bci india conference and awards 2019
TRANSCRIPT
www.thebci.org
BCI India Conference and Awards 20191st March 2019 • Bengaluru, India
Sponsored by:
Sponsored by:
workplace recovery
On behalf of the BCI India Chapter, I thank you for choosing to prioritise your time to attend the 2nd BCI India Conference.
After the Successful Inaugural BCI India Conference & Awards in 2017 which focused on Leadership Commitment and Effectiveness, we have chosen this year’s theme to align with the current trend of “Transformation from Continuity to Resilience.” An additional stream has been included to cover the Research Pillar of 4-Pillar and BCI India Strategy – Think Tank future Practice, which focuses on Thought Leadership and touches upon the future of Continuity and Resilience.
The overall program is combined into three streams, with various topics covering different aspects of BCM lifecycle that will keep Risk, Continuity and Resilience professionals
engaged in discussion to understand the transformation, and prepare themselves for change. I encourage you to be interactive by engaging yourselves in discussion and debate for a collaborative learning and sharing session.
I would also like to take this opportunity to invite you all to stay on for the BCI India and South Asia Awards in the evening of the Conference, to cheer on and motivate all winners.
I look forward to seeing you all soon to exchange our knowledge and practical experience.
R Vaidhyanathan (RV) – Hon. FBCI, MBCP President - BCI India Chapter
KN ‘Vaidy’ Vaidyanathan is the EVP & Chief Risk Officer of the Mahindra Group since December 2011. Immediately prior to the Mahindra Group, Vaidy was the Executive Director at SEBI in charge of institutional investors portfolio, including domestic (MF) and foreign (FII).
Vaidy has over 25 years experience in financial services, primarily in the realm of asset management. He is an MBA from IIM Ahmedabad and holds a Bachelors’s Degree in Commerce from the University of Madras.
Vaidy is on the Finance Board of IIM Ahmedabad and on the Board of Center for Innovation, Incubation and Entrepreneurship of IIMA. He is an Advisor and Senior Adjunct Fellow in GeoEconomic Studies at Gateway House, a Mumbai based foreign policy think tank. He is the Chairman of RMNext, an association of Risk Management Professionals in India. He has been appointed as a member of Mutual Fund Advisory Committee of SEBI.
Welcome to the BCI India Conference and Awards 2019!
Chief Guest and Keynote:
K N Vaidyanathan (Vaidy)EVP & Chief Risk Officer, Mahindra Group
Keynote Speaker
Speaker profiles
A leader par excellence, Commander Jelson A Kavalakkat (Retd) served the Executive Branch of the Indian Navy for 20 years, before joining the healthcare industry in 2011. An alumnus of the National Defence Academy, he has successfully carried out several challenging operations - both ashore and afloat - Including the Command of a Warship.
Commander Jelson A Kavalakkat (Retd) has held key positions in some of the top healthcare facilities across the country, including Fortis and Hiranandani Hospitals. An expert in planning, executing and Commissioning of green field hospitals, he has an exceptional track record of
establishing and implementing strong, sustainable plans that take quality of healthcare delivery and patient care to the next level. With a cumulative experience of more than 28 years in operations and management, Commander Jelson A Kavalakkat (Retd) believes in achieving organisational excellence through teamwork, attention to detail and talent development.
Prior to taking over as the Chief Executive Officer, Commander Jelson A Kavalakkat (Retd), was carrying out the duties of the Chief Operating Officer and Unit Head at Aster Medcity, Kochi since March 2018 and currently is The Chief Executive Officer, Aster Medcity.
Cdr. Jelson Kavalakkat CEO, Aster Medicity
Solomon is a passionate and hands-on BCM practitioner, intuitive Resilience Thinker and Operations leader with two and a half decades of progressive experience having specific expertise in establishing, leading and maturing BCM, Crisis Management programs. Having ample experience in Program Management, Operations Management, Process Improvements, Customer Service, Client Management, Operational Analytics and Back Office operations, with global organizations in the IT/Insurance/ Banking and Telecom industries.
Solomon comes with a proven track record of developing and implementing sustainable BCM programs and practices
aimed at improving operational efficiency and ease of execution at project, program and organizational levels. A positive change enabler, Solomon is a strong motivator and team player with effective leadership, communication, decision making, problem solving, and interpersonal skills focused in linking corporate vision with the delivery of desired results through empowerment, development and cohesive utilization of people, process and technology.
Solomon has worked with and contributed to the growth of MNCs like Escotel, HSBC, Allianz Cornhill, Cognizant and HCL Technologies.
In 2018 Michael took on the position of Global Resilience Officer at Signify (formerly known as Philips Lighting) where he is responsible for resilience of the whole organisation. Michael has over 30 years in facilitating the high availability of Business applications and processes. Initially working on Tandem / HP NonStop systems in various roles and later over the last 15 years as IT Service and Business Continuity Management Consultant. In 2015 he was awarded The BCI European Continuity and Resilience Professional (Private Sector) award. In 2017 and 2018 he was a finalist in the BCI European Industry Personality award.
After helping initiate the BCI Netherlands and Belgium Chapter in 2015 Michael has been an active volunteer at the BCI and has served in many roles: Leader of the BCI Netherlands Forum, representative in the BCI Global Membership Council (GMC) and later vice chair and chair of the GMC, active judge of all BCI Awards since 2016,
and involved in the organisation of the BCI Netherlands Belgium Conferences in 2016, 2017 and 2018. Since 2018 Michael is a member of the BCI board. Locally he has organised many Forum events, led workgroups with other Resilience disciplines and participated in producing the BCI Research into Climate Change and publishing articles. He has also been a speaker at numerous international BCI/BCM/Resilience events. Michael is actively building up relationships with other professional bodies involved in the resilience arena.
