Management Decisions That Assume Total IT Failure
At first glance, Newton Consulting’s newly launched “Ransomware-Specific BCP (Business Continuity Plan) Development Support” seems like a topic for specialized IT security. However, the core concept of “assuming a total IT shutdown scenario” provides an extremely important insight for considering “reversible design” in all business decisions.
Many SME leaders tend to focus only on “forward-moving” decisions like entering new markets or organizational reforms, without pre-designing a “recovery plan” for when those decisions fail completely. What ransomware BCP teaches us is the value of a thought process that concretely envisions the worst-case scenario (total IT shutdown) and then plans backward from there on “how to return to the original state, or at least a minimal operational state.”
The True Nature of an “Irreversible Decision” is the “Absence of a Recovery Plan”
The opposite of “reversible management” is a decision that, once made, cannot be undone. Its true nature often lies in the lack of a defined, concrete procedure for recovery in case of failure.
For example, imagine implementing a new sales management system with a significant upfront investment. If there is strong pushback from staff and operations stall, what would you do? Is it technically and contractually possible to “revert” to the old system? Or are you forced to continue customization at enormous additional cost?
Newton Consulting’s approach clarifies this “reversion” process in advance. In the event of a ransomware infection, the IT system is forcibly returned to an initial state of “total shutdown,” from which a safe state is gradually restored. Having this pre-prepared scenario of “returning to the initial state” and “phased recovery” is what guarantees reversibility.
Define Evaluation Periods and Observation Points as “Stop Conditions”
In BCP, “total IT shutdown” represents, in a sense, the clearest possible “end of an evaluation period” and “setting of an observation point.” Upon the “observation result” that the system is no longer functioning normally, a pre-determined “stop condition” is triggered, initiating the recovery process.
Let’s apply this thinking to launching a new business or organizational reform. “If this new service does not reach monthly sales of ¥1 million (approx. $6,300 USD) within 6 months of launch, we will freeze investment and revert resources to the existing business.” Or, “If customer visits decrease by more than 20% three months after implementing this new sales team structure, we will consider reverting to the original structure.”
The key is not a vague resolve like “we’ll stop if it doesn’t work,” but designing a concrete process *before* the decision: “What will we observe, by when, to what standard, and how will we revert based on that result?” Just as a ransomware BCP has a clear flow like “infection detection → system isolation → recovery from backup,” business decisions also need a flow: “failure detection → temporary pause or scaling down of activity → transition to a pre-defined recovery option.”
“Total Shutdown” as the Ultimate Point of Reversibility
“Total IT shutdown” appears to be the most radical “revert” decision. After all, all digital operations stop. However, this “total shutdown” is precisely a strategic “design of reversibility” that contains the spread of damage and opens a path to reliable recovery.
In management as well, courage is required to deliberately leave open the option of “stopping everything and starting over from scratch” when problems arise. I worked with one retailer that launched a new e-commerce site, only to discover critical user experience issues. Many companies would work around the clock on bug fixes. However, that leader had a pre-established rule: “If fundamental UX issues cannot be resolved within 24 hours, we will temporarily revert to the old site.” As a result, the problem could not be solved quickly, and true to his prior commitment, he decided to temporarily revert to the old site. There was a temporary sales dip, but it preserved customer experience and gave the development team ample time to solve the problem at its root. This was a decision close to a “total shutdown,” but it was a “reversible decision” that protected long-term trust and quality.
Without a Backup, You Cannot Go Back
The absolute requirement for recovering from ransomware is the existence of a clean backup. Even if the system completely stops, business can resume as long as there is a backup. This is nothing other than the “backup of knowledge” in management decisions.
When introducing a new operational process, are you keeping a record of the “old process”? When reorganizing, are you retaining the previous organizational chart and its performance data? These “records of the previous state” become the sole basis for reverting a decision. A “revert” decision made without a backup ends up as mere “ad-hoc retreat” and yields no learning.
Companies that practice “reversible management” always take detailed records of the “current state” (operational manuals, responsibility matrices, performance data, etc.) before making changes. This is the minimum investment required to reliably return to a “restore point” if the new decision proves wrong.
“Reversible Business Design” SMEs Can Start Today
Even if developing a sophisticated BCP like a large corporation is difficult, there are principles of “reversible design” that SMEs can implement.
First, define both a “trial period” and an “exit condition” for every new initiative. “We will trial this new sales method with Team A for 3 months. During this period, the existing sales method will continue in parallel. If the cost per new customer acquisition does not improve by at least 20% after 3 months, resources will be reverted to the existing method.” In this way, run the new and the old in parallel, and document the evaluation criteria and exit conditions in advance.
Second, do not be ashamed of the “complete stop” option. When a business or project is clearly not progressing as expected, continuing to gloss over it with “adjustments” or “improvements” will eventually lead to a point of no return. Instead, position the decision to “temporarily halt completely and re-plan from zero” as a positive, strategic choice. A total stop is an act of ceasing resource waste and buying time to clear your thinking.
Third, develop the habit of taking “backups” of decisions. When making important decisions in meetings, always document three things alongside the decision itself: 1) “Why that decision was reached (underlying data or hypothesis),” 2) “What will be used to judge success/failure (evaluation metrics),” and 3) “Recovery options in case of failure.” This becomes a valuable “recovery manual” for when you need to correct the decision in the future.
The Ability to “Go Back” Fosters the Courage to Challenge
The essence of ransomware preparedness is not pursuing the impossible goal of “100% preventing attacks,” but rather “building recovery resilience so that business can continue even if the worst happens.” The same applies to management decisions.
The pressure of “it’s over if we fail” makes leaders conservative and blocks truly necessary challenges. On the other hand, if a “safe zone” is designed—”even in the worst case, we’ll be okay if we revert to this point”—you can allocate resources to bolder, more creative experiments to that extent.
What Newton Consulting’s BCP support suggests is that in modern management, “recoverability” is a critical asset not just for IT systems, but for the business itself. Does your company’s “business continuity plan” prepare a reliable “path back” not only against external cyberattacks but also against the risks of the decisions you make yourself? Decisions with reversibility designed in are the most reliable management method for surviving this era of high uncertainty.
Comments