Louis Cypher

Business Resilience rebirth 2017: this time it’s personnel, by Louis Cypher

Anyone with the misfortune to attend a Business continuity conference in recent months will have been subjected to a vaguely emetic lecture on the transformation of Business Continuity into the far more dynamic Business Resilience. You will note that the cadaverous 50-something never-was delivering this call to action looks a lot like a grey version of the  bloke that announced the transformation from ITDR into business continuity 20 years ago. The only subtle difference is that he has now wasted two decades of his life, most of his clients’ time, and has at least 8 letters in his post- nomenclature that mean precisely f*** all. So here we are on the cusp of a revolution, and it is worth thinking about what got us here. 
In the olden days the continuity world was all about ITDR. That’s “D” for disaster.  Now call me an old drama queen, but Fukashima was a disaster, and so was 9/11. But unless you work at the extreme end of socially useless trading, is losing temporary access to a few IT services a disaster? It might be for some poor soul who gets it in the neck over in helpdesk; but don’t worry too much, he doesn’t speak English anyway.  So ITDR died, not because storage costs tailed to zero and everyone with any sense went into the cloud years ago, but mainly because the guys running the business thought the name was ridiculous. It’s not a disaster any more than “surfing” isn’t surfing – you are just sitting in your bedroom typing. And if your job is so dull you need to use melodramatic terminology to make it sound exciting, then you deserve to be stuck in a windowless basement office with three other guys laughing like the Smash potato advert and having a BO competition. Just to help a bit, the easiest thing to do next time you have a computing glitch is tell all users to delete system32.exe – that should sort it. 
Then some bright spark realised that most people are not running a datacentre, they are running a business. So rather than making sure you have cost effective asynchronous backup, you might be better devoting some time to making sure you can actually make some money. And thus business continuity was born; and suddenly anyone, qualified or not, could get in on the act. The official Dictionary of Business Continuity Management terms is 48 pages long; and close inspection tells you that not one of them has been invented for any reason other than to make it sound like a complex black art. So after millions of management consultant hours, business continuity is finally on its last legs, and not just because someone realised that no business ever in the history of business has ever been prevented from going out of business by a business continuity plan, but because the Cybersecurity guy is still getting paid more than you , and no one, not even Janet from accounts, wants to sleep with you. 
So from now on, it’s all about Resilience; which is different because it is on the board agenda. I know this because I went to listen to a talk about how to get Business Resilience on the Board agenda. From a bloke that didn’t appear to understand the difference between a board member and the executive committee, had probably never spoken to anyone from either, but had a nice tie. But as I decided to get quite pissed at lunch after a morning workshop on how to develop KPIs for resilience (“folks, if you can’t measure it, you can’t manage it!”. T**t), it is entirely possible I misheard.  What I do know is that the centre of excellence that is the BCI will have to change its name to get rid of the continuity bit, and I for one think the Business Resilience Association (BRA) might fit the bill, because the place is clearly full of complete ti(Ed: article ends  due to lack of space)