The first episode of the 1978 TV show, ‘Connections’, introduced an obscure component from the electrical grid. Through the episode, it went on to show how that one component's failure led to 1965's cascading blackouts across New York. One failure, in a complex system, grounded flights, paralysed public transport, and disrupted hospitals, among countless other consequences.
There are parallels with the recent CrowdStrike disruption to airlines, public transport, hospitals, and more. Clearly, whether in 1965 or 2024, the web of technology powering modern society remains vulnerable.
The cost of a failure like those can be huge. Revenue can be cut if payment terminals don't work. Safety can be endangered if critical systems go offline. Reputations can be hit if a core service becomes unavailable.
As much as we cannot predict every possible incident that could trigger major impacts like blackouts or IT failures, there are things we can do to increase the resilience of our businesses in the face of uncertainty. Solid security practices, good operational procedures, proper planning: these are all ways to increase the chance of getting through a major incident.
If the business case for resilience isn’t enough, new regulations taking force in October place a legal requirement on key sectors in Ireland. The Network Information Security 2 Directive (NIS2), recently written into Irish law, mandates increased security and resilience for sectors such as energy and healthcare.
There’s a business case for more resilience and there’ll soon be a legal requirement too. So where to begin? A good starting point is assessing your current security and resilience. What policies do you have already? What would you do if disaster struck, if the power went out, or if the water ran dry?
Training, like ICS’s ‘Navigating NIS2: From Theory to Practice’, is also an excellent step, giving you a solid understanding of your legal obligations and emerging best practices in meeting them.
Ultimately, we can never know which obscure component will plunge millions into darkness, or what software update will cause chaos, but we can take steps to reduce the damage when it does all go wrong.
For details visit: www.ics.ie/nis2-training