Breakout Track 6

Wednesday, March 31, 2021, 4:15 p.m - 5:00 p.m. EST


Third Party Management Program: Managing Risk & Operational Resilience

Wednesday, March 31, 2021
4:15 p.m – 5:00 p.m. EST

Bogdana Sardak, Fusion Risk Management

In this breakout session, I will share how I developed from the ground up a Third Party Management program, which is part of the overall resiliency program for Fusion Risk management.

Presentation outline:

  • Overview of third-party management program & framework
  • Third-party management policy creation and important sections
  • Creation of initial setup and internal initiatives before engaging vendors
  • Creation and rolling out due diligence requirements
  • Third-party management risk assessment, tiering, and scorecard
  • Third-party management ongoing management and monitoring
  • Risk Identification & connection to overall company’s resiliency program
  • Automation of the third-party management process
  • Embodying third-party risk management into Business Impact Analysis
  • Collaboration with Key Stakeholders in the company (Legal, Security, Accounting, Finance, Business Functions)
  • Importance of a mature third-party management program in business partnerships

About Bogdana Sardak
Bogdana Sardak is a passionate resilience professional working in the business continuity and risk management field, ultimately gaining experience in crisis management, disaster recovery, emergency response, mitigation planning at a variety of levels.


The Best Offense is a Good Defense - How Resiliency Drives Innovation and ROI

Wednesday, March 31, 2021
4:15 p.m – 5:00 p.m. EST

Patrick Potter, Archer

The adage, “the best defense is a good offense,” is attributed to many, including Machiavelli, Sun Tzu and George Washington. It has been applied as a reference in sports, board games and warfare. It means to take advantage of your opponent by being prepared, focusing on the basics, looking for opportunities and taking them. During this session, this concept will be applied to operational resiliency, which is the ability for an organization to bounce back after a disruption – to bend but not break.

Most look at resiliency as a good defense, and that played out in 2020 as many organizations were disrupted which prompted them to begin building resiliency. However, what if we viewed building resiliency as a business strategy – to help drive innovation, to increase speed time to market, or to become stronger financially? Did you know building resiliency often results in a positive ROI over the short- and long-term?

Attend this session to learn about five ways to build resiliency that will enable your organization to not only come out of disruption, but emerge more quickly, in better financial shape, more agile and ready to capitalize on opportunities that present themselves during and after a crisis.

About Patrick Potter
Patrick Potter has over 30 years’ experience leading risk management, operational resiliency, compliance, internal audit, third-party management, strategic planning and process improvement in both practitioner and consulting roles. He has developed a unique perspective working with analysts, partners and customers spanning many industries including financial services, healthcare, government, energy, education, and travel and hospitality.

Patrick is a subject matter expert for Archer where he provides strategic input into the development of the Archer Suite and works with customers on best practices.

Speaker Spotlight


It's 2020 : The COVID-19 Era! NEW Disaster Recovery Challenges

Wednesday, March 31, 2021
4:15 p.m – 5:00 p.m. EST

Estella Maldonado, Delta Dental Insurance
David Carter, Delta Dental Insurance

February 2020, Delta Dental is deep in the planning of its annual data center failover exercise for the enterprise, the WHO announces there is a novel virus pandemic. The alarm is real and timely given that this virus is highly infectious and mortality rate is on the upstream. The California Governor mandates everyone in the state stay home and quarantine. The world, as we know it, has come to a screeching halt!

The question we faced at Delta Dental was, do we cancel this Disaster Recovery Exercise (DRE)? And the answer although not completely with highest confidence was “No, we go forward”. In the back of our minds was the probability that this stay home to quarantine situation could realistically progress to a worse situation compromising our ability to conduct business as usual and the Crisis Management team would formally make a disaster declaration at Delta Dental for real. More than ever we needed to ensure our recovery plan worked!

** Promptly, we moved to readjust our DRE planning, including assessing new risks introduced into the picture. Communication, connectivity, coordination became the pillars of this effort.

In the end, there was consensus that we executed our DRE 2020 better than most years. The communication was clear, issue resolution was faster, and overall there was tighter control through the four-day exercise. We are here to share our Lessons Learned with you.

About Estella Maldonado
Estella Maldonado, DR, custom designs and socializes programs to best meet organization’s needs for recovery and resiliency. Managed this year’s enterprise DRE at Delta Dental engaging 200+ participants. Trajectory includes Deutsche Bank, IBM, Dow Chemical, Astellas.