Michael is a member of the Netherlands ISO BCM Mirror Committee and has been involved in the review of many ISO standards. As the Netherlands representative / Technical Expert in the ISO 292 WG 2 he is involved in the reviews of ISO 22301 and ISO 22313. He will also be involved in the review of ISO/IEC 27031.
Solomon Alexander Abraham BCM, HCL Technologies
Michael Crooymans MBCI Director, The BCI; Global Resilience Officer, Signify
Stream 1
15:00 - 15:35
Plenary
09:35 - 09:55
Plenary
10:20 - 10:50
Speaker profiles Speaker profiles
Samir is a seasoned Business Continuity professional with over 13 years of experience in Business Continuity Management, Disaster Recovery audits, Crisis Management, BCM training and awareness (Senior Management/Employees/Vendors), BCP Projects & Strategy.
He has been instrumental in conducting ISO 22301 audits, Pandemic Planning, Facility / Country Resiliency Planning, Business Impact Analysis, formulating business continuity/disaster recovery strategies across India, Middle East, UK and USA.
Samir has been a thought Leader (Speaker) at various Business Continuity forums, conferences and seminars. He was rated as one of the best industry speaker at one of the prestigious Business Continuity Conference for senior BCM professionals in India.
Certifications
• Certified ISO 22301 Lead Auditor and Lead Implementer • Certified BS 25999 Lead Auditor • Certified ISO 27001 Lead Implementer • Trained Trauma and Post Traumatic Stress Counsellor
Samir Macwana, Manager Business Continuity (APAC Region), First Data
Arunabh Mitra is the Chief Continuity Officer for HCL Technologies, a $8 billion information technology company with 120,000 employees and operations in 42 countries. His charter is to help evolve, shape and deploy the business continuity strategy for HCL’s clients from diverse industries and strengthen the resilience framework at HCL.
Arunabh is also the Chair of the India Think Tank of the Business Continuity Institute (The BCI) and his passion is about researching the impact of the Digital Reinvention of the Industry, its impact on our society, business and individuals and its knock-on effect on risk management.
Arunabh Mitra MBCI Chief Continuity Officer, HCL Technologies
Stream 2
14:20 - 14:55
Plenary
10:05 - 10:20
Lopa Mudraa Basuu is a leading Security Evangelist with eighteen years of rich, versatile experience in Information Security, Data Privacy, Risk Management & Governance. She has a proven performance record of delivering value as business enabler by transforming Security & Privacy to business USP in innovative ways, thereby boosting the business confidence by providing a secure platform to operate & explore new avenues of revenue generation and achieve intended business goals safely. She also authors articles and is a regular speaker & panellist in the professional public domain on the same. Lopa is an active member of CISO platform and tirelessly contributes towards the development of community knowledge bases (playbook, check lists etc.)
She holds a master degree in Information Technology and is a Certified Global CIO from ISB Hyderabad. She also has the required industry certifications. Global industry leaders like Ocwen, SLK Global, MetLife and Infosys are amongst the organizations to which she has contributed in her career till now.
She has expertise with Enterprise Security & Risk Governance Portfolio Management, Strategic Alignment of Technology with Business & Regulatory requirements, Cyber Defence Program Management, Data Privacy program Management, Information Security, Third Party Information Risk Management, Security Operations, Security Training, Architecting Network Security, Security & Risk based Audit Lifecycle Management Including Tech-Audit & Standardization & Compliance Program Lifecycle Management (SOX, SOC, ISO 27001, ISO 22301, ISO 20000, ISO 31000, PCI DSS, COSO, CobiT, VAL IT, RISK IT, ITIL, EU GDPR, HIPAA, HITRUST, DPF/DSF, WCA).
Adding to her technical & domain skills, she is specialized in Team Building, Talent & Competency Management, Strong Networking, Client, Stakeholders & Partner Relationship Management, Contract Management & Vendor Negotiation. Her forte is working with Executive Leadership Team. She is also adept in managing Inclusive, Diverse, Multicultural Global Teams.
Lopa Mudraa Chief Advisor Cyber Security & Risk Practices, SAFOU
Stream 2
11:20 - 11:55
Vittal is an risk assurance and consulting expert and trainer, with over 25 years of experience working with clients in a wide range of industry verticals on IT Governance, Cyber Security, Privacy, IT Assurance, Enterprise Risk Management and Risk Based Internal audits.
By qualification, Vittal is a FCA, CISA, CIA, CISSP, CGEIT, CISM, CRISC, CFE and Accredited COBIT 5 Expert.
He has consulted as strategic advisor to board and senior management of various entities on: Cybersecurity, IT strategy, GRC, systems and processes and risk management studies.
Vittal is a member on the RBI’s Standing Committee for Cybersecurity and IT Examination and a member of ReBIT’s Cybersecurity Assessment Framework Study Group. Vittal is also a member and Cybersecurity SME of the ICAI Technical Group on Internal / Concurrent Audit of Investment Functions of Insurance Companies.
Vittal is presently a member on the International Finance Committee of ISACA International and advisor for ISACA India Growth Initiative. Vittal has earlier served for two terms as the International Vice President and Director on International Board of ISACA, IL, USA as well as member of the ISACA International Audit Committee. He was awarded with the President’s award and Certificate of appreciation for outstanding contributions during his term as director on
the ISACA International board. His past volunteer experience includes having served on research and technical committees of ICAI-India, IIA Florida, ISACA International, ICWAI, GC member of MCCI.
Vittal is founder and senior partner of M/s. Kumar & Raj, Chartered Accountants and Director, Pristine Consulting Private Limited, leads and manages the Business & IS Risk Assurance Services Practice, across diverse business verticals, since last two decades.
Vittal has served as visiting faculty and subject matter expert with several eminent institutions of repute that include the Institute of Chartered Accountants of India and Sri Lanka, The office of the Comptroller and Auditor General, Reserve Bank of India, Institute of Internal Auditors, Indian Police on cybercrime investigation, various Banks, several ISACA Chapters in India and overseas.
