Ineffective cyber policies increase corporate risk

Well-run organizations use corporate policies to define operating procedures and reduce human error. However, the Uptime Institute’s Data Center Resiliency Survey 2024 found that half of all significant, serious or severe human error-related outages were caused by staff failing to follow procedures.

By contrast, cyberattacks and security issues count for a relatively small number of IT-related outages in the data center (just 10% in 2023). This partly explains why cybersecurity is not a mainstream concern for managers today. However, the internal underlying vulnerabilities that can contribute to these cybersecurity-related risks are often overlooked. From a policy point of view, these can include poor design and implementation of security policies, ineffective changes and updates, and failure of staff to follow the correct procedures.