Impact of CrowdStrike Update Incident on Business Continuity: Precautions and Suggestions

This research analyzes strategies for enhancing Service Continuity through the integration of Organizational Resilience (OR) and Business Continuity Management (BCM), with Digital Technology as a moderating variable. The study focuses on PT. ABC, a heavy equipment rental company operating in a critical sector that faces operational challenges arising from supply chain disruptions, manual systems, and limited digital coordination. These circumstances necessitate the implementation of an organizational resilience strategy capable of ensuring sustainable service continuity. A quantitative approach was adopted using the Partial Least Squares–Structural Equation Modeling (PLS-SEM) method. The OR construct is modeled as a second-order formative construct comprising four dimensions: Anticipation, Readiness to Respond, Synchronization, and Proactive Learning. Data were collected through questionnaires distributed among respondents directly involved in the company’s risk management and operational activities. The analysis is further supported by Importance–Performance Map Analysis (IPMA) to identify strategic priorities for improving service performance. The results reveal that OR significantly influences BCM, and that BCM has both direct and indirect (mediating) effects on Service Continuity. Moreover, Digital Technology strengthens the relationship between BCM and Service Continuity, demonstrating that the integration of cloud-based systems, real-time monitoring, and digital access enhances organizational responsiveness to disruptions. Among the OR dimensions, Readiness to Respond and Proactive Learning emerge as key factors in service performance improvement. In conclusion, the integration of Organizational Resilience and Business Continuity Management, supported by the adoption of digital technology, substantially enhances resilience and service sustainability within critical operational sectors.

Security vulnerabilities can put users at risk if they do not promptly install necessary security updates. To minimize risk, software developers regularly release security updates that address known or potential vulnerabilities. However, previous studies have revealed numerous reasons why users may not adopt software updates. Additionally, the National Vulnerability Database (NVD) demonstrated that not all types of software are equally vulnerable to security breaches. Therefore, this study investigates users' perceptions of software updates while delving into the complex realm of human behavior, uncovering which type of software users prioritize when considering updates. This study also explores to what extent the users trust these software updates.To gain a comprehensive understanding of users' perspectives on software updates, we conducted a survey consisting of questions designed to uncover valuable insights into individual behaviors, attitudes, and preferences related to performing software updates. The questionnaire featured a list of seven categories of software, such as web browsers, multimedia players, and antivirus software. The participants ranked their preferred software categories for security updates. Our survey asked users about their trust in software updates for improving security. We collected user attitudes towards software updates to offer insights to developers, analysts, and users. Out of the 63 volunteers, 48 provided complete responses for us to analyze. The group had a nearly equal split of males and females (54.17% and 45.83%, respectively), with most being between 26 and 34 years old and having a higher level of education. All participants spent at least one hour per day on the computer.Our analysis shows that around 29% of the respondents prioritize antivirus updates when making decisions about which categories of software to update for security. Additionally, approximately one quarter (26%) prioritize updates to the operating system, and approximately one in five respondents identify web browsers as significant for maintaining a secure infrastructure. Notably, only 3.52% of the participants consider multimedia software updates important. We also observed that around half of the respondents (48%) believe that updating software can enhance the security of their system. However, these users do not fully trust on software updates. In contrast, 16% of users rarely or never rely on software updates. Moreover, approximately 40% of users have had negative experiences and were hesitant to apply software updates, which is likely a significant reason for their reluctance to depend on software updates.In conclusion, these findings highlight user preferences and factors that influence their decisions regarding which software categories they prioritize for updates based on security considerations. Users prioritize software that is essential or requires updates to run the system, such as OS updates. Furthermore, many users do not believe that updates can improve security due to past negative experiences. Achieving higher adoption rates of software updates remains an open challenge due to a persistent lack of trust. To improve security through software updates, it is not enough to progress only on the technological front; it is also essential to develop more effective strategies to make the updates reliable and win the trust of users.

