Saturday, April 30, 2005
Businesses Unprepared for Terrorist Attacks, Disasters
By Jim Kouri, CPP
MichNews.com
Apr 29, 2005
New Jersey Used As Example in Corporate Report
Companies in the New Jersey are less prepared than most other markets in the country to face business interruptions, with nearly 30 percent saying that they have yet to create business continuity plans, and 33 percent claiming they do not consider such planning a "high priority."
According to the report issued today by AT&T and the International Association of Emergency Managers, New Jersey companies rank 8th in disaster preparedness out of 12 markets surveyed during the past year. Additionally, even those companies directly impacted by Hurricane Floyd or the 9/11 terrorist attacks were less likely to have business continuity plans than companies in other parts of the country.
New Jersey companies also scored the lowest of all 12 markets when it comes to testing the integrity of their business continuity plans, with 49 percent saying they tested them within the past year, compared to the national average of 59 percent.
"Disaster Planning in the Private Sector: A Post 9/11 Look at the State of Business Continuity in the US" surveyed 100 senior technology executives who have direct business planning responsibilities throughout New Jersey. More than 1200 executives have thus far been interviewed from companies with more than $10 million in annual revenues, representing a broad cross section of industries and markets. Up to ten additional markets will be surveyed in 2005.
"The fact that organizations in New Jersey have such a relatively low level of disaster preparedness is not only surprising, but dangerous," said Mary Livingston, regional vice president at AT&T. "While we saw a spike of business continuity planning immediately following 9/11, it seems that the urgency has greatly worn off."
According to the survey, New Jersey ranked behind seven other cities in its level of disaster preparedness -- even ranking behind such markets as Dallas, Houston and Philadelphia -- with only 71 percent that currently have a plan in place. This compares with 74 percent for companies in both New York and Washington, DC Only 66 percent of the New Jersey respondents claim business continuity is a high priority, a finding considered surprising given the state's proximity to the 9/11 attacks. Additionally, only 16 percent say they would take action if the terrorist alert level were raised, two or three percentage points higher than most of the markets.
Livingston recommends that every company, regardless of size, geography or industry, make business continuity an integral part of their business. Among the preventive measures Livingston suggests are to establish back up networks, identify alternative work sites, create protections for vital business processes, and develop a program for post-disaster employee and customer communications.
Even with the most robust business continuity plans, companies need to ensure that their plans are up to date and reflect changing circumstances and risks. The survey found that nearly 40 percent of the executives who do have an existing business continuity plan have not tested the plan in more than a year, with nearly 20 percent of those saying their plans have never been tested at all. Livingston recommends that the plans be retested every six months.
"A business continuity plan is only as good as its last test," said Livingston. "With so many changing circumstances and fluctuating levels of risk, companies have got to look at these plans as a living, breathing document that must be modified according to even the slightest changes in the network, market and external environment.
The report also found that only 23 percent consider cyber security to be a top concern, despite security breaches known to be a chief cause of business disruptions in the state. In fact, nearly 30 percent of companies have not integrated cyber security plans into their overall business continuity planning. Nearly 25 percent currently use an outside service provider to manage their network security.
Nearly 30 percent of New Jersey companies also tend to utilize outside service providers for business continuity planning, a figure expected to grow given the increasing complexity of measuring and managing risk today. However, most other markets have a higher rate of companies using outside service providers.
While New Jersey companies may lag behind many other markets in planning, 71 percent of executives have taken some precautions to protect against business disruptions, and 26 percent plan to do so in the next six months. These measures include protections against cyber security breaches and establishment of redundant network servers and back-up sites.
http://www.michnews.com/
MichNews.com
Apr 29, 2005
New Jersey Used As Example in Corporate Report
Companies in the New Jersey are less prepared than most other markets in the country to face business interruptions, with nearly 30 percent saying that they have yet to create business continuity plans, and 33 percent claiming they do not consider such planning a "high priority."
According to the report issued today by AT&T and the International Association of Emergency Managers, New Jersey companies rank 8th in disaster preparedness out of 12 markets surveyed during the past year. Additionally, even those companies directly impacted by Hurricane Floyd or the 9/11 terrorist attacks were less likely to have business continuity plans than companies in other parts of the country.
New Jersey companies also scored the lowest of all 12 markets when it comes to testing the integrity of their business continuity plans, with 49 percent saying they tested them within the past year, compared to the national average of 59 percent.
"Disaster Planning in the Private Sector: A Post 9/11 Look at the State of Business Continuity in the US" surveyed 100 senior technology executives who have direct business planning responsibilities throughout New Jersey. More than 1200 executives have thus far been interviewed from companies with more than $10 million in annual revenues, representing a broad cross section of industries and markets. Up to ten additional markets will be surveyed in 2005.
"The fact that organizations in New Jersey have such a relatively low level of disaster preparedness is not only surprising, but dangerous," said Mary Livingston, regional vice president at AT&T. "While we saw a spike of business continuity planning immediately following 9/11, it seems that the urgency has greatly worn off."
According to the survey, New Jersey ranked behind seven other cities in its level of disaster preparedness -- even ranking behind such markets as Dallas, Houston and Philadelphia -- with only 71 percent that currently have a plan in place. This compares with 74 percent for companies in both New York and Washington, DC Only 66 percent of the New Jersey respondents claim business continuity is a high priority, a finding considered surprising given the state's proximity to the 9/11 attacks. Additionally, only 16 percent say they would take action if the terrorist alert level were raised, two or three percentage points higher than most of the markets.
Livingston recommends that every company, regardless of size, geography or industry, make business continuity an integral part of their business. Among the preventive measures Livingston suggests are to establish back up networks, identify alternative work sites, create protections for vital business processes, and develop a program for post-disaster employee and customer communications.
Even with the most robust business continuity plans, companies need to ensure that their plans are up to date and reflect changing circumstances and risks. The survey found that nearly 40 percent of the executives who do have an existing business continuity plan have not tested the plan in more than a year, with nearly 20 percent of those saying their plans have never been tested at all. Livingston recommends that the plans be retested every six months.
"A business continuity plan is only as good as its last test," said Livingston. "With so many changing circumstances and fluctuating levels of risk, companies have got to look at these plans as a living, breathing document that must be modified according to even the slightest changes in the network, market and external environment.
The report also found that only 23 percent consider cyber security to be a top concern, despite security breaches known to be a chief cause of business disruptions in the state. In fact, nearly 30 percent of companies have not integrated cyber security plans into their overall business continuity planning. Nearly 25 percent currently use an outside service provider to manage their network security.
Nearly 30 percent of New Jersey companies also tend to utilize outside service providers for business continuity planning, a figure expected to grow given the increasing complexity of measuring and managing risk today. However, most other markets have a higher rate of companies using outside service providers.
While New Jersey companies may lag behind many other markets in planning, 71 percent of executives have taken some precautions to protect against business disruptions, and 26 percent plan to do so in the next six months. These measures include protections against cyber security breaches and establishment of redundant network servers and back-up sites.
http://www.michnews.com/
0 Comments:
Post a Comment
Links to this post:
Create a Link
<< Home