How Will Organisations Prepare for Future Crises?

There’s a saying in crisis management ‘Don’t get caught planning for the last crisis’. It sums up the fact that the next crisis will always be different from the last one. You might say ‘But our next crisis might be a second pandemic wave, so it’s just like the last one all over again’. Well, that wouldn’t quite be true. None of us know exactly how a second wave might present itself. Perhaps local lockdowns, reduced social acceptance of precautionary measures, who knows?

And importantly, our experience is different. So even if the exact same set of circumstances presented themselves again, we will probably handle a second pandemic wave differently.

But this assumes that a second wave is the next crisis. At the risk of sounding like a doom-monger, those of us in the UK don’t yet know how Brexit might play out. And, as the recent Immersive Labs summary of an Osterman Research study shows, there is a greater disconnect between cyber attacks and crisis readiness than there has ever been.

There is a danger that senior management teams, weary of the financial, organisational and logistical disruption to organisations caused by COVID-19 are now thinking ‘We’ve done our crisis for this year. We don’t need to spend any more time or effort on resilience’. But for many organisations, a cyber attack still represents the biggest and most immediate existential threat.

What’s more, the response demanded by a cyber attack is totally different from that required by the pandemic which, arguably, bore more of the characteristics of a ‘logistical’ challenge (albeit a huge one), than a crisis.

At Crisis Solutions we have seen the trend towards smaller, targeted crisis training and exercising, often separating out the operational and tactical response of the business from the strategic response by senior management. Addressing challenges such as looking after customers without access to applications and systems, for example, is something that can be rehearsed and trained.

James Hadley, CEO of Immersive Labs says “With three quarters of organizations agreeing that business continuity was at the forefront of their minds, it is time to close the gap between attackers and defenders and shake up the outdated status quo. This requires faster, shorter crisis drills run with the people you will be standing shoulder to shoulder with when the worst happens. Crisis exercises must be made more contemporary.”

Now that’s something with which Crisis Solutions wholeheartedly agrees.