The popular axiom, ‘what gets measured gets done’, is often applied in the quality management and continuous improvement disciplines. This truism is also useful to business continuity practitioners as they continually strive to prove the value of their organisation’s investment in a business continuity management (BCM) programme. BCM practitioners must also remain relevant to their organisations as executives focus on the bottom line and maintaining stakeholder confidence. It seems that executives always find a way, whether in a hallway or elevator, to ask BCM professionals about the company’s level of readiness. When asked, they must be ready with an informed response. The establishment of a process to measure business continuity programme performance and organisational readiness has emerged as a key component of US Department of Homeland Security ‘Voluntary Private Sector Preparedness (PS-Prep) Program’ standards where the overarching goal is to improve private sector preparedness for disasters and emergencies. The purpose of this paper is two-fold: to introduce continuity professionals to best practices that should be considered when developing a BCM metrics programme as well as providing a case study of how a large health insurance company researched, developed and implemented a process to measure BCM programme performance and company readiness.

Systematic literature review of Business Continuity Management (BCM) practices: Integrating organisational resilience and performance in Small and medium enterprises (SMEs) BCM framework

We argue that 'business continuity' is primarily a social rather than an economic process. By examining the actual behaviour of both managers and employees in work organisations during a crisis, we were able to better predict the organisation's preparedness and ability to cope with disasters. This argument is based on evidence from a study completed during the 2006 Katyusha rocket bombardment of northern Israel and included 13 work organisations. The results point out that organisational response to a disaster includes a process of adaptation to new and changing conditions. On the one hand, the organisations' managers react according to their values, culture and past experience. The day-to-day operations, however, are maintained as employees adapt their own behaviour to the changing demands of the situation. The analysis further showed that although plans, drills and emergency guidance are important to determine the desirable performance behaviours during the emergency, it was employees' adaptive behaviours that contributed to maintaining business operations. These adaptive work behaviours depended on a series of socially related predictors such as their past experience, family and community attitudes and social networks at the workplace. Overall, the evidence demonstrates that successful business continuity is best predicted by a series of social processes and depends primarily among employees' ability to adapt to dynamic emergency situations.

The accelerating digitization of critical infrastructure sectors has elevated cybersecurity from a technical necessity to a strategic imperative for safeguarding digital trust and ensuring operational continuity. Despite the widespread adoption of established cybersecurity frameworks, a measurable disconnect persists between policy implementation and the realization of trust outcomes among stakeholders. This chapter explores the conceptual, operational, and empirical dimensions of digital trust as influenced by cybersecurity practices. It examines sector-specific adaptations, organizational behaviors, and empirical modeling approaches to evaluate trust outcomes, offering case-based insights across healthcare, finance, energy, and transportation. By investigating the sociotechnical factors that mediate the impact of security measures on trust perceptions, the chapter reveals the limitations of static, one-size-fits-all frameworks. The discussion concludes by proposing a unified, adaptive framework that integrates technical resilience, behavioral insights, and contextual intelligence. This integrative approach is essential for aligning cybersecurity strategies with stakeholder expectations and fostering sustainable digital trust in high-risk environments.

Emergency management (EM) and business continuity management (BCM) frameworks incorporate various strategic and operational measures. Defined within a number of national and international standards and guidelines, such concepts may be integrated within one another to provide increased resilience to disruptive events. Nevertheless, there is a degree of dispute regarding concept integration among security and EM professionals and bodies of knowledge. In line with cognitive psychology exemplar-based concepts, such disputes may be associated with a lack of precision in communality in the approach to EM and BCM. This paper presents a two-stage study, where stage 1 critiqued national and international literature and stage 2 applied semi-structured interviews with security managers in Western Australia. Findings indicate the existence of contradictory views on EM and its integration within BCM. As such, this study concludes that EM is considered a vital component of BCM by the majority of security managers. However, there is broader dispute regarding its degree of integration. Understanding the underpinnings of such disputes will aid in raising the standards and application of professionalism within security, EM and BCM domains, supporting clarification and definition of professional boundaries.

This bibliometric analysis explores the evolution of Business Continuity Management (BCM) studies in Oman in the last ten years regarding publishing trends, co-authorship, and emerging topics. Based on the data collected primarily from Scopus databases, the analysis of 69 articles was augmented by The Lens and Dimensions datasets to improve the interconnectivity and metadata of the research findings. Research findings highlight an increasing trend of scholarship in BCM in Oman, with variations in yearly publications and diversified thematic concern areas, including risk management, organizational resilience, and crisis management. The leadership and linkages map revealed that specific individuals and research groups were influential and active in advancing BCM in Oman. Referring to the global literature, Oman is a relatively recent addition to the BCM research within the context of the Middle East. The study highlights the importance of BCM in increasing organizational readiness and preparedness in the face of Economic risks and disruptions, particularly in Oman, as proposed research implications and practical implications for future studies.

