DXC Technology, an already struggling IT services provider, was hit by a ransomware attack that has paralyzed part of its business. According to the company, the part of its business impacted was Xchanging, “primarily an insurance managed services business that operates on a standalone basis.” As of July 5th, DXC indicated it was confident the damage was confined to this part of the business.
A ~$4bn managed services provider (MSP), DXC Technology serves as a critical piece of the digital transformation effort for companies across every major sector. As a result, similar to the recent problems at Cognizant, vulnerabilities in DXC’s cyber governance create heightened risks far beyond the company and its shareholders. The risks extend to companies that rely on it for things ranging from cloud platform services and even cybersecurity. This is why large MSPs form part of a critical infrastructure network for corporates, and it is also why they are a prime target for cyber criminals. Any disruption to a top tier service provider like DXC could create a financially costly operational disruption for its clients, something commercial insurance clients may be experiencing currently with the hit to Xchanging. Or consider a rail company that has outsourced the protection of its infrastructure to DXC.
The past four months since the COVID‑19 lockdowns have illustrated how good and bad digital transformation is separating the market winners from the market losers. The cyber governance performance of DXC should be top of mind not only for DXC management and its shareholders but the management and shareholders of companies that rely upon it for their own digital transformation processes, including work from home capabilities.
To add to DXC’s challenges, its struggles in the market dating back to last year and weaker financials through the first quarter of this year (lower revenue, lower margins, lower adjusted income) translate to increased financial constraints to resolving the cyber vulnerabilities that contributed to the ransomware breach. But DXC’s downside financial risks due to cyber can be reduced moving forward if available resources are first put toward addressing these vulnerabilities.