Resilience of Services: reducing the impact of IT failures

Gill Ringland FBCS has worked with the BCS IT Leaders Forum on improving visibility of the threat to the economy and society from digital system failure.

Gill co-chaired the ITLF Service Resilience Working Group with Professor Ed Steinmueller. Phase one of the work resulted in two major publications: Software Risk and Resilience and NPC BCS Software Risk - The Elephant in the Room. Phase two covered policy, operational resilience, research on complex tightly coupled systems and working with intermediaries such as universities and insurance companies. Building on this work, the group is publishing Resilience of Services: reducing the impact of IT failures, a book co-written by Gill Ringland and Ed Steinmueller that takes the group’s findings to a wider audience. The book, launching 10^th January 2025, will be available from London Publishing Partnerships.

Here, Gill tells Martin Cooper MBCS all about it.

Why don’t you introduce yourself and tell us about your career?

After achieving degrees in physics, I became a computer programmer — mainly so I could be flexible and go wherever my husband’s academic career took him. After various roles, organisations and locations, I was asked to ‘do’ strategy at ICL. I asked ‘where is the IT industry going?’ Nobody knew, so I learned about foresight and scenario planning. Based on my experience, I wrote the book used on the Harvard MBA.

Eventually I became CEO of global consultancy SAMI, where I did a lot of work across Europe, North America and Asia. After 15 years, I handed this role over to my successor in order to focus on writing and board roles at Ethical Reading and Newbury u3a.

I’m also an active member of the BCS IT Leaders Forum (ITLF). You can read my fuller biography on the ITLF website.

What motivated you to write a book about digital system failures?

In 2020, Patricia Lustig and I published a think piece positing that threats to humanity from software meltdown were as real as those from volcanoes or nuclear war. It immediately got several thousand downloads, so I started to about who might do something about heading off this threat. I contacted Ed Steinmueller at Science Policy Research Unit and he agreed to co-chair an ITLF Working Group. The terms of reference were to study the impact of IT failures due to software failure and what could be done. The need for this has become more apparent as society has become more dependent on IT systems and failures increase — sometimes due to cyber attacks, but the best data we have suggests that 90% of failures are a result of other causes.

You mention that many discussions about digital failures resemble ‘our attitude to the weather.’ Could you explain this comparison and why you believe shifting our mindset is essential?

First, we know that software systems are complex tightly coupled systems with unpredictable failure modes. In brief, software fails.

Second, Nassim Taleb popularised the use of ‘black swans’, which are unexpected and neglected events with major impact. He observes that black swans thrive on complacency. Even though, in retrospect, the occurrence black swan events will appear inevitable, the fact that they haven’t yet happened encourages a belief they will not happen at all, and hence they cause shock when they do occur. Taleb uses the contrast between the view of the well cared for turkey who is surprised by Thanksgiving (the sucker) and the butcher (the knower) who has planned for this, to indicate the hazard of complacency.

Despite recent apparent increases in software systems failure leading to service outages and data breaches across industries and continents, those who haven’t experienced them expect them not to happen to them. In Taleb’s analogy, they are the suckers.

Your book is careful to state that it doesn’t offer ‘a solution’. Can you elaborate on what readers should expect instead and why you chose a different approach?

There is no magic bullet. Organisations are using systems often constructed of many hundreds of components from separate suppliers plus legacy systems with unknown qualities. While we welcome work on software architectures and implementation methods to create more resilient software, in the meantime we see that a pragmatic approach is likely to have more impact on UK productivity and society.

This approach builds on two existing frameworks and advocates their wider use.

For you

Be part of something bigger, join BCS, The Chartered Institute for IT.

One is the important business services (IBS) framework; tolerances for how long each IBS could be down for harm beyond financial harm to be incurred, and steps to keep failures of these below tolerance levels. This is the framework set by regulators in financial services.

The second is the network and information systems (NIS) framework, as adopted by the ICO for Regulated Data Service Providers. This looks at the impact of service outages and data breaches on users in terms of lost user hours, damage to data integrity, risk to life and health and major financial impact on particular organisations.

Digital service failures seem to impact everyone, from consumers to entire industries. How do you think these failures influence society and the economy?

In the book, Ed has provided an appendix which — using his economics background — estimates that the impact on the UK economy is now enough to depress GDP growth.

One central theme in the book is the need for a shared language between the C-suite and IT leaders. Why is this alignment crucial, and how do you suggest organisations achieve it?

I just spent a couple of days at the Business Continuity Conference in London. Last year the big theme that emerged was the need for communication across silos, particularly integrating better with IT. This year a number of the contributions were about the importance of exercises such as simulations to create a better shared understanding.

We believe that the IBS concept and NIS user impact framework provides a language for bridging — to clarify business priorities, making it possible for IT to allocate resources appropriately. Cross-silo exercises to build networks as well as shared understanding are more effective using cross-organisation and externally focused concepts.

Your book advocates for more education focused on digital and operational resilience rather than purely on development. What changes would you like to see in IT education and training?

There are several aspects to this.

One is ensuring that education and training on software development reflects best thinking on architectures and implementation methods, to improve resilience. For instance, this means understanding where Agile is appropriate, and where it is not.

We have discussed a new role, the ‘availability engineer’, and the education and training for this.

Another is for IT education to work with management schools to create blended courses on operational service management which include monitoring, testing and upgrades in a 24/7 operation; contracts, supply chain management and SLAs.

The new specialised BCS CITP qualifications are an opportunity to introduce these changes.

Is there one takeaway or first step you hope readers implement after reading your book? How might it impact their organisation's resilience?

We hope that IT Leaders will do three things immediately.

First, build into their thinking that software fails unpredictably.

Second, ask across the organisation about the user impact of failures, what the IBSs and impact tolerances are, and who has a view of lost user hours and other impacts.

Third, for them to build a network — and encourage their staff to do the same — and to share information on sources of failures in third party software and quality of upgrades.