Kevin Barnard believes resiliency is one of the most important functions of an organization because it influences all aspects of the business and is one of the most dynamic roles one can have.
Barnard, senior director in the chief innovation office at ServiceNow, helps customers strategize and build the workflow-driven Connected Enterprise. In his role, he crafts enablement materials and provides C-level guidance to organizations seeking to improve agility, visibility, and resiliency.
Before joining ServiceNow, Barnard was senior director of digital operations at GE Capital, a U.S. government-regulated financial institution where he led IT disaster recovery and IT service management. Reporting directly to the CTO, he transitioned resiliency from an IT-led conversation to a line of business-driven priority and used ServiceNow to manage various regulatory and compliance processes.
Barnard has been a hands-on practitioner with 20 years of experience in a variety of IT and senior leadership roles. He has worked in his current position at ServiceNow for three years.
Three traits – innovative, inclusive, and leading — help define him as a valued employee in the business continuity/disaster recovery profession.
He fell into the BC/DR profession “organically” and most enjoys “focusing on the value of the work” in the profession.
“It’s important work that is too often ignored,” he said, “with potentially devastating consequences. It also doesn’t hurt motivation to have regulators downstairs, as has happened to me a few times throughout my career.”
He plans to share his expertise with attendees during his Breakout Track 6 session at DRJ Spring 2021 on March 31 from 4:15-5 p.m.
His presentation is titled “You Survived COVID-19, But Are You Ready for What Comes Next?”
According to Barnard, San Francisco was shattered by a magnitude 7.9 earthquake in 1906, but it wasn’t the earthquake which destroyed the city. Instead, it was a devastating fire sparked by residents eager to use their stovetops again. The point is, it is not always the initial disaster which harms people but instead a poor response in its aftermath.
Barnard said many organizations occupy a similar position. Though most survived the initial shock of COVID-19, their subsequent processes and systems are still neither secure, resilient, not compliant. Businesses lack a cross-functional lens to facilitate enterprise-wide crisis management. As a result, organizations are vulnerable but unaware of it.
During his presentation, Barnard will highlight those vulnerabilities and offer a path forward in which business continuity and resiliency shift from reactive recovery to proactive, business-aligned scenario planning.
Barnard will use his time leading IT disaster recovery, business continuity, and crisis management at GE Capital to offer actionable tips to ensure resiliency is a C-level priority; understand and prioritize critical assets, processes, and capabilities across the organization; and shift risk and resiliency from IT to line of the business-driven.
“The big idea,” said Barnard, “is in a volatile world, disasters can occur at any time. Our disaster response strategies must reflect that via improved visibility and agility.”
Barnard said he will offer a path forward in which business continuity and resiliency shift from reactive recovery to proactive, business-aligned scenario planning.
ServiceNow is headquartered in Santa Clara with offices located throughout the world. The company has more than 13,000 employees and is growing each day due to the power of the Now Platform, which has become the standard for workflow-designed experiences and connects people, functions, and systems within a single foundation which delivers enterprise-wide digital workflows.
When he’s not working, Barnard teaches yin yoga and power yoga in the Hartford, Conn., area. He is a 200-hour Yoga Alliance Registered Yoga instructor and is certified in mindful yoga therapy for trauma and PTSD survivors. Previously, he worked as a journalist before joining the BC/DR profession.
John Beattie, FBCI, is principal consultant with Sungard Availability Services. Sungard is headquartered in Pennsylvania and has more than 1 million square feet of data centers in the U.S. and Europe. The company’s suite of production and recovery solutions deliver the resilience essentials businesses need to be available, safe, and agile.
He was self-inspired to choose the business continuity/disaster recovery field because “developing ‘under duress’ business strategies has been fascinating, while building compliance ‘check-the-box’ plans not so much.”
Beattie, who is innovative, tenacious, and focused, has held his current position for the past 12 years and been in BC/DR for a total of 18 years.
“As a consultant, I have the luxury of working across many industries which has added to the ‘fun,’” he said.
Beattie is set to co-present with Michael Shandrowski at DRJ Spring 2021 on March 30 from 12-12:45 p.m. as part of Breakout Track 3.
The pair’s presentation is titled “The Changing Face of Disaster Recovery: Are You Prepared to Recover Cyber-Compromised Data?”
According to the presenters, the face of disaster recovery is changing, and the culprit is a threat that has become increasingly common among businesses: cyberattacks and ransomware. Leading analysts say ransomware attacks have surged to become the second-leading cause of IT outages. Now that the U.S. Department of Treasury’s Office of Foreign Assets Control has issued an advisory highlighting sanctions risks for ransom payments to certain entities, investing in protecting one’s data is more important than ever before.
“Even if you have preventive controls in place to safeguard your critical data from these attacks,” said Beattie, “you need to take precautions to recover your data in the event it’s corrupted or encrypted.”
Unfortunately, traditional DR plans likely will not cut it. Recovering compromised data following a successful cyberattack is a different recovery use case and, therefore, requires a unique recovery strategy, plan, and enabling capabilities.
During this session, Beattie and Shandrowski will show attendees how to put this strategy into place by examining the changing threat landscape and highlighting key differences between DR and data recovery.
“We’ll also break down best practices for compromised data risk management, exploring everything from identifying your vital data assets (i.e., the data that absolutely must be recoverable) and the investments needed to protect them, to detecting and responding to attacks and recovering your compromised data,” said Beattie.
He said, “By understanding the differences between DR and data recovery and implementing proper CDRM, you’ll be ready to recover compromised data if you fall victim to a cyberattack.”
Attendees will gain information on how both BC/DR plans and programs need to be recalibrated for this top threat to businesses of all kinds. Without doing so, the chances of them being of value during this special “recovery case” are minimal.
Although this will be Beattie’s first time to present at a DRJ conference, he’s no stranger to presenting at large and international conferences.
“I have not attended a DRJ conference in more than 10 years, so it’s great to be back,” he said.
Beattie, CTPRP, works with companies to reduce organizational risk by establishing new BC and DR programs or transforming existing ones to improve effectiveness and address cyber-compromised data recovery.
Before working at Sungard, Beattie worked for News Corporation for five years as global director of business continuity and for 15 years at Ernst & Young as senior manager and did management consulting.
During his years of experience, Beattie has directed departments of more than 40 people and managed global projects with budgets up to $30 million.
He has a bachelor’s degree in industrial engineering and a master’s degree in computer and information science. He is also a fellow with the Business Continuity Institute. He holds a professional membership in ACP and volunteers for Red Cross’ global “mapping” project.
Shandrowski is a principal consultant at Sungard Availability Services and guides organizations in the evolution of their BC/DR programs within an everchanging threat landscape. He has experience in all phases of availability risk management.
Tim Booth chose to work in the business continuity and disaster recovery profession because of the uniqueness of the work and the ability to be knowledgeable about multiple areas of the business.
Booth has been senior risk manager for Fidelity Investments for the past seven years. Over the years, he has fluctuated between operations and BCP roles for about 20 years.
He will co-present at DRJ Spring 2021 on March 31 during Breakout Track 5 with Heather Brouder, director of Fidelity Investments Business Continuity Center of Excellence.
The duo’s presentation, “Increasing Resiliency Through Effective Communications,” is designed to help build and refine a team’s communication plans.
“We will define who should be on your lists, how to communicate with them, and tools to consider,” said Booth.
The pair want their attendees to understand the importance of having an established communication program that is scenario agnostic and well tested.
“Whether your business continuity plan is many years in the making or you are just developing initial thoughts, it is important to consider how you communicate with your employees,” said Booth. “The COVID-19 pandemic has introduced new challenges that require effective communications.”
Additionally, he said severe weather and other potential impacts still exist. The next business interruption may be just around the corner, and the time to start effective communications is now.
This will be Booth’s first presentation at a DRJ conference. He was scheduled to present at DRJ Spring 2020, but his trip was cancelled due to the COVID-19 outbreak.
As a conference attendee himself, Booth said professionals from all industries and levels of experience benefit from any of the breakout sessions.
“I have also learned about other industries outside of financial services and about some of the regulations and restrictions they must consider when building their plans,” he said.
Booth said he’s looking forward to presenting at the spring conference but also enjoys attending workshops and networking.
He said the BC/DR industry is “an industry that professionals shy away from, but on the contrary, there is a lot of great talent in this profession.”
Booth said his motivation in a sometimes-challenging profession is “the understanding that my work as a planner can be utilized at a moment’s notice so being prepared is crucial.”
His favorite aspect of working in BC/DR is getting to know various business lines and understanding their unique needs.
Booth has been in the financial services industry for his entire career. He has worked for more than 30 years at Fidelity Investments which includes customer facing, supervising, and managing teams in a multi-site capacity. He has managed multi-site groups and numerous business continuity events including technical and weather- and pandemic-related events.
He is a Certified Business Continuity Professional and earned a bachelor’s degree from Ohio State University. His professional memberships include the Business Continuity Institute, Disaster Recovery Institute, and Continuity Planners of Ohio.
In addition, Booth is an elder and deacon at Madeira Presbyterian Church. He and his wife Denise have two children, James and Elizabeth. They enjoy entertaining good friends at their home.
Previously, Booth worked in India for three months as part of a work rotation program.
Loyal, positive, energetic. These three traits describe OnSolve employee Matt Bradley.
He is vice president of global security solutions for the company. He joined OnSolve in September 2020.
OnSolve is headquartered in Alpharetta, Ga., and has nearly 300 employees across eight offices. With more than 2 billion alerts sent annually and more than 60 years of proven support in both the public and private sectors, OnSolve delivers critical event management solutions backed by unmatched industry expertise which gives customers the ability to proactively keep everyone informed, instill confidence, foster teamwork, mitigate disruptions, improve operational outcomes, protect assets, and save lives.
In addition, OnSolve is focused on helping customers protect their people, places, and property through a SaaS-based global portfolio that delivers scalable, easy-to-deploy-and-use solutions for the rapid and secure exchange of vital information and coordination among organizations, people, devices, and partners, regardless of the situation or level of need.
Bradley has been in the business continuity/disaster recovery profession for more than 20 years.
After leaving a government position in 2011, he decided he wanted a profession where he could continue to make a difference.
“Helping organizations plan for continuity or recover from disaster is a great way to make a difference,” he said.
He was inspired to work in the profession after spending time with Ambassador Hugo Llorens during Bradley’s tour in Honduras. Llorens was a great contingency planner who showed Bradley how to manage risk and inspired him to continue helping people once he left the government.
Bradley said he truly enjoys helping people, which comes from his experience while working in government.
“But it is also my nature,” he said. “I’m a fixer (as my wife). When I see a problem, I get satisfaction from solving it even if there is no personal recognition.”
He also enjoys the variety of working in BC/DR because no two days are the same.
“The variety of risks that threaten operations make every day a new challenge,” he said. “I look forward to each new day.”
Bradley added that a common misconception regarding the profession is that it’s a simple desk job.
“IT is very much a field job,” he said. “You have to get out into the field to identify the risks and threats and develop the solutions. You have to meet with stakeholders to understand their concerns and let them know how you will keep them working. It is a very active profession.”
