A8: BusCon Meets CyberSec – A Match Made in Continuity Heaven
Franklin Fletcher and Doug Sievers, Southern Glazers Wine and Spirits
Attendees will discover the role that cybersecurity should have in a business continuity plan and how to create successful recovery strategies. This interactive session will address the role of business continuity and cybersecurity professionals – where and how do these roles converge in your organization? If they don’t converge at all, what are the ramifications? The discussion will focus on key perspectives and skill sets required for both roles – how a partnership between Business Continuity and Cybersecurity can help to better identify, recognize, analyze, and address risks related to your data and applications, and better achieve the objectives of your business continuity program. Learn how Southern Glazer’s Wine and Spirits created synergies between the two functions in planning and in support of its Corporate Crisis Management Center for all hazards.
B6: Investing in Resilience
Alice Kaltenmark and Frank Lady, The BCI, USA Chapter
The BCI North America Next Practice Group has published a collaborative report on Investing in Resilience. The report explores, “What is Resilience and Why Invest in It?; How Resilience Impacts BC/DR and Related Activities; Considerations for Investing in Resilience; The Value of Investing in Resilience; and Measuring the Success of an Investment in Resilience.” Case studies and survey results are included to bring the full topic into perspective for continuity professionals across North America. This BCI report examines the issues associated with achieving resilience and, more importantly, the issues associated with preparing for and making an investment in resilience. Results of a survey of BCI members in the U.S., Mexico, and Canada provide additional insights on how members approach the issue of investing in resilience. Guidance from this report can help in identifying a prospective investment, justifying its acquisition, demonstrating its value, and measuring its performance.
C21: Crisis Management vs. Crisis Communications
Dianne Stephens and Ashleigh Allison, Globe Life
This session will help you, your teams, and your organization understand key differences between these two separate disciplines. It is imperative that teams understand the difference between the roles and responsibilities of a crisis management team versus crisis communications. Using an active assailant scenario the presenters will take a deeper dive into: – WHICH types of communications need to be sent; – WHO they need to go to (Audience Groups); – Who needs to APPROVE the messages; – WHEN the messages need to be sent do you think of Crisis Management and Crisis Communications as one discipline? You’ll leave with a one-page document with sample scripting and appropriate time intervals for sending out communications. This session will have you contemplating pre-scripted, pre-approved messaging to help prepare your teams before anything happens. You will gain a better understanding of typical audience groups, collaboration, and flow of communication approval.
C22: How GDPR and CCPA May Impact Your BCM Program
Joe Layman, Cetera Financial Group, and Susan Zielan, Risk Management
Do you know what consumer and employment information is stored in your company databases? Do you know that data privacy requirements will soon be part of your BCM program? Did you know your company can be heavily fined for non-compliance to privacy regulations? This interactive workshop will assist with understanding the EU Global Data Privacy Requirement (GDPR) and California Consumer Privacy Act (CCPA) regulations and how they will impact your BCM program and your organization. Learn how to be compliant with the GDPR, CCPA, or when it becomes a US regulation.
D9: End-to-End Testing
Lisa Casteel and Debbie Mason, Primerica
How to manage End-to-End complete review of BCP ensures all processes are identified. The value of testing your BCP (which includes your recovery steps) is immeasurable. Having a plan, even well documented, will not serve you or your company well if it is not tested. What constitutes a good test? This session will detail the complete scope of what constitutes a true end-to-end test: Plans for the business must be reviewed/updated; the facility where testing is performed must be maintained – workstation software; coordination amongst critical business units to ensure personnel outage support; upper management must be onboard and read into process; all outside support and users are accounted/allocation of workspaces; preparatory meetings with engineering staff are conducted. Ensuring that these good testing practices are in place will only enhance the company’s ability to be well-prepared in any event.
E9: I Heard it on the Internet! How Professionals Globally Deal Differently with BCM/Resiliency Challenges
Alex Fullick, Stone Road Inc/VoiceAmerica Radio
As the host of the VoiceAmerica internet radio show, Preparing for the Unexpected, the Alex Fullick has had the opportunity to speak with many individuals from various backgrounds and industries and discuss assorted topics in the BCM/DR/Resiliency realm. Regardless of his guests’ global location, industry, profession, or specific topic of discussion, industry professionals tend to experience many of the same challenges, but have addressed them differently. Many organizations and industry practitioners will no doubt have experienced some – or all – of these challenges, but not everyone has the same response to address them. Referencing guests that have appeared on Preparing for the Unexpected, this session will discuss how some of these key challenges are being addressed by professionals around the globe.