Crisis management (CM) and business continuity (BC) strategies are vital in ensuring organizational performance and consumer confidence due to the global shocks like a pandemic and supply chain collapse. This paper discusses the effect of crisis communication transparency in consumer trust and purchasing intention in such disruptions, and the moderating effect of digital engagement in the association. The quantitative data were obtained through a sequential explanatory mixed-methods design (MM). That is, a survey of 300 consumers was conducted, supplemented with a qualitative analysis of 15 industry executives. The measurement model was validated via confirmatory factor analysis (CFA; excellent fit, Comparative Fit Index, CFI = 0.95; Root Mean Square Error of Approximation, RMSEA = 0.047), whereas structural equation modeling (SEM) showed that transparency has a positive effect on consumer trust (beta, 0.68, p < 0.001), which is very strongly related to purchase intention (beta, 0.74, p < 0.001). There was indeed strong moderation of the transparency trust relationship (interaction 0.27, p = 0.008) and this increased trust formation. The model has a variance of 65 percent in consumer trust and 69 percent in purchase intention. Transparent communication, leadership agility, and strategic digital engagement stood out in qualitative findings as a requisite to a good crisis response and business continuity. These findings highlight the importance of clear crisis communication, which is enabled by vigorous digital interaction, to generate consumer trust and maintain purchase interest, thus increasing organizational resilience in the case of global disturbances.

Business Continuity Management (BCM) is critical for organizations to mitigate disruptions and maintain operations, yet many struggle with fragmented and non-standardized self-assessment tools. Existing frameworks often lack holistic integration, focusing narrowly on isolated components like cyber resilience or risk management, which limits their ability to evaluate BCM maturity comprehensively. This research addresses this gap by proposing a structured Self-Assessment System designed to unify BCM components into an adaptable, standards-aligned methodology. Grounded in Design Science Research, the system integrates a BCM Model comprising eight components and 118 activities, each evaluated through weighted questions to quantify organizational preparedness. The methodology enables organizations to conduct rapid as-is assessments using a 0–100 scoring mechanism with visual indicators (red/yellow/green), benchmark progress over time and against peers, and align with international standards (e.g., ISO 22301, ITIL) while accommodating unique organizational constraints. Demonstrated via focus groups and semi-structured interviews with 10 organizations, the system proved effective in enhancing top management commitment, prioritizing resource allocation, and streamlining BCM implementation—particularly for SMEs with limited resources. Key contributions include a reusable self-assessment tool adaptable to any BCM framework, empirical validation of its utility in identifying weaknesses and guiding continuous improvement, and a pathway from initial assessment to advanced measurement via the Plan-Do-Check-Act cycle. By bridging the gap between theoretical standards and practical application, this research offers a scalable solution for organizations to systematically evaluate and improve BCM resilience.

This study examines the influence of Business Continuity Management (BCM) practices on tour operator companies' financial and nonfinancial performance amid the COVID‐19 pandemic. Employing purposive and cluster sampling, a survey was conducted with 331 tour operators, and the study hypotheses were evaluated using Partial Least Squares—Structural Equation Modelling. Findings reveal that the organizational preparedness and embeddedness of continuity practices significantly influence both financial and nonfinancial performance. Additionally, management support and external requirements impact either financial or nonfinancial performance. The study reveals tour operator companies' resilience demonstrated through their continuity management skills, particularly in adapting to business challenges during the pandemic. The research contributes a fresh perspective on the interplay between BCM practices and organizational performance, emphasizing the importance of robust business continuity strategic planning for the future of tourism operator companies.