Bradley will present “Business Resiliency in 2021: Managing a Dispersed Workforce” at DRJ Spring 2021 during General Session 5 on March 31 from 10:45-11:45 a.m.
This one-hour keynote address will discuss how 2020 has been an unprecedented year with businesses interrupted as employees migrated to remote work and a distributed workforce became standard.
“Without question, the pandemic exposed a gaping hole in today’s business continuity strategy, a lack of timely and relevant risk intelligence,” he said.
Enterprises have now recognized the need to accurately detect events which pose a threat to their businesses. They have the capabilities in place to respond to those threats before they harm their greatest assets: people, places, and property.
According to Bradley, business continuity and duty of care are continuously evolving. This year will present even more complex challenges, such as bringing a remote workforce back to the office, managing vaccine distribution, and keeping ahead of additional unforeseen critical events amidst a new presidential administration.
“If 2020 has taught us anything, it is the need to prepare for the unexpected,” he said.
As enterprises prioritize securing, protecting, and managing a dispersed workforce and operations, they should think about security through a risk intelligence lens, implementing solutions which continuously monitor and filter data to identify critical events in key areas in order to maintain business continuity in the wake of another disaster.
“They must establish best practices for reaching specific employees and create a plan for communicating smaller-scale critical events to be wider enterprise,” said Bradley.
This will be Bradley’s first time to attend or present at a DRJ conference, and he’s excited to experience all aspects of the event.
He has been a veteran security operations expert for more than two decades. He spent 14 years with the CIA. He has deep, first-hand knowledge of security operations management as well as an understanding of the critical challenges facing organizations in the future.
Most recently, Bradley served as regional security director for the Americas at International SOS where he led the security services business and advised key executives on risk management solutions.
Prior to International SOS, Bradley worked in Honduras where he handled all matters relating to physical security, safety, and environment; crisis management; and fraud investigation.
Bradley was also a general manager for I Solution Security, where he advised on security matters for the Honduran president, minister of security, and minister of National Emergency Commission. Previously, Bradley had a distinguished 14-year career with the Central Intelligence Agency (CIA).
He earned an MBA from Saint Joseph’s University and bachelor’s degrees in electrical engineering and Spanish literature from Rice University.
Bradley is a member of ASIS and is a Safety Ministry volunteer at his church.
He is married with three sons ages 18, 16, and 13. They live in Doylestown, Penn.
When he isn’t working, Bradley enjoys playing tennis, watching sports, traveling, and spending time with his family. He also has an identical twin brother who is the “successful” one as a leading cardiologist in Lubbock, Texas.
Mark Carroll has 30 years of progressive disaster recovery to business continuity/disaster recovery experience across IT and risk dimensions. He is senior vice president, business risk officer, for Income Research + Management.
IR+M, a privately-owned, independent, fixed income investment management firm with 185 employees, serves institutional and private clients. The firm’s investment philosophy and process are based on their belief that careful security selection and active risk management provide superior results over the long-term. By combining the capacity and technology of a larger firm with the culture and nimbleness of a boutique firm, employees strive to provide exceptional service for their clients and a rewarding experience for their employees.
“IR+M is dedicated to delivering superior investment results and exceptional client service to help those who entrust us with their money achieve their investment goals,” said Carroll. “We aim to do this while providing a challenging, collegial, and rewarding workplace and giving back to our community.”
Carroll is a teacher and trainer. He focuses on details and has deep and diverse business experience. He has a strong work ethic. He’s been working since he was in high school and college when he ran an elevator in a local department store.
He has held his current position for the past 10 years. His current role evolved into head of IT at various organizations. Then he became more interested in risk management and recovery than core IT delivery.
A team of Department of Defense professionals introduced Carroll to the IT environment while he was in college working as an intern at a DOD datacenter, his initial entry into backup/recovery. He made a formal move into business continuity when he worked with Sungard on an initiative as head of IT operations.
Carroll said he’s always taken “the viewpoint that I want to effect change to address need, looking for my ‘fingerprints’ in the result, not my face. My motivation is in bringing the business forward via that change.”
He said his favorite aspect of working in BC/DR is exposure to all aspects of the business operation and all levels of organizational personnel.
One thing Carroll feels is misunderstood in the BC/DR profession is the scope of the overall program, both what is included and excluded in ensuring that the business can both withstand and recover, summed up in the word “resilience.”
“Often key elements are not brought forward which create a level of risk,” he said. “Conversely, key elements which need to reside within the functional organization are often ‘transferred’ to BC/DR or business risk within the organization, which is not viable.”
Carroll will share his expertise at DRJ Spring 2021 with his presentation “Feels Like Time to Test the Partnership.”
According to Carroll, interacting with a salesperson in times like these is something many people try their best to avoid.
“It’s pretty easy to engage the provider and place the order when everything is going well, but mix in real life perils and consternation and the dialogue advances to a whole new level,” he said.
Carroll will co-present this Breakout Track 5 session with Steve O’Neal of Agility/Rentsys on March 31 from 12-12:45 p.m.
The pair want their session participants to understand that business needs evolve, and vendor relationships need to be solid enough to adapt.
Although Carroll has attended and presented at numerous previous DRJ conferences, he learned that while there are unique issues based on situations and the individual businesses, there is often commonality in the needs and approach that can be leveraged. Often the vendor community is a tremendous resource for this.
Carroll’s favorite part of DRJ conferences is interacting with peers in the profession, mainly to gain new insights and ideas.
Over the years, Carroll has gained more than four decades of experience in IT and risk management, starting with his experience with the DOD at age 18. He has held leadership positions at multiple Fortune 500 corporations.
His previous work experience includes head of IT at JPStevens; director of IT for North America/Western Europe, global director, and global director of business continuity for Gillette; and viced president of business continuity for Fidelity.
Carroll has a master’s degree in finance from Babson College and a bachelor’s degree in economics and bachelor’s degree in political science from Boston College. His professional certifications include FBCI, MBCP, CISSP, CISA, PMP, CGEIT, RIMS-CRMP, OCEG, GRCP, OCEG, GRCA, Lean 6 Sigma Green Belt, Claritas CFA, and CPIM. His professional memberships include ISACA, RIMS, ISC2, APICS, and OCEG.
When he isn’t working, Carroll is chair of IR+M’s volunteer action committee. His favorite place to spend downtime is at New Smyrna Beach, Fla., about an hour east of Orlando.
O’Neal is an enterprise relationship manager for Denver, Colo.-based Agility Recovery, where he is responsible for consulting and implementing industry-leading recovery solutions for various businesses that have experienced disasters.
Selma Coutinho says 2020 will be the year no one will ever forget, including professionals in business continuity, crisis management, and security.
“None of us expected a crisis like this for nine-plus months and considering that our whole supply chain would be impacted at the same time,” Coutinho said. “Black swan? Maybe.”
She said one thing is true: business continuity management is “on spot and will evolve (for good).”
“We will need to change old biases to be prepared to deal with new challenges that will come with the emerging technologies such as IoT, automations, cybersecurity, among others,” she said.
According to Coutinho, all crises bring opportunities.
“It is up to us to seize it,” she said. “COVID accelerated the digital transformation of companies, which will require from BC and CM practitioners’ new strategies, ideas, and innovations as what we have so far, will not be enough in this new normal.”
Coutinho will present “BCM after COVID: Changes, Challenges, and Opportunities” on the first day of DRJ Spring 2021 on Monday, March 29. She will share strategies with attendees from 4:15-5 p.m. EST at Session 4 of the Breakout Track 2.
“I hope attendees can start to change their mind and see that we have several opportunities that came from the COVID crisis,” she said, “but to pursue it, we will need to change our mind first.”
Coutinho said business continuity and disaster recovery will evolve and depends on the professionals.
“This is our momentum if we would like to change the companies’ view about BC/DR and gives the right focus to these disciplines,” she said.
Coutinho is director of security operations and business continuity management at Ericsson Inc., one of the leading providers of information and communication technology to service providers.
“We enable the full value of connectivity by creating game-changing technology and services that are easy to use, adopt, and scale, making our customers successful in a fully connected world,” she said.
Ericsson is a Swedish multinational company located in more than 100 countries. Its vision and purpose are to “empower an intelligent, sustainable, and connected world.”
Coutinho has been with Ericsson for 16 years in business continuity management, information security, and security operations areas. She has been working in her current position for nearly two years. Ten of her years of work experience have been in a leadership position.
“Ericsson was the company that gave me the chance to learn during an internship and my first job,” she said. “Over time, the company has invested in me, giving me the chance to progress in my career and at the same time to know different cultures.”
Coutinho chose a career in business continuity and disaster recovery because it gives professionals the end-to-end perspective of a company. She believes not all professions offer this same perspective.
“I see BC/DR as an enabler to other security disciplines (when we understand what we are trying to protect),” she said, “and it is easier to identify the best measure to protect what is important to the company.”
She said in the country where she started her career in BC/DR, the focus is on banks and far from other industries.
“Because of that,” she said, “I usually try inspiring myself with BCI, DRJ, and other BC/DR bodies related to this profession.”
Coutinho said she is perseverant, pragmatic, and self-motivated. She believes in BCM and the many benefits it can bring to business.
“This is what motivates me,” she said.
During her years working in the BC/DR profession, Coutinho has gained visibility as well as experience in preparing and executing exercises. She also values networking.
Coutinho, MBCI, CBCP, CISSP, has a master’s of business administration with an emphasis in IT management. She is a member of the DRJ Editorial Board and the North Texas chapter of ACP. She is also a contributor of the DRJ Glossary and Career Development Streams.
She moved from Brazil to the U.S. with the goal of participating in events like DRJ’s conferences and contributing to BC/DR and security professions. She lives with her two Shih Tzus in McKinney, Texas.
Coutinho enjoys being at home but also loves to travel to different places, especially beaches.
Pandemics, floods, earthquakes, hurricanes, ice storms, tornados, and terrorist incidents.
Ashley Goosman, a business continuity and crisis management manager for Liberty Mutual Insurance, has worked through many high-profile crisis incidents and helps employees respond to and prepare for business interruptions. Her job is to provide a safe environment for all employees and enable Liberty’s global operations to run successfully or recover from disruptions. She has international experience administering Liberty’s business continuity program.
She has served with the American Red Cross’s Sept. 11 recovery program and as director of emergency management services for the Massachusetts Department of Mental Health before joining Liberty Mutual in 2012 as a business continuity project manager.
Goosman will share her expertise with DRJ Spring 2021 attendees during her “COVID-19 and Next Normal for Business Continuity” presentation on Thursday, April 1 as part of the Breakout Track 7.
During her presentation, Goosman plans to share an overview of Liberty Mutual’s approach to responding to COVID-19 and discuss the global impact of the pandemic, the “new normal,” and share her thoughts about the future of business continuity.
Since 2017, Goosman has supported the global business continuity crisis management team to lead response and recovery activities for multiple major events. She is a leader in crisis management development within the organization.
In addition, she is a member of the Massachusetts Operation Helping Hand advance team at the Mass Military Reservation for Hurricane Katrina response to support New Orleans residents airlifted by FEMA. She also served as an adjunct senior instructor for healthcare administrators and taught a graduate-level course on terrorism and disasters for seven years.
