Experts Examine Business Continuity Challenges

Polish communications students examine the technology displayed at one of the booths in the Product Pavilion at TechNet Europe 2004.

Military and industry must design response and recovery tactics.

The diverse nature of threats in the 21st century calls for advanced planning strategies and international cooperation. As governments and the private sector face both physical and cyber attacks, organizations must focus not only on defense but also on how to recover after a disaster has occurred.

Speakers at this year’s TechNet Europe, the 25th anniversary of the annual AFCEA event, explored these topics during presentations and panel discussions. TechNet Europe 2004 followed the emerging tradition of moving to a different European venue each year. Two years ago, the event was held in Budapest, Hungary; last year, it took place in Rome, Italy. This year’s conference was held in Warsaw, Poland, on October 14-15. TechNet Europe featured the return of the Product Pavilion, where companies demonstrated their products to an invited audience, and it offered a full symposium program. For the first time, the event also included a cyber café.

Cdre. Robert Howell, RN (Ret.), general manager, AFCEA Europe, opened the proceedings by thanking Polish Chapter President Piotr Gajewski and his board members for their hard work in helping to set up the event. He then spoke about the event’s theme, “About Business Continuity—An ABC for Defense,” noting that some companies spend more on coffee than on business continuity. One out of 12 companies worldwide is hit by a disaster each year, ranging from terrorist attack to harsh weather. For a publicly traded company, lack of business continuity planning can affect the share price; for a military commander, the consequences can be much more serious. He suggested that it is better to deal with planning for the effects of a disaster than to focus on the causes.

A good plan consists of three parts, Cdre. Howell said. In the initial response stage, resources should be focused on understanding what has happened, containing the damage and communicating with personnel. The plan then rolls into restoring critical processes in a time-phased manner, then moves into long-term recovery.

The first keynote speaker was Dr. Andrzej Karkoszka, senior political adviser, Geneva Centre for the Democratic Control of the Armed Forces, and director of the Polish Strategic Defence Review. Karkoszka reviewed the conceptual contents of the term “crisis” and talked about the systematic consequences and the relevance of the associated decision-making framework. He discussed the new security risks, including international terrorism, forced mass migrations, money laundering, ecological degradation and weapons of mass destruction.

During his TechNet Europe 2004 keynote speech, Dr. Andrzej Karkoszka, senior political adviser, Geneva Centre for the Democratic Control of the Armed Forces, and director of the Polish Strategic Defence Review, talks about the importance of intelligence, homeland security and joint operations.

To combat these risks, the first decision that must be made is whether the response should be military or non-military. He stressed the importance of intelligence and homeland security and emphasized the indispensability of international jointness. National crisis management is on the rise, he said. Although being prepared is essential, raising public awareness and reviewing technological and organizational requirements also are important. This must all be done within a firm legal background. Inevitably there will be challenges, but a resolute and all-encompassing approach to the problem is needed, he said.

Nikolai Bozhilov, president and chief executive officer, Unimasters Logistics Group Limited, Bulgaria, and an AFCEA International Board of Directors member, chaired the first panel session. Panelists examined risk management from both the governmental and commercial viewpoints. Contributors to the discussion included Huw Rees, director, U.K. Communications and Electronics Security Group, who explored business continuity in government. Timo Rinne, chief technology officer, SSH Communications Security Corporation, Finland, spoke about the internal management of security risks, and Candi Carrera, director, Telindus PSF Luxembourg, focused on the role of trust in risk management.

AFCEA Finland Chapter President Col. Ilkka Jäppinen, FA, director of the Technical Research Centre for Finnish Defence Forces, led the second panel session, which explored how to mitigate risk and disaster recovery. Dr. Barbara Sorensen, senior research scientist at the U.S. Air Force Research Laboratory, presented a paper about the assessment and mitigation of technical, program and human risk factors and offered some practical examples. Dr. Rossano Marchesani from the Italian-based sector of the Thales Group described a robust ad hoc network using super high frequency and ultrahigh frequency links for fast deployment and disaster recovery.

