In the book ‘Great by Choice’, author Jim Collins told the story of the 1996 Everest disaster in which eight climbers, including Rob Hall, the leader of one of the groups, lost their lives.
When tragedy strikes in that manner, there is the tendency to focus on the loss of life and neglect to look into the events that led to it.
Especially when the events have to do with the forces of nature, there is the tendency to resign ourselves to the thinking that there was nothing that could have been done to prevent it.
However, as Collins rightly pointed out in his book, there were preventative actions that would have avoided the tragedy.
There were series of catastrophic human errors that, rectified in time, would have averted the tragedy.
The first catastrophic error was the decision to have lots of people climbing the mountain at the same time.
The sheer numbers of people that were on the mountain at the time resulted in congestion at Hilary step where only a single person could climb at a time.
Critically, Rob Hall’s decision to miss his turnaround time in a bid to ensure that one of his client reach the summit was a big contributing factor.
Hall was well aware of the risk associated with missing the agreed turnaround time.
Thirdly, the team did not stock enough oxygen canisters on the mountain.
It’s clear from the above outlined point that the accident was not an act of God.
It would have been averted if those mistakes were rectified in time.
I am acutely aware of the fact that in the heat of the moment, the possibility of missing the little things is very high.
How to Apply those Lessons to your Organisation using Penetration Testing?
Penetration testing is basically an act of testing a network to identify vulnerabilities that could be exploited by hackers.
By carry out penetration test, an organisation is taking proactive measures to identify and patch vulnerabilities before hackers identify them.
There is a high probability that the deaths on the mountain would have been averted if those little things had not been missed.
I hope by the end of this Everest series you will recognise the need for penetration testing in your organisation to avoid missing the things that will prevent your organisation from being hacked.