We have to admit, March 2020 was pretty intimidating! It [Covid] impacted all of us in many ways. Businesses took a while to respond while we figured out the full extent of the risk on our daily interactions on a personal and business level. Many didn’t consider Pandemics within their planning, unless within sectors such as Health or if they had a Global presence, but even then the scenarios that played out couldn’t be foreseen.
That aside, many of us ‘simply’ had to make a decision. Many were very quick to respond in a positive way regardless of whether there were plans or not. We embraced working from home, procured new assets, and some even changed their business model to accommodate the new mandates, some of which have been permanent changes for the better!
We evolved to thinking far more about our staff and customer engagement models. Organisations closely examined the customer buying experience focusing on touchpoints and physical interaction with the organisation. This meant rethinking shop and facility access, enhancement of digital channels, social distancing measures, updating customer experience communication, and a redefined brand strategy.
Things that, in the past, would have taken months if not years to come to fruition, and yet we found ourselves being able to almost turn on a dime and facilitate change, without all the red tape! That has to be a win.
This is the essence of resiliency, having the ability to anticipate, respond and recover from a business disruptive event and adapting to survive, to maintain the integrity of the business and continue to provide goods and services.
There’s always a fall out in reacting so quickly, we see that a lot in managing IT incidents, sometimes you just have to get hands-on to get systems functioning again and then facilitate retrospective risk assessments to manage any new gaps or vulnerabilities exposed by the rapid change.
With change, comes risk. Do you know what new risks you introduced in responding to your Covid strategies that you may not have thought about yet? How have you changed existing risks? Remember these can be both positive and negative impacts to the business.
If you haven’t yet reviewed your risk register in light of business change, you’ll get a lot from the exercise.
About the Author
Yvonne Sears MSc, LLM, CIPM, CISM, PICIP, MBCI
Yvonne has over 22 years’ experience in information security and Privacy in the UK and Australia. She is uniquely qualified having both a Master’s in Information Security and Computer Crime, and a Master’s in Information Law (covering: Data Protection, Freedom of Information and Copyright Law).
She has worked on several trail blazer projects leading the way on data sharing and privacy issues in sensitive and complex areas and has worked for a wide variety of public and private sector organisations worldwide.
She has contributed at industry events as a speaker and has contributed to several publications including ISACA’s Privacy book: “Implementing a Privacy Protection Program” (2017) and “Women in the Security Profession” (2016).