Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

The year resilience paid off

Issue 8 2020 Editor's Choice, Security Services & Risk Management

Business continuity has become top of mind for everyone over the recent months. Of all the things business leaders worry about back in 2019 that could impact business negatively, a pandemic must have been close to the last item on the list.

Unfortunately, prepared or not, we were hit with lockdowns, social distancing and a new set of rules, as well as more economic pressure on businesses in 2020 than we could have imagined. Many have had to close their doors and many others have been forced into retrenchments and drastically cutting back on spend.


Michael Davies.

2020 is the year when those who have been promoting business continuity and resilience finally got to experience their “I told you so” moment, although the moment was not nearly as satisfying given all that has happened. This year was the melting pot for companies as they were forced to innovate, invent and pull rabbits out of hats to survive.

Planning for these unexpected events is sometimes seen as a waste of time and money, but if one waits until disaster strikes to try to make a plan, it’s too late. To find out more about what business continuity options and services there are available to companies in South Africa and up north into Africa that want to be resilient when disaster strikes, Hi-Tech Security Solutions spoke to Michael Davies, the CEO of ContinuitySA (part of Dimension Data), a company that has been driving the business continuity and disaster recovery market for many years.

Hi-Tech Security Solutions: What should companies be looking at when considering business continuity? Which aspects of business will be impacted?

Michael Davies: Organisations should consider people, process, and technology in terms of improving business continuity and resilience for their organisations. In order to cover comprehensive business continuity management (BCM) and resilience options the things to consider are:

• Business Continuity Plans incorporating business impact analysis, risk assessments, threat assessments, considering single points of failure, recovery time and point objectives etc. It is the plan by which the organisation avoids or minimises disruption to the business.

• Data. Whether residing on local or cloud servers, data issues (as well as the connectivity required) need to be reviewed, evaluated and protected (cybersecurity) with backup abilities so it may be recovered if necessary.

• Process. Once business continuity plans have been created and reviewed, awareness and testing of plans is a very important element of ensuring that they work and are valid. The testing and awareness should cover the full spectrum of people, process and technology.

• Top management buy-in is essential for BCM programmes to be successful and collaboration within the organisation is a key ingredient for success.

Hi-Tech Security Solutions: Who offers these services and what do they entail?

Michael Davies: From an advisory perspective, the large auditing companies provide these services, as do focused business continuity companies such as ContinuitySA. When it comes to work area recovery, there are far fewer providers available as this is a niche service – ContinuitySA being the largest independent provider in Africa.

For data replication and backup there are several companies to choose from, however, we do recommend selecting a company that specialises in backup and recovery as many IT companies will promote data backup but do not have the experience or proficiency in helping clients recover should there be a data loss or cyber breach.

Hi-Tech Security Solutions: What are the various disaster recovery options available, from offsite backups to cloud and other solutions?

Michael Davies: Advances in technology have been revolutionary in terms of being able to allow people to work remotely and from home. This ability provides a great deal of flexibility to organisations’ business continuity plans (BCP) and has changed the way organisations retain backups and design disaster recovery plans.

Private and cloud computing solutions provide flexible solutions in the retention and backup of data. However, organisations are advised to check and test the recovery capabilities of their cloud solutions to ensure that their BCPs are viable. Few organisations rely on the tape backups popular some years ago, but replication to and storage of backups to offsite devices is popular. This is especially important if they are not connected to the organisation’s network as a protection against cyber breaches and ransomware that may infect any network connected device.

Triangulation replication and backup where data is stored in three different places at the same time is preferred in some industries as a robust method of ensuring data is available for recovery purposes when recovery time objectives and recovery point objectives are minimal.

Hi-Tech Security Solutions: What is your ‘big picture’ overview of the market and current trends in the industry given the unusual year we have had?

Michael Davies: The global risk outlook continues to be challenging and we recommend that organisations use their governance, risk and compliance (GRC) activities to create robust frameworks that support business resilience. We recommend that risks are not viewed in silos, but rather as part of a complex whole. If that is the case, then GRC activities can be used profitably to develop an integrated risk picture and response. GRC will help guide this process, particularly when the organisation has multiple sites in different geographic areas.

Some trends to watch in the future are:

• Cyber risk. As organisations and business generally continue to digitise, cyber risk grows. It is important that organisations pay due attention to the basics of cybersecurity, ensuring they have the right people, processes and tools in place. Organisations should recognise the increasing cyber risk associated with the growing use of cloud services and be aware that cloud providers’ data centres can also go down, and build that risk into their business continuity plans.