Vittal is a regular speaker, having presented researched papers at several international conferences across several countries, and is an expert corporate trainer on IT Governance and COBIT, IT Risk Management, Cyber Security & Information Security, IT auditing, Enterprise Risk Management (ERM), Risk based Internal Audits, cybercrime forensics and fraud risk management, having trained delegates from various countries that included board members, CXOs, and across management levels.
Vittal Raj Director, Pristine Consulting Private Limited
Veteran Commander Pradeep’s motto is “Attadeepa Vihraratha” (be your own light) imbibed in his Netarhat Residential School (near Ranchi). Veteran Commander Pradeep comes with 12 years industry experience in IBM after serving 21 years in the Indian Navy. He has proven expertise in the areas of BCP/DR, strategic planning, large scale IT project management, program management, process compliance posture management, SDLC management, IT/ITES operations, supply chain and asset management, infrastructure administration and crisis management leadership.
He is credited with being the chief architect of Integrated Logistics Management System, running for last 20 years for past 22 years without a major upgrade. He is also credited
with setting up from scratch, Business Continuity Mgmt System (BCMS) for IBM India which included pandemic planning for almost one fourth of entire IBM.
Pradeep was conferred “Eminent Personality of IBM India South Asia” in 2015. He has also been awarded IBM ISDL Innovation Award in 2017, and Distinguished Service Award by his Alma Mater IIT Kharagpur in 2018.
Pradeep is on the governing council of IIT Alumni Centre Bangalore, and he is also the General Secretary of BCI India Chapter.
The veteran Cdr strives for social causes such as old age and community development.
Pradeep Prasad MBCI Risk & Compliance Lead, EdgeVerve Systems Limited
Stream 1
14:20 - 14:55
Stream 1
13:40 - 14:15
Mr. Sesha Prakash S Kusuma is the Group Vice President for PROMATAS Group of Entities which is an organization with its head office at Muscat, Oman. He is also the SBU Leader for PromaSecure Consulting, which is into several aspects of Information Security and Business Continuity domains like Information Systems assurance, ISMS, BCMS, IT Governance, IT DR, Security Advisory etc. He has led and executed many successful projects on the above disciplines. The most current one is on Information Security Governance for Ooredoo, a Telecom Major in Oman.
Mr. Sesha Prakash started his career as a banker with The Vysya Bank Limited (which is now taken-over by Kotak Mahindra Bank) but changed his career path after obtaining CISA certification to Information Assurance and Information Security. With about 40 years of rich and hands-on
experience, he is exposed to several businesses, professional and commercial challenges and has discharged his responsibilities in various capacities, managerial, advisory, Board Positions, etc.
He holds certifications from professional bodies like ISACA, ISC2, EC-Council, PECB etc. He has more than 25 certifications which include CISA, CISM, CRISC, CGEIT, COBIT5 (F) & CSX (F), CISSP, C|CISO, CPISI, ISO Certifications in ISMS, BCMS, Disaster Recovery, IT Governance, Compliance Management, to name a few. He is also an authorized trainer for several of the above certifications.
Mr. Sesha Prakash is a board member of ISACA Muscat Chapter and a respected personality among the professionals there. He was also a member of ISACA Bangalore Chapter and was on its Board for several years before relocating to Muscat, Oman. He has presented several CPE sessions to members of ISACA Muscat, local organizations and educational institutions. With his in-depth technical knowledge blended with many decades of experience, he is a Guru, Trainer and Mentor for many budding professionals inside and outside his organization.
Sesha Prakash Kusuma Group Vice President, Promatas Group of Companies
Stream 2
15:00 - 15:35
Speaker profiles Speaker profiles
Vikrant is an experienced risk practitioner with 23+ years’ experience leading risk and resilience programmes with large private Multi-national organisations like HSBC, Fidelity, clients of EXL services (Bank Of America, RSA, Prudential, Aviva), GE Capital & Tata Steel. He has handled 3 out of 4 BRIC markets and has managed resources from Emerging economies in Asia & Latin America as well as Developed markets like USA, UK & HK.
As Chief Security & Fraud Risk Officer of HSBC Global Operations, Services & Technology in his last corporate assignment, he covered 102,000 employees spread over 32 offshore locations of India, China, Malaysia, Manila, Colombo, Poland, Egypt, Brazil as well as Onshore locations in the UK, USA, Canada, HK, France etc. He now leads a Niche Risk Consulting & Solutions Firm, Risk Resources as CRO & Managing Partner.
He is the only professional globally, since the last 20 yrs of inception, who has entered into BCI Hall of Fame for winning “Industry Personality of the year” Award in 2007 (Global), 2017 (India), 2018 (India & South Asia) and 2018 (Global), for his contribution to the Industry.
https://www.thebci.org/news/hall-of-fame-winners-2018.html
He was the First certified Professional in 2003 in India by BCI & DRII together. He led the foundation of the BCI in India during 2004-10 and is now supporting again as Chair of BCI Hyd Forum and on the Board of BCI India. He has
been personally involved in growth of BCI India Chapter with launching Forums in Hyderabad (2016), Pune (2017) & Kolkata (2018).
He was instrumental in formation of Corporate Task force in NDMA, under the chairmanship of PrimeMinister of India, during 2006-10.
As Steering Committee member of BCI Next Practice ThinkTank since inception in 2016, he has worked on conceptualizing, institutionalising and execution of, Forward-looking Research in 9 sectorial and thematic councils for India.
Worked to build BCI’s strategic alliance with Nasscom, he designed & executed a series of Risk Mitigation Events during 2016-18 across various cities, around BCM, Supplier Risk Mgmt, GRC, Cyber Resilience & Privacy etc which helped BCI enlarge its community and outreach.
