"When a CrowdStrike patch inadvertently disrupted Windows endpoints worldwide in 2024, even well-prepared companies were impacted. Yet while many companies struggled to get back online, some were able to recover surprisingly quickly. The difference came down to how quickly leaders could understand the scope and risk, validate mitigation steps, and align communications. Mark Orsi is the CEO of the Global Resilience Federation (GRF), a non-profit backbone for sector-specific information sharing and analysis centers (ISACs) and the cross-sector Business Resilience Council."
"Keri Pearlson is a Principal Research Scientist at MIT Sloan and the former the executive director of the research consortium Cybersecurity at MIT Sloan (CAMS). Her research investigates organizational, strategic, management, and leadership issues in cybersecurity. Her most current research focuses on building cyber resilience."
"The difference came down to how quickly leaders could understand the scope and risk, validate mitigation steps, and align communications."
A CrowdStrike patch in 2024 inadvertently disrupted Windows endpoints globally, affecting even well-prepared organizations. Many companies struggled to restore operations, while some recovered rapidly. Faster recovery correlated with leadership actions: quickly assessing incident scope and risk, validating mitigation steps before wide implementation, and aligning internal and external communications. Organizational resilience required not only technical preparedness but decisive coordination and clear validation of fixes. Sector and cross-sector information-sharing structures can support situational awareness. Building cyber resilience involves combining pre-incident planning with rapid, risk-focused decision making and coordinated communications during incidents.
Read at Harvard Business Review
Unable to calculate read time
Collection
[
|
...
]