Currently, Goosman maintains the blog disasterempire.com as a way to give back and a source for disaster resilience knowledge and analysis.
She is a master business continuity professional certified by DRI International and a member of the Business Continuity Institute.
Goosman, NIMS, ICS, HAZMAT, HERT, FEMA/COOP, is a certified SAMHSA crisis-counseling trainer. She enjoys life on Cape Cod with her husband Jon, family, friends and rescue Greyhound Della.
Detail-oriented, patient, and responsive are three traits which make Kyle Grasso a successful senior enterprise account executive at Rave Mobile Safety.
Rave Mobile Safety, located in Framingham, Mass., employs more than 150 people across North America and is the leading provider of critical communication and collaboration technology used to help save lives, manage crisis incidents, and increase resiliency. From catastrophe disasters to everyday emergencies, the company’s solutions enable critical data sharing, mass notification, and emergency response coordination.
According to Grasso, Rave Mobile Safety provides the leading critical communication and collaboration platform trusted to help save lives.
“Rave connects millions to those trusted to protect them, by providing innovative solutions to prepare better, respond faster, and communicate more effectively during emergencies,” he said.
Grasso has been employed with Rave for five years.
“I enjoy working at Rave because what we offer our clients is the ability to help respond and react more efficiently during and after critical events,” he said.
Grasso was inspired to join the BC/DR profession because he wanted to offer a solution to help keep people safe and businesses running efficiently. He is also passionate about the work his company does.
“The solutions we offer have real-time effects on the day in, day out of the organizations we service,” said Grasso.
One thing he most enjoys about working in the BC/DR profession is the conversations with professionals and being able to discuss what concerns they have and what role communication plays in that.
“Having systems in place is important,” he said, “but without the ability to communicate, whether that be to specific groups/teams or the entire organization, puts you at a severe disadvantage.”
Grasso will speak on the topic of communication at the upcoming DRJ Spring 2021. His session titled “Navigating Critical Communications in the New Workplace Landscape” will be part of March 30’s Breakout Track 4 from 4:15-5 p.m.
According to Grasso, the workplace has been forever changed by COVID-19. Whether employees are operating remotely, transitioning back to the workplace, or traveling to and from different locations, keeping everyone protected and informed is more crucial than ever.
“How can those in charge of employee safety evolve their critical communication strategy to account for these new factors” is one question Grasso will answer during his presentation.
In addition, he will share strategies and solutions businesses need to proactively address common communication and safety gaps. He’ll also explore the roadblocks and unexpected communication challenges which may arise during emergencies such as severe weather, an active assailant, or a long-term crisis such as the coronavirus.
Those who attend Grasso’s session will learn best practices to ensure every employee is safe and informed, regardless of their location.
Grasso earned a bachelor’s degree in business administration. He is passionate about empowering large and small organizations to improve safety and operational efficiency through communication and collaboration.
He is an avid sports fan and basketball player. His favorite place is anywhere near the water, whether it’s a lake or ocean.
Julia Halsne has been in business continuity/disaster recovery for 20 years and has held her current position as manager of business continuity of East Bay Municipal Utility District for the same amount of time.
East Bay Municipal Utility District is a public water and wastewater agency in the Oakland and San Francisco Bay area. There are about 2,000 employees and 56 staffed facilities including administrative offices, service yards, warehouse, shops, and treatment plants which provide service to 1.4 million customers for water and 680,000 for wastewater.
“We serve a large geographic area and our water comes from the Sierras and delivered to the water treatment plants through large aqueducts to the east bay,” she said. “The main wastewater treatment plant is located near the Port of Oakland and the base of the Bay Bridge.”
The utility district’s mission is to manage resources with which the district is entrusted; to provide reliable, high quality water and wastewater services at fair and reasonable rates for the people of the East Bay; and to preserve and protect the environment for future generations.
The principles used in accomplishing this mission include
-Exercise responsible financial management.
-Ensure fair and reasonable rates and charges.
-Provide responsive quality customer service.
-Promote ethical behavior in the conduct of district business.
-Ensure fair and open processes involving the public.
-Provide a healthy work environment.
-Promote diversity and equality in personnel matters and contracting.
-Promote environmental, economic, and social sustainability.
Halsne has worked at the utility district since 2001 when she “fell into the field.”
She applied for an internal leadership development program and was accepted. Each participant was assigned a special project. Her project was reviewing the existing BC program, industry standards, and making recommendations for improvement. Within her recommendations was the suggestion for establishing a full-time permanent position. Management did not have the budget so that was tabled for a year.
After the year, the position was established. Halsne applied and was selected to fill the role.
Halsne had gone to a career coach prior to this assignment. The coach asked her to write down her ideal job with only characteristics of the position but no title. The attributes she wrote down almost mirrored her current position.
“I love the challenge because no two days are the same,” she said. “The ability to work with a diverse group of people all over the organization, constantly learning and evolving and doing something that can make an impact on operations and the mission is meaningful.”
Halsne said she is passionate about her job. She loves the people she works with and hopes projects and tasks she performs help people not only in an emergency but also have an impact on daily operations to help with efficiency and clarity in priorities.
“When I help someone or develop something that is useful for others, I am proud of my accomplishments,” she said. “I have developed wonderful relationships with people throughout my organization and the industry. The knowledge and skills I have developed over time will help me no matter where I go or what I do.”
Halsne enjoys working with a variety of people but also having some independent work of her own. She likes the fast pace environment and juggles multiple priorities.
“The sometimes complex and balance with simple tasks keeps me engaged and motivated,” she said.
Halsne will present “Julia’s Adventures in Business Continuity and Emergency Management” at DRJ Spring 2021 at Breakout Track 2 on March 29 from 4:15-5 p.m.
During the session, attendees will find out how one practitioner’s journey began and evolved in a career through business continuity and emergency management. Halsne will discuss how she took a program that was disjoined and fractured into an award-winning program which serves as a model for the industry. Participants will take a walk through what one agency experienced through COVID, public safety power shutoffs, wildfires, and more.
Halsne’s presentation will include program tools and approaches to a variety of challenges including how to gain and maintain management support, building relationships and engaged network, and managing simultaneous events and operational priorities.
She has presented at and attended numerous DRJ conferences. Last year’s DRJ Fall 2020 conference – the first-ever virtual conference – stands out to her the most. It was the first virtual event she attended during the pandemic.
“It was managed, administered, and executed extremely well,” she said. “I was pleasantly surprised (although I really should not have been, given the previous conferences) how well it was pulled off.”
From the presenters’ point of view to participants, Halsne said the conference was engaging, fun, and she learned so much from the varied presenters and participants.
Over the years, Halsne has learned many things from DRJ conferences that it’s difficult to pick one thing that stands out. She has built strong relationships and networks of professionals who help with her program and any obstacles or struggles she encounters. Some of the things she’s learned are very technical in nature, some specific ideas, templates and strategies for how to more effectively execute/engage/implement components, and other things that are more “big picture” and strategic in nature.
In addition, Halsne said she especially enjoys Regina Phelps’ presentations and workshops.
“Each year she presents something topical and practical,” she said. “I always have some specific takeaway from her presentations.”
Halsne said she loves to learn new things, but meeting and talking to other professionals is really a great way to reenergize and motivate her.
“The network of professionals around the world is a wonderful resource that lives beyond the conference,” she said.
Halsne has nearly 35 years of combined experience in the environmental, water, and wastewater industry. She oversees 23 separate BC plans and the enterprise-wide program plan.
She developed the first business impact analysis and risk assessment as well as the district’s emergency operations plan, hazard specific response plans, crisis communication plan, and several other key documents that support the program. In addition, she is responsible for monitoring annual exercise plans for the BCPs, bi-annual updates to the plans, facilitating more than 45 exercises a year including the district-wide and emergency operations team exercises, administering the exercise after action report tracking program, conducting training, providing oversight and administration of the Floor Warden program, and facilitating implementation of the mitigation measures for critical functions. She reports to the senior management team and the board of directors regarding the status of the various programs and district readiness.
Halsne received her certification as a Business Continuity Professional from Disaster Recovery International, master’s degrees in business administration and environmental science. She has a bachelor’s degree in chemistry. In addition, she has served in several positions on the board of directors for Business Recovery Managers Association.
She is a native of San Francisco and lives in the Bay Area with her family.
She has volunteered and held board positions for a variety of community organizations including the Contra Costa Commission for Women, the Friends of the Commission, Stella’s Stars (a nonprofit organization to that provides scholarships, education support, and community engagement for a small village in Kenya), Diablo Valley AIDs Center, and Village Oaks Homeowners Association.
Prior to the pandemic, Halsne could be found training for an ultramarathon, listening to live music, camping, kayaking, or hanging out with her family and dogs.
Steven Haynes’ father started working in the business continuity/disaster recovery profession in the 1990s. When Haynes entered the military, he naturally moved to risk mitigation and planning. Once he exited the service, he served as a risk management consultant.
“And my love of all things ‘risk’ was born,” he said.
has been in the business continuity/disaster recovery profession for 15 years.
Haynes said his father and Drs. David McEntire, Alex Greer, Tristan Wu, and Haley Murphy were his inspiration to join the business continuity/disaster recovery profession.
“My kids and their friends deserve a safer, more resilient world,” said Haynes. “I see every meeting, planning session, and tabletop as an opportunity to position resources for maximum effects.”
He said it’s not known when something terrible will happen in one’s community, but when it does, “I never want to be in a situation where I could have done something to reduce the loss, but I did nothing.”
Haynes said he loves the methodological challenges of risk analysis and “what mattered yesterday might not matter today.”
Haynes, director of risk and insurance, is assistant professor of practice at The University of Texas at Dallas. He began his role as director of the risk and insurance program in August 2020.
UT Dallas, a top-tier research facility with 29,000 students, is located in Richardson, Texas.
Haynes will be presenting at DRJ Spring 2021 for the first time. His Breakout Track 5 session, set for March 31 from 12-12:45 p.m., is titled “Advanced Business Impact Analysis.”
According to Haynes, the idea is that BC professionals can effectively detect and mitigate all types of risks with surveys, loss history records, and performance metrics.
“We use historical data to predict the likelihood of future events,” he said, “but our environment is continuously changing. Never mind the inherent dependency on technology and our inability to decipher between the signal and the noise.”
So what does this mean? Organizations have an overreliance on traditional quantitative models, which is blindly leading them to failure.
“There must be a balance between quantitative analysis and qualitative interpretation to manage all risks,” said Haynes.
During his presentation, Haynes will introduce participants to the traditional business impact analysis tools and their strengths and weaknesses. Then he will teach attendees about the resiliency-based BIA and how this assessment will help increase the overall effectiveness of planners, BC programs, and tabletop designs.
Haynes will share his experiences with BIAs and walk participants through real-world examples.
“This is a session aimed at individuals looking to improve their BIA tools and BC programs,” he said. “All participants will walk away with a better understanding of planning versus response.”
Haynes’ goal is to challenge attendees’ BIA models and “look at the beauty of simplicity for planning and mitigating purposes.”
Before becoming a professor, Haynes served as a business continuity planner for Lennox International, Inc. He also worked in loss control and risk for analysis roles for insurance companies, government, and privately held organizations.
