Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

The year resilience paid off

Issue 8 2020 Editor's Choice, Security Services & Risk Management

Business continuity has become top of mind for everyone over the recent months. Of all the things business leaders worry about back in 2019 that could impact business negatively, a pandemic must have been close to the last item on the list.

Unfortunately, prepared or not, we were hit with lockdowns, social distancing and a new set of rules, as well as more economic pressure on businesses in 2020 than we could have imagined. Many have had to close their doors and many others have been forced into retrenchments and drastically cutting back on spend.


Michael Davies.

2020 is the year when those who have been promoting business continuity and resilience finally got to experience their “I told you so” moment, although the moment was not nearly as satisfying given all that has happened. This year was the melting pot for companies as they were forced to innovate, invent and pull rabbits out of hats to survive.

Planning for these unexpected events is sometimes seen as a waste of time and money, but if one waits until disaster strikes to try to make a plan, it’s too late. To find out more about what business continuity options and services there are available to companies in South Africa and up north into Africa that want to be resilient when disaster strikes, Hi-Tech Security Solutions spoke to Michael Davies, the CEO of ContinuitySA (part of Dimension Data), a company that has been driving the business continuity and disaster recovery market for many years.

Hi-Tech Security Solutions: What should companies be looking at when considering business continuity? Which aspects of business will be impacted?

Michael Davies: Organisations should consider people, process, and technology in terms of improving business continuity and resilience for their organisations. In order to cover comprehensive business continuity management (BCM) and resilience options the things to consider are:

• Business Continuity Plans incorporating business impact analysis, risk assessments, threat assessments, considering single points of failure, recovery time and point objectives etc. It is the plan by which the organisation avoids or minimises disruption to the business.

• Data. Whether residing on local or cloud servers, data issues (as well as the connectivity required) need to be reviewed, evaluated and protected (cybersecurity) with backup abilities so it may be recovered if necessary.

• Process. Once business continuity plans have been created and reviewed, awareness and testing of plans is a very important element of ensuring that they work and are valid. The testing and awareness should cover the full spectrum of people, process and technology.

• Top management buy-in is essential for BCM programmes to be successful and collaboration within the organisation is a key ingredient for success.

Hi-Tech Security Solutions: Who offers these services and what do they entail?

Michael Davies: From an advisory perspective, the large auditing companies provide these services, as do focused business continuity companies such as ContinuitySA. When it comes to work area recovery, there are far fewer providers available as this is a niche service – ContinuitySA being the largest independent provider in Africa.

For data replication and backup there are several companies to choose from, however, we do recommend selecting a company that specialises in backup and recovery as many IT companies will promote data backup but do not have the experience or proficiency in helping clients recover should there be a data loss or cyber breach.

Hi-Tech Security Solutions: What are the various disaster recovery options available, from offsite backups to cloud and other solutions?

Michael Davies: Advances in technology have been revolutionary in terms of being able to allow people to work remotely and from home. This ability provides a great deal of flexibility to organisations’ business continuity plans (BCP) and has changed the way organisations retain backups and design disaster recovery plans.

Private and cloud computing solutions provide flexible solutions in the retention and backup of data. However, organisations are advised to check and test the recovery capabilities of their cloud solutions to ensure that their BCPs are viable. Few organisations rely on the tape backups popular some years ago, but replication to and storage of backups to offsite devices is popular. This is especially important if they are not connected to the organisation’s network as a protection against cyber breaches and ransomware that may infect any network connected device.

Triangulation replication and backup where data is stored in three different places at the same time is preferred in some industries as a robust method of ensuring data is available for recovery purposes when recovery time objectives and recovery point objectives are minimal.

Hi-Tech Security Solutions: What is your ‘big picture’ overview of the market and current trends in the industry given the unusual year we have had?

Michael Davies: The global risk outlook continues to be challenging and we recommend that organisations use their governance, risk and compliance (GRC) activities to create robust frameworks that support business resilience. We recommend that risks are not viewed in silos, but rather as part of a complex whole. If that is the case, then GRC activities can be used profitably to develop an integrated risk picture and response. GRC will help guide this process, particularly when the organisation has multiple sites in different geographic areas.

Some trends to watch in the future are:

• Cyber risk. As organisations and business generally continue to digitise, cyber risk grows. It is important that organisations pay due attention to the basics of cybersecurity, ensuring they have the right people, processes and tools in place. Organisations should recognise the increasing cyber risk associated with the growing use of cloud services and be aware that cloud providers’ data centres can also go down, and build that risk into their business continuity plans.

