Managing Uncertainty Podcast - Episode #128: A conversation with Steve Raffe of StarLeaf

Managing Uncertainty

Managing Uncertainty Podcast – Episode #128: A conversation with Steve Raffe of StarLeaf

Play Episode


Pause Episode

Mute/Unmute Episode


Rewind 10 Seconds

1x

Fast Forward 30 seconds

00:00
/

00:48:40

Subscribe
Share

Apple Podcasts


Stitcher

RSS Feed

Share

Link

Embed

//><!-- /*! This file is auto-generated */ !function(c,d){"use strict";var e=!1,n=!1;if(d.querySelector)if(c.addEventListener)e=!0;if(c.wp=c.wp||{},!c.wp.receiveEmbedMessage)if(c.wp.receiveEmbedMessage=function(e){var t=e.data;if(t)if(t.secret||t.message||t.value)if(!/[^a-zA-Z0-9]/.test(t.secret)){for(var r,a,i,s=d.querySelectorAll('iframe[data-secret="'+t.secret+'"]'),n=d.querySelectorAll('blockquote[data-secret="'+t.secret+'"]'),o=0;o<n.length;o++)n[o].style.display="none";for(o=0;o<s.length;o++)if(r=s[o],e.source===r.contentWindow){if(r.removeAttribute("style"),"height"===t.message){if(1e3<(i=parseInt(t.value,10)))i=1e3;else if(~~i<200)i=200;r.height=i}if("link"===t.message)if(a=d.createElement("a"),i=d.createElement("a"),a.href=r.getAttribute("src"),i.href=t.value,i.host===a.host)if(d.activeElement===r)c.top.location.href=t.value}}},e)c.addEventListener("message",c.wp.receiveEmbedMessage,!1),d.addEventListener("DOMContentLoaded",t,!1),c.addEventListener("load",t,!1);function t(){if(!n){n=!0;for(var e,t,r=-1!==navigator.appVersion.indexOf("MSIE 10"),a=!!navigator.userAgent.match(/Trident.*rv:11\./),i=d.querySelectorAll("iframe.wp-embedded-content"),s=0;s<i.length;s++){if(!(e=i[s]).getAttribute("data-secret"))t=Math.random().toString(36).substr(2,10),e.src+="#?secret="+t,e.setAttribute("data-secret",t);if(r||a)(t=e.cloneNode(!0)).removeAttribute("security"),e.parentNode.replaceChild(t,e)}}}}(window,document); //--><! ' class="input-embed input-embed-12760"/>

In this episode of the Managing Uncertainty Podcast, Bryghtpath Principal & Chief Executive Bryan Strawser is joined by Steve Raffe, Vice President of Strategy & Global Alliances at UK-based StarLeaf to discuss the lessons learned for organizations throughout the pandemic, how work has changed as a result of these lessons, the challenges that business continuity and crisis management professionals have faced in the past two years, and StarLeaf’s new product, StarLeaf Standby.

StarLeaf Standby is a new product for StarLeaf that recently launched and provides enterprise communications failover for business continuity and incident response.  Learn more at StarLeaf’s website.

Related Episodes & Blog Posts

• Blog Post: What is Resilience?
• Blog Post: 6 times business continuity and disaster recovery plans mattered
• Episode #110: Is your BC Program ready for the next disruption?
• Episode #115: Ransomware and Backups

Episode Transcript

Bryan Strawser:
Welcome to the Managing Uncertainty podcast. This is Bryan Strawser, Principal & Chief Executive here at Bryghtpath. And in this week’s episode, I have with me my friend Steve Raffe of StarLeaf. Steve, how are you?

Steve Raffe:
I’m great. Thanks, Bryan. It’s a pleasure to be here.

Bryan Strawser:
Glad to have you. This is actually our first episode with a guest so this is going to be an adventure I think all around, plus a great conversation about StarLeaf and your new product that you just launched. So Steve, tell us a little bit about you and a little bit about StarLeaf.

Steve Raffe:
Of course. So let me let start with myself. My name’s Steve Raffe. I’ve been at StarLeaf for many years now, for coming up to 12, in fact, and been in a variety of roles spanning engineering, marketing, sales, product so I’ve been around the block there. And in all the cases, a keen interest of mine has been making sure that what we do makes a difference. That we are helping businesses be better and helping individuals with their interests too. So for StarLeaf, we were founded in 2008 and we started off as the first video platform entirely in the cloud. We got there before Zoom, before Microsoft. We were the first.

Steve Raffe:
And today we’re a single platform for messaging, meeting, and calling, so thinking of it as a full enterprise comms platform. And through that, we’ve gotten a Visionary. And a key U.S. fear of ours has always been resiliency. And we own our own data centers with all of our kits, which means we offer a five nines SLA to our customers, which compared with the market leader, which is three nines, we are highly resilient. So through this, we’ve always been chosen by businesses where enterprise comms are critical. An example would be the National Health Service in the UK who literally rely on us for life and death situations. So simply, when businesses need enterprise comms that are resilient, reliable, and available they choose StarLeaf, and that’s us, Bryan.

