Khwaja's Take on Crowdstrike, Delta Disruption, Board's Systemic Risk Oversight and much more !!

Want to stay up to date on Board and C-suite effectiveness from me? Subscribe to my newsletter and must reads here for free and get insight on Digitally-savvy Board Effectiveness, Technology, Cybersecurity, and ESG delivered to your inbox every two weeks.

1. The CrowdStrike Global IT Outage and SEC impacts.

The CrowdStrike Global IT Outage has significant impacts on Security Exchange Commission Disclosure requirements, Notification requirements, and associated ever-changing global regulatory timeframes on systemic risk. Yet, boards are not prepared to engage deeply with senior management to future-proof business resiliency.

??Learn more about the Board's effectiveness on Technology Oversight from my LinkedIn piece here: https://shorturl.at/tCd4Z .

2. Part 2!! The CrowdStrike outage could cost $5.4B.

Boards need rigor and depth, as business resiliency governance is a team?sport. In today?s dynamic business climate, the impact of technology on revenue streams and resilience cannot be overstated. Learn more here from my LinkedIn piece (https://shorturl.at/vb5AB ).

3. Why Board's Oversight on IT Service Management and DevSecOps Process excellence matters

History repeats itself. There are several incidents where focusing on short-term value instead of long-term value creation can come back to bite a company.

In the case of the CrowdStrike -driven global IT outage, it was the cost of delaying an IT Service Management and DevSecOps Process excellence,?Tech debt, and Modernization that finally caught up with the impacted firms.

These incidents are an important reminder to boards everywhere to think more than just cash flow when making major business decisions, and to ensure they drive customer experience and technology strategy into every decision.

Learn more here from my LinkedIn piece (https://shorturl.at/Lptzy ).

What do you think?

4. Financial ratios is not enough. Be cognizant of Annual Recurring Revenue Metric.

5. CrowdStrike Outage, Seeking Culture Audits on DevSecOps & Business Continuity is paramount.

6. Crisis of confidence in digital infrastructure

7. Integrating ESG with Business Strategy is vital for Value Creation.

I like the importance McKinsey & Company has given to ESG as they advise CEOs and management teams to act like owners. Worthy advice.

Learn more here from my LinkedIn piece (https://shorturl.at/Tm8WV ) on the importance of integrating ESG into business strategy for the value creation.

8. Crowdstrike Outage -Bigger issues than mere quality control processes.

Infusing higher resiliency culture is paramount for vendors or firms with tech budgets.

9. Critical infrastructure is at the mercy of tech vendors doing everything right.

A digitally and cyber-savvy board director can be a great influencer, with deeper engagement on the board, in shifting to more modern operating system environments, environments with auto recovery, and environments that help calibrate risk appetite to avoid single vendor concentration risk. A tech-savvy board director understands the holistic impacts of IT service management issues.?

What do you think?

10. Technology architecture and Responsible Innovation are inextricably linked

I have seen increased complexity, a lack of technology architecture due diligence, operational scalability and a sense of urgency (lack of testing etc.) for short-term gains.

Learn more here on my take (https://shorturl.at/GpUW1 ).

There is a lack of capital infusion to modernize infrastructure or enable high-resiliency architecture or mitigate systemic risk.

? A tech-savvy and cyber-savvy board understands the power of simplification to strengthen business resilience and profitable growth.

? Do you think we need more regulation on systemic risk (including concentration risk), similar to regulation in the privacy and AI space?

11. Business Resiliency (Never Down) rides on Disaster Recovery, Business Continuity and much more!!

Delta Air Lines ’s cascade of cancellations bears resemblance to the spiraling meltdown?Southwest Airlines?experienced after a punishing winter storm paralyzed its operation over the busy Christmas 2022 holiday.

Checkout the LinkedIn piece I wrote on Southwest Airlines back in 01/2023.

12. Talent Drives Everything -Strategy and Risk.

Per McKinsey & Company , Demand for technology jobs is increasing. A few firms have great strategies but fail in execution due to a lack of Board Human Capital Oversight.

? I counsel lead Directors and Board Chairs to seek metrics on the talent pipeline, as it has operating model implications. Without talent, no strategy will succeed.

