The American crisis authority Tim Coombs says crises may be unpredictable, but they should not be unexpected. And continuing computer problems seem to be a constant reminder of what can go wrong and the threat to reputation
In June a hacker attacked the hard drives of Melbourne-based Distribute IT and destroyed 4,800 websites, leaving mainly small to medium businesses scrambling to recover their data. But the hacker, who left an obscene message to “justify” his action, also managed to destroy Distribute IT which was rapidly sold at a fire-sale price to one of its competitors.
One angry Distribute IT customer, who lost clients due to the hacking, told The Age: ”If your back-ups are gone, you’re screwed. And obviously the disaster recovery plan they had in place was not up to scratch.” An IT security expert told News.com: “To me it seems that there were inappropriate security settings within a number of their databases.”
Then at the beginning of this month, a computer system failure meant Fairfax newspapers in New Zealand were unable to publish most of their morning newspapers. Print editions of the Dominion Post in Wellington, Press in Christchurch, Southland Times and Timaru Herald were not published on 2 August, and Fairfax afternoon papers The Manawatu Standard, Marlborough Express, Nelson Mail and Waikato Times published only abridged or customised versions.
The official explanation was that during a routine data transfer, a database “recovery” process automatically initialised which cannot be halted, and they estimated it would take at least 11 hours to complete before the system was back up. Now I am no computer expert, and hindsight is a powerful perspective, but in both cases the question must be asked what was the back-up system and why didn’t it work? Both crises may have been unpredictable – or “unprecedented” as Fairfax NZ boss Allan Williams said – but were they truly unexpected?
The same question might be asked about the Red Rooster fast food store at Indooroopilly in Queensland. An employee who left after an argument with his boss accessed the company computer system and ordered more than $67,000 worth of chickens from five separate suppliers to be delivered to the franchise. Fortunately one of the suppliers raised the alarm. The 23 year old former worker eventually pleaded guilty in the Ipswich Magistrates Court and was ordered to undertake community service. It might be seen as a trivial case of revenge, but here again what systems were in place and how much more serious damage might have been done?
In an article in the latest issue of CIO Magazine, I argued that computer failures and data loss are a major, underestimated threat which is never “just an IT problem” but puts the reputation of the whole enterprise at risk. Furthermore, that business continuity should be fully integrated into the corporate crisis plan. The crisis planning process is not particularly complicated, but it demands management resources and commitment and, sometimes, help from experts.