Speaker Spotlight

About David Carter
David Carter, 15 years in Cyber Risk & Compliance. Believes sustainable value creation for internal/external customers is the primary measure of success. He manages teams in Risk Controls Monitoring, Red Teaming, Audit Process Support, and Technology Continuity.


The Pennsylvania State University's Hershey Medical Center - How We Executed During The Corona Pandemic And Lessons Learned

Wednesday, March 31, 2021
4:15 p.m – 5:00 p.m. EST

Ted Brown, KETCHConsulting

The Pennsylvania State University’s Hershey Medical Center – How We Executed During The Corona Pandemic And Lessons Learned presented by Ted Brown, Alumni Elected Member of The Penn State Board of Trustees – Founder and Chair of The Risk Sub-Committee with Over-sight of Hershey

At DRJ Fall World Ted Brown presented how Penn State University went from Classroom education to distance learning with 63,000 students attending 300 Zoom classes the first day after Spring Break. That session got a 9.2 on a scale of 1-10. This session will discuss how Penn State’s Hershey Medical delt with the Pandemic as a health care provider and a teaching institute. For example, 144 nursing students were quarantined when 3 tested positive with COVID-19. This session will cover almost a year of planning and execution and will convey lessons learned for not only health care providers, institutions of learning, but all organizations. The session will be presented by a Penn State Trustee with oversight of Hershey but will also include interviews with Hershey Leadership.


About Ted Brown
Ted Brown, CBCP, CBCV, MBCI President & CEO of KETCHConsulting, has been an Alumni elected member of the Penn State Board of Tustees since 2013 (re-elected in 2016 and 2019). He is founder and Chair of the Risk sub-committee with oversight of Penn State’s Hershey Medical Center.

As one of IBM’s first business continuity and recovery services’ (BCRS) executives, Brown led its growth from zero revenue in 1989 to half a billion dollars in 1998. With 52 years in technology, Brown has contributed 32 years of experience to the business continuity industry. He also offered a great deal of time and personal assistance during the long effort to reconstruct the U.S. Virgin Islands, including the only clinic, and he led the year-long recovery of the University of the Virgin Islands after Hurricane Marilyn.

Ted was elected to the Contingency Planning & Management Hall of Fame and in 2017, Ted was recognized with a Lifetime Achievement Award AND Consultant of the Year Award. No one person has ever received both these awards.
At various times, he has provided his expertise to the sales, consulting, and service delivery aspects of the industry. He has led the development of hundreds of unique DR and BCP plans and actual recoveries. His lectures have been featured at CPM, CI, DRJ,CA World, EPICC, DVDRIEG, MADRA, Summit, BOMA, COMMON, DPMA, Survive, DRIE, CPE, ACP, NEDRIX, and 7×24 in North America, plus Australia, Malaysia, and China.


You Survived COVID-19. But Are You Ready for What Comes Next?

Wednesday, March 31, 2021
4:15 p.m – 5:00 p.m. EST

Kevin Barnard, ServiceNow

In 1906, San Francisco was shattered by a magnitude 7.9 earthquake, but contrary to popular belief, it wasn’t the earthquake that destroyed the city. Instead, it was a devastating fire sparked by residents eager to use their stovetops again. The takeaway? Often, it’s not the initial disaster that harms us but rather a poor response in its aftermath.

Today, many organizations occupy a similar position. Though most survived the initial shock of COVID-19, their subsequent processes and systems are still neither secure, resilient, nor compliant, and businesses lack a cross-functional lens to facilitate enterprise-wide crisis management. As a result, organizations are vulnerable but unaware of it.

Here, Kevin will highlight those vulnerabilities and offer a path forward in which business continuity and resiliency shifts from reactive recovery to proactive, business-aligned scenario planning. He’ll draw from his time leading IT Disaster Recovery, Business Continuity, and Crisis Management at GE Capital to offer actionable tips to:
– ensure resiliency is a C-level priority
– understand and prioritize critical assets, processes, and capabilities across the organization
– shift risk and resiliency from IT to line of business-driven

The big idea? In a volatile world, disasters can occur at any time. Our disaster response strategies must reflect that via improved visibility and agility.

Kevin is a Senior Director in ServiceNow’s Chief Innovation Office, where he helps organizations build the workflow-driven Connected Enterprise of agility, resiliency, and visibility. Before that, he held a variety of senior IT positions at GE Capital, a federally-regulated ‘too big to fail’ bank.