Bryan Strawser:
Steve, how would you describe your customer base? Is it primarily, really large organizations or do you run the gamut of different sides of businesses?

Steve Raffe:
Across the board really. I mean, our sweet spot really has been with resiliency. So with that, that’s brought with it a multitude of organizational sizes because there are many small businesses out there where resiliency is top of their agendas. And equally, there are many large businesses out there where resiliency is important. So across the spread, Bryan.

Bryan Strawser:
So the last … As we’ve worked through the pandemic, we were confronted with this situation where suddenly a lot of businesses shifted to working from home where they could. Manufacturers, obviously, couldn’t do that when … In terms of building and testing things. But a lot of knowledge workers, information workers, and probably some industries we didn’t think about, being able to work remotely, being able to work from home have had to shift to that. And as we’ve all read, that’s really led to some significant changes in the workplace. We’ve moved to something that’s been more hybrid-focused. We were more remote. And then now more hybrid as folks start to come back to the office in at least some parts of the world. I’m curious how that … What you see being in this space as a cloud-based messaging and meeting provider at StarLeaf? What’s this look like to you on the other end of that question as companies have had to make this shift very rapidly.

Steve Raffe:
It’s a fair question, Bryan. And I think it’s fair to say that pre-pandemic all businesses had some plan to digitalize. That they were some of the way through, but the pandemic truly supercharged that because suddenly overnight they had to enable people to work from their homes during multiple lockdowns. And there was a revolution in the way we communicate. Face-to-face meetings were suddenly replaced by video meetings. Office spaces were replaced by our home offices. And a key enabler for this was enterprise communications and collaboration services like our own, like Microsoft Teams, WebEx, Zoom, which suddenly are all household names where potentially they weren’t before the pandemic. And now they are part of the core toolset that’s enabling hybrid working, of course.

Steve Raffe:
And I’d say both business and society are set to win from hybrid working. I mean, businesses clearly there’s a direct impact on productivity and therefore their bottom line. But for society, my view there is that it’s creating more inclusive workforce. Suddenly people in all sorts of situations and geographies can be part of the conversation. And it’s also increasing flexibility where people can have a … I’d say a much better home-work life balance may be cut out many commuting hours. And I say off the back of that, it actually brings a lot more purpose to what we do because suddenly we can be part of the conversations that previously maybe we weren’t able to be. And I would say off the back of that Bryan, that businesses who embrace hybrid work and are set to be the winners, not only from those direct impacts but attracting and retaining top talent.

Bryan Strawser:
It’s interesting to me. I mean, we had … The cultural changes in business I think have been pretty fascinating. For example, we have a client that is … I would best describe their pre-pandemic leadership style as pretty old school. If you weren’t in the office from 8:00-5:00, 8:00-4:00 doing work and leaders weren’t there to see you, their perspective was that you just weren’t working. And this whole idea of remote work was entirely a foreign concept to them. They didn’t support it, they didn’t believe in it, they didn’t think it was possible.

Bryan Strawser:
Now they had to go home and they’re in a fairly conservative part of the United States where even that was … They were pretty reluctant politically that part of the country to do that. But they had to go home because of the pandemic and it’s been a complete eyeopener for their leadership team to realize that they can… With the right tools they can do this and they can adapt to this change. And it’s really opened their eyes to the amount of talent that they could bring into the organization that would never have moved to that state and city because it’s not a place that some folk will want to live.

Bryan Strawser:
But they have found this amazing ability to bring in talent, and retain talent, and be more flexible around that than they had ever been before. And as they’ve started to think about their return to the office strategy and have started to go back to the office, I think less than half the team is going to go back physically and they’re going to have a permanent workforce. It’s really changed their approach on how they think about talent. So I put them in the reluctant winner category, right. They went from just being opposed to this idea to really embracing it and being able to move forward in a different way. And I think it positions them really well for the talent war that we’re all sort of in right now.

Steve Raffe:
We totally are, Bryan. It’s great to hear. And it’s funny isn’t it that for I’m guessing decades now, managers around the world have been told to judge their teams on their outputs not on the inputs. Yet I think the … That the client you described, they, obviously, judged their presenteeism was an important thing and that they’re not on their own. And clearly, the pandemic turned it on its head because they were forced to accept that they weren’t going to be able to have people in the office. And I don’t know, in some ways, I think if we can draw a positive out the pandemic it’s that it’s forced many people’s hands around the world to truly treat employees like human beings. To understand that if you motivate them, if you bring them into your mission, if you get them on board with your story, get them motivated, they’ll do great things.

