Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Csarn 19 May 2010
1. Ray Stanton
Executive Global Head, Business Continuity,
Security and Governance, BT
Building Resilience for the 21st
Century Organisation
CSARN Wales Conference
Cardiff Millenium Stadium,
19 May 2010
2. Agenda/ topics covered
Who is BT
Risks Facing National Governments
Choosing your Business Continuity Strategy
Public / Private Partnership in action case study;
CockerMouth - One team in a Crisis!
Key messages & take-aways
3. Introducing BT Group and its lines of business
• Over 112,000 people delivering service
to more than 170 countries
• In the year end 31 March 2010 BT
Group Revenue was £20,911 Million
with EBITDA of £5,781 Million*
For more information please visit
www.bt.com/aboutbt
Group CEO: Ian Livingston Group CFO: Tony Chanmugam
BT Group plc
BT Operate
Operates and manages
BT‟s network & BT customers
from all lines of business
CEO: Roel Louhoff
BT Innovate & Design
BT‟s R&D Research
Facilities & “Design Factory”
servicing all lines of business
CEO and Group CIO: Clive Selley
BT Retail
IT and Comms
services in the UK
CEO: Gavin Patterson
BT Wholesale
Carrier and
infrastructure services globally
CEO: Sally Davis
Openreach
Provision of fair
and equal network access
CEO: Steve Robertson
BT Global Services
Provision of networked IT
services globally
CEO: Jeff Kelly
Group strategy & operations
Customer
relationships
*before specific items, leaver costs, net interest on pensions, and contract & financial review chargess
4. Risks facing national governments – an example
An illustration of the high consequence risks facing the United Kingdom
Relative Likelihood
RelativeImpact
Pandemic
Influenza
Attacks on
Critical
Infrastructure
Coastal
Flooding
Major Industrial
Accidents
Major Transport
Accidents
Severe
Weather
Electronic
Attacks
Animal
Disease
Non-conventional
Attacks
Inland
Flooding
Attacks on
Transport
Attacks on
Crowded
Places
7. Security & Continuity Risks – Logical Grouping
SERVICE INTERRUPTING
Product Liability 17
System Failure
16
Natural Disaster 14
Cable Damage 7
Power Failure15
NON-MALICIOUS
Pandemic Flu
1
Attack on Employees
18
Revenue Fraud
12
Employee Malice
11
Theft of Assets
5
MALICIOUS
Logical Attack 9
Physical Attack
6
Fire/Expl‟n/Bomb
8
Political Instability
13
Data Security
4
Industrial Action
2
Supplier Failure
3Contract Fulfilment
10
NEGLIGENT
INCREASINGIMPACT
8. Representing Risks on Impact vs. Likelihood Diagrams
Very simple and subjective representation: The three zones of risk call for different approaches to risk
management:
1. BaU zone
2. Managed risk zone
3. “Black Swan” zone
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
0 100 200 300 400 500
Impact (£m)
Likelihood(%)
More realistic, comprehensive and objective representation:
“Risk Frontier” curve with
distribution of values for
Impact & Likelihood
BaU zone
High frequency incidents
Efficiency and reliability issues
CE / RFT problems
Predictable
Historical data available
“Black Swan” zone
“Tail” of the distribution
Perceived threats & fears
Worst credible scenarios
No experience or data
Managed Risk zone
Major incidents
Expert judgement
Limited data (not just BT‟s)1 2 3 54
Net Impact
61 2 3 54
Net Impact
6
NetLikelihood
3
2
4
5
6
1
NetLikelihood
3
2
4
5
6
1
X
Single point and
values of Impact
& Likelihood
9. BT‟s Risk Register Hierarchy
S&C Risk
Register
RISK 1. Pandemic
flu
S&C Risk
Register
RISK 15. Power
failure
S&C Risk
Register
RISK 6. Industrial
action
S&C Risk
Register
RISK 9. Network
attack (logical)
Info Ass‟ce Risk
Register
RISK 1. Power source
disruption
Info Ass‟ce Risk
Register
RISK 3. Overloading
C&C infrastructure
Info Ass‟ce Risk
Register
RISK 2. Electronic
interference
Risk Mitigation
ACTION 1. Protected
dual power supplies
Risk Mitigation
ACTION 3. Improved
site security measures
Risk Mitigation
ACTION 2. Standby
generator upgrade
Group Risk
Register
RISK 6. Failure of
Corporate Resilience
Group Risk
Register
RISK 7. Threat of
Industrial Action
Group Risk
Register
RISK 5. Funding of
the Pension Scheme
10. Choosing your strategy:
Where to deploy Business Continuity?
Colocation of critical IT systems, back-up, mirrored data centres.