? Operating Model conflicts are significant.?The key to organizational growth and long-term value creation is a T-shaped board that prioritizes investing in technology and doubles down on investing in talent.

What do you think?

13. Linkedin News Publishes Khwaja's Board Advice on Crowdstrike-caused Global IT Outage

Delta Air Lines had to manually repair over 1,500 systems due to CrowdStrike led global IT Outage. I have always said employee experience and customer experience are inextricably linked to value creation. In the case of Delta, the global IT outage impacted both the pilots and customers.

? Boards must make business resiliency a top priority.

??Oversee metrics on infrastructure simplification to improve resiliency and operational costs.

? Boards must co-create and shape architecture roadmaps from autonomous business operations to autonomic business operations. Think of best-in-class capabilities including the automation of automation, or automation with limited human intervention.

??It's a simple equation: simplified operations lead to increased EBITDA. Yet, many firms seem to overlook this in their strategic and technology metrics, missing out on the financial benefits of?improved business?resiliency.

??Understanding and using terms related to business resiliency is crucial for effective communication and decision-making. Board Directors must be familiar with terms such as Air gap, business continuity, business resilience, business-critical, cyber protection, cyber recovery, cyber resilience, curated recovery, workplace recovery, etc. This knowledge will enable Board Directors to better engage, oversee and address the resilience of their business operations.What?else would you like to add to this list?

14. CEO's Higher Ambition drives competitive advantage

Strategic Ambition underpinned by Trust matters. Value migrates if you are not nimble. What red flags are you noticing as part of your Board’s AI Oversight?

Few CEOs are struggling to grow revenues, expand markets, etc.

Few low-growth firm CEOs are not driving productivity. Data quality and IP issues are huge.

What do you think?

15. Board's AI Oversight, Capital Allocation, an "open model” vs an “open-source model"

Board Directors must understand differences between an "open model” and an “open-source model" during capital allocation decisions. To make AI a critical competitive differentiator and industry disruptor, you need a digitally and cyber-savvy board director who can engage and help senior management co-create and shape AI strategy.

? An AI model that will be more “agentic”—able to take actions, not just generate text or images can provide significant competitive advantage.

? AI Safety, Red-teaming or Safety testing metrics belong to board's Risk oversight space.

? I counsel the lead Director to infuse a trendspotting and sense-making culture in the boardroom around a vision that is fully aligned with business goals, market conditions, and competitive pressure.

Learn more here on my take (https://shorturl.at/LOHCG ).

16. Crowdstrike impacts, Regulatory Scrutiny, and Board Oversight

The regulatory/risk oversight issues are enormous. An enlightened board can help senior management to mitigate risks with a deeper engagement.

? Aligning Zero Trust with business must be holistic, ensuring that boards seek metrics on security controls across the entire environment.

? Ensuring Senior Management has clear incident response and reporting procedures, and overseeing a culture of compliance and accountability are Board's responsibilities.

What do you think?

17. Crowdstike's buggy update -Board is vital for Trust Oversight

Flaws exposed through a buggy update will be exploited. Learn more here on my take from my LinkedIn piece (https://shorturl.at/iIxyv ).

??Driving long-term business success depends on Trust imperative. The oversight of the Trust imperative is not just a Board's responsibility; it's a crucial fiduciary duty that cannot be overlooked. Yet, many boards fail to conduct security culture audits.

??The CrowdStrike -led global IT outage taught us the impact of networked systems that enable cascading failures.

??Legal Repercussions and The Risk of Litigation are huge, and as I have said before, you need a "T" shaped skills on the corporate boards. For example, a board with geopolitical expertise can understand this global IT outage's downstream impacts of foreign state threat actors initiating deliberate cyber-attacks.What do you think?

18. Crowdstrike reflection. Global economy and US national security are vulnerable to attacks.

The CrowdStrike led Global IT outage underscores that the global economy and US national security are vulnerable to attacks. Systemic risk management is aligned with the Board's fiduciary duty.

19. Delta's Crowdstrike Disruption. Employee experience and Customer experience are inextricably linked to value creation.

