Cyber incidents are among the greatest business risks of our time. With the Ukraine war, this danger has grown once again. Digital crisis management systems cannot prevent such attacks, but they can help to manage them well and quickly – provided they meet four criteria.
According to the latest figures from the Allianz Risk Barometer 2022, cyber incidents top the “black list” of the biggest business risks for companies. Yet the surveys took place as recently as 2021. With the Ukraine war, the risk of becoming a target of cyberattacks has increased further for companies. The German Federal Office for Information Security (BSI) has therefore called on companies, organizations and authorities to strengthen their IT security measures. Just how real the danger is was demonstrated on the very first day of the war, February 24.
Hackers attacked U.S. satellite operator Viasat and crippled the company’s KA-SAT-9a terminals, which satellite viewers use to connect to the satellite Internet. The attack resulted in numerous collateral damages. In Germany, for example, remote control failed on 5800 wind turbines made by Enercon.
The wheels were still able to generate and feed in energy, but since this could no longer be monitored and controlled, the turbines went into offline automatic mode. To return to regular operation, the hardware damaged by the attack had to be replaced. Since this was not only the case with the Enercon turbines, there were delivery problems, so the work was delayed. When faults occurred, each plant had to be visited by a team on site for weeks.
External Saa S Solutions Are the Gold Standard for Crisis Management Systems
The example shows that cyberattacks can hit companies even when they are not the actual target. It also illustrates that the follow-up costs of cyberattacks can quickly become very high. Munich Re. therefore announced in March 2022 that it would only offer cyber insurance on a capped basis. Large industrial companies in particular would otherwise quickly incur payments of several billion euros as a result of extensive or complete production stoppages. In other words, the risk of cyberattacks is now only insurable to a limited extent.
This makes it all the more important to have instruments with which cyber crises can be managed efficiently. After all, downtime and other business losses can only be reduced to a minimum through rapid and fail-safe communication and team coordination. The gold standard of these tools are digital crisis management systems, which, running on external servers as software-as-a-service (SaaS), are the only ones that offer the ability to remain capable of acting even in the event of the most severe cyberattacks.
Why companies should rely on SaaS solutions is well understood by the following criteria. They allow companies to verify whether a crisis management solution will actually help them manage a (cyber) crisis with confidence.
1. Easy to implement and intuitive to use
Crisis management systems serve to systematically prepare an organization or a company for the “unexpected”. At the same time, this means that crisis management begins in everyday life. Therefore, the systems should also be able to be integrated smoothly into the work processes. Particularly in the case of software-based solutions, however, it is sometimes very time-consuming and thus cost-intensive to implement the software in the existing IT landscape.
Digital crisis management systems should therefore offer a wide variety of interfaces that can be used to connect third-party systems, databases, communication channels or facilities without great effort. If, on the other hand, contact data has to be manually transferred to a solution for emergency chains, for example, it usually does not take long for the contact data to become outdated and thus unsuitable in an emergency.
Good SaaS solutions are intuitive to use, automate important steps such as data maintenance, and thus enable users to make the right decisions and reach recipients efficiently at all times, even in emergency and stressful situations. Ideally, the entire business continuity management (BCM) process chain is mapped in a single tool.
2. Automated, multimedia alerting.
In the event of a crisis, responsible parties must act quickly and communicate clearly – including to employees. Companies that use only general (enterprise) messengers such as Teams for emergency communications risk not being able to reach their recipients in the event of a total breakdown of internal communication channels, especially in the event of cyber attacks.
Externally hosted crisis management systems are not affected by this in the event of an emergency. They enable alerts to be triggered at the push of a button on the basis of comprehensive crisis monitoring and the crisis management activities defined in advance for the respective case to be set in motion automatically. Another advantage of automated alerting is that the software alerts employees in various ways until they confirm receipt of the information – and does so on all common end devices such as cell phones.
In this way, the times until an alert is issued can be further reduced and, in the case of cyber attacks, for example, possible data theft can be prevented by the habitual behavior of unsuspecting employees. Good systems are also easily scalable so that companies can quickly and easily reach a growing number of people who need to be informed.
One of the ways cyberattacks differ from other crises such as business failures or natural disasters is that the attack often affects a company’s entire IT. Even if the damage only occurs at individual points at first, the IT system usually has to be completely shut down to prevent anything worse from happening.
If the IT fails as a result of an attack, the crisis measures can only be triggered automatically from an externally hosted system. Providers of SaaS solutions, such as the Munich-based company F24, therefore host their platforms in highly secure twin-core data centers in Germany, where the data and systems are permanently mirrored in a twin data center.
In addition, the systems have multiple redundancies, so the reliability and availability of the servers is very high and, ideally, is even contractually guaranteed.
4. Legal security
A redundant design of all components not only pays off in terms of system reliability but is also a prerequisite for ensuring that all prescribed security and backup concepts are adhered to. After all, it is particularly important to document all initiated and executed measures in the event of damage. This is exactly what good software solutions ideally do in a largely automated and audit-proof manner.
Companies that belong to the critical infrastructure must also ensure that authorities are informed within the prescribed deadlines. But other companies are also bound by industry-specific laws, regulations, and standards, compliance with which must also be verifiable in the event of a crisis. Since the systems by their very nature work with personal data, it must also be ensured that the requirements of the GDPR are met.
These also stipulate that companies must notify the authorities within 72 hours in the event of data protection breaches, as in the case of a cyber-attack. Against this background, it is also imperative that companies are able to obtain information on the incident as quickly as possible and provide it in a tamper-proof manner.
With professional, externally hosted SaaS crisis management solutions, companies can ensure that even in the event of cyberattacks and a possible failure of their own systems, they remain capable of acting and can initiate countermeasures quickly and appropriately.
Suitable solutions can be identified on the basis of four important criteria: The systems can be integrated well into the existing IT landscape as well as the work processes. They enable efficient workflows for crisis communication and crisis management, are largely protected against failures due to their redundant design and hosting on secure servers, and offer legal certainty through DSGVO-compliant handling of data and documentation of all initiated and executed measures.