Bryan Strawser:
It’s been … I think it’s also been a really interesting time to be in the space that I’ve spent my career in, in business continuity and crisis management, and even my colleagues that are in information security or cybersecurity. Because companies have really looked to these functions to lead through this pandemic and help drive some of these strategic conversations like the one we’re talking about here with talent, and resiliency, and these capabilities, and really changing not just how we think about work but how we do work in these situations. And there’s definitely been … I think there’s been some total mind shift and strategy changes that have happened here.

Bryan Strawser:
Where, for example, if think about business continuity, we used to center a lot of business continuity around, I have a physical workspace and if I lose that physical workspace I need to recover to a comparable workspace. I need to go back to a brick-and-mortar physical location to do my work. And I don’t think we think that way at all anymore. I think it has completely upended that idea that if I lose my headquarters, for example, because of some natural disaster or fire or flood or what have you, I used to think about how do I replicate office space for 500,000 people. Or I’m sorry, for 500,000 square feet worth of people and equipment. Well, now I just send them home, right. They can work … In almost every case they can work remotely. So I think it’s completely changed the way we think about what used to be a core focus of business continuity and we just don’t think about that anymore.

Steve Raffe:
So do you think it’s fair to say, Bryan, that there are some real wins for business continuity through the pandemic?

Bryan Strawser:
I think there are for companies that … We were just talking with company strategies the whole … For companies that I think … Companies and business continuity leaders that I think can capitalize on what’s happening and think about how that trend impacts what’s going on in their organization. I think the business continuity and crisis management, InfoSec leaders that think about how this repositions their role, their strategy, and how they address the … I mean, this also raises new threats that need to be addressed. I think the ones that do that well are going to come out of this with a stronger capability in their organization. A stronger, more resilient company, and probably more credibility and authority for themselves as leaders in these spaces than they had before. And, of course, I think I … I won’t say the losers, but the ones that don’t capitalize on that or don’t realize the strategic shift that’s happened will have the opposite impact. And we’ve seen some of that out there as well. Mind shift changes like this, paradigm-shifting changes like this don’t come along all that often and they’re hard sometimes for folks to recognize.

Steve Raffe:
Completely agree with you, Bryan. And you mentioned risks there. And I think for me, the key thing here is to maximize … For businesses to maximize their exposure to the positive aspects that the pandemic has brought about and minimize the impact of the negatives. And specifically on those risks. One of the things that we’ve been talking to a lot of businesses about recently has been this new dependency on these enterprise comms platforms to support critical activities. And clearly, over the last 18, 24 months, the focus has been on survival, let’s face it. To start off with, it was how on earth do we get our workforce up and running at home? How on earth do we accelerate our digitalization? How do we drive adoption of those tools? How do we adapt our processes to get them to be able to work remotely across these tools?

Steve Raffe:
And the focus now we’re seeing with business leaders is shifting to realizing that they’ve now … To use a phrase, put all their eggs in one basket, they’re suddenly very reliant on these tools for these critical activities. And they’ve had a great impact on these critical activities but suddenly they’re exposed. Let me give you an example of one of these critical use cases. We’ve been talking with a European pharmaceutical company, and for them, WebEx has just revolutionized vaccine production for them. It allows them to run a just-in-time manufacturing process between multiple factories and third-party suppliers where everyone can collaborate, and that’s had an immediate financial impact for them and the ability for them to deliver on contracts. However, because they’ve got a robust business continuity program governance, they’ve been through analysis cycles to work out the risks to these critical activities and they’ve identified that WebEx is now a key dependency on vaccine production, which now I say it out loud sounds like dreadfully scary.

Bryan Strawser:
Would we have ever thought that before the pandemic?

Steve Raffe:
Not quite. For me, for businesses to come out as the true winners from this situation, they need to maximize their exposure to the positive aspects, which I think businesses have always been forced to do through the pandemic. To enable hybrid working to allow people to work flexibly, to digitalize. And now’s the time to start minimizing exposure to the negative aspects. And that’s where I really believe is a great moment for business continuity professionals to shine. Definitely this is … There’s never been a time where their businesses need them more.

Bryan Strawser:
I would agree. I remember early in the pandemic when I had just been in London for school February 2020, and, of course, Europe you were farther … You saw this a few weeks before we really saw the impact here in the U.S. And I came back from that trip and started talking to clients saying, “Hey, this is going to be a really bad problem.” And we had started to see … There was some impact in China and started to see some impact in India, and then it’s coming through Europe. It was clearly coming here. And so our clients that reacted quickly and looked at the threat and then started taking actions, they were the ones that were best off as the pandemic really hit home and we had to shift to remote work and go through lockdowns and work restrictions because they were early movers. They saw the threat coming.

