Sustaining business continuity

Issue 1 2021 Security Services & Risk Management

Four pillars define sustainable business continuity: process, procedure, decision-making and activities. Each of these shapes how the organisation functions through interruption and uncertainty, minimising impact to ongoing operations or ensuring smooth sailing through whatever choppy waters may lie ahead.

According to Mark Walker, associate vice president for sub-Saharan Africa at IDC Middle East, Africa and Turkey, sustainable business development has become an increasingly important business focus due to the radical changes wrought by the global pandemic.

“The recent transition from the traditional office environment to a completely distributed remote workforce has highlighted the need to have robust continuity plans in place that are capable of dealing with a wide range of contingencies,” he explains. “These can range from simple human error through to security breaches and electricity outages to global disasters. While many plans include the immediate company operating environment, what is needed is a far more comprehensive approach that considers multiple internal and external factors that can manage increasingly critical and complex business environments.”

Sustainable business continuity plays no small role in reducing the financial and operational impact of downtime on the organisation. This is particularly relevant in an era where technology underpins the backbone of almost every industry, business, and enterprise. From factory management to billing to supply chain to fridge temperature management to retail footfall optimisation, technology is woven within systems and processes across all types of industry. Now imagine if the technology were to suddenly stop working. What would happen if suddenly, every system in an airline or a supply chain were to seize up due to electricity outages or unexpected system failure or malware?

In 2017, the much publicised British Airways IT system failure that stranded 75 000 passengers cost the airline around £80 million. In 2019, the British bank TSB lost around £330 million thanks to its IT systems failing and locking customers out of their accounts. According to IDC, the average hourly cost of an infrastructure failure can come to $100 000 per hour with an average total price per year, for unplanned application downtime, of around £2,5 billion. In short, if the systems go down and there are not contingencies put in place, the expense to the company is staggering. A fee that few can carry in the current economic climate.

“While the financial aspect is important to the business, there is also the reputational damage to consider,” says Walker. “There is an impact on customer trust and can often see a company lose customers to competitors as a result of a catastrophic failure, particularly when the failure takes place at a trusted institution such as a bank. It is hard to rebuild and regain customer trust, but it is not hard to put sustainable business continuity measures in place that can mitigate the risk and damage.”

Business continuity essentials

There are a few essential steps to consider when defining a sustainable business continuity plan. The first is the scope – would this include the entire organisation and every silo within it, or would it be designed per line of business? It also needs to consider the key business functions that have to be prioritised across each area and the linkages between critical functions. Within this, there need to be established time frames that dictate acceptable downtime for critical functions and the steps that must be put in place to reduce this in the event of an unplanned outage.

“Forewarned is forearmed – this is the watchword,” says Walker. “By taking the time to assess risks, and to prioritise and plan accordingly, the business will get the best possible results in the event of a crisis. The key is to understand the difference between disaster recovery and business continuity while ensuring that both internal and external risks are accounted for.”

Having a plan is one thing, testing it is another. This can be the difference between a loss of millions and a loss of thousands. Ensure that IT, operations, and line of business know their roles and responsibilities and have clear action points to resolve the problem. This is an opportunity to refine the plan and to identify any holes that may have slipped through the planning process.

“A clear plan significantly lessens financial and reputational risk,” concludes Walker. “The impact of the work put into this strategy is only seen when a situation arises, but having one means that the business is prepared just in case. It is a necessary evil, but one that could save the business reputation and bottom line.”




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Identity recovery matters most
Security Services & Risk Management
As cyberattacks grow more targeted, more destructive, and increasingly aimed at the very fabric of trust within the enterprise, the ability to restore identities has become just as critical as restoring data.

Read more...
ISO 27701 helps demonstrate privacy compliance beyond POPIA
Security Services & Risk Management
ISO 27701 include privacy-specific controls and provides a structured way to manage Personally Identifiable Information (PII) throughout its lifecycle, giving organisations a way to demonstrate how privacy is managed.

Read more...
Echoes of 2018? Follow-up on Woolworths explosions
Technews Publishing News & Events Security Services & Risk Management Retail (Industry) Facilities & Building Management
SMART Security Solutions follows up with Jimmy Roodt to find out more about an old connection to the Woolworths bombings from 2018. The investigation remains ongoing.

Read more...
Increase in cyberattacks on the manufacturing sector
Security Services & Risk Management News & Events Industrial (Industry)
According to a new Kaspersky ICS CERT report, in the first quarter of 2026, the percentage of industrial control systems (ICS) on which malicious objects were blocked reached 19,6% globally.

Read more...
Next-generation cash-in-transit vehicle
News & Events Security Services & Risk Management
Fidelity Services Group has unveiled a new, purpose-engineered Cash-in-Transit (CIT) vehicle designed to redefine crew protection, deter threats, and enhance operational resilience in an increasingly complex criminal environment.

Read more...
The risk at the edge of South Africa’s agriculture supply chain
Security Services & Risk Management Agriculture (Industry) Logistics (Industry)
Research from ESET has found that a significant number of South African agritech operators and farmers continue to believe their companies are not attractive targets for cybercriminals. Unfortunately, that belief is precisely what makes them one.

Read more...
AURA partners with Discovery to launch Discovery 911
News & Events Security Services & Risk Management
AURA has announced a partnership with Discovery Insure to power the security-response component of its new Discovery 911 virtual panic-button offering, which is available through the Discovery Insure app.

Read more...
Break the silence on fraud
Security Services & Risk Management
We are entering a new era of fraud, one defined by groups that operate across borders, using advanced digital tools and impersonation tactics to deceive victims and wear down communities' trust and financial security.

Read more...
Africa’s white-collar crime landscape
Security Services & Risk Management
White-collar crime in Africa is no longer a predominantly domestic concern; it has expanded onto the international stage, and so too has the corporate exposure that accompanies it.

Read more...
Global security in 2026
Editor's Choice News & Events Security Services & Risk Management Industrial (Industry) Mining (Industry)
The World Security Report 2026 states: “In a world of increasing volatility, physical security has evolved. It is no longer just a defensive measure; it is a critical driver of corporate value.”

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.