Businesses globally are experiencing IT outages, including the infamous Windows "blue screen of death" errors, marking one of the most extensive IT disruptions in recent memory. This outage, attributed to a software update from the prominent cybersecurity firm CrowdStrike, has impacted computers running Microsoft Windows across multiple sectors. Affected organizations include airlines, banks, retailers, brokerage houses, media companies, and railway networks.

This situation will take time to resolve but even in this disruption, there lies an opportunity for growth and learning. As HR & OHS managers, you should focus on observing, evaluating, and understanding how your team and technology respond in real-time.

DON'T LET THIS CRISIS GO TO WASTE.

Concentrate on a few key areas and make a list of your performance on various important points. Document these observations so they aren’t forgotten. Here’s a non-exhaustive list to start with:

Leadership Evaluation
Who is taking the lead? How were you informed, and by whom? What was their tone, and how were they handling the news? Did they have a plan, or was it chaotic? Even if your team wasn’t directly impacted, did someone demonstrate situational awareness by keeping you informed?

IT Performance Assessment
Today is crucial for assessing IT performance. Whether directly impacted or not, how is your IT team responding to this crisis? Are they providing timely updates? Are they organized or scrambling? Can they effectively communicate with each other and with you?

Communication Quality
Evaluate the quality of communication within your organization. Is there clear communication happening? If impacted, do you have an alternative way of communicating among the senior team and with employees? If not impacted, are your teams proactively discussing the second-order implications for the company (customer issues, employee concerns)?

Backup Systems
While this crisis wasn’t caused by Microsoft directly, it highlights the vulnerabilities of relying solely on Windows OS. How resilient are your IT systems? Do you have alternative operating systems to enhance resiliency? Has IT ever flagged this as a strategic risk, and if not, can they begin developing a plan to increase resiliency?

Employee Reactions
As employees learn about the issue and face difficulties using their computers, it’s a good moment to assess their reactions. How is your workforce handling this IT outage? Is your business at a standstill? Are employees frustrated? Do they know who to contact, or is there confusion? Can you communicate with them effectively without traditional channels?

Ecosystem Impact
Examine the upstream and downstream effects on your operations. Identify the major vulnerabilities and any unexpected impacts. How are your business partners and other stakeholders affected, and what are the potential liabilities, both legal and reputational? Make a detailed list.

IT Security
Although this event was not caused by some aggressive malware or cyberterrorist, it was the result of a faulty update to one of the worlds largest Cybersecurity applications. However, malware and cyberterrorism are on the rise, is your team prepared? Your biggest weakness for your organization’s cybersecurity is your employees – do they have the right training? The right tools?

Insurance Coverage
Review your insurance policies to understand what is covered in this scenario. What are your potential liabilities if your disruption impacts other businesses? Ensure your legal team is swiftly reviewing policies to determine claims, including those stemming from disruptions caused by other businesses.

Contingency Planning
Lastly, consider the most critical question: What’s the backup plan if your systems fail (or if there’s a broader crisis like a pandemic)? Did you learn from previous crises like COVID-19, and how can you apply those lessons now? Whether directly impacted or not, it’s vital to learn from this experience and improve your contingency planning.

There are undoubtedly many other areas worth examining today, and maybe you were not directly impacted, huddled with the millions waiting in lines at airport kiosks around the globe; but we measure our success by how we handle ourselves when the chips our down. If you were impacted, you’re busy putting out fires, but a post mortem analysis of everything above can help when the next crisis happens; and if you weren’t directly effected, count yourself lucky, but use this event to ask yourself some of these difficult questions so you’re prepared if the next time you aren’t as lucky.