BCI - continuitygroup.asiacontinuitygroup.asia/images/BCIConf25022016/BCI-Chair.pdf · What is the...
Transcript of BCI - continuitygroup.asiacontinuitygroup.asia/images/BCIConf25022016/BCI-Chair.pdf · What is the...
BCI - the Horizon Scan 2016 – And what I think…
David James-Brown FBCI
Chairman
The Business Continuity Institute
• The BCI – A brief overview
• BCI Horizon Scan 2016 - Research
• Trend analysis – some of my thoughts….
What is the BCI?
3
• A global support organization for business continuity and resilience professionals
• Member-Owned, Not-for-Profit Professional Association • Established in 1994• Chapters: Asia, Australia, Canada, Japan, Nordic, South
Africa, Switzerland and United States• Forums: Hong Kong, UK and Europe, Africa, Asia, Middle
East, South America and India.• Over 8,000 members in more than 120 countries working in
an estimated 3,000 organizations in private, public and third sectors
• Our membership grades provide assurance of technical and professional competency
Training and Education Certification Membership Continuing Professional Development program Mentoring scheme Corporate Partnership and Sponsorship Events (like this one) Master-classes Research Thought Leadership Awareness Campaigns
What we do
4
• First BCI Malaysia Conference, May 2016, Putrajaya Convention Centre
• BCM World, November – Back to the Novotel Hammersmith
• “ I am often asked what single piece of advice I can recommend that would be most
befeficial to the business community. My answer is a simple, but effective, business continuity plan that is regularly reviewed and tested ” 2004
– Eliza Manningham-Buller headed Britain’s Security Service (MI5) from 2002 to 2007, leading the organization though substantial change in the wake of 9/11 and the threat from Al-Qaeda. During her time at the helm, MI5 doubled in size, opened eight new offices, and altered its approach to the professional development of staff, with the establishment of a training academy.
– Delegate numbers soared last year by a staggering 50% !
BCI News
5
6
Asia
Henry Ee FBCI
Australasia
Howard Kenny FBCI
Canada
Chris Horne MBCI
Japan
Junichi Ogata AMBCI
Netherlands/Belgium
Werner Verlinden FBCI
Nordic
Faruque Sayed MBCI
SADC
Brian Henry FBCI
Swiss
Roberto Grosso-Ciponte MBCI
USA
Brian Zawada FBCI
BCI Global Chapters
• The independent body of knowledge for good Business Continuity (BC) practice written by experienced BC professionals from around the world
• Provides not just the ‘what to do’, but answers the ‘why’, ‘how’ and ‘when’ of good BC practice
• Reflects current global thinking in BC; aligned to ISO 22301:2012, the international standard for Business Continuity Management
• Translated into Arabic, Chinese, French, German, Greek, French, Italian, Korean, Spanish
The BCI Good Practice Guidelines (GPG) 2013
7
BCI Body of Knowledge
The capability of the organization tocontinue delivery of products orservices at acceptable predefined levelsfollowing a disruptive incident.
Source: ISO 22301:2012
8
The definition of Business Continuity
Improving organizational resilience
9
The BCM Lifecycle
10www.thebci.org
Membership Grades and Experience
11www.thebci.org
Membership Grades and Benefits
• Step One – Complete some formal Training (Instructor led, eLearning/Self-study)
• Step Two – Take the Certificate of the BCI Examination (CBCI)
• Step Three – Pass this examination and attain an internationally recognized post-nominal designation CBCI.
• Step Four – Use your CBCI to progress to certified membership of the BCI
• Step Five – Provide evidence of experience or use the BCI CPD Program to upgrade your membership
Steps to CBCI Certification
www.thebci.org 12
• Step One – Enrol on the Diploma of the BCI (Distance Learning)
• Step Two – Follow the 30 weeks, 3 module course
• Step Three – Pass the Diploma and gain the internationally recognized post nominal designation and academic qualification DBCI
• Step Four – Use your DBCI to progress to certified membership of the BCI (exempt from taking the CBCI exam)
• Step Five – Provide evidence of experience or use the BCI CPD Program to upgrade/enhance your membership
Steps to DBCI Qualification
www.thebci.org 13
BCI Corporate Partnership
14
Self governing and independent – It has its own elected Partnership Steering Group
• Work with like-minded organizations to deliver best practice.• Opportunity for governments to demonstrate a commitment to good
governance.• Opportunity to tactically market products and services to end users, our
membership. • To send the message to stakeholders that good BC and resilience practices
are important to us.• Commissioning industry research to support investment in BC • Demonstrating thought leadership • Running high profile global Business Continuity Awareness Week
….many global partners….