He led the USS Blue Ridge’s anti-terrorism division and has a bachelor’s in emergency management, master’s degree in organizational management, and a doctoral degree in fire and emergency management. He is a member of the Society of Risk Analysis. He has worked in 38 countries and 46 U.S. states.
Haynes is married to his best friend, and they have two children. He is a musician for FUMC Allen. When he’s not working, he enjoys traveling to Boulder, Colo.
Versatile, collaborative, and open to improvement. These traits perfectly describe Mark Hoffman, founder and president of Anesis Consulting Group, Inc.
He and wife Cheryl own and operate the boutique consulting firm based in Barrie, Ontario. The firm is located about 90 minutes north of Toronto.
Hoffman handles the customer facing consulting work while wife Cheryl takes care of back-office administration.
The firm focuses on business continuity, crisis management, and operational resiliency consulting for clients globally. These consulting engagements typically involve building or improving BCM programs, developing cyber response protocols, crisis management plans, program governance, and more.
In addition, Hoffman teaches two courses through PreparedFx: “Principles of Effective Cyber Response” and a course which prepares organizations for ISO 22301 certification.
The business’s mission is to provide world-class consulting services in a collaborative manner; injecting thought-leadership and subject matter expertise to meet the needs of the customer, following good practices and industry standards; and building relationships with clients by working with integrity and providing value to their organization.
The couple formed Anesis Consulting Group in June 2005.
Hoffman has been working in the business continuity/disaster recovery profession for nearly 25 years.
“I feel like it chose me,” he said. “I had been doing IT leadership work and seemed to always drift toward preparing for worst-case scenarios by defining disaster recovery solutions.”
He was a lead for multiple clients on the Y2K preparation. Coming out of that experience, he was hooked.
“My focus stayed on DR for several years but then expanded to business continuity and then to crisis management,” he said. “I feel like I have found what I was built to do.”
Hoffman said he understands enough about the profession to know the work he does adds value. He has one client currently who doesn’t get it.
“They don’t understand what I’m bringing to the table,” he said, “but that doesn’t change the reality of what I’m doing and I understand that. My motivation is based on me doing the best job that I can and leaving a legacy of excellence.”
Hoffman said he gets a rush when there is a major incident or crisis, and he enjoys taking a leadership role and helping teams navigate the crisis. In addition, he loves speaking and teaching on various topics.
One topic he feels is commonly misunderstood in BC/DR is IT professionals tend to think that a redundant local deployment, or clustered servers, is the same as having a disaster recovery solution.
“This irritates me,” he said.
Hoffman will share his years of experience in the BC/DR field at the upcoming DRJ Spring 2021 on March 30 from 4:15-5 p.m. His presentation, titled “Cyber Response: Anticipating Your Business Response to a Crisis,” will be part of Breakout Track 4.
This session will examine how organizations can benefit from anticipating critical components of their response protocol including key decisions which need to be made, communication requirements, navigating the privacy and legal landscape, cyber insurance requirements, and risk assessments that utilize BCM data to support their response.
Hoffman said companies have treated cybersecurity for years as a risk that IT could solve alone.
“I want people to understand BCM’s role in cyber response and how important it is to make sure business continuity and crisis management are included in the response,” he said.
This session at DRJ Spring 2021 will be Hoffman’s first time to present at the conference.
Hoffman is looking forward to sharing his expertise with DRJ attendees.
He has worked with large clients including IBM, American Express, and Air Canada, along with medium-sized companies and small organizations.
“I build and improve BCM programs,” he said. “I write plans. I lead exercises. I am just finishing a course that will make me a certified ISO 22301 lead auditor. I write, I do podcasts and webinars, and I love speaking at conferences.”
As the co-owner of his consulting practice, Hoffman said he tends to work in the role of trusted advisor with his clients and becomes part of their crisis management or leadership team. His favorite role is that of crisis support where he plays “second fiddle” to the crisis lead to guide him or her on how to navigate through the crisis.
“I often report to senior executives and I’m keen to understand their business requirements, goals, and objectives and how that should translate to the BCM program,” he said.
Hoffman, MBCI, CBCP, is a member of BCI and DRI. During 2020, he spent about 10% of his work schedule promoting and advancing the BC/DR industry through action and by speaking and writing. He formed a peer group early in 2020 to put together a return-to-office checklist. The plan was to develop a document which could be shared freely to provide planners with guidance when they built their back-to-work strategy. Those sessions not only produced a thorough checklist, but that work also kicked off a series of articles, webinars, and volunteer work which impacted several organizations.
In addition, Hoffman provided pro-bono services to a small company near him who was struggling with COVID-related practices and procedures.
When Hoffman isn’t working in the BC/DR profession, he can be found on the golf course. He recently shot his second hole-in-one on par 4.
Ron LaPedis has been in the business continuity/disaster recovery profession for more than three decades.
He is currently managing director at Seacliff Partners International LLC.
LaPedis became interested in business continuity in late 1988 when he learned his company’s backup tapes were stored in safes on the loading dock.
“I developed a ‘plan for a plan’ for management but was turned down due to the expense,” he said.
But he got his funding after the October 1989 Loma Prieta earthquake.
Years later, LaPedis most enjoys working with the people in this industry.
He’s looking forward to presenting at DRJ Spring 2021 with “Active Shooter – Lessons Learned from an Actual Event” on March 31 from 10-10:45 a.m. on March 31.
In his presentation, LaPedis will set the scene and ask several questions. The call “shots fired” has just been received from an organization within one’s own jurisdiction. When first responders arrive, will they be going in blind? Will they have to shoot their way through locked doors because no one knows where the keys are? Are there hazardous chemicals, processes, or areas of which they need to stay away? What about private armed security?
LaPedis’s session will be used to share the best practices of a business continuity professional with LEOs and discuss what was learned from the May 2018 YouTube shooting.
“This course will discuss how private industry approaches active shooter training and present several ideas for how LE can work with private industry before an event to ensure safety of both employees and officers, and entail what went right and lessons learned from the May 2018 incident,” he said.
He will present information through lecture and multiple team exercises and also offer advice. “When officers tell you to come out of a room with your hands up and empty, please listen.”
LaPedis has experience presenting at several past DRJ conferences on topics including active shooters, cybersecurity, and emergency response.
He offered advice to those new in the profession: “Listen and learn. Find a mentor if you can. Check your ego at the door, don’t be afraid to be wrong, and have a sense of humor about things that go wrong because they can and will. Always ask for advice and don’t blame people for bringing mistakes to your attention. Learning from your mistakes is golden.”
LaPedis, who lives in the San Francisco Bay area, has multiple certifications including FBCI, MBCP, CISSP-ISSAP, and ISSMP. He is also an NRA certified pistol instructor and California DOJ certified firearms instructor. In addition, he is a member of the International Law Enforcement Educators and Trainers Association, a volunteer first responder with the San Mateo County sheriff’s office, and writer for law enforcement publications.
Dr. Al Marcella
Dr. Al Marcella will share his experience of almost 40 years in the business continuity and disaster recovery profession with attendees of DRJ Spring 2021.
Marcella is president and CEO of Business Automation Consultants, LLC. He started the independent consulting practice in St. Louis in 1984.
BAC, LLC provides complete information technology audit support in areas such as cyber forensics, e-discovery, and associated litigation support; business continuity, contingency plan and incident management development and audit, site security reviews and evaluations; training and seminar presentation for all levels of IT, financial, and operational audit function; and application system life cycle analysis and development support for financial, insurance, health services, and manufacturing corporations.
Marcella said BAC, LLC is an IT and management consulting firm dedicated to providing IT security assessments and audit and training services to its clientele across the globe.
“We strive to educate our clients on the risks and security issues associated with information technology to help them establish and implement safe and secure informational infrastructures that are fully protected from internal and external threats,” he said. “Our efforts help our clients better understand the technology at hand so that it can be utilized to its fullest.”
Marcella’s presentation at DRJ Spring 2021 is titled “Cybersecurity: What’s Keeping Management Awake Tonight!” His session is part of Solutions Track 2 on Thursday, April 1 from 10-10:45 a.m.
According to Marcella, cybersecurity refers to the people, products, and processes which protect electronic data from those with malicious intent. This presentation will provide participants with an insight into the technologies that may wreak havoc throughout an organization’s operating environment. The discussion will focus on cybersecurity exposures and associated attacks which are commonly perpetrated against organizations and individuals.
Session participants will receive proactive internal control recommendations, designed to mitigate the associated risks and security exposures brought by threat actors which seek to wreak havoc and disrupt business operations.
One thing Marcella wants attendees to take away from his session is a greater awareness of the risks within broader IT operations and how proactive business resiliency and IT cybersecurity programs can “work together and together can contribute to a more functionally efficient and secure enterprise.”
Marcella has been involved in assessing, auditing, and writing about business resiliency planning in government and public/private sectors for nearly four decades.
“I am involved in IT audit and security consulting, as part of these services and through years of risk assessment and analysis, BC/DR if often examined as part of our audit engagements,” he said.
He enjoys seeing the light “turn on” or what he experiences that ah-ha moment from executive management when he feels a true sense of accomplishment after helping someone and “moving the needle in the right direction.”
He said everyone in the profession – and likely not many – are cognizant or realize the necessity of having a “Plan B, C, or even D.”
“Getting someone to that realization always makes my day,” he said.
Marcella’s honesty, reliability, and enthusiasm help define him as a professional in the BC/DR profession.
“There’s never a dull moment,” he said. “The challenge of looking beyond the now and anticipating what the next will be and how to assist organizations in being prepared for whatever is to come next makes this a fulfilling and rewarding career.”
Marcella feels a common misunderstanding in the profession is that many think BC/DR professionals “can leap tall buildings in a single bound.”
“But even the best in the profession have to take a running start,” he said.
Although Marcella is looking forward to presenting at DRJ Spring 2021, he recalls his first DRJ conference as a standout to him.
“My first conference was most memorable as it was DRJ’s very first conference many, many moons ago,” he said. “It has been wonderful to see how DRJ has grown over the years.”
He has enjoyed seeing DRJ’s growth over the years, from the conferences to DRJ’s publication to multiple other projects.
Marcella said he has been most pleased with how willing other BC/DR professionals are to share their experiences, assist with problems, and provide insight and support to others in the field “all without expecting anything in return.”
Over the years, Marcella has gained experience working in corporate 100 and 500 companies in the areas of finance, manufacturing, and insurance as well as in programming, IT audit, risk management, and security. He has spent a total of 37 years managing and running his own consultancy practice.
Marcella, CISM, CISA, earned a doctoral degree in business administration with an emphasis in technology, MBA in finance, and bachelor degrees in management and systems management. In addition, he is a member of the Information Systems Audit and Control Association.
In his free time, Marcella works with local feral cat rehabilitation outreach groups and fosters abandoned senior dogs until they are placed in their forever homes. He is an avid photographer and has had several of his images published. He has had several articles published on astro photography. He especially enjoys photographing the aurora borealis high above the Arctic circle.
“To this point in my professional career, I have traveled to and have had the pleasure of experiencing the unique wonders and cultures of 70 foreign countries,” he said.