This paper examines the critical success factors of effective Business Continuity Management (BCM) practiced by Malaysian organizations. The effectiveness of BCM is measured by the overall organizational performance which comprise of financial and non-financial performance indicators. For purpose of data collection, conventional and electronic survey questionnaires were deployed to a total of 147 organizations nationwide involving the private and public sectors. This study managed to obtain 77 usable responses from the respondents which reflecting 55 percent of effective response rate. Using the multiple regression analysis techniques, the study reveals that external requirement and embeddedness of continuity practices have significant relationships with the overall organizational performance. Meanwhile, the management support and organizational preparedness are not significantly related to overall organizational performance. Theoretically, the research framework is supported by the Resource Base View (RBV), crisis management and stakeholder theories. The study contributes in the theoretical framework for understanding the critical success factors that affect the establishment of effective BCM in an organization that eventually lead to superior performance. This study believes that by understanding the relationships, it could contribute to the betterment of the overall organizational performance. Furthermore, this paper also highlights the limitation of the study and recommendation for future researches.

Combining business continuity management (BCM) and systematic cyber threat intelligence (CTI) can improve cyber situational awareness to support decision-making through the phases of the resilience cycle (plan, absorb, recover, adapt) to ensure the continuity of organizational operations when encountered by cyber disruptions. End-user needs, human factors, high ethical standards, and social impacts can best be adapted when professionals from different fields work together with end-users to refine and co-develop selected tools into a platform. A resilience assessment that combines BCM and CTI enables 1) quick or detailed assessment of the investigated industry and its critical processes, 2) measurement of performance goals based on information received from end users, where artificial intelligence-based self-learning approaches can be used for functional descriptions, 3) information on the sensitivity of the investigated industry and vulnerability and 4) resilience and BCM throughout the entire resilience cycle. A new Horizon Europe project DYNAMO (Dynamic Resilience Assessment Method including a combined Business Continuity Management and Cyber Threat Intelligence solution for Critical Sectors) works towards combining BCM and CTI to generate a situational picture for decision support. Having this in mind, certain cybersecurity and BCM tools will be developed, refined, and integrated into the DYNAMO platform to provide decision support and awareness to chief information security officers, cybersecurity practitioners, and other stakeholders. This paper reports a case study that explores how combining CTI and BCM can help in the case of a cyber-attack. The research material consists of the news articles by the largest newspaper in Finland, Helsingin Sanomat (HS) of how the cyber attack against the therapy center Vastaamo progressed during the first week after the attack. The results show that cyber threat intelligence when flexibly integrated into the BCM approach could create better conditions for improved organizational foresight to react to unpredictable cyber threats to ensure business continuity.

Cybersecurity vulnerabilities of cardiac implantable electronic devices: Communication strategies for clinicians—Proceedings of the Heart Rhythm Society's Leadership Summit

The automotive industry has seen a dynamic transformation from traditional hardware-defined to software-defined architecture enabling higher levels of autonomy and connectivity, better safety and security features, as well as new in-vehicle experiences and richer functions through software and ongoing updates of both functional and safety-critical features. Service-oriented architecture plays a pivotal role in realizing software-defined vehicles and fostering new business models for OEMs. Such architecture evolution demands new development paradigms to address the increasing complexity of software. This is crucial to guarantee seamless software development, integration, and deployment—all the way from cloud or backend repositories to the vehicle. Additionally, it calls for enhanced collaboration between car manufacturers and suppliers. Simultaneously, it introduces challenges associated with the necessity for ongoing updates and support ensuring vehicles remain safe and up to date. Current approaches to software updates have primarily been implemented for traditional vehicle architectures, which mostly comprise specialized electronic control units (ECUs) designed for specific functions. These ECUs are programmed with a single comprehensive executable that is then flashed onto the ECU all at once. Different approaches should be considered for new software-based vehicle architectures and specifically for ECUs with multiple independent software packages. These packages should be updated independently and selectively for each ECU. Thus, we propose a new scheme for software updates based on a Merkle tree approach to cope with the complexity of the new software architecture while addressing safety and security requirements of real-time and resource-constrained embedded systems in the vehicle. The Merkle-tree-based software updates over the air (MT-SOTA) proposal enables secure updates for individual software clusters. These clusters are developed and integrated by diverse entities with varying release timelines. Our study demonstrates that the MT-SOTA scheme can enhance the speed of software update execution without significantly increasing the process overhead. Additionally, it offers necessary defense against potential cyberthreats. The results of the performed technical analysis and experiments of the MT-SOTA implementation are presented in this paper.