A2 – Building Resiliency in 12 Months or Less at the City of San Francisco
Ted Brown, KETCHConsulting
Learn what the county and city of San Francisco’s Department of Technology (CCSF-DT) developed to protect their people from workplace violence, protect data from cyber attacks and its next line of defense – their COOP Plan, all executed in less than a year. Over a four-month period, CCSF-DT conducted a BIA, risk assessment, defined a COOP strategy, executed COOP plans for all departments, and conducted three different Tabletop exercises. This session will discuss the importance of COOP for IT and how COOP work was done on time and on budget.
B3 – Do Changes in Information Technology Eliminate the Need for BIAs
Steven J. Ross, Risk Masters International LLC
It is important for Business Continuity Managers to stay current with technology in our profession while at the same time holding fast to essential principles. This presentation seeks to find that balance with regard to Business Impact Analyses. Today, most workers in many industries have been issued laptop computers with VPN capability so that they can work effectively from anywhere anytime. The need to differentiate recovery times for applications in company-owned data centers has been reduced by applications running in the Cloud. Those remaining in the data center, often can recovered well within the minimum RTO and RPO. So why bother with a lengthy and expensive process that will not change recovery plans one way or the other?
B4 – Critical Cyber Security Strategies for Business Continuity Professionals
Laura Mosley, Southern Glazer’s Wine & Spirits
This session will equip attendees with ‘BC Cyber Hacks’ to leverage, mitigate, and respond to cyber-attacks in an effective and timely manner. We will look at historical and trending statistics. Identification of key stakeholders and partners as a critical component of a successful cyber approach.
Cyber exercises will be reviewed as attendees learn how to best develop and execute an effective cyber exercise. We will discuss event management, data restoration, third party involvement, network interruption, and cyber extortion. Wrapping up the session we will look at an overall framework for a solid Cyber Resiliency program and tie what we’ve previously learned into a basic executable framework.
C3 – How to Continuously Sell the ‘Value-Added’ of your BCM program (to Everyone!)
Michael Harding, Automotive Resources International
For years, we have always heard, “you need to gain executive buy in” in order to have a successful program. While having the support of senior management is important, I would challenge to say that it is equally important to have the support from everyone you meet with at the company. All employees. I would almost reckon to say that you should be like theme from “Cheers,” where everybody knows your name. While some people might not get this reference, all it really means is that you should be a well-known person within your company since the goal of a successful program is to get it engrained in the culture. It is essential that people start thinking of your program as an added benefit versus something that has to be completed each year. Make it fun – get out there and sell!
C4 – Transform Your BCM Program to Make Resiliency a Strategic Advantage
Tejas Katwala, Continuity Logic
In today’s ever-changing business environment of market complexity, globalization and increasing investor and customer expectations, companies have learned that many traditional BCM approaches to protect value and enhance value have failed. This session will address some progressive approaches that focus on connecting business continuity into the overall integrated risk management program and business strategy to improve BCM adoption, visibility, and effectiveness. The session will feature a Process Driven BCM Program, putting automation to work, and how to leverage your BCM data to deliver real results.
F1 – When the Little Voice in Your Head is Giving You Bad Advice: Crisis Leadership Success or Failure May (Mostly) Be in Your Own Head
Robert C. Chandler, Ph.D., Lipscomb University
Although humans often think of themselves as beings which are perfectly observant, undistracted, hard data calculating, rational and logical “organic thinking-acting machines” – making solid decisions even in circumstances that are far less than ideal – the “hard fact” of the matter is that biological and psychological research has given us an assessment of our cognitive and behavioral processes that suggests that we more often are inattentive, distractible, impatient, inconsistent, emotional, and nonrational creatures that take mental shortcuts, limited perceptual samples, make faulty assumptions, experience unnecessary delay and detours, and apply filters of biased parameters that reduce the probabilities of successful decisions and actions. This session reviews some of the most common dysfunctional thinking tendencies which every leader should be aware – to empower them to better plan to more effectively avoid, minimize and/or mitigate.