Marcella’s favorite place when he’s not working is “behind a camera lens, at -40F in the Arctic photographing the aurora.”
Eric J. McNulty
The mission, the chance to make things better when things appear to be at their worst, and the intense comradery among this professional group motivate Eric J. McNulty to work in business continuity/disaster recovery.
The positive impact that this work and this profession have on individuals, organizations, and communities are why McNulty originally chose the BC/DR profession.
He has been with the program for 13 years and associate director for 5 at the National Preparedness Leadership Initiative (NPLI) at Harvard.
The NPLI is a small but mighty group of academics and practitioners teaching crisis leadership. It is a joint program of the Harvard T.H. Chan School of Public Health and the Center for Public Leadership at the Harvard Kennedy School of Government.
“Our work is to ‘improve the capacity and capability of crisis leaders’ across the country and around the world,” said McNulty. “We bring together academic inquiry with field experience to craft pragmatic curricula and training programs. Our values are integrity, inclusivity, teamwork, and excellence.”
McNulty said the mission focus is the people he gets to work with and teach.
He’ll be teaching and making connections with attendees during his General Session 8 presentation at the upcoming DRJ Spring 2021 conference.
McNulty will co-present with Dr. Steve Goldman, course director, MIT executive education, crisis management, and business resiliency.
The pair’s presentation, “Leading for Resilience: New Challenges and Opportunities,” will take place April 1 from 3-4 p.m.
According to McNulty, in these unprecedented times, business continuity teams are being tested as never before. Leaders face multiple simultaneous threat scenarios, requiring they keep themselves and their teams stronger, longer. Their effectiveness is dependent upon the ability to create a culture of resilience as much as on any specific skill set.
In this interactive session, McNulty and Goldman will draw from decades of experience and share pragmatic approaches to building organizational capacity and capability to successfully navigate turbulence: accurate anticipation, nimble pivots, and trust-based relationships.
The presenters want their attendees to take away an understanding of all of the channels and tools they have to build resilience in themselves, their teams, and their organizations.
This will be McNulty’s fourth presentation at a DRJ conference. His first conference stands out because it was not a virtual event.
“I had many opportunities to see people I otherwise don’t get to see as well as meet new ones,” he said. “Relationships are key in this business, and DRJ is a great place to build them.”
One thing McNulty learned as an attendee himself at a previous DRJ conference was “the deep connections that emergency managers can have with their communities and how that opens opportunities.”
Besides learning, McNulty thoroughly enjoys presenting and networking at DRJ conferences.
McNulty’s various experiences help him to better understand stakeholders and how to serve them. He had an early career in corporate communications and marketing. The second phase of his career started with running a global conference business for Harvard Business Publishing, followed by more recent academic-related work at the NPLI.
“I have run business units of various sizes and been an entrepreneur,” he said. “I have a lot of experience leading across organizational boundaries.”
McNulty has a master’s degree in leadership from Lesley University. He writes and speaks on leading through crisis and change. He speaks to audiences globally about leading in fast-moving, unpredictable circumstances. He is the co-author of the book “You’re It: Crisis, Change, and How to Lead When It Matters Most.”
When he’s not working, he is a volunteer board member of the Massachusetts for Elephants organization and enjoys the outdoors by hiking, birding, and exploring.
Goldman is an internationally recognized expert and consultant in business continuity, crisis management, disaster recovery, and crisis communications. He has more than 30 years of experience across many aspects of business continuity.
Margaret J. Millett
Margaret J. Millett did not choose the business continuity/disaster recovery profession.
“It chose me,” she said. “I was asked to put together a business continuity plan for an office move, and the rest is history!”
It’s now been nearly three decades that she has worked in the industry.
Millett was inspired by Celeste Gobeille and especially loves the global network of dedicated professionals.
She said business continuity professionals are the “insurance policy” for organizations.
Millett will be part of a four-person panel discussion on March 29 from 2-3 p.m. titled “Managing Third-Party Risk/Supply Chains.”
A supply chain can be defined as a complex ecosystem of people, processes, technologies, and resources that are involved in creating and delivering a product or service from a supplier to a customer. In today’s world, the frequent and seemingly endless occurrences of natural and man-made disasters have compelled organizations to adopt a more rigorous and proactive approach to risk management and business continuity planning in order to protect their supply chains.
Participants in this panel discussion will learn how to identify, assess, and control the risks of their supply chains. In addition, panelists will share their insights and practical suggestions on how to drive the innovation that is needed to build a resilient supply chain that will achieve world-class results.
Millett has presented at numerous previous DRJ conferences and is always happy when her session is attended by a member of the profession who learns from her presentation.
The profession is always evolving so there is a take-away of learning something at each conference to help improve herself or the program she is managing.
“I enjoy all aspects of the conference,” she said. “Attending a virtual conference is terrific during COVID. However, I look forward to attending in person once it is safe to do so.”
Millett has been actively involved in the business continuity field since 1993 and worked for financial services companies in Boston and Dublin, Ireland. She spent six years working for eBay in California and seven years for MetLife, Inc. in Cary, N.C. managing the global resiliency program in 45 countries.
She has held board-level positions with business continuity organizations, written publications, and spoken at business continuity management conferences in North America, Europe, Asia, and the Middle East.
Millett, MSc business continuity, Hon FBCI, MBCP, volunteers for the DRJ Editorial Advisory Board, the Business Continuity Institute Women in Resilience, Continuity Insights Advisory Board, and board chair for the Eastern North Carolina chapter of the Alzheimer’s Association.
She lives in Raleigh, N.C., and enjoys traveling, attending live performances, doing yoga, and art. She enjoys being anyplace where she is with family and friends.
“The BC profession serendipitously chose me!”
Megan Murphy said it was 2002 when she was a junior analyst at the Bank of Canada. It was after 9/11 and Y2K and there was much business continuity work to do, including setting up an alternate site. The senior security analysts were busy doing physical security and information security. As the junior analyst and newest team member, she was tasked with the business continuity work.
“Before working at the Bank of Canada, I had not heard of business continuity at all,” said Murphy.
Since then, Murphy hasn’t looked back. She has worked for more than 20 years in incident management, corporate security, and project management with Government of Canada federal agencies. She holds a master’s degree in political science, an advanced certificate in project management, and is a Project Management Professional.
Currently Murphy has worked as manager of security operations for the Office of the Superintendent of Financial Institutions since June 2019.
OSFI is an independent agency of the Government of Canada that regulates and supervises Canadian banks, insurance companies, and private pension plans to determine whether they are in good financial condition. OSFI employs about 800 people in offices located in Ottawa, Montreal, Toronto, and Vancouver.
Murphy said very early in her career she might have found business continuity a “thankless profession on some days, in that it was sometimes seen as extra work, and its value to an organization was not always understood.”
She said, “It required a lot of explaining, rationalization, and negotiation to complete enterprise-wide tasks involving a diverse set of stakeholders like a Business Impact Analysis.”
However, in the last 10 to 15 years in the financial and government sectors, Murphy has found that the business continuity profile has risen significantly with more buy-in, support, and resources.
Now, Murphy said her favorite part about working in the BC profession is working with such a diverse stakeholder group from across the enterprise.
“Working with executives, IT, business, operations, HR, communications, finance, security, facilities, etc. has expanded my network greatly but also helped me to grow and hone my listening skills to try to understand their points of view and perspectives,” said Murphy, “and to understand and to try to reconcile the intricate web of their mutually overlapping and sometimes opposing requirements.”
Murphy and Regina Phelps, of EMS Solutions Inc., will present “Incident Command System – Best Practices in Crisis Management” at DRJ Spring 2021 during Breakout Track 2 on March 29 from 4:15-5 p.m.
The pair will discuss the Incident Command System (ICS), how it was developed, and why it should be used; the eight hallmarks of ICS; journey to change an organization and converting to ICS; practical applications for any organization; and lessons learned and suggestions for implementation.
The duo will demonstrate how ICS can solve problems of departmental silos and program fragmentation which often occurs in any organization and streamline communication and decision-making.
“ICS is not one-size-fits-all,” said Murphy. “It is customizable and to make ICS work well, you need to ensure that it fits the culture and structure of your organization.”
This will be Murphy’s first time to present at a DRJ conference. She recalled attending DRJ Fall 2011 in San Diego when she heard speaker and author Daniel Pink. She had never heard of him so she wrote his name down in the margins of her notes. Later when his book came out, she quickly read it in only a few days.
“The way that Pink explains motivation as being intrinsic and divided into autonomy, mastery, and purpose was a transformational concept for me,” she said, “and continues to influence me to this day how I approach my own motivation and how I lead my team.”
As an attendee at a DRJ conference, Murphy’s favorite part was networking and learning about the challenges and opportunities that other organizations were facing as well as forecasting upcoming trends and getting a better, more strategic sense of where the BC industry was heading.
Murphy’s role at OSFI is leading the security operations initiatives including the incident management and BC program, personnel security, physical security, contract security, and information security. She is involved with the inclusion network at OSFI and an active committee member of the Unconscious Bias employee resource group.
While at the Bank of Canada, she was the leader of a popular employee resource group which focused on starting a mindfulness movement in the workplace.
Murphy lives in Ottawa, Canada, with her husband and two school-aged children. Her favorite place to be when she was not at work pre-COVID was at the spin or yoga studio. Currently her favorite place to be is out on her bright pink bicycle exploring Ottawa’s beauty on its many recreational trails in the summer and in the winter at her Nordic ski club on her cross-country skis. She also enjoys walking nature trails in a nearby conservation area with her children and feeding the chickadees.
Phelps is an internationally recognized thought leader in the field of emergency management, pandemic, and contingency planning. Since 1982, she has provided consultation, training and speaking services to clients on five continents.
Lynnda Nelson is passionate in educating others about organizational resilience and is a life-long learner. She believes that seeking new knowledge is an essential part to who she is. She also leads the study of resilience globally and dedicates a significant amount of time to this effort.
She is one of the founders of ICOR, a global nonprofit education and credentialing organization focused on resilience. ICOR’s mission is to build resilient communities one organization at a time and to build more resilient organizations one leader at a time.
“We strive to empower individuals with the knowledge necessary to increase the resilience of the organization they work for and within the communities they reside,” said Nelson.
She has been president of the organization since 2005.
“We educate, we credential, we lead,” she said. “We participate globally in learning how individuals, organizations, and communities can become more resilient.”
Nelson chose business continuity one aspect of her profession because it relates and contributes to building more resilient organizations.
“I moved into the education profession in my early college years when my studies to be a nurse failed when I realized I didn’t like hospitals or sick people,” she said. “As a woman in college in the 1980s, careers in nursing and education were generally where we ended up.”
Nelson believes learning is the basis and cornerstone of all behavior. She has a master’s degree in education and originally began her career as a high school teacher. She briefly entered the business continuity profession as a consultant in 2000 and then moved to educating others about business continuity best practices and standards.
One thing Nelson enjoys is working on international standards to document a standardized methodology for business continuity and then teaching others.
In the past, Nelson has especially enjoyed networking and sharing about ICOR’s education and credentialing programs in the exhibit hall.
Nelson will share her expertise with DRJ Spring 2021 attendees during her March 31 Breakout Track 5 session from 12-12:45 p.m.
