05 Sep The TSB Fiasco – Why Directors Need to Take IT Seriously
You’ve put in the hours, missed school plays and sacrificed time to make a better life for you and you loved ones and have achieved that executive position with your feet firmly under the board room table. You’re comfortably that everything is on order, shareholders are happy, business growth is heading the right way, staff seem to be doing their jobs. You have every reason to thank your stars and relax right?
That’s probably how TSB Chief Paul Pester felt the evening of the 19th of April, just before his teams undertook the migration of IT systems, that would ultimately spell the end of his career with the bank.
TSB had been purchased by Spanish Bank Sabadell, and the plan was to migrate customer records from the Lloyds Banking Group platform, to the Sabadell Proteo platform which started on 20 April 2018. The rest is a story of calamity.
It’s now September and systems are just getting back to normal. The debacle of migration has seen customers shut out of banking systems not for hours, but for several weeks. IBM were later called in to help sort the mess and advised that systems had not been tested prior to running the migration and this was the result…It’s all about planning
The challenges with the IT systems have so far cost the TSB £176m and the loss of 26,000 customers. Not only that someone needs to be accountable and mud now rolls upwards. Chief Executive Paul Pester has paid the ultimate price, forced to step down in the wake of the crisis.
Senior Management will be Accountable and get Fired for Major IT Failings
Businesses now have a huge dependency on IT Systems and the connected world to reach customers and complete transactions. The importance of IT has never been greater, yet at board level perceptions on IT spend and benefits are often underplayed. Many organisations still view investment in IT as something akin to sorting the electricity supply. With new data laws (GDPR) punishing those flaunting regulations severely and the ever-increasing risks from cyber threats the chances of something going wrong in your business has increased exponentially. It is almost when rather than if.
The days of leaving IT to just the It manager are over, it’s just too risky. In a recent Government report 43% of UK business suffered a cyber-attack and a staggering 6 emails in 131 contain malware.
The costs of failure can be significant, a leak of personal data can potentially cost a business 4% of global turnover. As an a example with VW’s global turnover at £230bn a possible fine could be £9.2 billion. Rest assured if that happens heads will roll in the upper echelons of VW.
As a business owner, Director or Manager everyone now needs to understand and invest in the right security and systems to protect the business. There also needs to be a culture of IT security weaved into every department and role within the business and business leaders playing a more active role in technology.
The TSB’s chair isn’t the first person to suffer because of bad IT or failures in most cases someone must take the wrap, and these days it is normally someone of significant stature to help make a statement to the public.
Other IT Failings that have seen Heads roll
When the swedes outsourced their vehicle Licensing systems to IBM, it seemed like a great idea, after all no one was ever fired for buying IBM.
However poor security saw IBM and the system not only leaking protected Swedish transport infrastructure information, but also the names and details of Swedish undercover operates working in the security services, things had gone very wrong. This certainly wasn’t the fault of the government, but Maria Agen the director general of the Swedish transport Agency and other minsters had to resign.
Some board execs can be smart when things go bad, as in the case of Susan Mauldin, CIO Dave Webb and the CEO Richard Smith of Equifax who very quickly and conveniently retired after the leak of confidential data of just about everyone in the United States.
In front of congress, Smith later blamed the leak on an individual not patching vital software. As we keep say patching and updates are super important!
So one unpatched machine here costs millions, and three directors their positions.
In summary, IT has changed. Its not all about the manager making decisions and taking responsibility, the whole board now needs to be behind and involved in IT decision making and especially areas like security where risks are increasing and the chances of non compliance are greater. believing the buck stops with someone else may be a false economy and come back to bite you.
Talk to us and find out how we you with migrations or securing your systems by calling 0114 361 0062
Discover how to get your business secure with IASME Cyber Essentials Here >>