that if I needed “serious off-site backups, we have a nuclear bunker under this office” sounded like a joke – until I saw that it wasn’t.
But even without going nuclear, a few things every company should ask itself to ensure that it can survive the likely attacks it will face:
• Can I disconnect every single computer, replace them all, then restart my business from fresh hardware? Companies who answer no to this question are likely to pay ransom money to criminals in what is known as a “ransomware attack”.
• How many of my employees rely on office locations to work effectively? The latest crisis has taught us that we can’t depend on physical offices being available.
• Will I know if I’ve been hacked? It takes on average 100 days to uncover a hack, and most corporations learn about it from their customers or the media.
• How will I know if my data has been compromised? Hard drive failures or network outages are immediately noticeable. But who will notice if a few numbers are altered in the accounting system, or if the address on a shipment changes and then reverts back once the package leaves the factory? Subtle attacks are far more dangerous.
• How confident am I that my customers’ data is protected? Is your data defense strong enough to meet the legally required standards? And, more importantly, are you aware of the cost of non-compliance?
• Is my business exposed to political pressure? When Jeff Bezos bought the Washington Post, he may have thought about the resulting political pressure for Amazon. More likely is that he did not. Any business can become a political chess piece – your job is to contain the risk.
We haven’t even considered natural disasters or targeted attacks here – these are just everyday scenarios. So, if you cannot confidently answer these questions, you need expert help. Of course, your response should be symmetric – bringing out the artillery to shoot at sparrows is unnecessary. But any scenario that leads to a full shutdown requires your attention. Hiring a consulting company to handle risk assessment and mitigation strategies is a big step. Ukrainian companies have been exposed to disproportionate risks compared to their US/EU peers and over the years they have learned to contain thisrisk and mitigate adverse effects.
During decades of working with ELEKS on many projects, first as a customer, then as CTO, I have never seen the lights go out. Not during any kind of financial crisis, not during political
upheavals and not during COVID-19. In all cases, ELEKS was at least one step ahead of the crisis.
Author: Klaus Sonnenleiter has been an ELEKS customer for years while working at major technology companies and tech startups.
He now serves as CTO for ELEKS while running Luftronix, an aerospace company launched by ELEKS
If you need a partner to help safeguard your business, contact ELEKS quoting code KYIVPOST.
600 +end-to-end solutions delivered
90% of clients do more than one project with us
47.95 Net Promoter Score (NPS)
29 years of experience
Visit us at eleks.com