"It’s been a busy weekend for IT professionals around the world as the CrowdStrike incident has been responded to and dealt with", said Andrew.
"The ubiquitous nature of computers using Windows as an operating system, together with CrowdStrike’s commercial success, has meant that many areas of the economy and our daily lives have been heavily impacted.
"What we’re seeing now is a clear divide between organisations that have contingency budgets and plans for critical incidents, and those which lack those resources in some way.
"Budget airlines have been hit harder than national carriers because their heavily pruned operating models lack flexibility for rapid adaptations needed for resilient operations, whereas national carriers have more human resources to draw on.
"For example, budget airline customer service teams with less human resources have struggled to answer the phone, and when people have contacted their online teams, they aren’t getting the answers they are looking for as these teams cannot get through to airports or ground staff. There simply isn’t enough staff.
"Whilst larger airline operators with different margins and investments in their people have been able to bridge those communication gaps and make sure that stranded passengers have someone to talk to or can be checked-in and boarded by non-digital means.
"Similarly, the NHS is advising people that there will be significant delays to a return to normal operating.
"This is an organisation that does a lot with a little and whilst it has some of the best and most adaptable teams in – who are used to responding to crises under a lot of pressure – there just isn’t the spare capacity to respond at the pace a commercial organisation that hasn’t been damaged by years of real-terms cuts and austerity has.
"Last week's COVID Inquiry report on the ‘Resilience and Preparedness of the United Kingdom’ highlighted key themes relevant to the digital environment, such as the need for a single point of contact during crises and staying aware of potential threats beyond just the most recent one.
"It’s going to be very interesting to see how lessons learnt from this week’s CrowdStrike incident are reflected in the government’s proposed Cyber Security and Resilience Bill."