Are Organisations Too Reliant on IT Systems? The UK Public Seem To Think So
On the 19th July 2024, many people across the world woke up to IT error messages and the so-called ‘blue screen of death’. This left many organisations unable to run as usual, disrupting services and affecting end users.The reason? Cybersecurity vendor CrowdStrike had distributed a faulty update to its Falcon software that caused widespread problems with Microsoft Windows systems running the software. It was estimated that 8.5m computers around the world were affected by the outage.
The outages had a significant impact on Microsoft customers, particularly in sectors like aviation, banking, healthcare, and retail. Flight delays, payment disruptions, and operational challenges were just some of the issues reported due to the disruption of critical services, which impacted a large portion of the general public.
In fact, new research conducted on behalf of International Cyber Expo, found that 44% of the 2000 respondents surveyed were either directly impacted by the outages (18%) or knew someone who was (26%). Additionally, 55% of people reported not being personally affected but were still aware of the incident, highlighting the growing global awareness of tech issues among consumers.
What’s more, the research revealed that over three quarters (78%) of people in the UK are worried about the reliance global organisations have on IT systems and software providers. This somewhat shocking (although not entirely surprising) stat highlights the attention that end users are now paying to the tech usage of the organisations they interact with, with security in mind. Ultimately, the incident calls into question the interconnectedness of global supply chains and the vulnerability of organisations that rely heavily on third-party technology providers.
Organisations of all sizes must prioritise robust contingency plans to mitigate the impact of IT outages. These plans should include clear procedures for identifying and addressing critical systems, alternative workflows, and communication strategies. Additionally, fostering strong partnerships with external IT providers is essential, as well as thoroughly vetting any and all other partners and suppliers in the supply chain. Regular communication, shared responsibility, and proactive risk assessments can also significantly reduce the likelihood of outages and minimise their consequences.
Although it is important to stress that the CrowdStrike incident was not a cybersecurity one, cyber-related incidents targeting organisations are on the rise globally - and end users are taking note. Similarly to outages, cyber related incidents also disrupt services. However, cyberattacks, depending on the motivation of attackers (which is often not clear), can also lead to the loss of data, reputation damage and significant financial loss. Critically, cybercriminals are targeting all organisations, regardless of size, industry or data held. This further complicates an already complex threat landscape facing organisations globally.
It’s important to understand the heightened public awareness of the ways in which the organisations are using and managing tech. Cybersecurity (and, more broadly, tech) is no longer seen as a concept too far out of reach to the everyday person. People want to know that their data is protected, else organisations risk losing customers and trust from the wider community. Organisations should be transparent with customers about their data privacy policies and educate customers where necessary on how their data is used and protected. Compliance with regulations and standards is also important. Similarly, organisations should be transparent if things go wrong, like in the case of the faulty update.
One thing’s for certain, organisations must take the interconnectedness of their digital ecosystems seriously. Not least because the public are watching.
Want to know more? Leading experts across the cybersecurity industry will be talking about the real world implications of cyber risk at this year’s International Cyber Expo. The Global Cyber Summit, which will run across the two day event, will explore the latest industry trends, research, predictions and more.
International Cyber Expo will be held on the 24th and 25th of September 2024 at Olympia London. To register for FREE as a visitor: https://international-cyber-expo-2024.reg.buzz/glonal-cyber-summit-press-release