Archiv der Kategorie: English

Preparing D-Day’s

As soon as the unimaginable happens, the boundaries shift. Who would have thought that the well-worn delivery routes would come to a standstill, millions of employees would be put on short-time, or average citizens would protest against the elected government in the streets. We live in the present, vaguely recognizing the past and looking to the future with confidence. In doing so, we overlook the fact that the future is not visible but consists of distorted presuppositions. We are facing a disruption (D-Day) at any moment – like the Chelyabinsk meteor on February 15, 2013, the COVID-19 pandemic since December 2019, or the Eyjafjallajökull eruption of March 20, 2010. We rarely deal with possible significant disruptions that have not happened for a long time or never happened. Yet, we had to learn that they can occur at any time. The consequences threaten people locally, regionally, or even globally.

In risk management (RM), emergency solutions are thought of in advance. A large-scale epidemic and its impact have had a low profile when considering the various measures and contagions. For this reason, we are looking at potential breaches that could slow down or halt our established processes.

  • Pandemics
    Although pandemics are estimated to occur every 30 years (Future Global Shocks, OECD), their unpredictability (Where? When? Propagation speed? Infection rate? Mortality?), as well as possible impacts on other areas (Society, Economy, Mobility, Logistics, etc.), mean that so far the RM has rated this risk relatively low.
  • Environmental disasters
    The volcanic eruption in Iceland mentioned above resulted in 100,000 flights being canceled, ten million people affected, and 1.5 to 2.5 billion euros in losses in air traffic accumulated. There are nearby mega-cities latently threatened by dormant volcanoes, like Tokyo, Naples, Mexico City. How the many possible environmental catastrophes are assessed by those responsible, not only locally, is decisive for whether transitional solutions are prepared for the broader environment.
  • Infrastructure crash
    The infrastructures of developed countries such as Norway, Australia, the USA, Germany, and Canada have proliferated over decades. Today they are showing signs of decay in communications, energy, and traffic. In addition, they are threatened by the consequences of accidents (for instance, through nuclear power, toxic raw materials, and chemicals) and environmental disasters (climate change, natural disasters, and geomagnetic storms). How do risk managers safeguard global supply chains?
  • Civilizational Collapse
    Societal changes in Asia, the Arab world, and even the US threaten the world’s achieved prosperity. When the low-wage countries fail due to terror and power struggles or the disconnected US social classes storm the Capitol, these are signs that the established close-knit dependencies are disintegrating. Those in charge should prepare contingency plans for such events.
  • Resource crisis
    There is still a lack of limited awareness regarding the natural resources of the earth. More than 4000 years ago, Mesopotamian city-states already fought for access to water. Today, Israel is digging up the waters of the Jordan River from neighboring countries. China dams the Mekong, causing Vietnam to run out of water. Tesla is tapping groundwater near Berlin, with unknown consequences for the region. Although resource availability is declining over time, it is unclear whether and how these risks must be assessed.
  • Economic crisis
    These economic crises do not arise spontaneously. Through globalization, the world’s economic systems are closely interconnected – the flow of finance, the movement of goods, far-reaching cooperation, and unstoppable knowledge flow. As soon as sand gets into these gears, there are immediate consequences for all regions of the world. This goes so far that the parties involved wage economic wars to eliminate potential competitors. But what measures are envisaged as a precaution?
  • Wars
    In the history of humankind, 14,400 wars are said to have taken place, in which an estimated 3.5 billion people died. The number of unreported cases is probably much higher. These warlike tensions affect all risk areas – wars create environmental disasters, destroy infrastructure, let societies collapse, deplete resources and shake economies. Material consequences are inevitable. How are wars built into risk plans?

Bottom line: All these risks create disruptions that culminate in a D-Day (Day of Disruption). These events cannot be prevented. We can only respond to them with measures already prepared in the drawer and should mitigate the effects. For example, if a logistics company operates its IT outside a vulnerable area – away from earthquakes and volcanoes and trouble spots. Having intelligent solutions available, the risk must be seen in advance to provide the necessary contingency plans. Even if you don’t know what the following effects are, be prepared for your D-Day!

Wrong configuration

In the 1940s, Thomas J. Watson predicted that the world needed no more than five computers. In 1969, there were over 69,000 mainframe computers in the US. In Germany, there were over 8,000 in 1971. Over forty years ago, personal computers replaced the green host screens. Nowadays applications run in the cloud. We assume that the network runs stable and that all applications are accessible at all times. On October 4th 2021, 9 am PDT, Facebook, Instagram and WhatsApp went down for six hours. After hours, the world learned that a wrong configuration was the reason for the outage.

No doubt it was a matter of some wrong settings. However, we learn nothing about the reasons behind. The decisive factor is assuming the responsibility. However, there is always room for interpretation – if not for conspiracy theories. Wrong settings have many possible causes.

  • Operating errors
    There are no man-made things that are error-free. It may be due to the program code or the settings of a server or the adjustments for the Internet. It is often not the original error that appears, but only effects that have to be traced back. Meanwhile, the impacts spread. This results in many failures in a short period of time, which have to be rolled back eventually. In any case, it were wrong settings.
  • Sabotage
    An operating error happens without intention. When someone deliberately causes a breakdown, the malfunction feels initially like an operating error. However, the bad intentions lead to the fact that the saboteurs prepare their acts well in advance and obfuscate them accordingly. It can take some time until the actors are debunked. To what extent the real reasons will ever become known is an open question. In any case, it were wrong settings.
  • Malfunctions
    Failures quickly lead to hazardous incidents, which cause outage, which cause interruptions, and so on. Since errors spread at the speed of light, not only does the original defect need to be fixed, but so do all subsequent ones. Once the servers are no longer recognized, it takes hours to restore the original conditions. In any case, it were wrong settings.
  • Failed integration
    When complex IT systems converge, unforeseen difficulties quickly arise. In order to get rid of them, parameters are readjusted. This can then lead to aftereffects that build up. When systems fail, it takes time to modify the settings and restart the systems. In any case, it were wrong settings.
  • Security leaks
    Incorrect settings lead to open entry points that are used by hackers. It does not matter whether they pursue private, commercial or political intentions. Every program has a security hole that can be exploited with the right code. The fact that the backdoors are open is only detected by the operators after an incident occurred. However, it is important for us users to know if our data is safe. In any case, it were wrong settings.

Bottom line: Facebook has reacted professionally by taking responsibility. Yet, it remains open what is behind the incorrect configuration. You have to live with simple operating errors, because they are human – even after good training reduces the number. Saboteurs are already hard to find – despite the many log files. Malfunctions are fate, as they result from the complex interaction of IT systems and modules and no one can foresee them. When systems are upgraded to a new version or get harmonized, unpredictable errors occur. Security weaknesses are particularly unpleasant when personal data is stored. The actual reasons are only understood by experts and they remain in the dark to conceal the own weaknesses. The quick announcement that it was a wrong configuration of the provider is the only way to react responsibly – even if we don’t really know, what it was.