He is working with Sector Skill Council towards career mapping for Cyber Security & BCM/ Resilience Space with the aim to support skilling, reskilling or upskilling of upto 1mn Professionals.
He is a key-note speaker and panel member in many seminars & conferences globally around Risk & Resilience, including BCI World 2018, WCDM 2013 Toronto and BCI 2012 conference Shanghai to name a few.
Vikrant Varshney MBCI Chief Risk Officer & Managing Partner, Risk Resources
As BCI’s Merit Award (Global) Winner 2012, Business Continuity Manager of the Year in BCI’s C&R Awards India 2009, Finalist in Parivartan Sustainability Leadership Awards 2014, and with over 32 years’ experience in the Industry, Daman is currently the COO at Continuity & Resilience. He has earlier worked with Steria as Head Business Continuity Management (UK, India) & Head Green Activities (India). Initially he worked with TCS for over 20 years in various roles and positions. He has rich experience in Environmental Sustainability, Business Continuity Management, Business Excellence and Consulting (BCM, Green IT, Quality/ Process/ Malcolm Baldrige). He is a Technical Expert & Lead Auditor for ISO 22301 (Business Continuity Management System). He is also an Energy Management Expert (ISO 50001). Daman is Accredited Tutor for BCS “Foundation Certificate in Green IT” course. He is a BCI Approved Instructor and a member of the BCI’s Speakers Bureau.
Daman is IEEE Ambassador, Fellow of the BCS (British Computer Society), Associate Fellow of the BCI (Business Continuity Institute), Senior Member of IEEE (Institute of Electrical and Electronics Engineers). He is member of AIMA (All India Management Association) and Member of DMA (Delhi Management Association). He is Life Member of the CSI (Computer Society of India).
Daman has traveled to or worked in Scotland, England, Netherlands, France, Zambia, USA, Indonesia, Spain, Egypt, UAE, Oman , Iran, Mauritius, Sri Lanka, Qatar, Saudi Arabia, Singapore, Kuwait, and Bahrain. He possesses excellent mix of experience of a practitioner, trainer and consultant. He has served clients in various industries and sectors like IT/ IT-eS, Banking, Finance, Insurance, Retail, Manufacturing, Automobile, Pharma, Real Estate, Marine, Trading, Government, PSU, Telecom, Aviation, Energy/ Oil & Gas etc.
He has delivered over 400 talks/ workshops in national and international events. Daman is an expert in Disaster/ Crisis Simulation Exercises and has delivered many Simulation Exercises with varying scenarios like Cyber Attack, Fire, Civil Unrest, High Rise Building etc. including for the top management of organisations in different countries and industry sectors.
Daman is currently member of the ASSOCHAM National Council on Climate Change and ASSOCHAM National Council on Environment & Safety. He has experience of working with CII (Confederation of Indian Industry) for over three years as the Convener of the CSR Taskpanel working on Communities and Disasters.
Daman Dev Sood AFBCI COO, Continuity & Resilience
Stream 2
12:00 - 12:35
Stream 1
12:00 - 12:35
Ilango, FBCI is well known for his innovative and insightful BCM thought leadership. Having more than 15 years of consulting and practice experience, Ilango has shifted his focus from identifying innovative methods to enhancing BCM adoption. He is much appreciated in the Indian and International markets as a highly impacting BCM thinker and influencing leader. Ilango carries an excellent understanding of the nuances of BCM adoption within enterprises. It is amazing to see how Ilango has leveraged his experience to focus on enhancing BCM adoption in people and technology space and has demonstrated phenomenal success stories (given below). 1. He designed BCM StrengthAnalyzer, a global first of its kind Strength Analyzer for BCM domain, an assessment for BCM professionals and teams (you can find the book in Amazon publishing) 2. He has designed bcmTrack, a insightful BCM automation platform that has one of the best global designs in process
automation, 3. SIMBCM – is a complete online BCM simulation platform used to play competitive gaming to learn BCM concepts. Ilango has invested more than 1000 hours creating this design that is gaining rapid popularity, 4. He has a thought leadership material on Agile BCM – a topic well received in the 2017 BCI conference in India, 5. He has ideated the BCM risk index across Indian cities, a research carried out under the India chapter, 6.He has won the best BCI consultant of the year 2018 award for BCI India/SEA, 7. Two of his articles are published in Continuity magazine, notably the story on “Indians are inherently resilient”, 8.He has excellent insights and is working deeply on the transition path from continuity to resilience. Ilango is an excellent coach and all his sessions are well received. BCM professionals look forward to his sessions in the Indian events and conferences. His papers are likely to be crowd pullers and will be of value to the conference.
Ilango Vasudevan FBCI Managing Director, SARAS Analytics & Consulting
Stream 2
13:40 - 14:15
Agnidipta Sarkar is a speaker and thought leader with over 25 years of experience in helping top management continuously improve operational performance, by optimizing risks in the areas of information security, data privacy, and business continuity. He has worked in various leading organizations in many global roles: as a salesperson, as a consultant, as a subject matter expert, and as a transformational leader.
Currently, he governs the largest certified ISO27001 programs in the world at DXC, one of the largest ISO22301 certifications for business continuity and is intimately involved in making sure that DXC has continuously improving operational processes to face disasters across the globe.
Apart from security & continuity, he is also a privacy and risk evangelist. Agni has spoken on various platforms like iSMG, Business Continuity Institute, EC Council, International Association of Privacy Professionals, Corporate Counsel Association of India and ASSOCHAM.
He is a lead auditor for ISO27001, ISO22301, ISO31000 and ISO14001, and a contributor to ISO standards in development.