Bryan Strawser:
And the ones that had strong programs, that had credibility through leadership, that had thought through some of these challenges like you were just outlined, and then moved quickly. I mean, they were the ones that got their hands on the needed resources like wifi hotspots, and laptops, and things that suddenly became in really short supply around the world as everybody started to shift home. I mean, there’s a period of time you couldn’t even buy a web camera anywhere in the U.S. The supply chain was empty. So I think having that credibility upfront, and being able to move quickly, and have that ability to evaluate and talk about threats like that as they’re coming in, those leaders really came out well and as did their companies as we went through this pandemic.

Steve Raffe:
I think you raise an interesting point there with resilient … The resilient organizations. I think there’s different levels, right. At a base level, you get to maintain a minimum viable operating level as a business that gets you through a situation that was unplanned, unexpected. But you can go further than that, right. That if you are more resilient than your competitors actually suddenly these-

Bryan Strawser:
That’s right.

Steve Raffe:
Awful circumstances can turn into a competitive opportunity for you.

Bryan Strawser:
I mean, I think it goes back to the age-old challenge with crisis management and business continuity teams is how do you … What are the metrics that you can explain to your business leaders that aren’t subject matter experts? And you can always say, “Well, here’s our … We have 125 plans and they were all updated this year et cetera.” To me, that’s table stakes. We expect you to do that in the organization. It’s when you start to look at hey, we moved more quickly than our competitors, and in doing so we were able to do X, Y, Z. I remember during Hurricane Sandy a decade ago here in the U.S., and I was working for a Fortune 500 retailer at the time, that was one of the metrics we came up with our trade association was hey, if all of you other retailers would share your reopening rates we’ll share ours.

Bryan Strawser:
How quickly were you open each day? Or what percentage of your stores in the impacted area? Well, of course, we were the fastest. And so I was able to give that data to our business intelligence team and say, “Here’s our competitors and us, tell me what the delta was in sales? What did we gain by being open first?” Well, that number was huge. And that became our CEO’s favorite story to tell the board about Hurricane Sandy followed … Proceeded by no one got hurt. None of our employees were injured and their families were okay. Followed by, we reopen faster than our competitors and because of that, we recognize X millions of dollars in additional revenue. So there’s a great chance to use information like that. And there’s similar stories from the pandemic as you point out, to really push the credibility and gain additional resources and capabilities for your team. And not to mention your company’s resiliency.

Steve Raffe:
So with that in mind, Bryan, I think one thing I’d really like to help with on this episode today is to explore some of these negative effects so that maybe we can help your listeners protect themselves against those. To mitigate the risks that could come along so they can benefit maximally from the positives. How does that sound?

Bryan Strawser:
I mean, I think one of the examples I think we were talking through earlier was cybersecurity-related issues and this … As this dependency on technology grows that becomes a … And people are at home, there’s a whole different set of challenges that get opened. And I think you had a good example from your guy’s experience to talk through.

Steve Raffe:
It’s funny, isn’t it? I think it is a good example, but I’m not sure if the word good is entirely fair. It’s really a story of whoa. I mean, the … I think that the broader thing here is the cybercrime. For people who are involved in this I need not say this, it’s increasing in frequency and sophistication, and ultimately there are just bad people out there targeting good businesses like those of your listeners. And at the same time, there’s a rise in cyber warfare with state-sponsored attacks which are typically known as advanced persistent threats which take place on large businesses, which might be the businesses of your listeners, or indeed they might be their supply chain.

Steve Raffe:
For instance, an enterprise communications provider. Now, the example I have is a German customer we were talking to earlier this year, where their environment was penetrated by bad actors. And when they realized it had been penetrated they had well-drilled cyber incident response plans and they swung into action like a well-oiled machine. But their CISO was really quite frustrated about the sluggish response. Now, it turned out after the fact what had happened was the bad actor had got into the Microsoft Team’s chat group that they were using to coordinate their cyber incident response. And not only were they multiple steps ahead in terms of being able to evade their actions to understand what was going on and boot them out the network, but they were also gathering critical comms on what was going on and how the company was responding to their industry partners and customers. And they were owning the narrative publicly in order to try and back this company into a corner and force them to pay the ransom. I mean, these attackers are insanely, insanely sophisticated.

Steve Raffe:
And if that wasn’t the worst thing, they took the very bold decision to disconnect access to all of their Microsoft 365 services to contain this attack. And what we’re talking about is a large German manufacturing conglomerate here. They suddenly realized how massively dependent they’ve become on these tools in order to operate all of their business process and they were on their knees from an operational standpoint. And what’s worse is that their crisis management … Sorry, their crisis communications platform was also dependent on Microsoft Teams so they were unable to let anyone know what was going on. So they were really in a horrendous place. And in total it took them several weeks to get back to an operating basis during which time there was I’m told financial and reputational damage to their business.

