Return-Path: <sentto-279987-2316-1001368287-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Mon, 24 Sep 2001 14:52:13 -0700 (PDT) Received: (qmail 8484 invoked by uid 510); 24 Sep 2001 21:51:48 -0000 Received: from n34.groups.yahoo.com (216.115.96.84) by 204.181.12.215 with SMTP; 24 Sep 2001 21:51:48 -0000 X-eGroups-Return: sentto-279987-2316-1001368287-fc=all.net@returns.onelist.com Received: from [10.1.1.222] by mk.egroups.com with NNFMP; 24 Sep 2001 21:51:27 -0000 X-Sender: Ross.Leo@csoconline.com X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_3_2_2); 24 Sep 2001 21:51:26 -0000 Received: (qmail 51854 invoked from network); 24 Sep 2001 21:43:36 -0000 Received: from unknown (10.1.10.142) by 10.1.1.222 with QMQP; 24 Sep 2001 21:43:36 -0000 Received: from unknown (HELO csoc-fire1.csoconline.com) (140.169.2.142) by mta3 with SMTP; 24 Sep 2001 21:43:36 -0000 Received: from [140.169.2.142] by csoc-fire1.csoconline.com via smtpd (for mta1.onelist.com [208.48.218.7]) with SMTP; 24 Sep 2001 21:43:36 UT Received: by csoc-mail-imc.csoconline.com with Internet Mail Service (5.5.2653.19) id <S557JAT9>; Mon, 24 Sep 2001 16:42:27 -0500 Message-ID: <72222DC86846D411ABD300A0C9EB08A156FF3E@csoc-mail-box.csoconline.com> To: iwar@yahoogroups.com Cc: "George Guillory (E-mail)" <george.guillory@compaq.com> X-Mailer: Internet Mail Service (5.5.2653.19) From: "Leo, Ross" <Ross.Leo@csoconline.com> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Mon, 24 Sep 2001 16:43:41 -0500 Reply-To: iwar@yahoogroups.com Subject: [iwar] RE: NYTimes.com Article: Trying to Plan for the Unthinkable Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit This article was sent to me by a very dear friend, and I read it with great interest. It can be found at http://www.nytimes.com/2001/09/17/technology/17DISA.html?ex=1002229804&ei=1& en=6d3fc68688a64e92. My thoughts: The sad fact is that the reason all the large recovery firms fail to achieve the real goal of disaster recovery is because they always overlook the human capital issue when advising their clients. The focus on the technology, the operation, and the information - all of which is vital to take care of , but in the end it is the human factor that makes it all work. I have been through several projects lead by these so-called "leaders" (in profits only, I suspect), and never once has this issue been given more than a passing mention by any of them In my humble opinion (IMHO) - no disaster recovery or operational contingency planning effort is complete without planning for the human assets as well as the technology and information assets. If absolutely necessary, the information can be recreated (at a cost), and the hardware and software can be purchased (again, at a cost). In the end, it the human component that is irreplaceable at any cost, because of the knowledge, experience, and judgement that always disappears when they do, no matter what the reason. In the short-sighted nature of American Business, the Disaster Recovery/Operational Contingency Plan and its cost to produce and implement is a draw-down on the bottom-line, without the visibility of any immediate ROI. That is why less than 5% of American businesses have DR plans that are fully tested and implemented, and only 35% even have one at all. Such plans are viewed like insurance: it's a cost, and you're glad you have it, but only when the time comes that you need it. BUT, if that time comes, and you don't have any insurance, you can't get it even if you could afford to (which you couldn't). Most of the firms, regardless of their particular business, that vanished when the WTC in NYC two weeks ago, are gone for good. Maybe some had a disaster recovery plan, most did not. Those for whom the WTC was their only location, it won't matter. But for those that had other locations, there is no excuse. They at least have the opportunity to recover. For those that vanished, tragically they will not. Too often American Business management plays a game of "corporate craps" with costly, scarce, sometimes irreplaceable assets, information, and people. The worst of it is these managers are betting assets that are only theirs to manage - they don't own them. Many don't even own a piece of them. The assets at risk of loss belong to shareholders, who at worst are blind or at best are simply uninformed. The managers often think they are exercising sound business decision-making when they don't spend money on projects of this sort because "they are a cost with no ROI", and there is no telling whether or not the plan will ever even be used. What these managers don't grasp is just how irresponsible such a decision is in legal or fiduciary terms. They don't grasp the magnitude of the corporate liability they assume on behalf of the shareholders, whose assets are being placed at risk, and who did not give their permission to do so. Nor would they if asked. It is becoming increasingly obvious that the managers who play this game (and it is most of them, at all levels) place at risk many billions of shareholder dollars. It is becoming equally obvious that it is not only the shareholders who will bear the cost of a loss. The shareholders paid their packets up front, the rest of us will cover the cost of cleanup and re-construction. And all it took to bring this quickly, and painfully to their aggregate awareness was the unthinkable loss of the New York World Trade Centre, and the 6000+ lives lost when it vanished. Ross A. Leo, CISSP, CBCP Chief Information Security Officer Security Programs & Engineering ------------------------ Yahoo! Groups Sponsor ---------------------~--> Pinpoint the right security solution for your company- Learn how to add 128- bit encryption and to authenticate your web site with VeriSign's FREE guide! http://us.click.yahoo.com/JNm9_D/33_CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:49 PDT