Current crisis challenges strengthen the need for unified communication

Nov. 19, 2021
The ability to address security and business continuity issues during COVID spotlighted a communications blind spot

In the world of public safety and first responders, the importance of a comprehensive emergency management blueprint that includes a robust unified communications strategy cannot be understated. For critical infrastructure, corporations, commercial businesses and affiliated organizations, the mounting specter of destructive natural disasters ignited by climate change, in addition to the continued pandemic threats and potential social unrest in this country, have intensified the pressure for these groups to initiate their own unified communication frameworks to help protect employees and staff.

Securing an organization’s communication infrastructure is a crucial aspect of a unified communications plan considering the exponential growth of BYOD and IoT devices that have become even more crucial with the sizeable, displaced workforce created by COVID-19 since the outbreak of the virus in 2020. Establishing solutions that ensure resilience and sustainability can also help organizations better manage critical events that might negatively impact business continuity.

Prioritizing the importance of critical event communications and eliminating organizational silos that impede rapid and unified communication are the challenges that drive Ramon Pinero, the Vice President of Product and Services for BlackBerry AtHoc. According to Pinero, enterprises face an enormous spectrum of threats, from those that are human-caused, such as suspicious packages, cyberattacks and industrial accidents, to others that are natural, such as wildfires, hurricanes, and earthquakes. He asserts that to successfully respond to threats, an organization needs to share the right information with the right people at the right time, adding that there is a safety obligation and duty of care to their employees, and meeting those needs requires effective planning and response.

Organizational Culture as Important as Technology

From a corporate standpoint, it can often be as much about shifting the cultural perspective of management as it is about specifying and implementing technology. Pinero contends that in some instances it is human resources, continuity and risk managers that become the initial champions of fortifying their organization’s internal emergency communications protocol, not the C-level executives. It has traditionally taken the business operations, security and risk leaders in a company to make the case for a robust communications and critical event management gameplan and then provide the data and budget numbers to back it up.

“Whether it is government, a private company or publicly-traded company before they could initiate a solution, they had to substantiate the costs. Once these risk management groups, business continuity groups, started saying they had the numbers to back up their use case, it has become an easier sell,” says Pinero, who cited a recent report by IBM that found data breaches now cost surveyed companies $4.24 million per incident on average – the highest cost in the 17-year history of the report. The study also suggests that security incidents have become more costly and harder to contain due to drastic operational shifts during the pandemic, with costs rising 10% compared to the prior year.

The realities of crippling organizational downtime are even starker in another research study recently done by Gartner. Operational disruptions, no matter the source –  fire, flood or other natural disasters, or a malicious criminal act – an IT system outage can be disastrous for business. The study shows that downtime costs companies an average of $5,600 per minute, with hourly costs ranging from $140,000 to $540,000, depending on the business’s size and vertical. One of the most startling facts found in the study states that 43% of small to midsize businesses (SMBs) shut down immediately in the wake of a “major loss” of data, with as many as 51% closing operations within two years of a major event.

“When organizations start crunching the numbers and get to the bottom line, that's when the C-suite understands the issues. They realize that ( their business) can be more resilient, we can resolve situations quicker, and we can eliminate or avoid the revenue loss given the impact of this event if we just plan for these events in advance with CEM (critical event management) tools and better communication,” Pinero adds. “The bottom-line business argument convinced most executive managers to act. And then COVID happened.”

COVID-19 Ignites Change in Risk and Operations

Pinero says that the COVID-19 pandemic and its impact on business operations put an exclamation mark on everything that operations, risk, continuity and security managers had been discussing for years; in a time of crisis, how do you communicate with employees securely? And especially when everybody's working from home. How do you communicate the safety guidelines around COVID? What are the business expectations? And now that organizations are being migrated into a vaccine mandate phase in the United States, how does management communicate their policies and procedures with both in-house and remote workers to ensure compliance?

