John Liuzzi, National Director of Business Continuity, Southern Glazer’s Wine & Spirits
Natural disasters. Terrorism. Cyber-attacks. Data breaches. Utility disruptions. Workplace violence. With the ever-increasing uncertainty that exists in today’s world, Business Continuity programs must now, more than ever, be recognized at all levels of management as essential to organizational survivability.
Acknowledging the dynamic and unique nature of these threats has created a dramatic shift from the traditional approach to Business Continuity. That is, from a focus on the restoration of individual functional processes to a more comprehensive and inclusive core competency that integrates the components of Business Continuity (process recovery), disaster recovery (IT recovery), crisis management (reputation management), and emergency management (safety and security). Consolidating these separate disciplines into a cohesive and streamlined management competency centered on holistic business restoration must be paramount since the pressure to maintain operations has never been greater, considering that there is no longer any tolerance for “downtime.”
The goal of a Business Continuity program is to establish the management structure and to define both the tactical and strategic procedural guidelines that will govern the execution of the response and recovery activities that an organization will follow before, during, and after a crisis. For any program to be successful, it must account for the culture of the organization. Program leaders should recognize their responsibility to drive the cultural change and to promote the awareness that everyone, not just a few select specialists, is accountable for Business Continuity. Not one single program objectives can be achieved without the proper engagement, communication, and collaboration with the essential stakeholders and business partners who are necessary for the success of any organization. Simply stated, for Business Continuity to be successful, “it takes a village.” In addition, organizations must adopt a “failure is not an option” mentality while conveying that “Business Continuity is the way we do business.”Recognizing the ongoing frequency and diversity of business-impacting events, the phrase “that would never happen” should no longer be tolerated as part of any organizational dialogue.
Business Continuity programs must now, more than ever, be recognized at all levels of management as essential to organizational survivability
What has become increasingly evident is that disaster events do not always impact physical assets (buildings, systems, etc.). Events, including cyber-attacks, data breaches, and product recalls, can also have a dramatic impact on the reputation and market position of an organization; therefore, specialized contingency planning is required. There are so many layers to what constitutes a threat or a crisis, and knowing how to assess and respond to each is critical. During any event, the story that the media (including social media) tells plays an essential role in how an organization is perceived in the marketplace, which is why it is important that both communications and social media teams are integrated into the program.
With today’s global economy, organizations are now adopting a rigorous approach to risk management and continuity planning in order to protect their entire supply chain ecosystem. The new reality is that “no business is an island,” and events anywhere in the world can impact any business at any time. To understand the vulnerabilities and interdependencies of a supply chain has become one of the most important initiatives and challenges for businesses today as they strive to achieve end-to-end resiliency.
Trends in business and regulatory requirements are driving organizations to adopt emerging technologies and solutions that enable high-availability systems, real-time communications, and faster recovery times while minimizing operating costs. Advances in mobile technologies, along with enhanced storage solutions, cloud computing, and virtualized environments are enabling organizations to become more agile while also improving resiliency. The use of mobile devices and social media is enhancing the way that organizations communicate, interact, and collaborate with their customers, suppliers, employees, and other stakeholders during crisis situations. Furthermore, as the trend towards outsourcing operations to third-party service providers continues, organizations must understand these risks and ensure that they perform their due diligence regarding a service provider’s contingency capabilities.
Business Continuity means more than just securing facilities; it also means keeping people safe and secure. Automated mass notification systems are essential for any program as they efficiently send secure, concise, and time-sensitive notifications to large groups via multiple methods, including voice, text messaging, and email. Mass notification is considered a necessity, as it helps to promote public safety and prevent panic during natural disasters, terrorist attacks, and other similar events. The core technologies that are utilized in mass notifications today incorporate Wi-Fi, IP Ethernet, satellite, Geographical Positioning Systems (GPS), Geographical Information Systems (GIS), and mobile applications.
Finally, to ensure organizational survivability, Business Continuity must be adopted into every organization as a mission-essential function. Organizations must devote the time and resources in order to establish a culture of preparedness and a state of readiness, where Business Continuity policies, procedures, and responsibilities are known and practiced by all. As the threat landscape continues to evolve, so too must the requirements and capabilities of a Business Continuity program. Establishing a comprehensive Business Continuity program is not only proactive risk management but also, and most importantly, a necessary responsibility that all organizations must embrace in order to secure their future.