The Impact of Critical IT Incidents
Businesses from around the world have continually faced the challenge of IT incidents in the form of data breach.
Computer Weekly published that the average business logs 1200 IT incidents per month of which five are critical.
IT incidents, as any other incidents in life, are unforeseen. It is an unexpected situation that affects the IT department leading to substantial loss of money and time, threatening the very existence of the business.
IT Incidents Are Characterised By Impact[TS_VCSC_Fancy_List list_marker=”circle” marker_color=”#333333″ content_color=”#333333″ line_height=”21″ conditionals=”eyJ2aWV3ZXJzdGF0dXMiOiJldmVyeWJvZHkiLCJyZXN0cmljdGlvbiI6Im5vbmUiLCJ1c2Vycm9sZXMiOiIiLCJ1c2Vyc2NvcGUiOiJhbnkiLCJ1c2VyY2FwcyI6IiIsIm90aGVyc2NvcGUiOiJhbnkiLCJvdGhlcnRhZ3MiOiIiLCJkZXZpY2V0eXBlcyI6IiJ9″]
- All or part of data communication to and from outside the business is cut off due to a high-speed network communications link failure.
- Unexpected heavy demand prior to a deadline brings a website’s functionality to a grinding halt (e.g. ticket reservation or legal submissions) resulting in large numbers of customers failing to meet that deadline.
- A key business database is found to be corrupted.
- More than one business server gets infected by a worm or ransomware.
IT Incidents Will Cost You
Factors taken into consideration when cost of incidents are calculated include:
- the loss of customer turnover
- increased acquisition activities
- reputation losses and diminished goodwill – the extent to which an incident becomes public
- the loss of employee hours as a direct result of the time involved to resolve an incident
- the number of organisational levels affected
An IT incident does not always have a well-defined, clear beginning and end. It is not always a singular event, but rather a chain of related misuse of resources.
Research conducted by IBM Security identified malicious attacks, low mean time to detect an incident, and failure to address the causes of events as the biggest culprits for financial loss.
Coping With IT Incidents
It is clear that IT incidents require a specific robust incident management procedure to boost the ability to identify factors that affect the occurrence of incidents, retain customers after a data breach and to reduce the costs incurred during the process.
Time is money. It is illogical to think an organisation can survive constant attacks and crisis without investing in risk management and compliance programs. How quickly an organisation can contain data breach incidents has a direct impact on the cost burden following a data breach. According to IBM Security and Ponemon Institute 2017 report, the cost of a data breach in SA was nearly R5m lower on average for organisations that could contain a data breach in less than 30 days, compared to those that took longer than that.
A lack of knowledge and poor incident resolution co-ordination decreases your ability to cope with IT incidents and it is therefore worth investing.
Is there room for improvement on time to identify and respond to an incident in your business?
Are you relying on end users to raise incidents that should have been spotted by more pro-active and improved mean-time-to-detect (MTTD)?
With event management processes in place, you will be able to manage the volume of events, increases the speed of mean time to detect (MTTD) incidents and have fewer duplicate and repeat incidents.
Mitigate losses – put preventative measures in place – we await your call: 086 11 38658.