In July 2023, a mishap occurred unexpectedly, and it just struck how vulnerable society is to the digital systems we depend on. Anthony Bosman, a professor at Andrews University in Michigan, tasted this firsthand when he tried to board a plane from Michigan to Florida. He was then provided with a traditional handwritten rather than an online one on his handheld device. “It felt like a blast from the past.” Explains Bosman. At the airport, he wandered up to the counter to check in without the help of a robot and saw an employee writing another person’s boarding pass by hand. And when the man complained about how many she had to write, she said her hand was sore.

It was not the first time such a thing had happened. The same situation was observed among passengers across countries, including India. The reason? Another critical vulnerability in CrowdStrike security software had left huge sectors like banking, telecoms, health services, and online selling paralysed. This disruption had the untoward effect of causing companies to return to using pencil and paper—a most unlikely scenario for any business executive today. But could this experience suggest that the ways that firms have prepared for potential technology failures require change?

How Can Companies Prepare for IT Disruptions?

The CrowdStrike bug revealed a harsh reality: despite the emergence or application of sophisticated technology, systems can go wrong. In the confusion, one of Crowdstrike’s senior executives was seen before the US Congress to offer an apology for the inconvenience that had been created. For a while, organisations had to do away with their structural online frameworks and revert to the conventional system. But this incident was not the exception. Other cases, such as past cyber attacks and IT breakdowns, have forced businesses to adopt manual systems through pen and paper for a while.

Traditionally, such disruptions target different industries, including UK doctors and French hospital employees. Although such cases may appear rare, they should remind us of potential breakdowns in the IT system. The current consensus among cyber security specialists is to include paper-based systems in business disaster recovery strategies. If technology lets people down, could this traditional method be useful in using Pen-and-Paper Systems to Ensure Continuity?

How Physical Backups Helped One Company Thrive Amid a Cyber Attack?

A crucial example is Norsk Hydro, a Norwegian aluminium and renewable energy producer that benefitted from the paper-based system in the face of lost IT. In 2019, ransomware hit 35,000 employees in 40 countries, locking over 20,000 computers. Nevertheless, Hydro had to make an important decision: not to pay the ransom and thus force the staff to search for new ways of avoiding disruption at scale.

“They got instructions on creating definite aluminium goods from the old binders found in the basements,” Hydro says. In some locations, staff even used printed order requests sent just before the ransomware attack occurred. Technological networks remained closed, while industrial machinery was unharmed, and people could bypass digitally enforced inactivity. During the challenges, they even revived old fax machines and carried on with communication.

Hydro’s response illustrates an important lesson: to mitigate risks and work through emergencies; companies must consider how they can maintain function with technologies such as printable documents and fax machines. Shouldn’t companies be more assertive in creating more physical backups to help sustain business continuity in the case of a cyber breach?

Why Are Disaster Recovery Plans Crucial for Every Business?

Disaster recovery plans where advice The incident with Norsk Hydro given in this section is that disaster recovery plans are very important. Often, when an organisation needs help responding to an IT loss, a resilience director of a business continuity firm assists them. He used services from one of his clients, an industrial distribution firm, and they prepared packs known as disaster recovery packs for each branch. Such packs contain paper copies of the forms of a fax machine to enable operations to continue in case the digital ordering system is unavailable.

This approach cognates the need to train the employees in non-information technology ways. Some organisations conduct organisation meetings where all call centre employees engage in mapper exercises using paper and pen to draw flipcharts and whiteboards. Should companies ensure their teams are aware of low interaction techniques so that work can continue as much as possible when technologies let them down?

Is Simplicity the Key to Safeguarding Data?

One should not think that paper-based systems are only effective in emergencies. Unfortunately, such systems are not effective for all industries. For instance, disruption prevents the financial sector from switching to paper-related products. If bankers lose their trading systems, paper-based workarounds are unlikely. Also, slight-scale factors create a challenge, including the slow process and complexity of using paper-based solutions.

However, analysts opine that corporations simulate workarounds to ensure they prepare for system breakdowns. Studies have found that those companies that integrated mock IT failure scenarios or simulations before the real experience were more prepared to handle the situation. Is it possible that the reduction of cyber preparedness for employees down to shifting their dependence to low-tech options is an essential part of an organisation’s security plan?

What Other Creative Solutions Are Available During Cyber-Failures?

When paper-based systems are not feasible, something else must be done in the business. One firm had to buy crates of Chromebooks following a cyberattack so that staff could still work when locked out of the main corporate network. Also, some organisations have dormant WhatsApp or Signal messaging groups as backup means of communication in case the email servers are down.

There is complete consensus among authorities that companies should also back up data off-site or in a separate location from the computer network to avoid the correlation of key data with an attack. If businesses remember ways such as the low-tech solutions in this paper when designing high-tech means of continuity, they would be on the right track.

How Can Businesses Strengthen Cyber-Resilience?

A former Florida resident and CEO of a data backup firm says organisations must strengthen their disaster preparedness measures. Her company specialises in cloud and on-site backup; clients can access different networks even if the primary system is controlled. “As such, for the ranswamwe attacks, the recovery rate is one hundred per cent,” she remarked.

For instance, a client relied on a Verizon MiFi, a portable broadband router, to retrieve backup information after a main network was closed following hacking. Finally, the CEO says, “You should expect that you will be a victim of a cyber-attack one day.” The question is, how do you manage the stream in the interim?

What Is the Best Approach for Companies to Tackle Cyber-Threats?

There is often potential for sophisticated work systems, but basic, ad hoc solutions prove critical to a business's survival when disaster strikes. As the threat level increases with more hackers lurking around, firms will be prepared to switch to the Stone Age and use retro technology like faxes, writing on paper, or Chromebooks. But what is most crucial for businesses to enhance their cybersecurity?

It is important to be ready for what nobody has foreseen by having high technology and basic minimums from time to time. That is why firms must plan the contingencies to capture them during a technology failure crisis.