Firms urged to ready IT systems for potential grid collapse

Sibahle Malinga
By Sibahle Malinga, ITWeb senior news journalist.
Johannesburg, 20 Feb 2023

While it is difficult to predict whether South Africa will experience a national power grid collapse, organisations should put business continuity management plans in place that would allow them to withstand extended periods of a national power blackout.

This was the word from Nashikta Authar Angadh, president of the Business Continuity Institute Southern Africa Chapter and partner at KPMG SA, delivering a presentation titled: “Business resilience – when the lights go out”,at last week’s ITWeb Governance, Risk and Compliance 2023 conference.

Authar Angadh discussed the importance of making sure various key business structures −such as IT systems − are able to continue operating even during a national disaster, such as the collapse of the national power grid.

As the backbone of the electrical power infrastructure, the failure of the national power grid would lead to outages that disrupt business IT systems and infrastructure in disastrous ways, she pointed out.

According to reports, the US Overseas Security Advisory Council has been in communication with its South African stakeholders, warning them to adequately prepare for a catastrophic power outage, and take into account the consequences of a potential power grid collapse, as SA’s electricity crisis deepens.

A national grid failure is described as the total loss of power on the national network, caused by a fault that affects the distribution of electricity.

Last night, Eskom announced stage six load-shedding will be implemented continuously this week until further notice, as a result of the breakdown of eight generation units on Sunday afternoon.

Authar Angadh noted the consequences of several national disasters in recent years − the COVID-19 pandemic, civil unrest in KwaZulu-Natal and Gauteng, and flooding − have taught SA to be prepared for any national crisis.

She warned that power surges and fluctuations during a grid collapse would have a calamitous impact on IT systems, potentially causing software systems to crash, hardware components to fail, and major disruption of internet connectivity.

“Many people have anticipated the collapse of the national grid in SA, and with the aging infrastructure, this is very possible. One could say that it’s perhaps irresponsible to not be prepared for a national blackout or collapse of the grid,” commented Authar Angadh.

“With my experience in the disaster recovery field, it’s not a matter of ‘if’ your systems will be impacted by downtime or security breaches, but it’s about ‘when’ your business is going to be impacted.

“And you might put in a whole lot of controls to prevent it, but essentially, I believe it’s all in the DR [disaster recovery]. No matter what happens, if you have a good DR plan in place, and your strategy is sound, you will recover as a business, whether it’s data loss prevention, or something else.”

Eskom has attributed the consistent rolling blackouts to several factors, including the lack of maintenance of the aging power stations, insufficient generation capacity, and corruption and maladministration at the national power utility.

Africa and Asian countries are no stranger to the collapse of national power grids, with countries such as Zimbabwe and Nigeria being plunged into several days of darkness, after the collapse of their power grids in 2021 and 2022, respectively.

“The collapse of the national grid has happened in other countries, such as Bangladesh, where there was no electricity for 72 hours. Other parts of Asia have also had a collapse of the national grid, and that’s why businesses should plan for it and consider what could go wrong and how to respond to it,” noted Authar Angadh.

As the energy crisis continues to worsen into ongoing periods of widespread load-shedding, this has had disastrous ramifications for economic activity. According to the South African Reserve Bank, load-shedding of six to 12 hours a day is costing the country between R204 million and R899 million daily.

Nashikta Authar Angadh, president of the Business Continuity Institute Southern Africa Chapter and partner at KPMG SA.
Nashikta Authar Angadh, president of the Business Continuity Institute Southern Africa Chapter and partner at KPMG SA.

The South African energy crisis is an ongoing period of widespread national blackouts of electricity supply that initially began in late 2007 – almost 16 years ago, said Authar Angadh.

During his State of the Nation Address earlier this month, president Cyril Ramaphosa declared SA’s energy crisis a national disaster.

The electricity shortages have become so severe that Eskom has implemented around the clock power cuts – with South Africans already juggling an average of two to four hours of load-shedding every day in 2023, added Authar Angadh.

To deal more effectively and urgently with the challenges, the president said he will appoint a minister of electricity in the Presidency to assume full responsibility for overseeing all aspects of the response.

“So, how do we prepare businesses for escalated stages in load-shedding, and for a potential national collapse of the power grid?” Authar Angadh asked.

The key factors to be taken into consideration, when putting contingency plans in place, include deploying renewable energy alternatives, work-from-home strategies, data loss prevention, disaster recovery, operation technologies, production halts, services outsourced to data centres, and logistics and distribution processes, she said.

“This requires IT, legal and compliance leaders to establish greater business ownership of potential risks. It might make sense to start preparing and thinking about what will happen to your employees, through work-from-home plans…Organisations should also establish communication protocols upfront because if there is a collapse of the power grid, this will affect communication lines and systems.”

In terms of data loss prevention, organisations that have outsourced their IT to a data centre may have to acknowledge the data centre may not necessarily be prepared for extended periods of blackouts. This is where backup and disaster recovery plans will play a crucial role, she added.

“Operation technologies often shut down during a power failure and production halts are likely to take place – so this would have to be another area of consideration. With regards to logistics and distribution, supply chains should have an integrated resilience approach.”

Authar Angadh stressed the importance of drafting a risk management plan – a document that contains the risk assessment, mitigation considerations, analysis and tolerance.

“A risk assessment should detail estimated recovery time frames, a cost/benefit analysis, business priorities, such as operations and production, compliance procedures and assessing what will be covered by insurance, etc,” she concluded.