A good argument to be made, at any time, is that hubris warrants contingency. This is the story of Icarus, Odysseus, Achilles, the Great Recession of 2008, and, most recently, the global COVID-19 pandemic. For each scenario, there were contingency plans, but a mix of overzealous attitudes and lack of risk assessment left the plans ignored, to the detriment of those involved. To take the business perspective, an industry aware of and acting against a destructive possibility to its standing will last longer than an industry putting aside doubts and fears for short-term relief. Business continuity plans are the solution to this problem.
“Too Big to Fail”
Now, let us examine the Great Recession and focus on the buzz phrase, “Too Big to Fail.” While associated with the financial industry’s failure, it is also seen as a benchmark that cannot be crossed without possibly wiping out trillions in assets from the US economy. Except, it was, and crossing it nearly took down the global economy. In choosing to provide bailout funds to dozens of banks considered essential to the U.S. financial system and economy, the US government became the financial industry’s business continuity plan.
Business Continuity Plans Are Integral to Business Survival
“A contingency is a potential negative event that may occur in the future, such as a natural disaster, fraudulent activity, or a terrorist attack,” according to Investopedia. “Business continuity planning […] is the process a company undergoes to create a prevention and recovery system from potential threats such as natural disasters or cyber-attacks,” according to Investopedia. Therefore, a business continuity plan is a response to a potential contingency. Better yet why not ditch the euphemism and call them disaster recovery plans? They are about the “after” of disaster, the “post” effort to bring conditions back to normal. No matter what you call them, every business needs at least one.
People may survive a building fire, but generally, we have drills to make sure nothing goes wrong with the escape. Hopefully, a tornado does not appear out of the sky, but if one does, we have secure areas to house people while it spins itself out. It goes similarly for sickness, theft, civil disorder, malfunctions, change in leadership, ethical dilemmas, and internecine scrimmages. There are contingency plans for all of these.
Conversely, in a chapter from Introduction to Security: Tenth Edition, authors Fischer, Halibozek, and Walters claim that crisis plans are lacking in the United States, citing a 2006 briefing that reports that 39% of U.S companies do not have a crisis plan, with 56% of companies having failed to have conducted crisis reviews and preemptive training. Said neglect, as stated by the chapter, indicates why human error is the greatest cause of crises.
How Business Continuity Plans Are Organized
Ready.gov, a national campaign aimed at educating Americans about averting types of disasters, encourages playing with hypotheticals. Kids on the playground do it to entertain themselves, and for that matter, the “what if” is a too infrequently visited realm by anybody else. Imagine threats, and the actual threats falter against your preparedness when you have business continuity plans. When living through a real-life “what-if” situation, the hope is that people have been trained to think hypothetically and in terms of the worst possible situation; they have planned and reviewed, and somehow, they have met a future they predicted, ready to face it. The thing to take away is that success is also about people, people with plans and the foresight to prepare them.
4 steps for a business continuity plan
When we are talking about the essentials of business continuity plans, we have a fine example here. The disaster has taken place, and anything can satisfy our definition of disaster, as what is more at stake is how we react to it.
No One Is Immune
Case Study One: 2014 Sony Hacking
At this point, I would like to offer a case study that involves, perhaps, one of the 2010s’ most serious cybersecurity incidents, the 2014 Sony Hacking, and the work undergone to, essentially, restart Hollywood.
About the time The Interview, a comedy by Seth Rogen, was scheduled to be released in theaters, Sony Pictures was hacked by a group purported to be North Korean in origin. According to The Hollywood Reporter, along with “massive data dumps,” the hackers released “trade secrets…and five upcoming full-length films”, damaging Sony’s internal credibility and making it the center of political strife that would last for a few months.
Despite being subjected to threats, Sony released The Interview on several VOD platforms, and a few small theaters scheduled showings of the film. The film performed well. As the threats were not carried out, Sony set about rebuilding itself. Timothy Toohey, of Greenberg Glusker, a cybersecurity firm, said that Sony “strengthened its firewalls in response,” and that “internal management of security and privacy issues has improved.”
Over the next few years, managers were replaced, and settlements were paid out to employees whose data had been breached. Slowly, Sony took back its influence and made itself less susceptible to cyberthreats.
Who knows if arrogance was involved? There is, undoubtedly, a believed inviolability of Sony Pictures that has us believe it would not be a good target, or, even, that it could be targeted or taken down. Reputation characterizes how we spend our time and what other people expect of us. Sony has set a standard as a leader of its industry so much so that it is not delusional to see as valid some notion of its having invincibility.
Case Study Two: Avian Flu
During an outbreak of the avian flu in 2006, the New York Times wrote an article about what it would take to prepare for a pandemic. Vocabulary with which the globe is now acquainted, such as “essential” and in a roundabout way, “social distancing,” is used in the article to detail the actions taken to prevent systemic failure. Reporting from Hong Kong, Keith Bradsher interviewed FedEx representatives who told him that they had contingencies “down to every district or market…in the Asia Pacific”. Compared to the Guangdong Province Chamber of Commerce in China, where “54 percent of members had made no preparations,” FedEx analyzed the risks a pandemic could present, many of them unpredictable, and thought of the potential actions.
The more we respect the unknown, the better we understand our limits. We know that we have an ultimate limit, so why do we insist that this is not the case for our businesses or our ideas? Whether you head the film industry or design models for the federal government, you have to know how to continue.
We Know How To Help
Think of us as alike in that regard. Essential Data Corporation aims to thrive, and we will help you do the same. We understand strategy and accuracy, and if your business continuity plan fails, we can work together to create a far more flexible one. You will see the process from the perspective of a partner, not a customer, and what you say is how it is done.
Whether you need a team of consultants to produce a complete line of documentation or a single technical writer for a brief project, Essential Data’s Engagement Manager will lead the project from start to finish. At Essential Data Corporation, the quality of our work is guaranteed. Contact us today to get started. (800) 221-0093 or firstname.lastname@example.org
Written by Will Boswell