Agnidipta Sarkar Global Information Risk & Continuity Officer, DXC Technology
Stream 1
11:20 - 11:55
11'-1"
6'-6
"5'
-6"
6'-6
"
2'-1
0"
8 '-6"
8'-4
"1'
-8"
2'6'
-6"
3'1'
-8"
11'-6
"11
'-6"
1'-8
"10
'-7"
6" 2 '-10"
2 '-9"
2 '-7"
1'-8
"
2 '-4"
3 '-6"
3 '-6"
3'-2
"
15'-11"2 '-4" 3 '-7"
1'-8
"11
'-6"
1'-8
"11
'-6"
1'-8
"11
'-6"
15'-9"
15'-11" 3 '-7" 15'-9"
15'-11" 3 '-7" 15'-9" 3 '-3" 3 '-2"
9 '-10" 9 '-6" 10' 3 '-5"
5 '-10" 6' 8 '-4" 6'
3'7'
-5"
3 '-8"15'-11" 3 '-7" 15'-9"
11'-6
"1'
-8"
11'-6
"
38'
2 '-7"
64'-2
"
11'-5
"1'
-8"
11'-3
"14
'-10"
64'-2
"
22'-7"
3 '-8"
7'-9
"3'
-8"
22'-6
"3'
-8"
7'-8
"2'
-2"
2 '-8"
25'
3'-3
"
1 '-5"3 '-10"1 '-6"7 '-3"1 '-6"3 '-11"1 '-5"
3'-4
"
6'2'
-1"
1'-8
"4'
-8"
1'-6
"4'
-8"
6"
25'
4'-8
"1'
-6"
4'-8
"
1'-8
"3"
11'
3"6"
20'-10"
3 '-2"
40'-9" 41'-9"
96'-10"
12'-1
0"
49'-9
"
49'-9
"
20'-8"15'-11"
Floor plan
STREAM 1: VIJAYNAGAR HALL 1
STREAM 2: VIJAYNAGAR HALL 2
STREAM 3: RICHMOND
HALL
Programme
08:00 - 09:00 Registration and networking
Plenary Session – VIJAYNAGAR HALL
09:00 - 09:10Welcome and opening comments
Master of Ceremonies / Conference Chair: R Vaidhyanathan (RV) Hon. FBCI, President BCI India Chapter
09:10 - 09:35Keynote session
K N Vaidyanathan (Vaidy), EVP & Chief Risk Officer, Mahindra Group
09:35 - 09:55Plenary session: The challenge of resilience
Michael Crooymans MBCI, Director, The BCI; Global Resilience Officer, Signify
09:55 - 10:20Plenary session: BCI India Think Tank next Practice Update
Arunabh Mitra & Steering Committee
10:20 - 10:50Plenary session: Aster Medcity - Effective Recovery
Jelson Kavalakkat, CEO, Aster Medcity
10:50 - 11:20 Morning refreshment break
STREAM 1: VIJAYNAGAR HALL 1
STREAM 2: VIJAYNAGAR HALL 2
STREAM 3: India Think Tank update RICHMOND HALL
11:20 - 11:55
Operationalising top management Vision : a journey towards
building Resilience Agnidipta Sarkar, Global
Information Risk & Continuity Officer, DXC Technology
Paradigm Shift of Business Resilience in Light of Cyber Risk Lopa Mudra, Chief Advisor Cyber Security & Risk Practices, SAFOU
Mega trends Session : Connected Global Risks -Gaze into the crystal ball to prepare your
business for the future Panel discussion
12:00 - 12:35
Lets Skill a Million Professionals Vikrant Varshney MBCI, Chief
Risk Officer & Managing Partner, Risk Resources
BCM - Its All About People Daman Sood AFBCI, COO, Continuity & Resilience
Mega trends session continued
12:35 - 13:40 Lunch and networking
13:40 - 14:15Cyber Security Resilience Vittal Raj, Director, Pristine Consulting Private Limited
BCM Automation to Resilience Illango Vasudevan FBCI, Managing
Director, SARAS Analytics & Consulting
Solution Talk : Future Proofing Smart cities - Reflections on the impact on risk, availability, security and privacy.
Panel discussion
14:20 - 14:55
Business Continuity and Risk Management ecosystem under
the Technology onslaught Pradeep Prasad MBCI, Head
Business Compliance, IBM ISDL
Crisis Management- A collaborative effort Samir Macwana, Manager-Business
Continuity (APAC Region), First DataSolution Talk continued
15:00 - 15:35
Introduction of a Framework for Mutual Aid Agreements
to enhance ResilienceSolomon Alexandar Abraham,
Director-BCM, HCL Technologies
Common Mistakes in Cyber-securitySesha Prakash Kusuma, Group Vice
President, Promatas Group of Companies
Co-Creation Session : Reshaping tomorrow - What Does
India need in 2025? Questions from the floor session
15:35-16:15 Afternoon break
Plenary Session – VIJAYNAGAR HALL
16:15 - 17:10Panel discussion: Complacency in Business Continuity
Moderators: Jawahar Mahalingam AFBCI / Michael Crooymans MBCI Panellists: Arghajit Adhickary AMBCI (IT sector) / Karan Chawla (BFSI sector) / Sunil Kulkarni (MFG Sector)
17:10 - 17:25 Thanks and closing remarks by Conference Chair
17:30 – 18:45 BCI India Chapter AGM (Richmond Hall)
THE BCI INDIA AND SOUTH ASIA AWARDS (Vijaynagar Hall)
19:00 – 19:30 Networking drinks
19:30 – 20:30 The BCI India and South Asia Awards Ceremony
20:30 – 22:00 Buffet (3 course) dinnerTaj MG Road Bengaluru | 41/3 Mahatma Gandhi Road | Bangalore 560 001 | Karnataka | India
T: 91 80 6660 4444 | E: [email protected] | W: Tajhotels.com
Venue
Session summaries Session summaries
BCI India Next Practice Think Tank: Journey so far and the road ahead!
