How do you make sure that the learnings from one incident are transferable to another, unrelated, scenario?

“What you need is that leader…who identifies that the outcome is the same”


Michelle Griffey, Chief Risk Officer at Communisis, discusses business continuity planning with Jeremy Swinfen Green.

This year, the very popular teissR3 event focuses on how to improve your organisation’s cyber resiliency and adopt best-practice in incident response and crisis management in a post-COVID-19 world. Space is limited. Register your free place by clicking here.

Video transcript:

We’ve learned from the pandemic we can use that. Let’s say scenario one, there’s another pandemic. We know what we did last time. We can improve this time. Scenario two, there’s a terrorist attack. Now in both cases, you can’t go into the office.


How do you make sure that the learnings from one scenario are transferable to another apparently unrelated scenario?

I think that’s– once you’ve got over– the people are the thing here, aren’t they? So the people will react differently. If you can’t go into the office because of a terrorist activity, your initial reaction will be very different from, oh, the government’s just put me into lockdown and, hey, I’m going to work from home now. Whatever. Isn’t that great?

But once we’ve got to get people over that initial panic, which generally will be happening in your organisations, some really good and strong incident managers, and then there is a bit of a skill in terms of those people that can manage an incident because it might mean that you’ve got to help people along or it might mean you’re actually shouting at them to get out of the way.

But once you’ve got over that initial point, then what you need is that person, that leader, who actually identifies, well, you know what, actually the outcome of it’s a pandemic or it’s a terrorist activity or it’s a flood or fire is the same. We can’t get into the office. We can’t get that work. Therefore, we’ve got to switch on whatever activity is without that plan in terms of, I suppose historically it can be a business continuity plan or a pandemic plan or let’s call it a resilience plan.

That plan doesn’t change. Because the thing you’re trying to do is I can’t get into the office so I need my work done elsewhere. That’s the same. So actually one plan, keep it really simple. Takes you back to lean, doesn’t it? Keep it really simple. One process. One plan. Everyone knows what it is. You test it. We’ve got to– we tested our plans in live over the last four or five months. Yeah. And just keep it simple.

Michelle, that’s been fascinating. Thank you so much.

Thank you.

Copyright Lyonsdown Limited 2021

Top Articles

Is your security in need of an update this Cybersecurity Awareness month?

Cyber security experts tell teiss about the evolving threat landscape and how organisations can bolster their cyber security defenses

A new case for end-to-end encryption

How a hacker group got hold of calling records and text messages deploying highly sophisticated tools that show signs of originating in China

Telcos in Europe put muscle behind firewalls as SMS grows

Messaging is set to be one of the biggest traffic sources for telcos worldwide prompting them to protect loss of revenue to Grey Route practices 

Related Articles

[s2Member-Login login_redirect=”” /]