Episode transcript The transcript is generated automatically by Podscribe, Sonix, Otter and other electronic transcription services.
Hi everyone, here is Ricardo Vargas and this is the 5 Minutes Podcast. Last week we all saw the global computer meltdown. About 1% of all computers with Microsoft Windows were off with this blue screen. That created massive chaos in airlines, hospitals, supermarkets, and all sorts of businesses that rely on Microsoft Windows, plus a software called Falcon from a cybersecurity company, CrowdStrike. First, it's not the intent of this podcast to discuss what happened. Okay, I know that there are many videos and many news trying to explain what happened. It was an update and this. First I don't believe in in this conspiracy theory that someone did something. No, no, it's just a causality that brings a lot of concerns to all of us. But what I want to address is the question I received recently on LinkedIn when someone sent a message to you and, to me and asked: Could your project be protected against this kind of challenge? And this made me think a lot. And let me try to explain and answer this in different ways. The first thing, every time we make a business decision, this business decision comes with a lot of benefits, but it comes attached to a lot of risks too. For example, when you decide to put the software to control, for example, your project schedule, let's talk on the project environment, your project schedule, your project budget or, um, your procurement process. You have the benefit. And this is obvious. The benefit means you you you can do your procurement process much faster. You can do your procurement process in a much more reliable way, in a much more open and transparent way. But at the same time, if these software or these hardware does not work or becomes faulty, then you have, I would say, in the same level of the benefits, a massive wave of risks that can disrupt your business. And this is exactly what happened. So concentration is key. First, why do people concentrate their operations, for example, in specific providers, in specific technologies? Because when you concentrate you you save because it's much easier for you to manage it. For example, if you have all your computers with the same tools, the same software, the same platform all unified, it's much easier for you to manage if there is no problem. Because if there is a problem, then everything is, uh, becomes problematic. So concentration comes with this, I would say two side sword. It means you have the benefit, but you have the risks. But how you can avoid concentration and have the same benefit. For example, I know, and this is my personal example, that I want to share with you. Of course I'm not, I'm not an airline. I'm not a hospital. I'm not a bank, okay? I'm a consulting company. But because of my experience with project management and risk management, I would say that I am much more towards, um, a paranoid state of risk than a normal state. So, for example, I concentrate on my technology, but not on one specific technology and one specific provider. Let me explain. What do I mean by that? First, I use Apple computers and I don't use iCloud for business. My Apple Cloud for business I use, for example, my emails on Google Email and Google Suite and I use all my websites and all my platforms, all the downloads, for example, people use on the web, on Amazon, at AWS, AWS, I do all my backup and my file management service on Dropbox, by the way. Okay. Nobody is sponsoring this podcast. Okay? So I'm just sharing what I have today, on Dropbox. And for example, for all my activities on AI, I use Microsoft Azure service and OpenAI services. Why I do not use 100% Google? Why I do not use 100% Microsoft? Why I do not use 100% Apple? Okay. Of course, let's imagine that everything can be, uh, all these players can provide all the service to me, because of concentration. For example, if Dropbox goes offline for any reason, it, will it hurt me? Yes. Definitely will hurt me because I use a lot of Dropbox and I have something like 40 something terabytes of data on Dropbox. However, I have this in a backup in a network storage in Portugal, in my residence, and also in Brazil. Another the same that 24 times seven are updating. So if something happens, I still have the physical backup in in my home. If a Google cloud goes down, I can keep my files because, for example, unless Google, Dropbox, AWS, all of them go down, I will still, I will have trouble with some parts of the technology I'm using, but I can still operate in a different way. For example, I have different email address stored in different cloud services because if my main email stopped working, I can continue with an alternate, a personal email, and I can continue operating. For example, I have an email on Apple platform and I have an email on Gmail, so I'm just using this. Of course, I know if you work with IT, you will say, Ricardo, you do that because you are a tiny consulting company. Yes, but the mindset must be there. For example, if you concentrate everything in one single technology You have the benefit. For example, if I had everything in, on Google or everything on Microsoft, cloud, it would be great. It would be much easier for me. I with a one logging, I can control my OneDrive and everything, so I don't need to have a Dropbox and a OneDrive. And this why I have this for two reasons. Mainly reason number one, it's if something goes wrong, it it does not mean that everything will collapse. I will lose part of of what I'm doing, but I will not lose everything. For example, if I have everything in one cloud and this cloud goes off or shut down, I will be in trouble with everything. Second, because of privacy, uh, my my brother in law, uh, he's a cybersecurity expert. And he one day said to me, it's that I don't like very much to concentrate in the same technology all my digital life because, you know, um, privacy because they will know so much. They already know about me, myself on social media. They already know about my emails and all of that. So what? What do I do? So they will know everything about me because of my photos and this. So by by segregating this, you are reducing the chances that one single platform will know everything about you. And at the same time, if something goes down, you still have the other pieces. You will suffer, but you will not suffer up to that extent. And what? What is important for us to understand that when our lives, our projects, our companies become more digital, it's like relying on electricity for probably 200 years ago, um, nobody was concerned about electricity because, you know, people were used to to use candles. People were used to, to not rely on electricity. But right now we only remember electricity, for example, you are listening to this podcast and you have no clue that electricity is flowing. You only know that electricity exists is when there is a shutdown. It's like water. It's like many other things. We become so dependent that when they stop working, they create all this mess. But what is important for us is to understand that first, when we concentrate, are we concentrating in a responsible risk management way? For example, I'm sure look, I know when people ask me what happened with CrowdStrike, CrowdStrike used to be and probably up to today, one of the most reliable cybersecurity companies on Earth. This is why all these companies use it. So we don't know exactly what happened, but we noticed that it is not fail-proof. It's like airplanes. Airplanes are still the safest way for you to move around, but they are not fail-proof. We saw accidents, so we need to understand up to what level we can accept that. For example, one thing that you can do is you can, for example, segregate your technology into 2 or 3 different technologies. So if something goes down, you have a better way of saying, okay, 10% of my my computers are off, but at least 90% are still working. It means you are in trouble, but you are not closed for business. Like for example, many airlines in the US that have to lend uh, the, the, the planes because they were unable to even operate. So these imagine I would say imagine I'm happy that, uh, I hope nobody was killed with with this incident. But, you know, imagine the financial, uh, the financial challenges for all these companies to, you know, to ground these amount of, of planes or for example, for banks that people could not take out their money, etc.. So it's something that we need really to think about and you need to have processes in place, okay? If this happens and this is scenario planning, if this happens, what kind of reaction can you do in a fast way that will, I would say, reduce your ability to do the work, but it will not stop you from doing business? This is a very Look, all of this I'm talking to you this week is a big, big trade-off. We always love to see the winning side, which means, I use technology to speed up, and then I'll be more effective in this. But we never prepare ourselves for when these technologies just fail and they fail, they fail. There is no system on this planet that is 100%, uh, fail-proof. So think always about that. It's a matter of how much risk you can tolerate and how much money, how much complexity and how much damage is at stake. And this is what makes, uh, you to, uh, this is what guides you to make your best decision. Think about that, and at least let's learn from previous failures, because it's the most expensive way of learning. I hope you enjoy this podcast and see you next week with another 5 Minutes Podcast.