Monsoon is the most beautiful season in the State Of Kerala which brings out the romance in the minds of the romantic poets in Kerala. Except that it started a little early, the news of dam shutters being opened in the month of July was not greeted with any seriousness from the population.
Aster Medcity being situated on the banks of one of the major distributaries of river Periyar, The management of Aster was aware of the possible risks to its facility, one of which was flooding. Leadership is all about anticipating the probable’s and sometimes the impossible and getting prepared for the same.
Our founder Chairman Dr. Azad Moopan has inculcated the concept that Patient Safety should come first, always and every time. As a hospital, uninterrupted supply of Power, Water and Medical Gases are essential for the functioning and care, and even a short absence there can lead to loss of lives.
The leadership identified the possible threats that can occur by the last week of July. While the chance was remote to impossible at that point of time, a core committee was formed and processes were set in place to monitor the risks on regular basis.
These proactive actions made the organisation ready to face the disaster and in planning effective recovery. When the ambulance carrying a critically ill new born in Ventilator was moved out from
the hospital at 8:30 in the morning on the 15th of Aug, there was no water in the hospital premises except a few rainwater puddles.
Within hours of the last patient leaving the hospital premises, swirling flood waters of Periyar entered the lower ground floor of the facility and the power switches had to be pulled shut. Almost 350 patients were transferred out of the facility which included more than 150 critical patients who could not even sit up without support. We did not lose even a single patient in the evacuation. Even before the evacuation started, the recovery plans were rolled out. All movable equipments were shifted to top floors and valuable documents were raised to maximum possible height so as to ensure these documents were not damaged. The Immovable hospital equipments and hospital information systems were methodically shut down in consultation with the experts to reduce the impact.
All equipment manufacturers were contacted as part of evacuation plan and the hospital remained shut for 6 days. Still the OP resumed on 22nd August (7th Day after Shut Down) and the IP commenced on 27th August (12th Day after Shut Down) and the first surgery was also held on the same day.
Effective disaster management rests on an organisations philosophy that accepts the impossible and a leadership that looks beyond the predictables.
Arunabh Mitra MBCI, Chief Continuity Officer, HCL Technologies.
BCI India Think Tank next Practice Update
Cdr. Jelson Kavalakkat, CEO Aster Medcity
Aster Medcity - Effective Recovery
ISO22316 defines “organizational resilience” as the ability of an organization to absorb and adapt in a changing environment. As always we are witnessing a period of tremendous change, both nationally and internationally. Disasters happen…not everyone is prepared…and consequences lead to changes in leadership, organization and also strategy. Unless an organization moves away from siloed, contradictory, redundant and stagnant operations with a clear sense of purpose and vision to build resilience across
organizational and geographic boundaries, adapting to continuously changing environment is not easy.
In this session, we shall discuss how top management intent can be operationalized into organizational resilience, navigating challenges of collective beliefs, values, attitudes and behaviour of an organization which is facing change and risk.
Agnidipta Sarkar, Global Information Risk & Continuity Officer, DXC Technology
Operationalising top management Vision: a journey towards building Resilience
Michael Crooymans MBCI, Director, The BCI; Global Resilience Officer, Signify
The challenge of resilience
Mr KN Vaidynathan, with his vast experience in financial services and Enterprise Risk Management. will cover his perspective on Emerging aspects of resilience – withstanding public, financial market, the ecosystem and natural disasters with few case studies focusing on the transformation from continuity to resilience.
K N Vaidyanathan (Vaidy), EVP & Chief Risk Officer, Mahindra Group
KEYNOTE 09:10 - 09:35
PLENARY 9:35 to 9:55
PLENARY 9:55-10:20
PLENARY 10:20 - 10:50
11:20 - 11:55
We are in the mesmerizing age called Cyber Era. The globe has shrunk into a touch screen, anything and everything is available over a swipe of a finger. User experience is the ultimate deliverable of any enterprise to sustain in this boundary less competitive digital market place. Data is the most valuable resource and the crude fuel floating dynamically across the veins of IT with stupendous speed irrespective of industry verticals & talking to each other and all evil eyes are on it.
To deal with these emerging cyber threats and to ensure the protection of data, governments are enforcing stringent regulations with massive penalties in case of breach. This massive change of the business ecosystem has directly impacted the business risk posture triggered by sudden changes of global threats landscape
and in turn changed the enterprise risk portfolio that has direct impact on disaster recovery & business continuity. Cyber threat has emerged as an immense challenge for resilience that is shifting the paradigm due to its dynamic nature, multifaceted threats, changing technology, changing regulation, continuously emerging risks.
To deal with this, cyber resilience is emerging as new wing. It’s become imperative to integrate business continuity with cyber resilience that triggers in changes at every level. A holistic dynamic view is needed to address the – Role of BCM in Cyber Resilience, Business Impact Analysis In light of Cyber Risk, Establishing a Proactive Resilience Culture & Frame work (NIST) of Protect, Detect, Respond & Recover to avoid damages and penalties.
Lopa Mudraa, Chief Advisor Cyber Security & Risk Practices, SAFOU
Paradigm Shift of Business Resilience in Light of Cyber Risk 11:20 - 11:55
Session summaries Session summaries
Large countries like China, India & few other countries have huge requirement of 1 million Cyber Security Talent in the next 5 years to meet growing Businesses & Complex Operating environment. It requires dedicated effort around:
• Skilling (at entry point)
• Reskilling (movement from one function to another)
• Upskilling (movement up in the value chain)
And that would require definition of Career Mapping, Qualification Packs, National Standards for Training, Development of delivery channels, Standards for Assessment and Certification and creating interoperability.
Are you game to be part of it?
We live in uncertain times. Explore current shifts & future trends with stellar Risk experts and reflect on their perspectives on how do these shifts & trends affect your business resilience for tomorrow?
