BCI - continuitygroup.asiacontinuitygroup.asia/images/BCIConf25022016/BCI-Chair.pdf · What is the...

BCI - the Horizon Scan 2016 – And what I think…

David James-Brown FBCI

Chairman

The Business Continuity Institute

• The BCI – A brief overview

• BCI Horizon Scan 2016 - Research

• Trend analysis – some of my thoughts….

What is the BCI?

3

• A global support organization for business continuity and resilience professionals

• Member-Owned, Not-for-Profit Professional Association • Established in 1994• Chapters: Asia, Australia, Canada, Japan, Nordic, South

Africa, Switzerland and United States• Forums: Hong Kong, UK and Europe, Africa, Asia, Middle

East, South America and India.• Over 8,000 members in more than 120 countries working in

an estimated 3,000 organizations in private, public and third sectors

• Our membership grades provide assurance of technical and professional competency

Training and Education Certification Membership Continuing Professional Development program Mentoring scheme Corporate Partnership and Sponsorship Events (like this one) Master-classes Research Thought Leadership Awareness Campaigns

What we do

4

• First BCI Malaysia Conference, May 2016, Putrajaya Convention Centre

• BCM World, November – Back to the Novotel Hammersmith

• “ I am often asked what single piece of advice I can recommend that would be most

befeficial to the business community. My answer is a simple, but effective, business continuity plan that is regularly reviewed and tested ” 2004

– Eliza Manningham-Buller headed Britain’s Security Service (MI5) from 2002 to 2007, leading the organization though substantial change in the wake of 9/11 and the threat from Al-Qaeda. During her time at the helm, MI5 doubled in size, opened eight new offices, and altered its approach to the professional development of staff, with the establishment of a training academy.

– Delegate numbers soared last year by a staggering 50% !

BCI News

5

6

Asia

Henry Ee FBCI

Australasia

Howard Kenny FBCI

Canada

Chris Horne MBCI

Japan

Junichi Ogata AMBCI

Netherlands/Belgium

Werner Verlinden FBCI

Nordic

Faruque Sayed MBCI

SADC

Brian Henry FBCI

Swiss

Roberto Grosso-Ciponte MBCI

USA

Brian Zawada FBCI

BCI Global Chapters

• The independent body of knowledge for good Business Continuity (BC) practice written by experienced BC professionals from around the world

• Provides not just the ‘what to do’, but answers the ‘why’, ‘how’ and ‘when’ of good BC practice

• Reflects current global thinking in BC; aligned to ISO 22301:2012, the international standard for Business Continuity Management

• Translated into Arabic, Chinese, French, German, Greek, French, Italian, Korean, Spanish

The BCI Good Practice Guidelines (GPG) 2013

7

BCI Body of Knowledge

The capability of the organization tocontinue delivery of products orservices at acceptable predefined levelsfollowing a disruptive incident.

Source: ISO 22301:2012

8

The definition of Business Continuity

Improving organizational resilience

9

The BCM Lifecycle

10www.thebci.org

Membership Grades and Experience

11www.thebci.org

Membership Grades and Benefits

• Step One – Complete some formal Training (Instructor led, eLearning/Self-study)

• Step Two – Take the Certificate of the BCI Examination (CBCI)

• Step Three – Pass this examination and attain an internationally recognized post-nominal designation CBCI.

• Step Four – Use your CBCI to progress to certified membership of the BCI

• Step Five – Provide evidence of experience or use the BCI CPD Program to upgrade your membership

Steps to CBCI Certification

www.thebci.org 12

• Step One – Enrol on the Diploma of the BCI (Distance Learning)

• Step Two – Follow the 30 weeks, 3 module course

• Step Three – Pass the Diploma and gain the internationally recognized post nominal designation and academic qualification DBCI

• Step Four – Use your DBCI to progress to certified membership of the BCI (exempt from taking the CBCI exam)

• Step Five – Provide evidence of experience or use the BCI CPD Program to upgrade/enhance your membership

Steps to DBCI Qualification

www.thebci.org 13

BCI Corporate Partnership

14

Self governing and independent – It has its own elected Partnership Steering Group

• Work with like-minded organizations to deliver best practice.• Opportunity for governments to demonstrate a commitment to good

governance.• Opportunity to tactically market products and services to end users, our

membership. • To send the message to stakeholders that good BC and resilience practices

are important to us.• Commissioning industry research to support investment in BC • Demonstrating thought leadership • Running high profile global Business Continuity Awareness Week

….many global partners….

Corporate Partnership benefits

15

• Register an agreed number of employees as Partner Affiliates

• Use of BCI logo to demonstrate commitment to BC and resilience

• Free annual BC 24 licence

• Receive all BCI Partnership and Membership communications

• Member rates on all BCI events, products and services

• Access to wide range of resources

BCI Horizon Scan 2016

2015

2016

1

3

2

10

6

4

5

7

-

-

Dropped from top 10• Human Illness (8)• Fire (9)

The “Top Ten Threats” captures organisational attitudes which are often driven from the Boardroom.It is where threats are perceived to be right now, not where they actually are or what they will be. DJB

US Dept of Personnel Services….. June 2015“OPM said the total number of people affected by the breach was still believed to be 21.5 million.” -Reuters

Defence White Paper $25Bn....

