enterprisesecuritymag

Business Crisis: Understand/ Plan / Prepare / Act

Jason Blumenauer, Vice President Head of Security, FirstGroup

Jason Blumenauer, Vice President Head of Security, FirstGroup

There are many unknowns in today’s business landscape. They say to be prepared for the new norm, but no one can define what the new norm is. Businesses truly only have one option and that is to be prepared for whatever may come their way. But the question is, how do you do that? The first step is to understand the landscape of your business and what you need to succeed. Then you take that information and create checks and balances and discover any possible gaps in your business that can be affected by an outside issue. You then build programs that can fill those gaps effectively and efficiently when needed, this in essence is a business continuity program.

A business continuity process is a strategic effort to confront the potential for a disaster or crisis and prepare an organization to take immediate actions as necessary. This process should provide detailed and flexible information to help protect employees, customers, assets, and shareholders. Business continuity plans enable an organization to be prepared for different types of situations such as:

• Crisis management

• Inventory management

• Demand on new customer procedures

• Emergency call procedure

• Pandemic preparedness

• Change incompliance mandates (Federal, State, Contractual)

All leadersneed to consider the types of crises they may face and then to actively prepare a response. This should have a trickle effect and begin at the top creating a macro overview of a business continuity plan, which then creates working streams at the micro level. Each facility and service should have the following business continuity plans in place to:

• Identifyalternate services for each customer based on location.

• Planfor employee safety and additional resources should there be an impact on employees.

• Emergency contact and recovery plans.

• Conduct annual table-top exercises that test the readiness of the teams to show your best-in-class program.

Employees, customers, investors, and partners all want to know that they are a part of a great organization and that organization is always prepared for the unknown. Business continuity plans are not only a necessary insurance for any business strategy but can also be a strong marketing and branding component that can have many positive returns.

Most business continuity processes encompass six aspects of disaster and crisis preparation:

1. Risk identification

2. Risk quantification

3. Risk mitigation

4. Emergency response

5. Crisis management

6. Business recovery

Because a disaster and or crisis can take many forms and affect businesses at any time, it’s impossible to cover every step needed to restore service in every situation. The idea is to create a programthat gives an overview of an organization’s approach, capabilities, and lines of communication that ensure the correct people are informed, so the necessary decisions required to normalize business in the shortest possible time can be obtained. The importance of business to itsemployees and customers should be recognized throughout the entire process.

“A business continuity process is a strategic effort to confront the potential for a disaster or crisis and prepare an organization to take immediate action as necessary”

With that in mind, a business should clearly express interest to service the customer and take care of itsassociates with the appropriate and necessary responses as required by the event—the right business continuity program will show this. It is very important that leaders clearly communicate the actions and quickly organize a strategy. A slow, poorly created response to a situation can be more harmful than no response at all.

An organization cannot just think about what they need now but they must also think about what the business footprint looks like in the future.Through all the complicated work streams that come from a crisis, everyone’s efforts should focus on four key factors.

1. Safety: The safety of employees, visitors, contractors, and the general public must guide all strategic and tactical decisions.

2. Compliance: Regulatory mandates of organizations and governmental agencies should guide the planning and implementation.

3.Collaboration: Strategizing the go forward plan from line of business leaders, finance, health, safety &environment (HSE), human resources (HR), and more.

4. Agility: Stay ready to adapt and respond. Be prepared with appropriate protocols and remain flexible enough to effectively navigate through afuture change.

As the above factors are managed, each component must also keep in mind the operating and capital expense associates with it and truly understand the action taken will be setting precedence and if not managed appropriately can become a liability not a risk mitigation solution.

A crisis is always a struggle for all involved and there is always some type of negative aspect that comes from any incident, but that same crisis also creates opportunity to redefine and re-brand who you are and what you do. Understanding how to manage through these types of events and gather knowledge along the way to make your business stronger and find new opportunities for growth is key for any leader. A storm can devastate a forest and tear down tree after tree. Those trees that have established deep and strong roots re-coop and become even stronger,and from the scars, new and even more effective growth is seen.

Read Also

How to Leverage Zero Trust to Combat Fraud

How to Leverage Zero Trust to Combat Fraud

John Kupcinski, Director, Information Security Transformation, Freddie Mac
Mitigating Cybersecurity Risks

Mitigating Cybersecurity Risks

Giuseppe Donvito, Partner, P101 Ventures ("P101")
The Evolution of Cybersecurity in the COVID-19 Era

The Evolution of Cybersecurity in the COVID-19 Era

Cedric Gourio, Chief Information Security Officer, Allianz Partners
The Key Practices to Reduce Turnover and Shorten Time to Fill Positions

The Key Practices to Reduce Turnover and Shorten Time to Fill...

Dave Stirling, Chief Information Security Officer, Zions Bancorporation
In 2021, the Last Thing We Need is Another Security Tech Hero

In 2021, the Last Thing We Need is Another Security Tech Hero

Henry Mason, VC Investor, Dawn Capital
 Are You an Information Security Manager?

Are You an Information Security Manager?

Jana Puskacova, CISO, Slovnaft