Instrumented Interconnecteds Intelligent

Posted by

Post feed

RSS 2.0

Paige Poore, BCRS Director and CTO, IBM Global Business Continuity Management

Paige Poore, BCRS Director and CTO, IBM Global Business Continuity Management

By Paige Poore

In today’s world of economic, social and political uncertainty, organizations are confronted with an ever-increasing range of risks to deal with. Meeting these demands in a global economy means today’s enterprise must be highly resilient and able to anticipate multiple risks. For IT risk management, this requires understanding of which of the most common threats are most likely to cause business and IT disruptions.

Virtually every aspect of your business is vulnerable to disruption. Some continuity issues could take your business offline for days, but even minutes of downtime can prove costly. Business and IT disruptions that result from business continuity and IT security failures will cost organizations an estimated average total of $19.6 million over the next 24 months.

With costs this significant, IT professionals, C-suite executives and business owners alike requirefact-based insight into the causes and financial consequences of these incidents—including the cost of damage to reputation and brand value.

Today wraps up the annual Business Continuity Awareness Week (BCAW), a global event coordinated by the Business Continuity Institute. The week was key to raising the awareness of business continuity by showcasing its value as a strategic and integrated business discipline. The theme of BCAW this year was “Counting the Cost” a theme designed to demonstrate the potential cost of not having an effective business continuity management system.

Whether a global multinational or a small business, whether operating in financial services, public administration or manufacturing, business continuity is a dynamic management practice that is proven to help organizations anticipate, prepare, respond and adapt to an ever changing risk environment.

Though the perception is that the largest threats are external, the reality is that both business continuity and IT security professionals ranked human error as the leading threat in terms of both likelihood and economic impact. Here are suggestions for how to manage human error in IT risk management:

1.)  Building a Risk Aware Culture: According to a recent IBM study in partnership with the Ponemon Institute, both business continuity and IT security professionals ranked human error as the leading threat in terms of both likelihood and economic impact. One essential practice of helping to reduce human error is building a risk aware culture and management system that begins at the top and is pushed relentlessly down throughout the organization. This involves identifying sources of risk, setting goals and communicating roles and responsibilities at every level, from senior and middle management to every user of the organization’s email.

2.)  Automation: Automation can also play a part in reducing human errors such as policy-based control mechanisms for identity and access management addressing the continuous evolution of software-based vulnerabilities. Be proactive by evaluating automation solutions in the context of reducing the potential for human error rather than reducing IT costs. For example, automating backup across all user and server platforms can address a range of human errors that can lead to data loss— from incorrectly configuring backup software to forgetting to run backups or even losing a notebook PC. Automating endpoint security settings across mobile and desktop devices is another example of a technology-led approach to reducing opportunities for human error.

3.)  Reputational Damage Control: Since business unit leaders are outside the IT function and may have little to no IT experience, their decisions on everything from strategy to the optimal processes for mitigating disruptions may not be based on a true understanding of the IT risk landscape. According to our study, up to two-thirds of survey respondents believe that their organizational leaders do not realize that business and IT disruptions can damage reputation and brand image—and that those damages carry a hefty cost. Help these leaders understand the reputational consequences of IT failures, and in the process elevate yourself and your peers as IT professionals who protect this valuable corporate asset

So this year for BCAW, organizations and IT leaders should become the voice for the economic and reputational impact of IT risk which provides a win-win opportunity for you and your organization. The organization gains a valuable new perspective through which to filter IT risk strategy and tactics, while you can become known as the technology person with an eye on the bottom line—which almost always means increased visibility.

Bookmark and Share

Previous post

Next post

September 3, 2014
9:33 pm

Often, the item is printed with a motivational message that
the company has been using in their advertising. If you are
giving wine or a wine gift basket, it is better to
ask permission or get details regarding whether the person actually drinks (or might drink too much and not want temptation).

Some of them is included with a pen while a few others
is given a small stapler on it.

Posted by: corporate gifts singapore
August 26, 2014
8:38 pm

I was recommended this blog by my cousin. I am not sure whether this post is written by him as no one else know such
detailed about my trouble. You are incredible! Thanks!

Posted by:
August 26, 2014
12:03 pm

My family members all the time say that I am killing my time
here at web, except I know I am getting familiarity every day by reading such nice articles.

Posted by: domain
June 18, 2014
10:22 am

” both business continuity and IT security professionals ranked human error as the leading threat in terms of both likelihood and economic impact.”
No matter how perfect the machines may be, they are still being run by humans. I know of a pharmaceutical company where an administrator accidentally deleted a folder in an ECM system that was linked to thousands of files containing critical drug manufacturing information. The whole production line had to stop and the ECM system had to be taken offline while they tried to recover the files, which ended up taking weeks! This simple mistake put them at serious compliance risk and ended up costing millions of dollars after all the lost revenue, lost productivity, and recovery costs.

Posted by: Lauren LaFronz
March 25, 2014
8:50 am

Excellent observations Paige. And the risk reports will help build a business case with management based on tangible facts.

Posted by: Linda
Post a Comment