About Kevin Barnard
Kevin Barnard is a Senior Director in the Chief Innovation Office at ServiceNow where he helps customers strategize and build the workflow-driven Connected Enterprise. In this role, he crafts enablement materials and provides C-level guidance to organizations seeking to improve agility, visibility, and resiliency. Before joining ServiceNow, Kevin was the Senior Director of Digital Operations at GE Capital, a U.S. government-regulated financial institution, where he led IT Disaster Recovery and IT Service Management. Reporting directly to the CTO, Kevin transitioned resiliency from an IT-led conversation to a line of business-driven priority and used ServiceNow to manage various regulatory and compliance processes. Kevin is a hands-on practitioner with 20 years of experience in a variety of IT and senior leadership roles.

Speaker Spotlight


Crisis Management in a Virtual Environment

Wednesday, March 31, 2021
4:15 p.m – 5:00 p.m. EST

Carlo Kelejian, Continuity Innovations, LLC

Remote working has brought upon many challenges to the workforce. One of these challenges for BC/DR teams is adjusting from physical to virtual command centers. This session will focus on how to manage events in a virtual environment and utilizing technology to create and manage workflows to ensure proper management of a crisis or incident.

About Carlo Kelejian
Carlo Kelejian is an award winning consultant and has over 20 years experience in the BC/DR industry. Carlo holds a Master’s Degree in Business Continuity Management from Norwich University, a CBCP certification from DRII, and MBCI from the BCI. His experience includes working with many industries such as Financial, Manufacturing, Government, Education, Insurance, Health Care and more.


Charting a Low-Risk Path to Modern Disaster Recovery

Wednesday, March 31, 2021
4:15 p.m – 5:00 p.m. EST

James Slaby, Acronis
Biren Jajal, Acronis
Len Tamasi, Acronis
Raymond Sue, Acronis
Keith Lukes, Ubistor

Making the World Safer. Keeping Your Business Running. Providing Duty of Care.Several new forces have converged to highlight the urgent need for DR and to transform the business case for it. The sudden shift to remote work, the growing reliance on SaaS applications, and a surging cyberthreat environment have created daunting new challenges to preserving 24/365 business uptime. Further, the high cost and relative inflexibility of traditional DR solutions calls for new thinking, architectures and implementations – including a path forward that minimizes risks to the business.

By interviewing a business leader who recently oversaw a successful modern DR deployment, Acronis DR and cybersecurity experts will explore the whys of the company’s decision-making process: the factors that combined to make a compelling, low-risk business case for the move. The discussion will then move to the hows: the methods the company used to overcome obstacles and sell the project internally, to craft requirements and evaluate potential vendors, and ultimately to deploy its chosen solution.

The session will include a brief look at some compelling features of the company’s implementation, an examination of the trend toward the convergence of data protection with DR, and a look at how testing and auditing have evolved past their former status as cumbersome and painful obligations.

About James Slaby
James Slaby is the Director of Cyber Protection at Acronis. He has also worked as an industry analyst covering cybersecurity, cloud services and networking at research firms like Forrester and the Yankee Group. With over 300 published tech research reports, he has been quoted in The Economist, the Wall Street Journal and hundreds of tech publications. Slaby has also held product and solutions marketing roles at tech vendors including Sonus, Acme Packet, Bay Networks and Motorola.

Speaker Spotlight

About Biren Jajal
Biren Jajal has over 25 years of experience in the backup, disaster recovery, virtualization, and enterprise storage space. He has served as a Disaster Recovery Specialist with Acronis for over 8 years and regularly engages in helping partners build a cloud disaster recovery practice as part of their managed services offering and helps customers establish a cloud disaster recovery strategy for critical server workloads.

About Len Tamasi
Len Tamasi focuses on empowering partners and clients to grow and protect their business with Acronis Disaster Recovery solutions. Len has over 20 years of experience in the Disaster Recovery and Information Technology markets with companies such as GiantLoop, Verizon Enterprise and Terremark.

About Raymond Sue
Raymond Sue has over 20 years of experience in backup, disaster recovery and datacenter management. He has served as a Senior Solutions Engineer with Acronis specializing in cloud and DR for almost 8 years and previously worked as a datacenter manager for a mid-sized company supporting four global data centers.

About Keith Lukes
Keith Lukes brings decades of expertise in DR consulting to advise companies on the business and technical drivers of modern DR deployments. Besides extensive experience with complex managed services and enterprise data storage, Keith has deep knowledge of the current generation of leading DR vendor solutions.