Cybersecurity

Operational Risk and Crisis Management

Despite increased focus on the development and implementation of sophisticated information security programs, cybersecurity events are inevitable, and are now the major cause of operational downtime and liability. Not surprisingly, business interruption perennially ranks among the top ten risks named by senior management and board members across many industry sectors. As disruptive natural or man-made events are increasingly acknowledged as probable, rather than merely plausible, leaders recognize that their organizations must understand the consequences of business interruption and the impact it can have to the financial, reputational, legal, and regulatory health of the enterprise. Management teams are expected to be able to run their organizations as effectively during a crisis as they do during normal circumstances – by funding planning efforts, supporting regular exercises, and creating a culture that absorbs “lessons learned” back into the preparedness process in a continuous improvement process. Absent that level of attention, stakeholders and observers – including markets, regulators, suppliers, customers, shareholders, and the media – are critical. They often assign blame to top management when the performance of a company is impacted beyond a short “acceptable” window or response.

Ankura helps our clients obtain an independent perspective of their operational risk, their capacity to be genuinely prepared on an all-hazards basis, and the effectiveness and sufficiency of their crisis planning efforts. Ankura offers its clients a variety of solutions, including:

  • Crisis management framework
  • Business continuity plans and governance model
  • Emergency response plans
  • Continuity of operations plans
  • Information technology disaster recovery plans
  • Mobile crisis platforms that support incident management across the organization