During her session, titled “ICOR Measuring Your Organization’s Alignment to ISO 22301:2019,” Nelson will share with participants how the international community published best practices and requirements for a business continuity management system back in 2012 and updated and improved these requirements in 2019.
“If your organization has not aligned its business continuity ‘program’ to international requirements, it is time,” she said.
For attendees who are looking for top management support, they will no longer need to fight this battle with securing and continuing to engage top management once they have a business continuity management “system” in place.
“It’s time to understand how a management system is different from a ‘program’ and what you need to do to ensure you are providing the best information on top management about your business continuity capabilities,” she said.
Participants who attend this presentation will first learn about management systems in general, about ISo 22301, and the changes to ISO 22301 and its 2019 version.
Nelson, one of the authors of ISO 22301 2012 and 2019, represents one of the experts in the U.S.
This presentation is the perfect opportunity for attendees to learn from someone who has been “down in the trenches” and understands not just what is required but why it is required and what each requirement looks like.
Nelson, founder and president of ICOR, manages ICOR’s education and credentialing programs. She is an expert on international standards for business continuity management systems, crisis management and communications, and community resilience.
Steve O’Neal has been in the business continuity/disaster recovery profession for 25 years. Before he first started working in the profession, he did not even know it existed. But it was a good fit for him based upon the direction of business at the time.
He has now worked for more than two decades in BC/DR and enjoys witnessing everyday people “picking up the pieces after an event, and the knowledge that critical services they depend upon were supported by direct contributions I have made to improve response.”
O’Neal is responsive, resourceful, and a clear communicator as an enterprise relations manager.
One of his favorite things about working in the BC/DR industry is the passionate people he has worked with in the profession across all markets and company sizes.
He something he feels is commonly misunderstood in the profession is underestimating its importance until an event happens.
“Management doesn’t understand that a good BC plan can open up organizations that work in silos and don’t work well together during day-to-day production, much less a disaster,” he said.
O’Neal will present “Feels Like Time to Test the Partnership” with Mark Carroll of Income Research, a seasoned risk/BC professional who has held numerous positions at multiple Fortune 500 corporations.
The presentation takes place March 31 from 12-12:45 p.m. during the Breakout Track 5 session.
“Interacting with your salesperson in times like these is something many people try their best to avoid,” said O’Neal. “It’s pretty easy to engage the provider and place the order when everything is going well, but mix in real life perils and consternation and the dialogue advances to a whole new level.”
He said professionals need to understand that “business needs evolve and vendor relationships need to be solid enough to adapt.”
O’Neal has presented at more than 20 DRJ conferences. He has particularly enjoyed it when there has been “full audience participation to debate the topic.”
Through his presentations at DRJ conferences, O’Neal has learned how networking is a critical need in the profession.
“Nobody knows it all,” he said, “and realizing that there are people with specialties in various markets and solutions will help you get through an event.”
His favorite part of DRJ conferences is networking to hear the stories related to particular topics or concepts believed to be important to the group.
O’Neal has earned various technical certifications including an A+ teaching certificate and also obtained a degree in computer science. He is also CSC chief of the local FBI Infragard and vice chairman of the local LEPC. In addition, he has assisted the Red Cross Disaster Action Team for local disaster events.
O’Neal resides in College Station, Texas, with his wife and two teenage sons. He enjoys mountain biking, sailing, and aviation. He has been an Arabic linguist at USMC for the past seven years.
Regina Phelps has been in the business continuity/disaster recovery profession for nearly 40 years. Her start in the profession in 1982 was not intentional. She was part of the time in the profession where it evolved to what it is today.
Phelps is motivated to work in the industry “making a difference in the world, every single day with everyone we work for.”
She said, “The work we do makes a difference in the company, the community, its employees, and their families – can’t beat that!”
Phelps is president of Emergency Management & Safety Solutions Inc. She works with a team of 10 who do work in four continents on the topics of crisis management, exercise design, business continuity, and pandemic planning.
Emergency Management & Safety Solutions Inc.’s mission is straightforward: it’s all about the client and providing the best possible service.
“We educate and empower our clients and transfer our knowledge to them,” she said. “When a person and a company get better, we all get better!”
Phelps, who described herself as dedicated, curious, and driven, will present multiple times at DRJ Spring 2021.
Workshops Track 1
She will present “Are You Ready for a Massive Ransomware Attack at Your Organization? You Need a Cyber Exercise to Find Out!” on March 29 from 10-10:45 a.m. at Workshops Track 1.
According to Phelps, ransomware is likely one of the greatest cyber threats of our lifetime. Many major organizations have had systems locked for weeks and months and have paid large amounts of money to regain access. With more people working at home, this threat is even more significant. Experts agree it is simply a matter of when, and not if, it will happen.
Unfortunately, few companies have serious plans for how they will respond to the impact of a ransomware attack and even fewer stress test those plans. So, how can one prepare for the impact of a ransomware attack?
Phelps said a cyber exercise should be conducted.
“Such exercises force real-time situation analysis and decision-making and clearly demonstrate what you need in place in order to cope with the loss of technology,” she said.
Attendees of this session will learn how to develop a realistic cyber exercise to challenge executives, crisis management teams, technology staff, and business units.
Topics covered will include what a cyber exercise is and is not, ransomware design principles and effects, critical elements which make a cyber exercise work, and more.
Phelps hopes attendees will take away important tips on how to do their job better, engage more people in their work, and create a more resilient company and community.
Breakout Track 2
Phelps will co-present with Megan Murphy, of OSFI, during Breakout Track 2 on March 29 from 4:15-5 p.m.
The duo’s presentation, titled “Incident Command System – Best Practices in Crisis Management,” will offer information on how companies can better embrace the system which has helped the public sector.
The Incident Command System, or ICS, was developed in the 1970s for emergency responders and has been used in the private sector for the past 20 years. It is a comprehensive methodology built on eight hallmarks to help streamline the span of control and decision-making.
This general session will provide an overview of the ICS and detail how companies have effectively implemented it throughout their organization. OSF’s experience in developing and using ICS across its offices helped protect critical functions of a financial regulator throughout uncertain times.
In March 2020 during COVID-19, OSFI used to move all of its employees to successfully work remotely, moving from four physical offices in Ottawa, Toronto, Montreal, and Vancouver to more than 800 remote offices in one weekend.
Phelps and Murphy will demonstrate how ICS can solve the problem of departmental silos and program fragmentation which often occurs in any organization and streamline communication and decision-making.
Topics which will be covered during the session will include ICS 101, eight hallmarks of ICS, journey to change an organization and converting to ICS, practical applications for any organization, and lessons learned and suggestions to be implemented.
General Session 7
Phelps’ General Session 7 presentation will be April 1 from 10:45-11:45 a.m.
According to Phelps, the COVID-19 pandemic was everything people had feared and prepared for many years. Those who wrote and developed pandemic plans were brought into the light during the heightened avian flu scare in the 2000s, culminating in the 2009 H1N1 pandemic. Fortunately for the world, the 2009 pandemic was mild. Professionals had planned for something that could be just as bad as 1918 but fortunately that did not happen.
So, the world fell back into a slumber. Pandemic planning became a box to check on a compliance form but not a fully developed or robust plan.
“After all, 2009 wasn’t that bad.”
Fast forward to 2020 to the great coronavirus pandemic. It was all that had been dreaded – and more.
She will cover several topics during this session:
-what has worked and still needs to be improved regarding COVID-19
-how critical is BC/CM as the pandemic winds down
-how the value of BC/CM is defined within an organization
-how to present and demonstrate BC/CM value to management
Phelps has presented at every DRJ conference since 1997 except one, when she could not get there in 2001 after 9/11. Through presenting and participating, she values the importance of ongoing education and personal knowledge.
“You can always learn something new, improve your skills, and be better than you are today,” she said.
She also thoroughly enjoys meeting people who she has “met” through platforms such as LinkedIn, seeing clients, and old friends.
Phelps is an internationally recognized thought leader in the field of emergency management, pandemic, and contingency planning. Since 1982, she has provided consultation, training and speaking services to clients on five continents. She has been s a certified emergency manager through IAEM for more than 25 years.
She also worked for seven years in nursing and hospital administration.
Phelps was board chair of the San Francisco Chamber of Commerce in 1991. At the time, she was the first female board chair, small business owner, and the youngest by 20-plus years to lead the organization. Over the years, she has also held several board positions including chairs, committee chairs, and commissioners.
She currently has professional memberships in BRMA and IAEM. She has spent 38 years of board service in the fields of business, women’s issues, and environmental and birding issues.
Phelps has traveled to more than 90 countries. She is an avid bird watcher and environmentalist. Her favorite place to be when she’s not working is in Africa bird watching.
Patrick Potter is a “jack of all trades” and is always willing to jump in to help with whatever is needed. He also has a “start-up mentality,” which means he likes to be innovative and act quickly. He’s also loyal to his organization and treats it like family.
These qualities, combined with Potter’s more than three decades of experience in the business continuity/disaster recovery profession, provide Potter with plenty of expertise to share with attendees at the upcoming DRJ Spring 2021.
Potter, risk strategist, has been with Archer for nine years in roles of pre-sales, product management, and marketing. He started working in BC/DR at American Express more than 25 years ago.
Archer is a global integrated risk management company that provides software, services, and support to organizations worldwide to help them better manage risk in a changing world.
“BC/DR is more than an area of a business,” said Potter. “It’s a vital part of keeping a business up and running. Resiliency, as I’d rather refer to it, also applies to people personally, to society, and the world at large.”
He said, “It’s not only a profession, but a value.”
According to Potter, the profession is “evolving and getting better.”
One thing he most enjoys about the BC/DR profession is helping companies to improve their capabilities.
Potter plans to present “The Best Offense is a Good Defense – How Resiliency Drives Innovation and ROI” during the Breakout Track 6 session on March 31 at DRJ’s upcoming spring conference. The session takes place from 4:15-5 p.m.
“The adage ‘the best defense is a good offense’ is attributed to many, including Machiavelli, Sun Tzu, and George Washington,” said Potter. “It has been applied as a reference in sports, board games, and warfare.”
Potter said this saying means “to take advantage of your opponent by being prepared, focusing on the basics, looking for opportunities, and taking them.”
During the session, Potter will use the concept to apply to operational resiliency, which is the ability for an organization to bounce back after a disruption, to bend but not break.
“Most look at resiliency as a good defense,” he said, “and that played out in 2020 as many organizations were disrupted which prompted them to begin building resiliency.”
But Potter said professionals should view building resiliency as a business strategy – to help drive innovation, to increase speed time to market, or to become stronger financially.
Attendees will learn how building resiliency often results in a positive ROI over the short- and long-term. They’ll also acquire five ways to build resiliency to enable their organization to not only come out of disruption but emerge more quickly in better financial shape, more agile, and ready to capitalize on opportunities which present themselves during and after a crisis.
Potter wants those who attend his presentation to learn that “resiliency is more than a checklist activity. It’s absolutely vital for all business to be resilient to the disruptions that can and will occur and that people should be resilient for the same reasons.”
