Data breach? Network outage? Improve IT incident management…and response
The technology industry often uses the term “disruption” as a wrapper for any sort of IT incident – whether it’s a data breach or a widespread data center outage. But for a company that’s lived through one of these incidents, the word “disruption” hardly does justice to the chaos these situations create. These IT incidents cost organizations millions of dollars in hard costs, not to mention hidden, but still significant, costs like erosion of customer trust and loss of employee productivity.
The Ponemon Institute, an organization that conducts independent research on privacy, data protection and information security policy, estimated that it cost US businesses $5.4 million on average per data breach incident in 2012. And these IT breaches are increasingly common. You need look no further than eBay and the reputation hit that company recently took following a cyber attack that may have compromised members’ passwords. The impact of the attack was further compounded by eBay’s mismanagement of customer communications. The company came under fire in the media because of its failure to alert users in a timely manner that their passwords may have been compromised as soon as details of the breach came to light in late February and early March, 2014.
Similarly, in August 2013, Amazon’s homepage was down for at least 45 minutes. The outage affected all of the company’s US and Canadian customers. Amazon-owned sites, including customer service star Zappos, were also inaccessible to customers – all of which likely cost Amazon millions of dollars in sales. During the downtime, Amazon apologized to visitors. But the company did nothing to explain the source of the outage, potentially damaging its reputation for transparency.
These same costs and concerns persist for companies and their massive data centers. Ponemon notes that 91% of US data centers have experienced an unplanned outage in the past 24 months. And these outages are expensive. The organization found the average duration of data center outages for global organizations was 86 minutes between 2010 and 2012, at an average cost of $7,900 per minute. And only 38 percent of organizations surveyed by Ponemon said they have adequate resources to keep their data centers running if an unplanned event occurred.
All of this makes the need for a well-prepared and executed total incident management plan not just a nice-to-have in today’s business climate, but a must-have.
An effective IT incident management plan enables a company to control an incident (and foster customer goodwill), rather than have the incident control it. In addition to managing incident response, a key part of managing both expected and hidden costs is managing the critical communication surrounding an incident. Faster awareness of the situation and faster collaboration to identify the source and solution for problems, ultimately leads to faster resolution of incidents. Faster resolution leads to faster external communication, too.
There are four key areas that determine an organization’s readiness to manage an incident, and its expected and unexpected costs:
To learn more best practices around mitigating the damages from an IT incident, download the Everbridge white paper, “The Hidden Cost of Business Interruptions: How Total IT Incident Management Can Save Your Business.” The paper explains how to understand the total cost of incidents, how “hidden” costs can impact your business, and how total incident management can help yoy prepare for and better manage IT incidents in the future.
Both the expected and unexpected costs of an incident will increase if an organization can’t respond to an event appropriately. These critical communication best practices will help companies mitigate these costs and be better prepared, make better decisions, and respond more quickly and confidently during disruptive, er, daunting and critical, IT events.