Steve Raffe:
So you can see there were almost two modes of risk from cyber warfare, cyber-attacks to an enterprise comms platform. One of them is, it directly being damaged by the attackers. So, for instance, they can take down active directory, which just stops anyone signing in to these services. But the other way is you might actually proactively decide to remove access as a business in order to contain the attack. And alongside this you could argue, should you use these tools at all when you know your environment’s being compromised. Particularly if credentials have been compromised, those attackers are probably looking for powerful information that they can use in order to back you into a corner. So it’s a real challenge, Bryan.

Bryan Strawser:
So in this case … I just want to make sure folks capture the impact here. They had to remove all access to Office 365. So Teams, Word, Excel, PowerPoint, Access, email, SharePoint, probably all of that was unavailable during that outage, which was multiple weeks it sounds like.

Steve Raffe:
That’s right. It was multiple weeks. And it was, it was literally turning off people’s ability to log into the services. So I mean, I don’t know exactly the details. I imagine you might still be able to load up Microsoft Word on your laptop and process something offline. But frankly, the number of places where I’m able to do that nowadays is minimal because everything’s stored centrally on SharePoint or OneDrive.

Bryan Strawser:
And all that impact would be … That’d be significant. I mean, I think document processing is one thing, but document storage, OneDrive, SharePoint, and the ability to communicate Teams and email, Outlook Exchange, in this case, that would have a huge impact on most organizations.

Steve Raffe:
And also, I … And those things like cyber instant response runbooks and so on and so forth. The critical process documents you need to mount an effective response. If you can’t get hold of those then you’re in real trouble.

Bryan Strawser:
That’s a really bad situation there.

Steve Raffe:
I mean, the poor company. I mean, needless to say, it’s amazing how that escalated cyber defense but also the ability to respond and recover from it upped the agendas of the people who were holding the purse strings. Suddenly they had a large amount of budget released to protect against these things. I guess it’s just human nature, right, that it’s easy to not prepare for these things but when they happen you get worried about it happening again.

Bryan Strawser:
This is something that I think a lot of folks don’t think to practice. We usually … As we think about the life cycle of exercises, most teams are using Zoom … Or most organizations are using Zoom or Teams or WebEx or another similar product like yours for communication in a crisis. A lot of companies don’t think to practice what happens if that gets disrupted or compromised. And so then they … If they don’t have a backup or they haven’t thought about what would we do if that happened, what’s our procedure? Do we go to a Conference Bridge? Do we use FaceTime? And there’s a lot of different options that are out there, but a lot of companies just don’t think about that and don’t practice it, and then when it hits they’re really paralyzed because they’re not sure what to do.

Steve Raffe:
Interesting you say that Bryan, because one thing we’ve come across quite a lot and we’ll come in a bit to talk a bit about what StarLeaf are doing here, but to give you an example of some businesses who think they’re protected here. So they will … Lets for example say they are entirely on board with Microsoft Teams, they use it for everything but they’ve still got a bunch of Zoom licenses which they use as their backup. And then you start to walk them through well okay, so let’s imagine that Microsoft Teams fails now, right now, how many scheduled video meetings do you have per day? And they sort of do the back of the … The bit of mental arithmetic there and work out its tens of thousands of meetings a day. And then you ask them how much of those they’re going to need to reschedule on those Zoom licenses? And they say, “Well, actually”-

Bryan Strawser:
All.

Steve Raffe:
“Probably most or all of them.” And you say, “Well, who’s going to do that and how are you going to do it?” So I think sometimes people allow themselves a false sense of security by thinking they’ve got a backup because they’ve invested in a technology, but actually maybe as you rightly say, Bryan, they haven’t … They certainly haven’t exercised this. But before that, they haven’t even run through the mental steps of what they might do if a bad incident happens.

Bryan Strawser:
We did an exercise a few years ago with a client that was fairly mature in their response processes. And in the middle of the … It was a ransomware exercise. In the middle of the exercise, they decided to have their communications team try to communicate with the simulated bad actor in this case. So we decided well, I wonder what would happen if we sent them an attachment if they’d open it? So we … In the exercise environment we sent them an attachment and the attachment said, “If you open this document, please raise your hand.” And we were all in a theater-style room back … This was pre-pandemic. So what the communications team did, in this case, is they just forwarded the email out to the entire crisis team, 40 some people in the room.

Bryan Strawser:
And about a minute later, several people started raising their hands and the incident leader said, “Oh, did you have something to say?” “Well yes, I opened this document and it said if I opened it I was supposed to raise my hand.” So the three people that opened it were the internal CIO, the head of R&D engineering over their products, and the head of product management. So we informed them that their machines were compromised and anything that they were doing, and any channels of communication were now compromised. And they’re like, “Well, we’re all in the Teams chat about the incident.” “Okay, well, the attacker now knows everything that you’ve been talking about here.” And you can just see the room deflate in that situation because it’s … I mean, they should know not to open such things, but these are real-life things that happen. I mean, it happened in this exercise and it happens for real when these incidents are actually happening as you just described with the company in Germany that was compromised in the same way. The entire response is compromised. I mean, you just can’t imagine how bad that would be.