DRJ Spring 2021 is not the first conference Potter will attend. In fact, he has presented at many previous conferences and said each has been a great experience. Although he misses the in-person meetings and interaction, he’s looking forward to the upcoming virtual experience and networking, his favorite part of the conference.
Potter, CPA, CBCP, CISA, has more than 30 years of experience leading risk management, operational resiliency, compliance, internal audit, third-party management, strategic planning, and process improvement in both practitioner and consulting roles. He has developed a unique perspective working with analysts, partners, and customers spanning many industries including financial services, healthcare, government, energy, education, travel, and hospitality. He is a subject matter expert for Archer where he provides strategic input into the development of the Archer Suite and works with customers on best practices.
He has professional memberships in IIA, DRI, and ISACA and has a master’s degree in international business. He has traveled globally for work and at one time lived in Chile and spoke fluent Spanish.
He enjoys volunteering at his church and within his community. When he’s not working, Potter enjoys spending time with his family, working out, and hiking.
Michael S. Quam
Michael S. Quam is motivated to find the needle in the haystack. He seeks – and potentially finds – gaps for which no one else searched. He is innovative and accountable collaborator with more than a decade of experience in the business continuity/disaster recovery profession.
Quam is senior manager in business continuity management for Micron Technology. Micron is headquartered in Boise, Idaho, and has more than 60,000 team members worldwide. The company uses technology in order to create solutions for improving life for all.
“Our mission is to transform the way the world uses information to enrich life for all,” he said. “Our core values are people, innovation, tenacity, collaboration, and customer focus.”
Quam has worked for four years in his current position and in the BC/DR field for 14 years. He recently hired someone he ran into in Afghanistan and convinced that person to join the BC/DR profession.
One of his favorite things – besides recruiting other professionals to join the field – is “when things ‘click’ after you’ve been connecting the dots for days, months, or even years.”
According to Quam, one misconception in BC/DR is how people tend to focus on the plan as the output, but there are several outputs that each have unique value:
BIA – This teaches stakeholders to think about SPOF and gaps. It is an exercise and it’s important the stakeholders are actively engaged.
Risk analysis – This has to be gathered in a detailed fashion to ensure it’s understood with monitoring mechanisms, escalation criteria, and proper impact planning.
Exercise – This is a chance to convince your stakeholders that your process works. If it’s done “half-ass,” then you might as well throw away the plan.
He will co-present at DRJ Spring 2021 with John McCarthy, who served with Quam in Afghanistan and was a risk analyst and BCP planner.
Their Breakout Track 7 session – set for April 1 from 12-12:45 p.m. – is titled “Lessons Learned: Crisis Management in Afghanistan.”
This presentation will take attendees through the process of setting up an SOC in Afghanistan with crisis management as its core process. This helps to define the importance of separating CM from BCP and how it works in the most dynamic country on the planet.
“CM and BCP are two very distinct programs and separate goals, objectives, and methods,” said Quam. “In order to be successful in CM, you need to shed all the nuances of typical BCP to meet the needs of the operational and environment around you.”
He said, “This presentation will discuss my take-away that I then took back to Micron to improve your CM process for a Fortune 500 company.”
Quam was a presenter at a DRJ conference in 2018.
“These conferences are memorable because most of the year we spend in a bubble, not knowing the direction of our outside peers,” he said. “This conference gives us a chance to benchmark and understand the BCM world around us.”
Something Quam learned at a previous conference was how once a standard has been aligned such as ISO 22301, one can deviate to try different things. However, when something does not work, it’s also important to go back to the core and start again from there.
Quam’s favorite part of DRJ conferences is the feedback from participants. He enjoys both the criticism and encouragement because they help him connect and grow as a professional.
Before working at Micron, Quam served for 17 years in the U.S. Army and U.S. Army Reserves. He started out as a helicopter mechanic for the Apache helicopter. He wanted to be a pilot but was unable to do so because of his eyesight so he joined the BCM world in the military. He was fortunate to deploy to Afghanistan four times in support of this profession.
Quam will be speaking about his fourth deployment at the upcoming DRJ conference. He was able to co-chair the Afghanistan Security Operations Center and develop a crisis management process to allow fast, flat, and accurate flow of information during a crisis. At Micron, he started as the BCP program manager. He was then promoted to run both BCP and CM due to his experience. Currently, he manages BCP, CM, and DR teams worldwide.
He has been an officer in the military since 2006. He has served in command as an advisor, SOC director, and various other leadership positions. Currently, he is managing a worldwide team of BCM professionals for Micron.
Quam has a bachelor’s degree in educational psychology and a master’s degree in teaching in the area of mathematics. In addition, he has a professional membership in CBCI.
When he’s not working, Quam enjoys spending time with his wife and four children where they live in Dubuque, Iowa. His favorite place is on his family’s acreage, in the middle of the grove, staring up at the trees.
He also volunteers at the Diversity and Inclusion Council and a multicultural center in Iowa.
Dr. Jo Robertson
Dr. Jo Robertson started her career as a journalist on the top-rated prime-time newscast in the country. It seemed like a logical choice to jump to the other side of the fence to work with companies to help them better understand what the media was going to say about them if they were in a crisis. Most importantly, Robertson teaches them how to stay out of crises in the first place.
With 20 years of experience keeping companies out of crisis, Robertson has plenty of experience working in the business continuity/disaster recovery field.
“When I teach crisis management classes or give seminars, I enjoy seeing heads nod as the concepts start making sense and are getting internalized,” she said.
Robertson said one common misunderstanding in BC/DR is challenging best practice.
“There’s too much repetition of old outdated information that’s no longer relevant,” she said. “If you are new to the profession, it’s up to you to challenge ‘what has always been.’”
She said professionals should ask to see the data when someone claims something is ‘best practice’ because there just isn’t data to support many of these cardinal rules any longer.
This is something Robertson plans to address during her Solutions Track 1 session on March 30 from 10-10:45 a.m. at DRJ Spring 2021.
Robertson’s presentation, titled “Gray Rhinos and Risk Assessments,” will discuss how the COVID-19 pandemic was not a “black swan” – a catastrophic event that came out of the blue that no one saw coming – but was actually a “gray rhino” that had long been predicted but leadership everywhere overlooked it.
“As we move forward from the pandemic to new challenges,” said Robertson, “how do we better ensure we’ve got our eyes open so the next crisis doesn’t hit us unaware?”
Robertson said gray rhinos are high-likelihood-high-impact risks but “we fool ourselves into believing that although they are high-impact risks, they are low-likelihood of happening this year and can be pushed into the moderate risk category for mitigation down the road.”
Fine-tuning the way professionals look at this will require a change of perspective and a new methodology, including reconfiguring the way people do their risk assessments to re-weight them differently.
“Why as risk managers do we insist on the outdated strategy of rating the y-axis, or likelihood, on equal footing with the x-axis, or impact?” Robertson asked. “If we decrease the importance of the likelihood axis and increase the significance of the impact axis, our gray rhinos become red rhinos, clearly in need of mitigation.”
This concept and methodology were first published in DRJ’s Fall 2020 edition and is quickly gaining traction across the industry.
Now, Robertson is encouraging attendees to join her session on March 30 to learn more about how to see an organization’s gray rhinos.
“I’ll show you how to see gray rhinos and plan for them effectively in your organization,” said Robertson.
DRJ Spring 2020 is not the only conference at which Robertson will be presenting. She also presented at DRJ Fall 2020 with “The NEW Rules of Crisis Leadership.”
Robertson loves to interact with those who are attending her sessions, and the back-and-forth discussion always makes the material so much more tangible.
As global director of emergency preparedness for Capital One, Robertson was responsible for orchestrating the creation of a coordinated universal emergency preparedness program and the leadership of 2,500 life safety team members. As director of crisis preparedness for Arkema, she rebuilt and re-energized crisis preparedness initiatives and acted as a trusted advisor to C-Suite executives for France’s leading chemicals producer. At Deloitte Services, she led the national crisis management program for more than 100 offices. As vice president for Marsh Crisis Consulting, she delivered crisis communications planning, media training, real-time support, and complex crisis management exercises for Fortune 500 clients.
Robertson spent the first half of her career as a TV journalist and was responsible for news stories which initiated change at the highest levels of government, including a reversal of policy at the Pentagon.
She has a doctoral degree in crisis management from George Washington University, a master’s degree in journalism from American University, and a bachelor’s degree in communications from Pennsylvania State University.
Robertson is author of “Executing Crisis: A C-Suite Crisis Leadership Survival Guide.”
Roger Stearns’ passion for the job, motivation, collaboration, and versatility are four qualities which make him an extremely valuable employee.
Stearns, a certified FBCI, has worked in a variety of BCM and risk roles and industries for 35 years. He currently works for Philips as a senior global business continuity manager.
Philips was founded in Eindhoven, a city in the province of North Brabant in the south Netherlands, a well-known technology and design hub and the birthplace of Philips electronics. Philips is a multinational company which develops and delivers a full-life cycle of devices and systems for the full spectrum of healthcare.
At Philips, the goal is to make the world a healthier and more sustainable through innovation with the goal of improving the lives of 3 billion people a year by 2030.
Stearns said like many other business continuity/disaster recovery professionals, the profession chose him or “it just developed over the years.”
He said he says focused and motivated in a sometimes-thankless profession.
“Being minimized at times does not stop the critical need and focus of BCM, or crisis management,” he said.
Stearns’ favorite part of BC/DR is working with people and knowing how the company is organization.
“In large companies, no one person gets to see the vision of creation, raw materials in through customer support in the end as one solid stream,” he said. “They only see their part and maybe the parallel parts.”
He added that “BCM planning is not a spot in time or a checklist activity. BCM is a living, evolving process and must be updated, validated, and publicized to all employees.”
Stearns is planning to present at DRJ Spring 2021 on March 30 from 4:15-5 p.m. His Breakout Track 4 session, titled “An Operational Business Resilience Ecosystem,” will show attendees how the next risk is just around the corner, even while they’re still managing their current crisis.
He will share about one company’s journey to develop and deploy a global business continuity program and how it has evolved into an operational business resilience ecosystem. He will also discuss using an integrated and collaborative approach to break down silos to achieve real-time insights for better-informed decision-making.
Stearns will co-present with Rob van den Eijnden, BCM lead for Philips. The pair will provide practical insights, examples, and learnings of the company’s journey during their session.
Peter Steinfeld has been involved in the business continuity/disaster recovery profession for more than a decade.
Growing up in Houston, he witnessed the destruction and disruption of hurricanes. This opened his eyes to the importance of preparation and communication to improve outcomes.
“When the opportunity to combine my passion for selling with BC/DR presented itself,” he said, “it was a ‘no-brainer’ natural fit.”
Steinfeld said even though there is not one particular person who inspired him to join the BC/DR profession, watching first responders assist those in need and how they worked together and communicated effectively to save lives was very motivating.
As a BC/DR professional, he feels other professionals’ pain acutely.
“It’s much easier to sell a product or service that demonstrably and immediately saves money or generates revenue for an organization,” he said. “The benefit of BC/DR investments aren’t felt until disaster strikes.”
He said there is no deeper bond developed or gratitude shared than after an emergency incident occurs and the BC/DR investment helps to save lives or livelihoods.
