Musings from the conference
21 November 2016
Last week was the annual BCI World Conference and, along with some colleagues from PwC and the BCI, I facilitated a debate on what the future holds for BCM.
Our conversations were based on the summer survey that we conducted with the BCI, and were infused with expertise from delegates that represented us all: from older hands and career switchers to a class of Disaster Management students from Coventry University.
In the morning we talked about how to get more young people involved in BCM when many older hands say they just “fell into it.” Dean Beaumont from Virgin Money shared how a university student – also on the stage – contacted him and landed the first ever internship at the company.
We also mused on the fact that about 76% of us have degrees and a full 28% already have a masters. –While there was an overwhelming consensus in the room that we do not NEED a degree to do our job, the student contingent asserted that they wouldn’t get an interview without one. Indeed, a degree was a pre-requisite for my job, but when you couple this with existing academic qualifications and that 66% of us are looking for more accreditations (check out the survey findings here) then what is the driver for more?
We asked ourselves whether we really need more accreditations of what we already know, or if the driver is that it’s a way to start learning to speak the language of our sister disciplines – cyber security, physical security, crisis management, ITDR and so on - so that we can contribute more to organisational resilience?
In the afternoon the sessions were more practical, and mixed feelings were aired in our session that hosted older hands, career changers and the aforementioned students. One student struggled to understand how values and compassion have a place in incident and crisis management (the response to that from the older hands could be another blog post in itself!) While most had mixed feelings about the best way to get a job, or get promoted.
Here’s what I think I learned from the many delegates who participated on the day:
- Use “resilience” to increase your career opportunities. Those who work in-house, and most of those who don’t, say that the increased interest in Resilience is going to lead to improved career opportunities for everyone. Particularly those prepared to get on with working together with InfoSec, IT, Security and Risk Management.
- Don’t just sit at your desk - get to know your business. No one will read your email or review a BIA template with any level of enthusiasm, but if you arrive at their desk or run a workshop and transfer your practical, pragmatic enthusiasm; a) you get to know them and the business in much more detail, and b) they get to know you, and that can only be a good thing for a successful career.
- Be tenacious. Don’t give up and let the business brush you off. You are there to keep the company going in the event of a disruption or incident. If that incident was bad enough and they didn’t have a good enough plan in place they could be out of a job: they need you.
- Be flexible. Most of the older hands had worked in other fields for periods of time. One even shared that whenever she spotted a gap in her CV, for example when she realised she didn’t know anything about information security, she got a secondment or job in that place to make sure she will always have the right skills. The more agile and flexible you can be, the more experience you will build and develop, all of which will be useful.
- Work with everyone. There are many disciplines within an organisation that can support resilience. If functioning in silos they have impact, but when operating together, they can really shape the organisation, helping the organisation prepare for disruption, be ready to respond, or in the best cases, avoid the disruption altogether. Too often in my line of work I see BC managers operating alone, and this needs to change.
- Seize every opportunity and make your own opportunities. Reflected by the intern on the panel, he created his own opportunity to start a career in BCM. BCM is a discipline that finds you, but by being flexible and working with others, you can create that opportunity and really make the most of it.
Thinking back to the discussions we had, and looking ahead to the next 5-10 years, I’m excited about the prospects of BC. Starting my career in accounting, and then IT Controls audit, I have had some experience in different parts of the business. Now I dabble in ITDR alongside Business Continuity, and putting the two together has really benefitted my own development.
How will I take this further and learn from everyone I met at the conference? From the enthusiastic 22 year old who wants my job to the about-to-retire veteran who knows that change is exciting when approached with enthusiasm. Well, I’m going to continue to be flexible, something that my role already requires, and I’m going to continue to listen hard and try to work with everyone involved in protecting our organisations. I primarily work in the West of England and Wales and my team combines the offerings of BCM, Crisis Leadership, Risk Management and Control Frameworks into one team, working so closely with the IT and Cyber Security teams that few know we report to different people. Learning from each other, and combining our efforts will make our team and our clients more resilient in the long term – and my career more interesting.
Rebecca Robinson | Business Continuity