ARSC's keynote presentation at the KuppingerCole European Identity and Cloud Conference was picked up by Computer Weekly. Some excerpts follow:
According to Mannella, businesses should assume that something that might be termed a black swan will happen, and they should plan accordingly.
“Do not rely solely on your ability to predict because improbable events happen all the time. Although the chances of a particular event are low, the chances of some event are high,” he said.
For this reason, Mannella said it is important that every organisation has a business continuity plan, and everyone in the organisation is aware of that plan and is regularly drilled on it.
While risk management deals with prediction, and high availability and redundancy deal with prevention, he said business continuity or disaster recovery management is still necessary to take care of response. “Risk management, high availability protection, redundancy and security do not obviate the need to plan for failure.”
“The C-suite is not scared of Isis, but they are scared of attorneys. So if you talk to your executive stakeholders about the ability to provide an affirmative defence, the ability to demonstrate a standard of due care to limit their liability – not the company’s – but their liability, then you will have their hearts and minds so that you can get the budgets,” he said.
The full article can be found here.
According to Mannella, businesses should assume that something that might be termed a black swan will happen, and they should plan accordingly.
“Do not rely solely on your ability to predict because improbable events happen all the time. Although the chances of a particular event are low, the chances of some event are high,” he said.
For this reason, Mannella said it is important that every organisation has a business continuity plan, and everyone in the organisation is aware of that plan and is regularly drilled on it.
While risk management deals with prediction, and high availability and redundancy deal with prevention, he said business continuity or disaster recovery management is still necessary to take care of response. “Risk management, high availability protection, redundancy and security do not obviate the need to plan for failure.”
“The C-suite is not scared of Isis, but they are scared of attorneys. So if you talk to your executive stakeholders about the ability to provide an affirmative defence, the ability to demonstrate a standard of due care to limit their liability – not the company’s – but their liability, then you will have their hearts and minds so that you can get the budgets,” he said.
The full article can be found here.