Steve Raffe:
And, of course, we’re all human so we’re … We’ve just got a propensity to do these things, Bryan. We’re inquisitive.

Bryan Strawser:
Even senior IT leaders will do these things.

Steve Raffe:
But cybercrime is a definite threat to these digital communication and collaboration services, absolutely. Another one we come across quite a bit, Bryan is service outages, which is simply these services that they’re SaaS cloud services so they’re highly reliable but not 100% reliable. But I would say that the larger risk to these services are the potential for hyperscale public cloud outages. This is predicted actually in a … There’s a great paper called the Allianz Risk Barometer which goes over this and they predict one of these hyperscale public cloud outages at some point in the next few years. And just as I was reading it, my news feed ticked over with Facebook having a … Having had a massive outage. And I was like oh, they’re not wrong.

Steve Raffe:
But simply these hyperscalers, they not only have these incredibly complicated clouds to run, which in the case of Facebook it’s believed to have been a misconfiguration that caused their … A ripple effect that caused the catastrophic failure in the really quite sophisticated cloud. But the other effect, of course, is these advanced persistent threat actors. These nation-states who are trying to disrupt. And what better way to disrupt than attack the core productivity tool that enables businesses in one of the countries that they don’t like. I mean, it’s a credible and powerful threat.

Bryan Strawser:
I remember the Facebook outage. Primarily I was irritated because I had just bought an Oculus and it arrived that morning and I couldn’t set it up because Facebook was down. But the conversation that was happening in the business continuity community and with some of our partners in the federal government here in the U.S. was this … Everyone thought … Just assumed this was a cyber attack. Which nation-state or which organization is attempting to disrupt Facebook. And, of course, it turned out, as you pointed out, it was an internal misconfiguration that cascaded into a pretty significant failure for them. But I think everyone’s initial response was well, someone took Facebook down. This had to have been an attack. And certainly that … There’s going to be a time where that’s true, it just wasn’t in this case.

Steve Raffe:
And I was reading a document the other day that says that so much of cyber resilience, network resilience, budgeting goes towards defense. It’s against trying to prevent these things from happening, which, of course, is great. The businesses absolutely should invest in that, but not to the detriment of investing in the things you’re going to need to get yourself back on your feet when these bad things happen. Because however well you defend yourself, there’s always a risk that the bad thing’s going to happen. It’s going to happen. What are you’re going to do? Who you’re going to call?

Bryan Strawser:
Well, and I think there’s vast differences in how organizations think about that fence too. I mean, some companies are … Think about that fence in terms of, how do I make sure I’m compliant with my regulatory requirements? Whether those … Whether that’s a standard they’re following like high trust or direct trust or something like that. Enact standards. Or, am I positioning against a determined external threat, which I would argue those companies are better positioned than ones who are just thinking about this as an item of regulatory compliance. But you’re right. You have to balance that with what are your capabilities to recover? What are your capabilities to be resilient in the face of that disruption that surely is going to hit you at some point, despite whatever your defenses are internally and externally?

Steve Raffe:
I think there has to be a balance there, Bryan. There has to be a balance between the two. We need to defend ourselves, but also we need to have some ways of mitigating. And I mentioned these … The unavailability of these platforms directly and them going down. But the other area is indeed the risks between those services and your end users as a business. The supply chain, in particular. Another example of this would be … There was a multi-hour outage of Microsoft services in Germany early this year. And I mean, all Microsoft 365 services were unavailable. Ironically, including the service status page. You think maybe … I don’t know maybe Amazon should host Microsoft and Microsoft should host Amazon so something like that.

Steve Raffe:
But Microsoft reported this as a service provider issue. And rummaging around the forums, it seems that from what the IT community gleaned, it looks like Deutsche Telekom who were the largest ISP in Germany, just had a network misconfiguration that turned Germany off for Microsoft 365 services and caused this multi-outage. I mean, I wonder what the cost to Germany’s economy was over that multi-hour period?

Bryan Strawser:
Probably significant in this case, I mean, that’s a huge organization and a lot of impact there across the country.

Steve Raffe:
So I think really in summary, these enterprise communications and collaboration tools, they’re tremendously powerful. They’ve delivered amazing benefits to both businesses and society and they’re now a key dependency for business-critical activities. And they’re a growing credible threats to the availability of these tools so resilient businesses must recognize this and put in place steps to mitigate these risks.