History is our window on the future – to look forward we have to look back.

How did we arrive at the top ten threats?

In the news…

Building Fires 2015

Ebola virus 2015

Just because they have dropped down the ranks doesn’t mean they have gone away

Uncertainty is more likely to be the opinion of the respondent (to the survey) than what is influencing corporate strategy (in the case of the top ten threats).It is where threats are known to be emerging. There is less clarity about how these threats will manifest and so they are much more difficult to mitigate

On the other hand….

Trends and uncertainties by definition have their roots in a lack of understanding. We know that change has good and bad in equal proportions, but change is rarely brought about through a focus on creating adversity; it is driven by a focus on perceived benefits.We are not naïve enough to believe that because we haven't been faced with a situation in the past that we wont have to deal with it in the future – we've all read The Black Swan (Nasim Taleb)But when assessing uncertainty we have no historic catalogue on which to assess the remedial activities we should probably plan for.

2, 4 and 5 are a case in point….

So what is the real value of the Horizon Scan, what does it actually tell us?

It tells us that organisational leaders are more likely to invest in the top 10 perceived threats

Where real anticipation of preparedness requires investment in what-if analysis…...

Non-kinetic warfare for example …..

1/4 1/3 2/3

And we wonder why some organisations are “blind-sided”

The Great Cyber Bank Heist

Tunisia Terror Attacks

… stealing an estimated $1 billion through a series of hackings.

…..33 out of the 39 victims had flown to Tunisia with a TUI holiday package.

Availability of talents makes a comeback

Other points of note…

Increased BC Investment among SMEs

Scan

Investment in Business Continuity

Uptake of ISO:22301

A bit of trend analysis and uncertainty…...

Big Data -> Privacy -> Geo-Political Cyber Security -> Proper PandemicThe terror fight against globalisation may stem the effects of all these!

3. Thought Leadership

Where could we be postulating as BCM professionals?

3. Thought Leadership

Cyber Battle Lines – Have they been drawn?

Just like kinetic warfare but less obvious and more destructive

1. Big Entities – defining groups (governments, corporates, power seekers)

2. The cyber lynch-mob for smaller targets

3. Air-gapped networks have now been bridged

4. Coming to an office near you – you don’t have to join the military any more to be on the front line.

3. Thought Leadership

1. The biggest data

• The geometric expansion of global data volume and the limited life of all of todays storage media – what does it all mean?

3. Thought Leadership

It’s no secret that unstructured data is growing rapidly and poses significant challenges to organizations across virtually every industry segment to store, manage, secure and protect their data. According to IDC, the total amount of data storage world-wide will reach 133 exabytes by the year 2017, of which 80 percent will be required for unstructured data. Michael Noble, Sr. Product Marketing Manager EMC2

MGTPEZY

1. Visualising big data

3. Thought Leadership

Terabyte2000

Petabyte2012

Exabyte2014

Zetabyte2020?

Yotabyte2030?Megapenny Project

3. Thought Leadership - Visualising big data

Megapenny Project

50% of HD drives will last 6 years100% of HD drives are expected to have failed by year 10SSD drives have 10 (MLC) and 20 (SLC) year expected life spans but are expensive *Multi Level Cell vs Single Level Cell technology

A Zettabyte is a billion Terabyte’s – and we’ve got 8 of them already!

1. The Internet of Things (IoT), ubiquitous computing, wear-ablesand privacy

• A thing, in the Internet of Things, can be a person with a heart monitor implant, a farm animal with a biochip transponder, an automobile that has built-in sensors to alert the driver when tire pressure is low -- or any other natural or man-made object that can be assigned an IP address and provided with the ability to transfer data over a network. Source TechTarget.com

Morgan Stanley: 75 Billion Devices Will Be Connected To The Internet Of Things By 2020 Source, Business Insider

The impacts for organisations and the resilience professionalPrivacy is not just a personal thing – in a corporate sense it is confidentiality

Sarwant Singh, Partner Frost & Sullivan

• The BCI is an excellent ally for anyone with responsibility for resilience – so you would be mad not to join!

• The 2016 Horizon Scan is an invaluable insight into the views of Boardrooms and BCM front-line personnel.

• We should be devoting part of our strategic resilience planning to emerging trends and doing some ‘what-if’ analysis. This will require significant intellectual grunt – but that’s what Thought Leadership is all about isn't it?

Thank you!

3. Thought Leadership

In summary

+61 439 434 282

david.james-brown@thebci.org.au

david jb

Presenter

Discussion?