Over the past few weeks, I've heard several people discuss the impact that Y2K remediation efforts had on business continuity planning during the past two years. Some say it helped by getting companies to install appropriate backup systems. Others say that the minimal problems that occurred on Jan. 1, 2000, desensitized companies to the need for having to prepare for other potential disasters. Of course, now the unthinkable is thinkable and business continuity is top of mind--regardless of what anyone thought of Y2K efforts.
I was surprised, though, when I heard a senior VP of IT at a financial firm whose offices were destroyed in the World Trade Center attack warn other business-technology managers to be careful not to assume that the business environment will stay "pro planning"--and that lessons learned can be quickly forgotten. His point: After bombs went off in the World Trade Center in 1993, there was a spike in disaster-recovery planning and execution; but by 1995, he had to fight for dollars to keep such efforts moving forward.
It's hard to imagine today that IT managers will have to fight for business-continuity planning dollars two years from now. There's too much at stake--internal operations, customer service, and collaboration with partners. Surely, such planning and updating will become a constant in our changed world.
Part of that planning includes protection against cyberthreats. I was intrigued by a recent suggestion by Sen. Robert Bennett that the Securities and Exchange Commission start requiring companies to report on how prepared they are for cyberthreats. Doing so would allow customers and partners to decide whether the efforts of companies are good enough to do business with them. What do you think about potential SEC involvement? I'm not sure exactly what would be reported or how an appropriate level of protection would be measured, but I like the idea of knowing that the people I do business with are taking cyberthreats seriously. Of course, protecting against such threats means more than just bolstering internal security. In this week's issue, senior editor Alorie Gilbert reports on the vulnerabilities in the supply chain and the new rules of collaboration by which companies will have to play ("Security Beyond Your Borders"). Also, senior managing editor Karyl Scott peers into the future of security ("Zeroing In"); see how business, academic, and government researchers are applying the latest advances in physics, applied mathematics, and computer science to help secure the nation's IT infrastructure as new threats emerge.