There’s no getting away from the fact that the world has changed, but with good planning and adaptability, a prepared organisation can react and succeed where others may fail.
A change in our way of thinking
Julie highlighted major alterations in how we think about the risks in our business. “We’ve gone from being worried about our offices to worrying about homeworkers. In many cases productivity has gone up and people are reporting that they are happier, but many people are now missing the human contact and support that an office environment provides, so senior leaders need to work harder to support their people.”
Julie continues: “Those issues also extend to business continuity risks, which are now distributed in nature due to remote working, whereas in the past risks were largely centred around the main offices. Many systems which were implemented to cope with homeworking were rolled out very quickly, to solve an urgent business need. This approach may have lead to gaps and issues with both the resilience and security. Now that the situation looks more permanent, it’s important to check Business Continuity and Disaster Recover plans to account for the totally different risks.”
What does business resilience mean in 2021?
“Business resilience isn’t just having a Business Continuity and Disaster Recovery plan in place” explains Julie. “Although these things are important, the businesses that are most likely to do well in 2021 and further into the future are the ones who have changed their models to suit the new realities.”
Julie concludes: “Resilience isn’t just recovering, it’s thriving in changing times.”
Business Continuity and Disaster Recovery in practical terms
Julie explains: “One key example is your telephony systems. They may have been adapted to cope with the new normal when your people began working from home. These changes may have inadvertently introduced (sometimes hidden until it fails!) issues. Your contact centre is your shop window, especially while many physical shops have been closed for so long. Despite the reopening of the high street, your contact centres play a huge part in representing your business and brand.”
Julie adds: “If people can’t contact your teams effectively, you’re restricting access to your shop window. If your telephony systems fail or perform badly, it reflects on your business. If your online systems fail, telephony might be the only way your customers can get in touch so the ability to talk to somebody is a huge priority.”
So Julie recommends that telephony systems are tested regularly, say every 6 months. A plan for Disaster Recovery is needed in case your telephony fails. What will you do if your customers can’t get through?
Cyber Security
Julie suggests asking two questions of your IT and Cyber Teams when assessing cybersecurity. If you don’t understand the answer the IT/Cyber team give you, or if you don’t even know what these questions actually mean don’t worry, but ask them to explain in plain English what it means for the business and the risk to data or systems. The two key questions are:
- Are you patching our systems for vulnerabilities and gaps?
- Do we have defence in depth built into our IT systems?
Irrespective of the IT/Cyber teams explanation, you should to take an urgent look at your Business Continuity plans and update them (with help from the IT/Cybr team) so that they can cope with a cyber attack. The plans should also be tested and rehearsed regularly with the business and IT/Cyber.
“There must be security at every level of your IT Infrastructure ” explains Julie, “Your central servers, within your technological partner solutions environments, and your end users including those at home. This includes educating your staff, who may be targeted by cybercriminals. They need to know how to recognise they are being targeted – i.e., what ‘red flag’ warning signs to look for – and most importantly what to do about it, and what not to do (e.g. not clicking on suspicious looking emails or links).”
Julie continues: “Testing is an important step. Penetration testing (or ‘Pen Testing’) is essentially paying experts to try and break into your systems. Even if you only do it once a year, this can uncover flaws and vulnerabilities in your security, and your security team or partner should then draw up an action plan to address the issues urgently – thus leading to better protection for your business.”
Julie adds: “Larger or regulated companies are more likely to carry out penetration testing, but smaller companies and outsourced partners might not be doing it. This might be because they think they’re too small to be at risk (they simply think it won’t happen to them!) or because they think they can’t justify it in terms of cost, or even because they’re worried about the potential results! In the event of a successful attack, none of these excuses will help.”
Julie explained that the key to introducing a good penetration testing regime is board support. Explain the risks in plain English to your board. Using IT jargon usually doesn’t help them to understand why they need to do it, how easy it is to break the company’s IT systems, and the significant risks of losing the battle against cybercriminals.
Julie continues: “Don’t believe it won’t happen to you. The criminals are running a numbers game and they may be just as likely to attack a smaller business as the biggest international brands and financial institutions.”
Julie concludes: “The pandemic has created a much more unstable world and global economy. Criminals will continue to look for new exploits so it’s important to try and stay one step ahead. Be agile, be flexible. Learn to adapt to the new world with its new sets of customer demands and business risks.”
What can business do now?
Julie suggests three questions to think about for your business today:
- What are your top 10 business continuity risks now?
- How do you plan to mitigate them?
- What can you build into your business now to shield yourself from future risks?
Which business will succeed in a world of new business risks?
Julie answers: “If you’ve taken your resilience seriously and have a proper Business Continuity plan in place, your business has a much better chance of coping with the next major disruption that comes along – and let’s be clear, something will happen. It’s just a case of when”
Julie explains: “Get the principles right and set your accountability and business framework for dealing with the risks, and your business should be able to succeed while others flounder. You will of course be nee to carry out training and exercising, which in turn will give you the confidence to be adaptable.”
Julie concludes: “The pandemic has actually given Business Continuity and Resilience professionals an opportunity to scan the horizon and hone our skills. Now is an ideal opportunity to engage with an expert partner if you haven’t done so already.”
How Contact Centre Panel can help
If you’re unsure how to assess your businesses risk exposure and how to equip it to handle any new risks posed by changeable working conditions, we can help by advising you on the risks you need to consider and the best way to mitigate them. We can also help you to learn how to work with your employees to maximise their health, happiness, and productivity.