Delta Air Lines had to manually repair over 1,500 systems due to CrowdStrike led global IT Outage. I have always said employee experience and customer experience are inextricably linked to value creation. In the case of Delta, the global IT outage impacted both the pilots and customers.

20. Board's Role in Portfolio Optimization

A decade later, the payoff for Echo hasn’t arrived.?Innovate, and then figure out how to make money later.

Do you think Amazon needs a strategic pivot or more portfolio optimization? Learn more here from my LinkedIn piece (https://shorturl.at/6ISIx ) on my take on business transformation.

21. Vulnerabilities and Board's Risk Oversight.

Vulnerabilities inherent in our interconnected world underscore the need for the Board's effective Technology and Cybersecurity Oversight.

What is ONE piece of advice you would offer if you met the lead Director or Board Chair in an elevator?

Learn more here from my LinkedIn piece (https://shorturl.at/d5EeX ).

22. Innovation and Board's Committee Structure

Innovation is moving faster yet few boards are not agile and forward-thinking for value creation. Board Directors must be familiar with terms such as Applied Innovation similar to EBITDA and cash flow.

Learn more here from my LinkedIn piece (https://shorturl.at/WTk2U ) on innovation.Beyond the financial oversight, boards need to oversee tangible strategies that encourage and spur innovation.

This could involve setting up innovation committees, defining innovation metrics for success, and aligning executive compensation with innovation targets.

Furthermore, having board members with backgrounds in cutting-edge fields can provide invaluable guidance.

23. The CrowdStrike Global IT outage raises more scrutin on Business Continuity.

The CrowdStrike Global IT outage brought severe economic consequences, including new regulatory exams/reporting. New questions arose, including the manual and limited recovery options for affected machines. A capable Board's Technology Oversight would have avoided manual recovery processes through infrastructure automation initiatives and lessened the impact.A capable board would have sought metrics on IT outage response plan including refresh schedules, rehearsals, and contingencies. What do you think?

24. Business/Digital Resiliency and Microsoft's Role on ecosystem Risk

Business/Digital Resiliency Alert!! Some security professionals also say Microsoft hasn’t taken its software's vulnerabilities seriously enough.

Recent breaches involved exploiting vulnerabilities. Asking the right questions on Attack Surface Management is the board agenda. Software supply chain security is a critical risk and compliance issue.

25. Boards must understand Digital Resiliency Concepts

The role of corporate boards has evolved considerably in response to the increasing impact of technology, innovation, and cybersecurity on all facets of business. As stakes become higher, and the business landscape more complex and interconnected, boards are faced with the critical imperative to not only understand these domains but to excel in their governance. Learn more here from my LinkedIn piece (https://shorturl.at/wtzoW ).

26. Board's Critical Role on Sustainability

Director's obligations of duty of care extends to identification and mitigation of sustainability risks. A greenwashing lawsuit against lululemon and a documentary on the recycling of a Swiss brand of shoes have cast environmental pledges into questionI counsel lead directors and board chairs to integrate sustainability with the company's business strategy.

Recent Delaware decisions double down on the long-term value creation over short-term economic gains.

How deeply is your board engaged with company's sustainability report? I have seen few boards don't have sustainability expertise. Learn more here on my take from my LinkedIn piece (https://shorturl.at/nOnJp ).

27. Rise of Activist Investors and Board's Role.

Activist Elliott Investment Management L.P. takes a significant stake in Starbucks . More here from The Wall Street Journal (https://shorturl.at/vAR7j ).

The firm slashed its financial outlook for the second time this year. What advice do you have for the current Starbucks board? Board Directors must anticipate challenges and be prepared to respond to activist criticism year-round.

Learn more here (https://shorturl.at/DTdpU ), where I discuss how to prepare for and respond to activist challenges using proactive and reactive value-creation opportunities.

2. Khwaja's Book Recommendations

Many of my board director friends are aware of my dedication to a higher purpose and value creation through human capital oversight, inclusive culture, and aligning employee’s personal purpose with corporate purpose.

