A Bad Time to Turn a Blind Eye to BCP

An emerging theme that seems to grow by the day is organizational apathy toward risk management. Although we seem to be much more attentive to disruptive events that can affect operations - whether they are naturally-occurring or anthropogenic - curiously, managers are becoming more and more resistant to the idea of initiating business continuity programs. This phenomenon is descrtibed in an article that appears on searchsecurity.com. Dan Stolts, president and senior systems engineer for Bay State Integrated Technology Inc. of Lakeville, Mass. explains it this way:

"The entire problem is that companies see business continuity and disaster recovery as something they should be thinking about. Then it gets pushed aside because of things that come up on a day-to-day basis and other projects that are in the works"

The article cites a recent survey by Deloitte and Touche which answers some of the reasons why this is occurring. Much of the problem has to do with infrastructure difficulties:

The study shows many companies haven't developed enterprise-wide business continuity programs or they lack the appropriate infrastructure to verify that one is properly maintained...two-thirds of respondents acknowledged this

One the primary reasons why risk mitigation becomes so important in my opinion doesn't necessarily have to do with the risks associated with terrorism, as much as it does with how our dependence on technology is exploding. In fact, I came across the following piece from the Business Standard in India that offers up the following startling statistic:

Ranganath Sadasiva, business manager, storage works division, HP India pointed out that more data will be created in the next three years than in the past 40,000 years

More data means more points of vulnerability, which in turn requires a much greater degree of attention that should be paid to business continuity planning.