Bryan Strawser:
So there’s definitely an action here for business continuity and IT leaders I think to think through, and that is recognizing that this dependency exists. This is a huge dependency for organizations in 2021. That dependency probably increases in the years ahead as the workforce … The workplace continues to adapt. But part of it is recognizing that exists and then thinking about well, what do I do … Not just what’s my recovery strategy, but what do I do when this outage happens? What are my options to continue services while I figure out how to get my primary provider back online? My primary tool WebEx or Zoom. And, of course, for companies, there’s not a lot they can do. They’re dependent upon the vendor to … That’s providing this service. The company’s decision is, how do I work around this? Is there a workaround that’s out there? I think that’s a key thing for business continuity, and crisis management, InfoSec IT leaders to really think through. And really what’s the initial impact-

Steve Raffe:
So validation for you there, Bryan. I was talking to a large Californian media company the other day, and they used almost exactly the words there. They said that this is a growing issue. And they said, “The frustrating thing is we’ve got no control over it. Or, no visibility into it.” They just … They can’t control it or see what’s going on, or what the potential threats are.

Bryan Strawser:
One of our clients highlighted this really well. We were talking about their IT team I guess a week and a half ago. And they were … They’ve moved it … Most of their IT infrastructure is now in the cloud. So between their internal stuff on AWS and shifting everything else to vendors, and they’re really clear about hey, we recognize that we’ve essentially, in some cases here, we’ve eliminated a lot of risk because we’re not trying to host this stuff internally. We’ve added a whole different kind of risk because now I’m paying a vendor to do this but I have no control and no internal visibility into what’s happening and so I’ve shifted my risk in an entirely different direction. And I might feel good about part of this, I don’t feel good about the rest. But that’s the strategic decision that they’ve made. That they’re now having to really think through. Zoom was the example they were using in that case. Well, if … We can’t control it and we don’t have good visibility when things go bad for us in this situation.

Steve Raffe:
Indeed. So as you rightly say, Bryan, I think the only thing that can be done in these situations is to accept that there’s no control, no visibility over that and plan accordingly for it.

Bryan Strawser:
So I think this is where we shift to talking about your … Your company has launched a solution for this. Your new product StarLeaf Standby I think was really aimed at that gap of understanding what do we do when these disruptions happen? How do I … How do you position your … Or what’s there rather as a solution to really address that gap that’s been created as we’ve made this shift. So Steve, tell us about your new product.

Steve Raffe:
Thanks, Bryan. It’s exactly that really. It’s allowing businesses to protect themselves against the potential negative impacts of this, which allow them to embrace the positives which affect their business in society. And it’s in a nutshell, StarLeaf Standby is an enterprise communications platform for business continuity and cyber resiliency. And at its core is an enterprise communications failover service. So when your primary platform is down you can enable StarLeaf Standby and it instantly replicates that primary environment and then informs all of your users that … What’s happened so they can carry on working on our platform and they can carry on with their critical business activities, maintain a minimum viable operating level. And also, it can be used for crisis communications and other things that you need during disruptive events. So the way this works is that we are continually maintaining a cash of the primary collaboration platform so we understand things like what meetings are coming up that are hosted on Microsoft Teams, WebEx, Zoom, another platform of your choice.

Steve Raffe:
And when an administrator clicks the enable StarLeaf Standby button, we simply recreate all of those meetings on our platform and then email and text message users to let them know what’s going on and to let them know they can get straight back into their meetings. So that’s the core part this collaboration failover solution. But then surrounding that a suite of tools that assist in disruptive events before, during, and after them. So, for example, before you can do outage and incident simulation … So you can exercise, as you were saying earlier, Bryan, you can exercise your business continuity plans, your incident runbooks, and make sure that you truly have protected these critical activities. And we encourage our customers as part of their onboarding process to do this and help them through the activity.

Steve Raffe:
Then during the event, we’ve got broadcast messaging built-in so you can let people know what’s going on. And because we’ve got this fully-featured enterprise comms platform you can be pretty sophisticated there, Bryan. So we’re talking you could do a full-on CEO video address out to the entire company in a sort of town hall-style with live Q&A coming back. And then after the event we’ve got audit logging, which means that you can go back in, look at what went well what didn’t. Learn from what’s happened, practice continuous improvement, and so on and so forth. So I don’t know. Just relating back to that example I shared earlier about the German customer who was hit by a cyber attack.

Steve Raffe:
So let me talk you through how StarLeaf Standby could have helped them. So at the point the breach was discovered, they could have used StarLeaf Standby to coordinate their incident response. And because it’s operationally air gapped from their primary platform it’s completely independent. It’s secure, it’s confidential, it means the bad actor is significantly less likely to be snooping on their comms. Another powerful thing there is that most businesses are working with third parties to assist with cyber instance response. Maybe an MDR provider, their backup provider, their recovery providers. We’ve got cross-organizational capabilities so they can have war rooms set up, preset up in StarLeaf Standby, so that when the incident happens everyone is immediately plugged in. They can even do things like pin their playbooks there so they’ve got their process documents to hand in that platform. So that’s the first thing.