Daman truly believes that BCM is all about people. Almost all organisations say ‘our people are our best assets’ - but how many actually mean or live to this - is questionable. He also believes in the saying (coined by him) – “take care of your employees during your good times, so that they stay with you during your bad times!”.
Daman’s talk will be based on a number of training sessions and consulting assignments he has done in different parts of the world, including also the experience of having been a practitioner himself.
The talk will also include elements of newly released standard ISO 22330 - perhaps first time someone would be speaking around this in the country.
Resilience has an element of proactive and predictive behavioural aspects and response mechanism. A well thought of design of a BCM automation solution augmented by years of data can well lay the foundation to build some of the fundamental resilience practices within an enterprise. A well designed BCM automation should strive to establish a forward relational database relationship across a number of enterprise elements like processes, people, supplier, facility, technology etc., and thus providing an array of cause and effect. The data captured against these relationships can be subject to machine learning and AI to pave as inputs to the design of a resilient organization.
PROBLEM & CHALLANGE: Enterprise resilience has a number of components, BCM being one of the key. There are a number of unanswered questions about how BCM practice can contribute and as well as transform to resilience practices. These questions are spread across organizational aspects, people aspect, supply chain, risk management and more. Knowing how BCM can contribute to the set-up of resilience will pave for some of the questions.
THE IDEA: BCM automation should ideally establish a kind of fishbone, cause and effect of the enterprise resources like processes, people, supplier, infrastructure, supplier, facility, technology, data and more. If the design of the BCM automation
is well thought through it is a possibility to define the resource relationship as a kind of cause and effect relationship. It is these very enterprise resources that are important for the resilience as well, if we flip the focus to predictive behaviour, forecast of the responses and how to develop immunity where possible. While the design of the BCM system can provide the framework, the data gathered over years against this will augment the framework to provide foundational inputs needed to design resilience. While resilience by itself has more than 12 components, a well design BCM automation can lay the foundation for some of the critical resilience aspects.
The presentation will cover how to design the BCM automation and how to leverage the machine learning concept of data to aid the resilience design.
REFERENCES OF SUCCESS STORIES: As a solution architect for the design of bcmTrack, as well as his engagements with clients in developing large scale BCM automation initiatives, Ilango has direct experience in establishing the critical relationship between the enterprise resources that are common to BCM and resilience and he will be pleased to share his experience to the larger benefit of professionals interested in the journey from BCM to resilience.
We envision a world where digital technology and intelligent design can be harnessed to create sustainable cities with high-quality living and jobs. But, with opportunity, comes risk.
Examine the Business Continuity implications of Smart Cities with inspiring thinkers, civic leaders and technologists over a round-table curated by a BCI Global Board Member.
We need to brain storm and find some feasible and viable answers to the following questions.
1. How do you see Digital disruptions transforming BCM practices?
2. How do you see BCM practices transforming Digital disruptions?
3. Challenges with IOT environments
4. Are we safe in the future?
5. Mass communication and its complexities?
6. What will be supply chain in a block chain world?
7. Reciprocal arrangements forecasting and interplay?
8. What will be influencers of BCM disruption: experience, youth, technology or going back to basics?
9. Will man become redundant in this AI world?
The technologies to be analysed are:
1. Cloud: data and task transfer through cloud, already cloud is being used, failover, backup, ENABLER, BCM tools on cloud
2. Analytics: reporting, insights / gaps. BCM Tools (clearview, shadowplanner, myCoop, autoBCM, Sungard LDRPS) , incident mgmt, data centre preparedness, (mostly we do not have data): ENABLE
3. AI: recovery of AI and robots, robotics process automation (not yet thought of) – blackhole
4. Mobile: decision making, plans, life cycle, incident mgmt, reporting, notification … ENABLER (business apps themselves on mobile and cloud)
5. AI: laundering, compliance, risk mgmt,
6. Social: disaster mgmt – relief, rehabilitation, recovery, social sites
7. Security: availability BCM is confidentiality, integrity, availability (CIA),
8. Blockchain: Hyperledger and its applications in SCM.
India Think Tank Panel discussion
Mega trends Session: Connected Global Risks -Gaze into the crystal ball to prepare your business for the future
Vikrant Varshney MBCI, Chief Risk Officer & Managing Partner, Risk Resources
Lets Skill a Million Professionals
Daman Sood AFBCI, COO, Continuity & Resilience
BCM - It’s All About People
Illango Vasudevan FBCI, Managing Director, SARAS Analytics & Consulting
BCM Automation to Resilience
India Think Tank panel discussion
Solution Talk: Future Proofing Smart cities - Reflections on the impact on risk, availability, security and privacy.
Pradeep Prasad MBCI, Head Business Compliance, IBM ISDL
Business Continuity and Risk Management ecosystem under the Technology onslaught
11:20 - 11:55
It is not anymore, a discussion if your business is critically dependent on the digital! But amongst top concerns, business leaders are increasingly aware of cyber failures and data breaches and their potential in crippling every business. The session seeks to discuss how organisations are increasingly recognising the need
for a strategy for cybersecurity resilience that could enable the business to continue to operate critical business services in the face of cyber-attacks or data breaches and recover therefrom with minimal damage.
Vittal Raj, Director, Pristine Consulting Private Limited
Cyber Security Resilience
11:20 - 12:35
11:20 - 11:5512:00 - 12:35
11:20 - 11:5512:00 - 12:35
11:20 - 11:5513:40 - 14:15
13:40 - 14:15
11:20 - 11:5513:40 - 14:55
11:20 - 11:5514:20 - 14:55
Session summaries
The crisis we face today do not recognise or respect political boundaries of countries nor do they target only one function in an organisation. Hence, there is a now a renewed need to collaborate between functions to manage an incident successfully. Crisis Management has now become a collaborative effort where everyone from the CEO to the critical staff in a process have to be involved in the entire gamut of events. With that said there are some key players in a crisis.