Engaging with Dr. Frederik G. Pferdt masterpiece has been truly invigorating. It is essential for all of us to harness our individual talents and passions to contribute to a better world. If you share a commitment to driving positive change and shaping a brighter future, this inspiring book (https://shorturl.at/sM741 ) is a must-read.

Seeing this newsletter as a forward?

Subscribe here and browse my previous newsletters and articles here .

For professional insights into complex issues, join the?conversation by tweeting Khwaja at @Khwaja_Shaik or?connecting with him on LinkedIn .

ABOUT KHWAJA SHAIK

Khwaja Shaik, a digital expert and cyber-savvy board director, brings over 25 years of global experience in technology, cybersecurity, sustainability, nimble innovation, and fintech. He is a sought-after advisor for CEOs and boards globally, providing invaluable insights at the nexus of technology, cybersecurity, and financial services. Khwaja drives profitable growth through innovation, digital acceleration, and risk management. With a career spanning renowned companies like IBM , Bank of America Merrill Lynch , Al Rostamani Group , and PwC , he is internationally acknowledged as an authority in corporate governance, technology governance, VC/startup incubation, and digital resilience.

Khwaja advises CEOs, Boards, and Startups on carving out Future-Fit Tech strategies aligned with board priorities. But beyond his illustrious career, Khwaja's true calling lies in altruism. He staunchly believes in weaving noble purpose into business strategies, championing a model of multi-stakeholder capitalism. Committed to societal transformation, he strives to leave a profound impact through socially responsible, ethical technology, and privacy-centric practices.

Khwaja is a visionary leader with a proven track record of success in transforming businesses through innovation and digital. He has an innate understanding of how to harness technology to create better customer experiences and future-proof operations.

At Bank of America , he managed risk and infused Fintech and Cloud best practices into the firm’s strategy, saving the company $1.1 billion per year during the 2008 financial crisis. At PwC , he incubated new businesses to grow revenue across multiple economic cycles, reshaping industry and platform operating models— digitizing end-to-end business processes to capture value, and protecting firms from cyberattacks through digital resilience.

Khwaja has a history of leading over $10B in digital business transformations by scaling Agile practices for cost optimization, revenue-generation, and societal transformation imperatives. It includes strategic oversight, risk mitigation, business optimization, digital business models to capture profitable growth, customer lifetime value & competitive advantage to Fortune 500 firms.

Khwaja delivered a modern banking platform and transformed the Omnichannel customer experience through world's largest Contact Center platform, serving 1 billion calls, as part of BofA's M&A (CFC, MBNA, Fleet, etc.) to support the AI-led growth strategy.

Khwaja is one of the most exceptional IBMers appointed, with the rare distinction of IBM Academy of Technology member. Holds many patents serves on IBM’s Invention Board. Khwaja is one of the top 100 leaders elevating corporate purpose, driving AI ethics, privacy, data stewardship, regulatory/compliance and sustainability. He provides the direction of IBM's long-term strategy through ESG and good tech.

Khwaja serves on the Museum of Science & History and University of North Florida boards to promote economic equity, social, diversity, and inclusion for the prosperity of all. He teaches emerging tech, systemic risks, cybersecurity, AI ethics, and privacy-by-design efforts at University of North Florida and Competent Boards .

Khwaja is a frequent speaker on Board Practices, Technology, and Cybersecurity at NACD (National Association of Corporate Directors) , Competent Boards , New York University School of Law , American College of Corporate Directors , Boardswell etc.

Khwaja is a Fellow of The Herndon Foundation Board Institute, sponsored by Nasdaq & Atlanta Life. Khwaja is proud to be part of both Ascend Leadership 's Pinnacle Aspiring Directors Academy and University of North Carolina at Chapel Hill School of Law's 2023 DDI Board Boot Camp. Khwaja holds an MBA and an Engineering degree. Khwaja lived in India, Middle East, experienced three different cultures, reads too much, doesn’t do enough gardening, married for over 24 years with two remarkable boys.

More details on Khwaja’s career and thought leadership activities could be found via Linkedin, Khwajashaik.com or follow him on Twitter @Khwaja_Shaik

"The postings on this site are my own and don't necessarily represent IBM's positions, strategies, or opinions."