Steinfeld’s favorite task in BC/DR is helping people prepare so they mitigate the impact of disasters and emergencies.
He does have one frustration regarding working in the industry.
“In my opinion, it is the mindset around the cost of ‘insurance’ (which is definitely what BC/DR investments are),” he said. “As someone told me many years ago, ‘insurance is the best money spent if you never have to collect.’”
Steinfleld said unfortunately many view insurance or BC/DR investments negatively, as a necessary evil and only worthwhile if they collect on it.
“This attitude causes people to under-invest or completely avoid spending in this area,” he said. “I can’t speak for anybody else, but I’m perfectly happy paying for life insurance and never having to collect on it.”
He said it’s the same with seatbelts and airbags.
“I’ll be happy that I made the investment if disaster strikes, but even happier if no disaster occurs at all,” he said. “This shift in mindset can help people make wiser choices around BC/DR that could serve them well when trouble arises.”
Steinfled is senior vice president of safety solutions at AlertMedia, which offers the most intuitive emergency communication software on the market with fully integrated threat intelligence and employee safety monitoring. AlertMedia is located in Austin, Texas.
“We are the fastest-growing emergency communication company in the world because we provide a modern solution for employee safety and are committed to the delivery of additional value through product innovation and an unequaled customer experience,” he said.
AlertMedia’s mission is to save lives and minimize loss by facilitating timely, accurate, and relevant communications when an emergency situation threatens personal safety and business continuity.
“We hold our values close and live them each and every day because we believe they define who we are as a business, team, and community,” said Steinfeld.
He added six additional factors regarding AlertMedia:
-Customers always come first.
-They are humans, not robots.
-The company’s reputation is priceless.
-Simplicity is their strength.
-Hard work pays off.
-They work better together.
Steinfeld has held his current position for the past four years.
As a professional in the BC/DR industry, he said three traits define him as an employee: dedicated, passionate, and humble.
“I’m dedicated to AlertMedia and our mission, but I’m also dedicated to our customers and anyone who wants to learn more about how to keep their employees safe during a critical event,” he said.
He is passionate about the industry and positive effect professionals can have on organizations and, more importantly, their people.
“It’s what gets me going every day and what keeps me focused on how we can improve emergency communications and response,” he said.
The last trait which Steinfeld focuses on is being humble.
“The reason I focus on this aspect of my character is because I believe that, when you think you have it all figured out, you can become complacent,” he said.
Steinfeld said in this industry, complacency affects more than just one’s career – it affects the lives and organizations of the customers served.
“Luckily, there are so many brilliant people in this industry that make remaining humble fairly easy,” he said.
Steinfeld will present “Emergency Communication in the Pandemic Era: Where Do We Go from Here?” on March 30 from 12-12:45 a.m. during Breakout Track 3 at DRJ Spring 2021.
During this session, Steinfeld will highlight the most critical employee safety challenges facing business leaders as organizations transition to a “new normal.” Additionally, he will provide real-world examples of how businesses are leveraging modern emergency communication solutions to protect employees and improve business resiliency in the wake of the global pandemic.
Session attendees will learn practical tips and best practices for improving employee safety and emergency preparedness for a variety of business-critical events they might encounter in 2021.
Steinfeld has presented at previous DRJ conferences numerous times. Although he did not present at DRJ Fall 2002 in Orlando, that is the most memorable conference for him because it was after 9/11.
“The stories shared and lessons learned were scary, fascinating, and incredible valuable,” he said. “Outside conference hours, I recall not having to wait in a single line at Disney World. Few wanted to travel on that terrible anniversary, and the park was practically empty.”
At DRJ Fall 2019 in Phoenix, Steinfeld attended a session titled “Resilience and Innovative Leadership” that really stuck with him. The session focused on how leadership plays a vital role in achieving organization resilience and stressed the importance of creating a company culture that prioritizes accountability in order to mitigate risk.
“After everything that 2020 threw at businesses all over the world,” he said, “business resiliency is a very hot topic in 2021 and I find myself thinking about that session almost every day.”
Steinfeld said whether it is in a workshop or session, lunch table, or vendor booth, he enjoys meeting other people and learning about – and from – their challenges.
He has worked in IT sales for more than 25 years as an individual contributor and manager of sales teams. He has a bachelor’s degree from Middlebury College and MBA from Rice University.
Steinfeld currently lives in Austin, Texas, with his wife and three sons. When he’s not working, he’s relearning algebra, geometry, and other subjects to assist with tutoring; attending sporting events; Boy Scout campout; and “just trying to get five hours of sleep a night, which is all I find necessary after giving up caffeine 20 years ago.”
Frank Trovato is research director at Info-Tech Research Group, the world’s fastest-growing information technology research and advisory company.
Info-Tech Research Group serves more than 40,000 IT professionals in the U.S., Canada, and around the world. The company provides best-practice research, tools, templates, training materials, and step-by-step methodologies proven to accelerate projects. The advisory services include meetings with IT research analysts, workshops and consulting to help organizations complete critical projects and optimize IT operations. They partner closely with their clients to understand their challenges and right-size the solution.
The company also provides data-driven diagnostic reports that enable IT leaders to objectively measure success and identify areas to improve across a range of topics from IT-business alignment to security governance and management.
Trovato has worked for nearly a decade in the business continuity/disaster recovery profession and five years as a research director.
He chose BC/DR because the complexity, variability, and usefulness of the profession appealed to him.
“Developing BC/DR plans and improving overall resilience is critical yet it can also be the most complex project you take on since it touches all aspects of your organization,” Trovato said. “It’s satisfying helping clients navigate this complexity and boil this down to the core actions that need to be taken, turning a complex project into a straightforward step-by-step process.”
“The profession is more than filling in a template,” he said. “It’s about understanding what enables an organization to function and using that knowledge to ensure resilience for critical processes and dependencies.”
Trovato will present “Three Common Mistakes in Ransomware Security Planning” on April 1 from 10-10:45 a.m. as part of DRJ Spring 2021’s Solutions Track 2.
According to Trovato, when large organizations such as such as Garmin, City of Baltimore, or Travelex are crippled for days or weeks due to a ransomware attack, it’s a reminder that even organizations that should have a mature security profile are making mistakes in ransomware readiness and response planning.
Trovato’s session will cover three overarching common mistakes made by organizations: failure to position risk in business terms to get appropriate funding; not going deep enough in testing ransomware readiness; and inadequate DR planning that does not account for a ransomware threat that could infect your backups and DR site.
“Most ransomware attacks take advantage of known vulnerabilities,” he said. “The root cause is often a failure to either fully understand those gaps or get buy-in for specific actions to close those gaps.”
Trovato said security and continuity professionals need to translate the general mandate to be resilient into specific actions to achieve that goal.
Over the years, Trovato has presented at four previous DRJ conferences. He said 2019 was the most memorable because of the size of the audience.
“My sessions have always been well-received by the audience, with a good percentage taking the time to talk to me after the session, and that was amplified by the size of the audience in this case,” he said.
It was also memorable because this was a joint presentation with two of his colleagues. They also visited Disneyland one evening and had a blast.
“That was my first visit to Disneyland as my colleagues convinced me to finally take advantage of the close proximity to the conference,” he said.
Trovato said that he has also learned “a ton over the years at DRJ conferences, from best practices for crisis management to the range of capabilities offered by various BCM software solutions.” He said these sessions have also helped affirm the approaches he takes to BC/DR planning.
Away from work, Trovato is an avid sports fan. His favorite team is the Toronto Maple Leafs.
“Every fall I envision a Stanley Cup parade in June, only to be disappointed in mid-May,” he said. “But there’s always next year!”
Trovato is married with two adult children. In addition to spending time with his family, he also enjoys gardening and maintaining his aquarium.
Andy Witts and Christopher Duffy
Andy Witts and Christopher Duffy will co-present “Paradigm Shift: Redefining Plans with Agility and Depth.” Between the two, they have presented nearly 25 times at previous DRJ conferences.
Both Witts and Duffy agreed the most fun presenting was DRJ Fall 2020’s virtual conference because they were able to engage with their audience after the recording was completed.
The pair agrees that they thoroughly enjoy the opportunity to catch up with customers, reconnect with friends, and meet new ones.
Combined, the duo has 30 years of experience working in the business continuity/disaster recovery profession.
Witts has been director of service delivery at Infinite Blue for three years. He manages customer success, professional services, and customer support for all applications at Infinite Blue.
He described himself as industrious, dedicated, and analytically focused.
“I love working hard to help our customers,” he said, “and I’m dedicated to the company and our mission.”
Witts said the BC/DR industry combines his knowledge of real-world crisis which was familiar from his former military experience with software and proactive approach, making it an easy choice.
Duffy has been a senior advisory and sales executive for two years. He creates high value customer experiences in organizational resiliency and serves as a trusted adviser and strategist to BC in the Cloud clients. He’s also a recognized award-winning speaker and evangelist for the elevation of BC/DR.
He said he is passionate about the industry, committed to customers, and has a willingness to learn.
His interest in the profession grew organically. He was vice president of technology and found that he excelled in organizational resiliency. He was inspired when he was a network engineer by his first CIO, Leo Gilmore, who taught him the value of incorporating business into IT and how important testing was.
Seeing customers succeed and grow professionally and knowing that working together they are set up for success are important motivates Duffy to work in the BC/DR industry.
Witts said he gets the opportunity to work with so many people from a variety of companies and seeing them achieve success is very rewarding.
Duffy added, “Helping customers to see their vision come to reality is one thing that inspires me.”
In the vast world of BC/DR, Witts said a common misunderstanding of the profession is that many people confuse BC with DR and “just think it backs up their systems.”
He said when people realize the depth and breadth of value they bring, people’s perspectives are changed.
Duffy said people believe this profession is reactive “when in fact it can be leveraged as a positive and proactive force for organizations, ensuring fiscal responsibility and resiliency.”
The duo will present at DRJ Spring 2021 on April 1 from 12-12:45 p.m. during Breakout Track 7. According to the presenters, for years professionals have built office-centric plans. The shift from those plans to a distributed workforce brings additional challenges and opportunities.
In this session, attendees will learn proven techniques and strategies to help analyze current building plans and update them to fit with changing priorities brought on by the “new normal” of working from home.
Attendees will learn how to expand the value past business continuity and organizational resiliency while minimizing the overall work effort.
“The most valuable thing you can give back to your stakeholders is agile, easy-to-follow high-value plans,” said the presenters.
Infinite Blue delivers expandable apps for organizational resiliency through a low-code platform. The company is comprised of highly skilled professionals encompassing backgrounds from a multitude of industries. Employees strive to build and maintain effective applications for customers.
The company is headquartered in Collegeville, Penn., with an additional office in Telangana, India. The company currently has about 70 employees.
The company’s applications are created by certified business continuity experts who have decades of experience focused on business continuity and disaster recovery. Their experienced team has worked with every vertical, specifically finance, healthcare, manufacturing, education, utilities, retail, and public sector organizations. They are driven by a passion for their customers’ success and focus their efforts on helping them to achieve their goals. They strive to ensure all applications built at Infinite Blue work for organizations today and adapt to fit their needs in the future.