Adm. Ian Forbes, KCB, CBE, RN, was the final keynote speaker of the day. Until recently, the admiral served as the Deputy Supreme Allied Commander Transformation in Norfolk, Virginia. He put his remarks in context by noting that the current era is one of accelerating chaos, suggesting that former guarantees of stability are no longer available; U.S. power is a dominant feature; and a common unified European view has yet to emerge. Radical changes occurred at the Prague and Istanbul summits, he said, but NATO’s transformation has been more organizational and rhetorical when measured against U.S. momentum. Adm. Forbes said he saw the NATO

Lt. Gen. Andrzej Tyszkiewicz, PLA, deputy commander, Polish Land Forces, speaks about his experiences during operation Iraqi Freedom.

Response Force as a testbed for injecting transformation into the NATO alliance and suggested that al Qaida also has demonstrated a clear ability to transform. He emphasized that experimentation would drive the military toward common standards for interoperability and said he hopes that there is enough collective energy to sustain NATO’s operational tempo to match the U.S. momentum.

The second day of the conference started with a keynote speech by Maj. Gen. Frans Picavet, NLA, director of the NATO Consultation, Command and Control Staff, NATO Headquarters. He spoke about the move from risk avoidance to risk management and covered the spectrum from NATO’s ongoing military operations, its infrastructure and its personnel to special missions such as the security that NATO provided for the Olympics. Risk management is an amalgam of commitment, competent professional and technical staff, and the cooperation of the end user, he said.

The general also spoke about risk management in the context of experimentation and was particularly enthusiastic about the value of the Coalition Warrior Interoperability Demonstration (CWID), formerly the Joint Warrior Interoperability Demonstration (SIGNAL, October 2004, page 67). All this activity is intended to enhance the timely and cost-effective achievement of capabilities, he noted.

Marek Amanowicz, professor at the Polish Military University of Technology, and AFCEA International associate director, chaired a panel session that discussed gateways, examining how boundary security and business process can enhance business continuity. The session included two presentations: one from the United Kingdom by Humphrey Browning, Nexor, who discussed secure messaging gateways, and another from the United States by Alan Leonhart of New Age Systems Incorporated. Both spoke about enterprise geospatial information systems technology.

The final conference session was chaired by Evelyn DePalma, director for procurement and logistics, Defense Information Systems Agency, Arlington, Virginia. The panel examined networks as they relate to business and viruses, reviewing the challenges that developing and protecting a tailored network capability pose. Cdre. Patrick Tyrrell, OBE, RN (Ret.), examined the “tyranny of choice” with some wry observations on human behavior and associated knowledge management. Panelist Kent Schneider, president, defense enterprise solutions, Northrop Grumman Information Technology, and AFCEA International Executive Committee member, spoke about how networks are evolving to support knowledge-enabled operations. He noted that integration and distribution of decision making as well as information sharing are needed. He stated that connectivity is an essential component of usefulness, but access does not necessarily mean sharing. Finally, Mikko Hypponen, director of anti-virus research

TechNet Europe 2004 attendees view technical demonstrations in the Product Pavilion.

at F-Secure Corporation, Finland, explained how his firm was a prime mover in taking down the global attack network of the So Big worm and specifically the So Big.F virus, which was responsible for generating 200 million e-mails.

The last keynote speaker was Lt. Gen. Andrzej Tyszkiewicz, PLA, deputy commander of the Polish Land Forces. He recounted his recent experiences as commander of a multinational force in Iraq. Preparing 3,700 Polish troops took only four months, and Gen. Tyszkiewicz then had command of an 80,000-square-mile area with 5.1 million inhabitants and a total of more than 9,000 troops supplied for the peacekeeping force by 24 nations. He told of coalition cooperation and explained the elements of risk management in such a heterogeneous international force. Gen. Tyszkiewicz’s speech provided a real-world, practical, operational overview and was a fitting finale to the two-day event.

Cdre. Howell closed the event by expressing his appreciation to all of the speakers. He thanked the exhibitors for adding to the event with their excellent technical demonstrations as well as the sponsors, particularly those associated with the cyber café. TechNet Europe 2005 is slated to take place in Lisbon, Portugal, October 20-21, 2005.

 

TechNet Europe 2004 presentations and details about TechNet Europe 2005 are available on the new AFCEA Europe Web site at www.afceaeurope.org.