Most Business Continuity Plans bring the organization through the disruption to a time when continuity can simply be restored. But what is to be done when the disruption is quarters-long and looks to be possibly years-long? Even those offering Business Continuity Management really only used to discuss that first bit. As we find ourselves in these current times, the suggestion is “BCP on top of your BCP” meaning- there must be a plan for another seismic disruption even as we deal with our current offering.
Connecting Continuity To GRC
Tom Kartanowicz is absolutely doing BCP on top of BCP. However, he is also focused on Business Continuity Management in its truest sense. Tom realizes that he has to manage for disruptions big and small, immediate and long-term, obvious and elusive. Most top-level cyber security executives are built with this mindset. However, Tom is also directly connecting his relentless focus on continuity with a empirical focus on governance, risk management and compliance.
What are some Vulnerabilities and Threats?
Your C-Suite, your team, and your distributed enterprise are all insider threat pockets that can be picked. The laws to which you must comply breathe air into bubbles of vulnerability that adversaries can pop.
Tom is out to make sure that does not happy by expediting realtime business continuity management for governance, risk management and compliance.
Join him in conversation at the CSHub Financial Services Summit.
Realtime BCM for GRC
Tom Kartanowicz, CISO Americas, Commerzbank AG
- Realizing that plans have changed completely and understanding the current reality that regulators are interested in the plan.
- Divining your short and long term BCM plan.
- Understanding the need to now hug the probability tail.
[inlinead-1]
- Preparing for the next low probability, high impact events.
- Consistently engaging in adjustment for resiliency and knowing that BCM and resiliency are joined at the hip.
- Ensuring that everyone from the C-Suite to the front lines are collaborating.