Often built-into BPO contracts, with additional hardware
Redundant (often virtual) space for disaster or contingency
planning, relocation services and emergency contact centres
Mirrored and alternative bandwidth and connectivity plans,
including mobilised and distributed capability
Distributed workforce, but also multi-skill staff crossing-over
workloads to ensure resilience. Defined lines of responsibility
Redundancy in systems and processes. Understanding of
prioritisation in service delivery
Source: IDC Research for BT; November 2007
IT
Connectivity
Physical
Processes
People
11. Remember basic principles – the Business Continuity Lifecycle
• Logical methodology
• Ensures appropriate solutions
• Accepted best practice
• Framework for continual improvement
• Continual engagement with customer
• Solutions not products
BCM
Programme
Management
12. Benchmark against Best Standard: eg. BS25999
• Worldwide standard for business
continuity management
• Widely accepted
• Is the only BC standard that can be
certified against
• Full range of complimentary
professional services
14. How does BT discharge its Civil Contingency Obligations as a
Category 2 Responder?
2 Senior Managers and a virtual team of 80+ liaison managers
(Regional and Senior Operational managers)
Responsible for:
▬ Attending local (54 LRFs UK wide) and Regional (12 RRFs UK wide) Resilience meetings
where appropriate (Chief Constable/ CEO level);
▬ Attend exercises where appropriate at Regional or Local level
▬ Information share where appropriate (BCM resilience opportunity); and,
▬ Attend Multi Agency „GOLD‟ commands during and incidents (85% of the BT liaison
manages are trained at GOLD command level)
16. BT Initial Response & Establish Control
Lead by BT most senior „on call‟ executive
• Initiated a Threat assessment and Response Group (TARG) comprising of key
Business Unit leads (Network Management, Incident Management, Market facing
Units, Media Ops, HR, Legal, Property, BCM)
Initiated a BT Gold Coordination Group
• As a result of the TARG formed and Chaired BT Gold throughout BT‟s response.
Linked into the Multi Agency Strategic Coordination Group (SCG)
• Directed the brief and deployment of the BT Liaison Manager to Cumbria SCG by
the Civil Resilience Duty Officer
17. BT Recovery & Return to Normality
BT Incident Management Team (BT Silver)
• Initiated traffic rerouting round the damaged network to restore service ASAP, assembled
teams of fibre optic and copper cable specialist to divert or build temporary network around
Northside bridge area (three months work concluded in seven days);
BT Liaison Manager - secured support from Cat 1 & 2‟s
• Specifically Cumbria County Council and Network rail allowing temporary network to be
constructed over the rail bridge to the west of the collapsed Northside bridge;
Support to Responders by BT Bronze Teams
• In addition to repairing the devastated network in Working ton BT technicians also provided
specialist communications support in Cockermouth and across Cumbria supporting agencies
by restoring lost services or provision of temporary service to aid their response;
Support to the Community by BT Bronze Teams
• Provided return to Premises support to communities across Cumbria by testing internal
network and equipment before allowing use .
18. Solutions from BT addressing organisations BC/DR needs
• Recovery of voice, IT, premises and communications in the event of
disaster within agreed recovery time objectives
• BT Commsure in UK providing full voice and data recovery services
• Provision of secure mobile communications, enabling location
independent operation
• Flexible working and home-working solutions to enhance
pandemic preparedness
• Secure and highly dependable IP infrastructure
• BT‟s WAN provides basis for next generation converged solutions
with quality of service and reliability
• Secure and resilient hosting of client systems in BT data centres
• Fail-over service – full client system duplicated in BT facility
• Storage (e mail archiving, data vaulting etc)
• Full end-to-end lifecycle based on emerging (BS 25999) standards
• Business case and benchmarking against industry best practices
• Process embedding, not just a one-off, box-ticking exercise
Business Continuity
Consulting
Resilient Data
Centre Services
Resilient
Communications
Mobile and
Flexible Working
IT and Disaster
Recovery
19. In summary, our opinion and take-a-ways
In our opinion
• The risk environment is more volatile, not less;
• Your stakeholders will demand protection of their
assets and proof that your business is resilient;
• Strong business continuity strategies, following basic
principles, are the best way to protect your
organisation.
Take-a-ways/ food for thought:
• Look to share technology and operational risks with
trusted, qualified partners and similar organisations
on common ground!
• Introduce common Risk Management standards now
to deal with the continuing convergence of networks
and the applications that depend on them;
• Risk is not going away, embrace it now!
• Plan, plan and plan again, but get on with the execution
now – but remember, fail to plan, plan to fail!
“There cannot be a crisis next week.
My schedule is already full”
Henry Kissinger
20. In the end – it‟s all about
avoiding problems before
they happen!