• Core Management team
• Facilities team
• Security team
• And the Emergency responders
However, the BCP team is that key player here that will get all of these teams together to put up a good show to manage the crisis.
Samir’s presentation will focus on how the BCP team can
systematically steer the key decision making process in crisis by getting everyone on board. Additionally each of these key stakeholders have to be well trained and armed with necessary crisis management skills to navigate successfully in a crisis. The Business Continuity team must orchestrate each of the players in crisis management with a keen sense of proportion. The BCP team must be able to squeeze every ounce of the potential of the Crisis Management team to startle onlookers, regulators and customers during crisis management. The entire approach of collaboration has to be embellished with clear decision making and rapidity of response and the BCP manager needs to be adept at getting this seamlessly accomplished.
Through his presentation, Samir will be allowing the participants to discover their true attitude towards Crisis management collaboration. His presentation will help crisis managers to work towards successfully collaborating in crisis management through well-crafted plans, tactical initiatives and a determined workforce.
Samir Macwana, Manager-Business Continuity (APAC Region), First Data
Crisis Management- A collaborative effort
Over the last few decades since the liberalization era in India, a large number of public and private business zones, industrial / technology parks, industrial hubs / estates, [here-on being referred to as ‘regions’ ]etc.. have sprung up across the country to cater to the burgeoning needs of various industries. Many of these regions consist of organizations of varied sizes that are involved in doing a variety of trades and businesses.
There are some formal and informal Associations and groups formed among various organizations that operate within some of these regions, with the aim of protecting common interests, which largely border around Labour, legal, regulatory and/or business requirements. These however are few and far. It is noted that during disruptive incidents and any emergency situations that arise, which tend to impact these regions or an entity within it, most often, each unit independently responds to the threat in silo and in a manner best suited to itself. Rarely does it inform and/or seek support from neighbours.
There is minimal or no collaboration among neighbours or communities to collectively support or respond to such incidents or potential threats. This is a great opportunity lost, on many fronts. The Framework for Mutual Aid Agreements, aims to provides a starting point for entities that operate from such environments and have experienced such situations and are looking for support to bridge this gap, The Framework places forward a set of tools that consist of generic best practice processes, guidelines, procedures and templates that can enable participating units to build collaboration to deal with emergencies, thereby enabling enhancement of resilience posture at an individual and collective level.
Solomon Alexandar Abraham, Director-BCM, HCL Technologies
Introduction of a Framework for Mutual Aid Agreements to enhance Resilience
11:20 - 11:5514:20 - 14:55
11:20 - 11:5515:00 - 15:35
Session summaries
An old proverb – Wise men learn from mistakes of other, fools by their own.
Despite the proverb, most of us confirm to “once bitten twice shy”, ie., we need to have the firsthand experience before any corrective action is initiated. The strength of the strongest chain is its weakest link – an overused cliché, but very much applicable to cyber-security.
Common mistakes in cyber security provide the first level of vulnerability which is exploited by an attacker by ignoring people & process, by placing high reliance on technology - in the PPT
(People Process & Technology) trilogy. Added to this, intense business competitions lead to shirking margins and organizations cannot prioritize sufficient resources for Information Security let alone cyber security.
Today’s cyber-security is monetized and more favored towards obtaining personal information for spoofing digital identities as against espionage or asset destruction.
This session will talk about some most common misconceptions prevailing in today’s Cyber Security World and the mistakes committed by organizations and their people in managing them.
Sesha Prakash Kusuma, Group Vice President, Promatas Group of Companies
Common Mistakes in Cyber-security
India Think Tank - questions from the floor session.
Co-Creation Session: Reshaping tomorrow - What Does India need in 2025?
Moderators: Jawahar Mahalingam AFBCI / Michael Crooymans MBCI
Panellists: Arghajit Adhickary AMBCI (IT sector) / Karan Chawla (BFSI sector) / Sunil Kulkarni (MFG Sector
Panel discussion: Complacency in Business Continuity
11:20 - 11:5515:00 - 15:35
11:20 - 11:5515:00 - 15:35
11:20 - 11:5511:20 - 11:55
We look at India through the expertise of a ‘Mastermind’. What are short term trigger changes and long term shifts? Are we resilient as a country and a society ? Most likely no. Co-co-
create 1-on-1 and in small working groups to come up with actionable ideas on Business Resilience for India for the next decade.
A) How business continuity managers roles are shaping o BCM managers are looked at as key partners for running businesses, actively engaging with business to enable them to effectively conduct businesses during disruptive situations, effective guidance and solution providers to mitigate critical business risks, etc.
B) Challenges ahead of them:
• Changing political landscape, evolving and changing business operations, technology advancements, extensive cyber activity, etc.
C) How BCM managers could get complacent:
• Being more theoretical, sticking to old ways of conducting BCP’s, etc.
• What self-initiatives / measures should be taken by BCM managers to avoid complacency
D) Taking an effective risk mitigation based approach, adapting to changing business / technology advancements, keeping abreast of events across the globe – both local and global, being innovative, learning and development in upcoming areas such as cyber security, etc.)
This year we’re inviting the resilience community to explore different interpretations of “investing” to generate discussions around how we can best support the business continuity professionals and resilience functions.
From investing in people and training, to looking ahead and considering how we can invest in the future of resilience, join us during BCAW (Business Continuity Awareness Week) 2019 and BCI World Conference & Exhibition 2019, to help us raise awareness of the profession and empower our community.
What does “Investing in Resilience” mean to you? @TheBCEye using #InvestingInResilience
13th - 17th May
www.thebci.org/bcaw2019
#BCAW2019
5th - 6th November
www.thebci.org/bciworld2019
#BCIWorld19
Busi
nes
s Continuity Awareness W
eek
13 – 17th May 2019#BCAW2019
Investing in Resilience
www.thebci.org
Look out for
Join us for