Corporate Partnership benefits
15
• Register an agreed number of employees as Partner Affiliates
• Use of BCI logo to demonstrate commitment to BC and resilience
• Free annual BC 24 licence
• Receive all BCI Partnership and Membership communications
• Member rates on all BCI events, products and services
• Access to wide range of resources
BCI Horizon Scan 2016
2015
2016
1
3
2
10
6
4
5
7
-
-
Dropped from top 10• Human Illness (8)• Fire (9)
The “Top Ten Threats” captures organisational attitudes which are often driven from the Boardroom.It is where threats are perceived to be right now, not where they actually are or what they will be. DJB
US Dept of Personnel Services….. June 2015“OPM said the total number of people affected by the breach was still believed to be 21.5 million.” -Reuters
Defence White Paper $25Bn....
History is our window on the future – to look forward we have to look back.
How did we arrive at the top ten threats?
In the news…
Building Fires 2015
Ebola virus 2015
Just because they have dropped down the ranks doesn’t mean they have gone away
Uncertainty is more likely to be the opinion of the respondent (to the survey) than what is influencing corporate strategy (in the case of the top ten threats).It is where threats are known to be emerging. There is less clarity about how these threats will manifest and so they are much more difficult to mitigate
On the other hand….
Trends and uncertainties by definition have their roots in a lack of understanding. We know that change has good and bad in equal proportions, but change is rarely brought about through a focus on creating adversity; it is driven by a focus on perceived benefits.We are not naïve enough to believe that because we haven't been faced with a situation in the past that we wont have to deal with it in the future – we've all read The Black Swan (Nasim Taleb)But when assessing uncertainty we have no historic catalogue on which to assess the remedial activities we should probably plan for.
2, 4 and 5 are a case in point….
So what is the real value of the Horizon Scan, what does it actually tell us?
It tells us that organisational leaders are more likely to invest in the top 10 perceived threats
Where real anticipation of preparedness requires investment in what-if analysis…...
Non-kinetic warfare for example …..
1/4 1/3 2/3
And we wonder why some organisations are “blind-sided”
The Great Cyber Bank Heist
Tunisia Terror Attacks
… stealing an estimated $1 billion through a series of hackings.
…..33 out of the 39 victims had flown to Tunisia with a TUI holiday package.
Availability of talents makes a comeback
Other points of note…
Increased BC Investment among SMEs
Scan
Investment in Business Continuity
Uptake of ISO:22301
A bit of trend analysis and uncertainty…...
Big Data -> Privacy -> Geo-Political Cyber Security -> Proper PandemicThe terror fight against globalisation may stem the effects of all these!
3. Thought Leadership
Where could we be postulating as BCM professionals?
3. Thought Leadership
Cyber Battle Lines – Have they been drawn?
Just like kinetic warfare but less obvious and more destructive
1. Big Entities – defining groups (governments, corporates, power seekers)
2. The cyber lynch-mob for smaller targets
3. Air-gapped networks have now been bridged
4. Coming to an office near you – you don’t have to join the military any more to be on the front line.
3. Thought Leadership
1. The biggest data
• The geometric expansion of global data volume and the limited life of all of todays storage media – what does it all mean?
3. Thought Leadership
It’s no secret that unstructured data is growing rapidly and poses significant challenges to organizations across virtually every industry segment to store, manage, secure and protect their data. According to IDC, the total amount of data storage world-wide will reach 133 exabytes by the year 2017, of which 80 percent will be required for unstructured data. Michael Noble, Sr. Product Marketing Manager EMC2
MGTPEZY
1. Visualising big data
3. Thought Leadership
Terabyte2000
Petabyte2012
Exabyte2014
Zetabyte2020?
Yotabyte2030?Megapenny Project
3. Thought Leadership - Visualising big data
Megapenny Project
50% of HD drives will last 6 years100% of HD drives are expected to have failed by year 10SSD drives have 10 (MLC) and 20 (SLC) year expected life spans but are expensive *Multi Level Cell vs Single Level Cell technology
A Zettabyte is a billion Terabyte’s – and we’ve got 8 of them already!
1. The Internet of Things (IoT), ubiquitous computing, wear-ablesand privacy
• A thing, in the Internet of Things, can be a person with a heart monitor implant, a farm animal with a biochip transponder, an automobile that has built-in sensors to alert the driver when tire pressure is low -- or any other natural or man-made object that can be assigned an IP address and provided with the ability to transfer data over a network. Source TechTarget.com
Morgan Stanley: 75 Billion Devices Will Be Connected To The Internet Of Things By 2020 Source, Business Insider
The impacts for organisations and the resilience professionalPrivacy is not just a personal thing – in a corporate sense it is confidentiality
Sarwant Singh, Partner Frost & Sullivan
• The BCI is an excellent ally for anyone with responsibility for resilience – so you would be mad not to join!
• The 2016 Horizon Scan is an invaluable insight into the views of Boardrooms and BCM front-line personnel.
• We should be devoting part of our strategic resilience planning to emerging trends and doing some ‘what-if’ analysis. This will require significant intellectual grunt – but that’s what Thought Leadership is all about isn't it?
Thank you!
3. Thought Leadership
In summary