• Utility risk. The off and on resumption of load-shedding by Eskom, the water crisis driven by the prolonged drought and infrastructure constraints in certain areas mean that water and power outages will be key focus areas of business continuity plans.

• Financial risk. Due to the COVID-19 pandemic, the global and local economies are in distress resulting in the country’s debt rating deteriorating along with other financial risks, including exchange-rate volatility.

• Supply chain risk. The global nature of business, and exacerbated by the COVID-19 pandemic, means that companies participate in long and complex supply chains risk exposures that affect the entire chain. When doing their business impact analyses, organisations need to give thought to the contingent risks they face thanks to their participation in supply chains.

• Geopolitical and socio-economic risks. Brexit negotiations, the US presidential elections and US-China trade negotiations remain key concerns. However, each region has its own risk profile which needs to be properly understood. This is particularly true of Africa where risk profiles vary quite significantly from country to country. Locally, the perceived inability of the government to take the necessary action to restore the economy to growth and create jobs remains a key risk driver, which is being further hampered by the pandemic.

• Socio-economic risks have been concerning South African businesses for decades, and the continued decline in growth prospects and poor job prospects will continue to be.

Hi-Tech Security Solutions: How important is business continuity in creating resilient organisations?

Michael Davies: Business continuity and resilience have become important items on the board agenda for a very good reason. We are living in a volatile, uncertain, complex and ambiguous (VUCA) world with accelerating change, and putting plans in place to avoid or overcome disasters is critical to any organisation’s sustainability.

One of the ways in which the BCM life cycle contributes to resilience is through regular testing and then feeding the results of that testing back into the BCM process. This creates a much stronger and more flexible framework to build resilience as regular testing can consider the changing environment.

Resilience is not a traditional investment, but it is a genuine one, a more resilient organisation is more likely to be successful over the long term despite today’s risk landscape. In those terms, the implied return is actually the value of the company and its future earnings.




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

What is your ‘real’ security posture?
BlueVision Editor's Choice Information Security Infrastructure AI & Data Analytics
Many businesses operate under the illusion that their security controls, policies, and incident response plans will hold firm when tested by cybercriminals, but does this mean you are really safe?

Read more...
What is your ‘real’ security posture? (Part 2)
BlueVision Editor's Choice Information Security Infrastructure
In the second part of this series of articles from BlueVision, we explore the human element: social engineering and insider threats and how red teaming can expose and remedy them.

Read more...
IQ and AI
Leaderware Editor's Choice Surveillance AI & Data Analytics
Following his presentation at the Estate Security Conference in October, Craig Donald delves into the challenge of balancing human operator ‘IQ’ and AI system detection within CCTV control rooms.

Read more...
Onsite AI avoids cloud challenges
SMART Security Solutions Technews Publishing Editor's Choice Infrastructure AI & Data Analytics
Most AI programs today depend on constant cloud connections, which can be a liability for companies operating in secure or high-risk environments. That reliance exposes sensitive data to external networks, but also creates a single point of failure if connectivity drops.

Read more...
Toxic combinations
Editor's Choice
According to Panaseer’s latest research, 70% of major breaches are caused by toxic combinations: overlapping risks that compound and amplify each other, forming a critical vulnerability to be exploited.

Read more...
Syndicates exploit insider vulnerabilities in SA
Information Security Security Services & Risk Management
Today’s cyber criminals do not just exploit vulnerabilities in your systems; they exploit your people, turning trusted team members into unwitting accomplices or deliberate collaborators in their schemes.

Read more...
Continuum launches centralised access and identity management
Editor's Choice Access Control & Identity Management Integrated Solutions Facilities & Building Management
Continuum Identity is a newly launched company in the identity management and access control sector, targeting the complexity of managing various Access and Identity Management (AIM) systems.

Read more...
SABRIC Annual Crime Statistics 2024
News & Events Security Services & Risk Management Residential Estate (Industry)
SABRIC has released its Annual Crime Statistics for 2024, reflecting a significant decline in financial crime losses, but also warning of the growing threat posed by artificial intelligence (AI) in fraud schemes.

Read more...
Health, safety, and environmental eLearning
Training & Education Security Services & Risk Management
SHEilds is a global leader in health, safety, and environmental eLearning, delivering internationally recognised qualifications such as NEBOSH, IOSH, IEMA, and ProQual NVQs.

Read more...
See crime stopped in seconds
Products & Solutions Security Services & Risk Management
Fog Bandit, a leader in security fog, is bringing its instant crime-stopping technology to Securex Cape Town 2025. Experience the innovation trusted worldwide to protect retailers, warehouses, and high-value sites.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.