Steve Raffe:
Now, at the point they decided to contain the breach by disconnecting Microsoft services there’s a couple of ways StarLeaf Standby could help. The first is that core collaboration failover functionality that’s going to allow all of their users to continue maintaining the critical business activities that are going on. Maintain a minimum viable level of operation. But second to that, they could also use it for crisis messaging so the CEO can brief everyone on what’s going on, and they can continue to brief them regularly as things go on. They can use it to command and control as well in the same way.

Steve Raffe:
And then the bit I didn’t mention before was the recovery phase of this cyber attack. It took several weeks for them to recover their primary platform. And this is one thing that I understand from having talked to various backup and recovery providers that very often businesses fixate on the backup part but not so much the recovery part. When they realize they’ve got to restore petabytes of data to a distributed set of servers, distributed set of workloads around the world, they realize that the raw time for transferring the data is measured in weeks let alone actually staging the thing and getting it up and running. It turns out that many ransoms are paid for ransomware simply because it costs more to recover-

Bryan Strawser:
That’s right.

Steve Raffe:
From backup that it would’ve if we just paid the ransom. So we can help there too. Because if you imagine there’s a minimum viable level of operations running in the background it can open up options to do things like not pay ransoms. It can open up options for the recovery team to be able to work at a less intense pace and to do things right because they know there’s a backup there helping them. So really that’s StarLeaf Standby, Bryan. It’s an enterprise communications platform for business continuity and cyber resiliency. It’s unique as far as we know. We’ve talked to hundreds of businesses, and analysts and consultants like yourself about this now, Bryan, and everyone agrees that this is timely. It’s an acute need. And simply we can’t find a mountain tall enough or a voice loud enough to shout off about it. We can help in these situations. We can help protect against the possible and negative impacts of digitalization, and help businesses therefore embrace these massive positive effects it has for them, their employees, and ultimately society from hybrid working.

Bryan Strawser:
I think you are in a unique position here. I remember we first started speaking a few weeks back about doing this episode and I was talking with one of our more forward thinking clients a few days later. And I asked them if their IT team had ever gone down the road of what would they do if Microsoft Teams was their on teams? What would they do if Teams wasn’t available? And we knew that we had some … They had some WebEx licenses in the environment which is their former platform that they would switch to.

Bryan Strawser:
But at the same time, they have several thousand employees, and as you say, tens of thousands of meetings a day. I was like well, here’s a product I just heard about and explained it a little bit, and they got really excited about that because they didn’t have … There wasn’t this capability that existed. This ability to really almost hot failover to an alternate communication’s capability. And they’re realizing we manage incidents, and cyber incidents, and customer problems, and all kinds of things through Teams, and tools that are plugged into Teams, and that they didn’t have this capability. So I don’t know of anything else that’s in the marketplace that does quite what you’re describing in terms of this standby capability for communications.

Steve Raffe:
We certainly haven’t found anything like it either, Bryan. And from the clients we’ve talked to, I’d say that there’s a binary split between them. There’s a camp where they’ve already worked out that their critical activities are fiercely dependent on these platforms and they’re out there looking for solutions or trying to cook their own up. And we go and talk them and they’re very, very happy to hear from us. And then there’s the other category, which are the ones where when you say this to them they almost have that penny drops moments and they suddenly look very worried. But there is a … The CTO of a Fortune 100 organization asked me the other day when I was explaining this, they asked me what proportion of companies fitted into each one of those buckets? Because, unfortunately, they fitted into the latter camp and were very relieved to hear that they weren’t on their own.

Bryan Strawser:
I mean, it’s definitely a … There’s definitely a challenge there overall I think that folks are really confronted with on this issue that … And they don’t always think about it, right, when they’re first … Sometimes when you first bring this up to organizations they’re like no, I’ve never really thought about this problem before. There’s a lot of faith I think that these cloud-based services will not have these disruptions but you’ve already illustrated a couple examples today and I know of some others this year with Salesforce, and Facebook, and Zoom, and others where these outages do occur whether through malfeasance from an external actor or there’s an internal technical mistake that causes issues.

Steve Raffe:
Indeed. So what I’d say, Bryan, is if this is resonating with anyone I’d love to talk to you. No pressure. Let’s just talk through it and work it out if we can help you. So you can get in touch sure with Bryan. Bryan is well versed in what we’re doing. Or, feel free to get in touch with me. It’s Steve Raffe. You can connect and message with me on LinkedIn or check out our website which is StarLeafstandby.com. That’s S-T A-R-L-E-A-F-S-T-A N-B-Y. StarLeafstandby.com.

Bryan Strawser:
And Steve, is there another link to your main product? Your normal communications product is at starleaf.com or something comparable?

Steve Raffe:
It’s a good guess. Yes, absolutely it is. Starleaf.com.

Bryan Strawser:
All right. All right, Steve, thanks for joining us today on the Managing Uncertainty podcast.

Steve Raffe:
It’s been a pleasure. Thanks for having me, Bryan.