“If you're an organization of a hundred employees or more, then you're going to need to mandate vaccination. Now, how you do that, is not trivial. I'm not talking about a company of one hundred people, but let's say a company like Microsoft or a major U.S. airline that employs 100,000, 200,000 or 300,000 people, how do you get that operation going? How do you enforce mandates? Having a unified communications strategy as well as the technology to achieve it is the only way companies will be able to comply,” admits Pinero.

How do you track the vaccination status of 80,000 employees? How do you protect their privacy? How do you give them a way to opt-out? How do you deal with employees who say I'm not going to disclose my vaccination status? These are all issues that provide an organization the insights that they need to decide on how to manage their individual mandate protocols, asserts Pinero.

“A company can do this through their CEM. (Using their unified communication platforms) they can say we've surveyed our employee base here in the United States. We see that in the San Francisco office, 80% of the people are vaccinated. We need to get to 90% and then we're going to open the office. But let's say the office in Dallas, has only a 14% vaccination rate, the decision can be made to keep that office closed and permit everybody to work from home.”

Communications and CEM are Symbiotic

The unpredictable nature of the current business environment has emphasized the value of the symbiotic connection between critical event communications and critical event management platforms. A proactive approach using advanced analytics ensures real-time organizational insights that allow business operations to thrive in times of crisis and could protect the security and safety of employees and stakeholders. The escalating challenges of a sustained pandemic, climate change, a shifting workforce and supply chain security are critical events that necessitate immediate solutions. More organizations – both public and private – are migrating to solutions like early warning systems and unified communication management tools to safeguard operations and business continuity.

The COVID crisis has accelerated various security and risk business solutions, but Pinero shares that one, in particular, has highlighted just how ill-prepared many of his clients were to address the impact of a global pandemic. Having witnessed the growth of the Security as a Service (SaaS) branch of the business, he was surprised to see calls for it increase over the last 24 months.

SaaS is Where It’s At

“We were already providing a SaaS solution, so we had really flexible deployment options. We can go completely on-prem or we can go completely cloud, or we can do a hybrid that existed before the COVID crisis. When the pandemic hit, and all of these organizations approached us saying they needed a system during COVID to help manage their communications and manage their COVID response. What we quickly realized was they didn't have the expertise, nor the person power to actually get the (communications) systems up and running in a timely manner,” says Pinero.

“So, effectively we operated the systems on their behalf and through our years of experience, we had a templatized incident response, workflows, and templatized alert notification scenarios right off the shelf. Using an easy survey, we'd ask them some questions to better understand where they reside geographically and their unique issues to their region. Then we'd start to tailor a system on their behalf to make it operationally relevant,” Pinero continues. “If you were on the Gulf Coast, for example, we're going to have hurricanes, thunderstorms and tornadoes from a natural disaster standpoint. We're going to tailor your system to deal with those incidents very quickly. As we were coming out of COVID, we were doing that as a professional services engagement, and our customers kept asking, why don't you just offer this as a service? I'm paying for the {software}, but I just want you to do it because I only have two HR people. So, we said, yes. We had the staffing to do it, we had the expertise to do it, and so in a sense, we stood up a managed service that any customer can subscribe to.

He says his team now acts as the extra set of hands and the operators of the system on the customer's behalf.

“They could pick up the phone and call us, they could use our mobile app to message, or even trigger the system themselves. They would say we're evacuating right now; I need you to send the evacuation message to all of these employees, but the situation's so bad that I'm not by a computer. We would also authenticate the caller and make sure that they were authorized to call in. From there we would trigger the notifications, summarize the reports for them, and make it available as they were taking care of and putting it out to other parts of the organization. So, for many of our clients, a managed service was born out of the COVID crisis,” concludes Pinero.

About the Author: Steve Lasky is a 34-year veteran of the security industry and an award-winning journalist. He is the editorial director of the Endeavor Business Media Security Group, which includes magazines Security Technology ExecutiveSecurity Business and Locksmith Ledger International and top-rated webportal SecurityInfoWatch.com. Steve can be reached at [email protected]