• Utility risk. The off and on resumption of load-shedding by Eskom, the water crisis driven by the prolonged drought and infrastructure constraints in certain areas mean that water and power outages will be key focus areas of business continuity plans.

• Financial risk. Due to the COVID-19 pandemic, the global and local economies are in distress resulting in the country’s debt rating deteriorating along with other financial risks, including exchange-rate volatility.

• Supply chain risk. The global nature of business, and exacerbated by the COVID-19 pandemic, means that companies participate in long and complex supply chains risk exposures that affect the entire chain. When doing their business impact analyses, organisations need to give thought to the contingent risks they face thanks to their participation in supply chains.

• Geopolitical and socio-economic risks. Brexit negotiations, the US presidential elections and US-China trade negotiations remain key concerns. However, each region has its own risk profile which needs to be properly understood. This is particularly true of Africa where risk profiles vary quite significantly from country to country. Locally, the perceived inability of the government to take the necessary action to restore the economy to growth and create jobs remains a key risk driver, which is being further hampered by the pandemic.

• Socio-economic risks have been concerning South African businesses for decades, and the continued decline in growth prospects and poor job prospects will continue to be.

Hi-Tech Security Solutions: How important is business continuity in creating resilient organisations?

Michael Davies: Business continuity and resilience have become important items on the board agenda for a very good reason. We are living in a volatile, uncertain, complex and ambiguous (VUCA) world with accelerating change, and putting plans in place to avoid or overcome disasters is critical to any organisation’s sustainability.

One of the ways in which the BCM life cycle contributes to resilience is through regular testing and then feeding the results of that testing back into the BCM process. This creates a much stronger and more flexible framework to build resilience as regular testing can consider the changing environment.

Resilience is not a traditional investment, but it is a genuine one, a more resilient organisation is more likely to be successful over the long term despite today’s risk landscape. In those terms, the implied return is actually the value of the company and its future earnings.




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

AI-enabled tools reducing time to value and enhancing application security
Editor's Choice
Next-generation AI tools are adding new layers of intelligent testing, audit, security, and assurance to the application development lifecycle, reducing risk, and improving time to value while augmenting the overall security posture.

Read more...
2024 State of Security Report
Editor's Choice
Mobile IDs, MFA and sustainability emerge as top trends in HID Global’s 2024 State of Security Report, with artificial intelligence appearing in the conversation for the first time.

Read more...
Cyberthreats facing SMBs
Editor's Choice
Data and credential theft malware were the top two threats against SMBs in 2023, accounting for nearly 50% of all malware targeting this market segment. Ransomware is still the biggest threat.

Read more...
Are we our own worst enemy?
Editor's Choice
Sonja de Klerk believes the day-to-day issues we face can serve as opportunities for personal growth and empowerment, enabling us to contribute to creating a better and safer environment for ourselves and South Africa.

Read more...
How to spot a cyberattack if you are not a security pro
Editor's Choice
Cybersecurity awareness is straightforward if you know what to look for; vigilance and knowledge are our most potent weapons and the good news is that anyone can grasp the basics and spot suspicious activities.

Read more...
Protecting IP and secret data in the age of AI
Editor's Choice
The promise of artificial intelligence (AI) is a source of near-continuous hype for South Africans. However, for enterprises implementing AI solutions, there are some important considerations regarding their intellectual property (IP) and secret data.

Read more...
Super election year increases risks of political violence
Editor's Choice
Widening polarisation is expected in many elections, with terrorism, civil unrest, and environmental activism risks intensifying in a volatile geopolitical environment. Multinational businesses show an increasing interest in political violence insurance coverage in mitigation.

Read more...
Deception technology crucial to unmasking data theft
Information Security Security Services & Risk Management
The ‘silent theft’ of data is an increasingly prevalent cyber threat to businesses, driving the ongoing leakage of personal information in the public domain through undetected attacks that cannot even be policed by data privacy legislation.

Read more...
Proactive strategies against payment fraud
Financial (Industry) Security Services & Risk Management
Amid a spate of high-profile payment fraud cases in South Africa, the need for robust fraud payment prevention measures has never been more apparent, says Ryan Mer, CEO of eftsure Africa.

Read more...
How to prevent and survive fires
Fire & Safety Security Services & Risk Management
Since its launch in August 2023, Fidelity SecureFire, a division of the Fidelity Services Group, has been making significant strides in revolutionising fire response services in South Africa.

Read more...











SMART Security Business Directory



Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.