Preparing for Disaster [Podcast]

Many of us have tried our hand at different things while our lives have been disrupted by COVID-19. One of the things Christian Joeres, Senior Sales Specialist at Daisy has tried out, is a guest appearance on industry podcast “Grangia’s Got Skills”.

In this episode, Christian talks us through his industry experiences prior to and during the pandemic and shares his thoughts on the ‘new normal’ for business continuity. We happen to think he’s a natural “on the mic” – have a listen and see if you agree.

Topics discussed include:

  • How has the business continuity/disaster recovery industry changed over the last 20 years?
  • What support have customers needed during the coronavirus?
  • How are organisations likely to handle a future pandemic differently?
  • What will the ‘new normal’ look like?
  • What challenges might a ‘new normal’ bring?
  • What is the relationship between business continuity and insurance?

Listen to the podcast here or read on for the podcast transcript

(Podcast courtesy of Grangia’s Got Skills)

Podcast transcript 

Alan: Welcome to another episode of ‘Grangia’s Got Skills’. Today we’re joined by Christian Joeres from Daisy. Do you want to just give us a little bit of background of your role at Daisy, to begin with?

Christian: Here at Daisy, I’m a senior sales specialist in the field of business continuity and IT disaster recovery. I’ve been in my role now for just over 25 years, so I’m not a consultant, I’m not a practitioner of business continuity in any way, but over the duration of my career, I’ve worked with hundreds of organisations in public and private sector to implement holistic business continuity programmes, deploy tactical solutions for work area recovery and IT disaster recovery and data replication and high availability.

Alan: And in terms of Daisy, they operate in more than that area don’t they? There’s a wider remit there, isn’t there?

Christian: We do indeed. So, telecommunications, IT managed services are the general two areas of our business, but that breaks down into a number of niche business areas. In telecommunications it’s everything from mobile through to unified communications. In terms of managed services we offer data centres through to break/fix maintenance services, management, monitoring services and then also networking solutions and into the field of cybersecurity.

Alan: Daisy have been going for quite a few years now, haven’t they? Is it the Burnley area that they’re based in?

Christian: That’s right. The chairman and founder Matthew Riley is from that neck of the woods and he started the business in 2001. He was ex-BT, so he was from a telecommunications background. He recognised an opportunity in the market to break into mobile business to business sales. Obviously that took off very quickly. He then developed the organisation through a strategy of acquisition moreso than organic growth and in the last 15-16 years, he’s actually acquired a total of 52 organisations.

Alan: And are you just based in the UK or is there a global organisation?

Christian: No, we are just UK-based at this point in time. I don’t think there’s any aspirations to move beyond the UK. As an entrepreneur, Matt is always looking for new opportunities but as we stand today, we’re very much focussed on the domestic market.

Alan: I’m guessing the last couple of months during lockdown, you’ve been in a very good position in terms of being able to offer those kind of support solutions to companies would you say?

Christian: Absolutely. But I’d say before the pandemic hit, we are an organisation that always practices prevention rather than cure. So, the thousand or so business continuity clients that we have in the UK, we’ve been working with them for many, many years to ensure that their plans are already tried and tested and that they are robust for any business continuity incident. So those clients were already prepped you might say, for such an incident, but I don’t think anyone could have seen the likes of coronavirus happening on such a wild scale. So yes, we’ve been very busy, since it hit the UK shores. Many of our financial service clients have activated or ‘invoked’ the services that we offer, not only from a people perspective but also for IT services and that was in the main, part of mitigation strategies. So not as a result of their offices being infected by the virus but actually to ensure that they remained resilient throughout the period so that if there was an outbreak at their offices, they still had a workforce at an alternative location that could continue to deliver their most critical services. So we’ve been very busy supporting those clients across our facilities here in the UK, and of course we’ve been dealing with a number of new enquiries from organisations who have found themselves without contingency plans and the need for support from a specialist like Daisy.

Alan: Historically, the word ‘DR’ (disaster recovery) – I can remember in my career first coming across that term and the basic remit was: if your building gets bombed or if you get hit by a plane then you have to have somewhere else to be able to work. And I’m guessing over the last 20-25 years, the world of DR and business continuity has had to adapt to a lot of changes, as I think the Internet and cloud-based services must have changed quite a lot of things in that area as well. What are some of the changes you’ve seen in the last two decades, let’s say?

Christian: You’re very right. I think when the industry started to first form, we were concentrated on the more obvious threats and risks that businesses wanted to plan for and they were traditional events such as fires, terrorist attacks, utility outages, floods perhaps. But these days, things are far more sophisticated as you say, in terms of technology, and also the threats have changed, the landscape has changed. In a business continuity institute horizon report which was published last year (so this is prior to coronavirus) the number one threat to most organisations was considered to by a cyberattack or data breach. The second threat was IT or telecoms outage and the third threat was adverse weather or natural disasters such as hurricanes, earthquakes, floods etc. So the threat landscape has very much changed and the dependency on IT services across a hybrid environment adopting public, private cloud services has made it very difficult for organisations to map their risk and ensure they’ve got suitable contingency arrangements in place. It’s a far more complex landscape than it perhaps was when we first started in the industry when most organisations operated from a key site or a number of sites with an on-premise computer room. So in terms of the risk profile it was quite easy to understand what was necessary to today’s world where you have agile workers, multiple locations of work, IT that’s dispersed, on-site, in the cloud, etc., it is a much more complicated animal it is today, than in previous years.

Alan: I notice your top three there didn’t include pandemics so it’s obviously taken everybody by surprise. I’m guessing, and you can answer this probably better than I can, that going through this issue, if we were to be hit by a pandemic again, how do you think we would handle it differently? I’m assuming we would handle it better, but what do you think are some of the learning curves that we’ve been through and how do you think we’re going to change things going forward from here?

Christian: This is a really good question and it’s obviously very topical and I think there’s a great deal yet that professionals and organisations are going to learn from this situation but what we do know already from feedback is that approximately 15% of organisations were prepared for the pandemic, they had considered it as a key threat to their organisation and they had put plans in place that they had tried and tested. Of course, the remaining 85% to some degree were unprepared or totally at a loss in terms of their plans. So first and foremost, I think that organisations coming out of this will consider a pandemic crisis to be something that they must plan for going forwards. I think in terms of how organisations choose to work going forwards, again, we’ve already seen some interesting facts coming back going through the business continuity institute again, where approximately 25% of organisations are already reporting that they will go back to their normal business model post coronavirus but some 54% will not go back to their old business model, they are considering how they will operate in business as usual (BAU) after this event, so they are looking more towards homeworking, agile working. And then that leaves the remainder which are currently unsure about their model and they’re looking at their opportunities as well as their risks. But I do think it’s the 54% that are in a very interesting position whereby changing their business model will enable them to improve their operational resilience on a day-to-day basis, but also look at more creative continuity arrangements that will give them more agility in the event of another pandemic scenario. Hopefully we only anticipate these things once in every 100 years, but you never know and it’s better obviously to have something in place that you know as an organisation is going to help you pull through in any such situation.

Alan: The buzzword in the industry for post-coronavirus is the ‘new normal’, that phrase gets bandied around quite a lot. 54% of businesses are going to operate on a working from home, remote working model going forward. What are some of the risks to businesses of moving to that model of predominantly working from home?

Christian: I think the threats that most organisations are going to be faced with are manageable. I think there are some areas that will need further development as time goes on but the key challenges perhaps are going to be around regulation and compliance, especially within certain verticals such as the financial and insurance markets where there’s very tight security controls in place for GDPR, sensitive data and the like. How do you ensure those controls are managed in a homeworking environment? That’s quite complicated and I think that in the current scenario, with coronavirus, because we’ve got no choice but to work from home, there is a level of tolerance that those regulatory and compliance obligations are perhaps relaxed – whereas going forwards, if an organisation were to experience its own business continuity incident, that tolerance would not be there and that organisation would be expected to continue to adhere to its obligations. The other kind of feedback that we’re having from clients in terms of challenges: not everyone can work from home, it’s not suitable for everyone. Many people don’t have a suitable work area in their homes and of course, the technology as well, that needs to be deployed at home in order for that individual to remain as productive as they would do in their normal place of work. It increases the strain on IT resources to ensure that the technology is supported, is secure, so it’s challenging in those respects. But one of the threats, going back to your question with working from home that we perceive, is that obviously within an office environment, the IT department can implement tight controls across the network, whereas having hundreds of staff working from home perhaps, means that there are hundreds of additional end-points that each create a new risk to that network from potential cyberattacks.

Alan: I’m guessing that there’s obviously an interaction between the business continuity and disaster recovery worlds and the insurance market? So I’m just wondering what your thoughts are around how that might change going forward and what impact it has and if companies have a BC policy, and they’ve got a DR policy, does that impact, favourably, their insurance policies? How do those two worlds overlap?

Christian: In my experience, customers have often been asked by their insurers to implement business continuity plans. It is often one of the triggers for an organisation to contact Daisy to see how we can assist them with their business continuity. So I think there will be discussion going forwards between the insurance industry and the business continuity industry to understand how we can collaborate for future pandemics but it is vitally important that organisations, before they make any drastic changes to their business continuity plans as a consequence of coronavirus, they should seek advice and consultation with their insurance companies to see what impact, if any, there may be.

Alan: Finally, I just wanted your thoughts on the ‘new normal’ Christian, I know we’ve touched on working from home and maybe insurance changes. Anything else you think’s on the horizon in this new world we’re going to call the ‘new normal’?

Christian: Before the pandemic, many of my clients were already seeking to offer their staff more agility. The ability to work from home or the office or a hot desk in another location, so the fact that the coronavirus has hit and we’ve been asked by the government to work from home has really catapulted us into this world where there is going to be change in the way in which we work. But it’s to what degree? And I think organisations will need to consider what individuals do for organisations, what teams require in terms of their facilities and resources, what interdependencies there are between teams and departments, to establish what looks good for them, what are the right working practices and how can they deploy the staff and teams to give that level of agility that they were looking for prior to coronavirus and going forward as well. But whilst they’re doing all of that and looking at the benefits for business as usual, they must obviously continue to consider business continuity and underpinning that potential risk that they have in the event of any future threats. So I think going forwards, operational resilience is the key focus and having an agile workforce undoubtedly helps deliver against that, it’s just about maintaining the right risk controls in place that will be the challenge, I think, for most organisations.

About Grangia’s Got Skills

This is a podcast by Grangia’s Got Skills, a career podcast for IT, project management and cybersecurity resourcing. Click here to visit their website and to find more episodes.

About Christian Joeres

Christian Joeres is a senior sales specialist consultant at Daisy Corporate Services. He has worked in disaster recovery and business continuity for more than 20 years, starting in a marketing role for an IBM partner specialising in AS400 and RS6000 systems, Christian went on to Guardian IT where his role expanded into all aspects of business continuity across public and private sectors. During his career, Christian has worked on a consultative basis with more than 400 organisations to help reduce their organisational risk, implement business continuity and resilience and ultimately ensure critical services are robust.

 

Talk to one of our specialists.
Call us on
0344 863 3000