Alex Kornhauser, Former Intel Israel President and VP of Intel Corp

During the past week, Scopus’s CEO and Founder, Gal Nir, had the opportunity to sit down and interview Alex Kornhause, Chair of the Advisory Board for Scopus Security Solutions, whom has an extensive corporate background spanning 30 years at Intel Corporation. As Vice President at Intel Corp, Alex was responsible for operational management, grants, and benefits negotiations with the Government of Israel. This role included infrastructure development and implementation of Business Continuity and Emergency Management plans. Alex was ultimately became responsible for global operations for Numonyx.

Given Alex’s expansive career, and therefore locker of knowledge, we thought it important to share with you a window into the interview which focuses on the art of Business Continuity. Each of us can learn a lot from Alex and at Scopus we are always trying to find new ways to expand our knowledge in order to better serve our clientele. Enjoy!

Gal: How critical is it in the business world today to implement a business continuity program in an organization?

Alex: I think the global nature of the economy drives a much higher complexity of businesses than seen in the past. It is quite normal for a company today to have customers all over the globe. R&D, manufacturing facilities, suppliers and vendors are dispersed all over the world. Transportation and logistics of raw material and finished goods is increasingly complex.

As a result there is a potential exposure to a variety of events (natural disasters, pandemics, terror or criminal activity, travel disruptions, communication disruption, etc.) that may disrupt the normal course of a business. Avoiding or minimizing the impact and the ability to recover fast will be essential for the long-term successful existence of companies and organizations.

In order for this to happen every company and organization needs to have a Business Continuity Program (BCP) in place. BCP starts with a risk assessment to highlight the potential business risks and their potential impact on the company. The next step is to develop the plans and the infrastructure to cope with the potential risks. The third step involves continuous learning and continuous improvement, which comes as a result of periodical drilling based on various scenarios. This will keep the organization prepared for whatever event may happen

Gal: Can you share with us your experience from your work at Intel and Numonyx? What was the approach to risk assessment and a business continuity plan?

Alex: The BCP should derive from the company’s set of values and business goals. In both companies customers were very highly valued and uninterrupted supply was a key business imperative. Both companies were very people-oriented, making employees’ safety and health a top priority.

Given this, it was quite natural at Intel and Numonyx to adopt the ideas and the methodology of risk assessment and BCP. A risk assessment was conducted at the level of all operational and support functions critical to the company’s business goal. The outcome of the assessment was prioritized based on impact on people, impact on assets and impact on customers; then a plan of action for how to cope with the identified risks was built.

The plan included the management structure, the procedures and the support infrastructure that will allow each and every organization to cope with events that may develop into risk factors. You never know what will happen and when, but having such a strong platform for event management enables you to minimize impact on your organization and on the whole company.

When an event occurs it will change your mode of operation. You cannot assume that resources and the supply chain will be the same as prior to the event. Therefore, you must assess how your organizations will manage in a situation of resource shortage and disrupted supply chain for extended periods of time. The question is: How fast can the organization manage to bring back business to the normal steady state? At Intel and Numonyx there was an expectation that organizations will be prepared to cope with disruptive events. Having this expectation from the CEO made implementation quite straightforward.

Gal: How critical is management involvement in the process and leadership of the organizations. From your perspective, what are the first steps in adopting risk assessment and business continuity programs?

Alex: For me, this answer is quite obvious. My education and experience is that leadership and role modeling are key pillars of success in everything we do – risk-assessment and BCP included.

Leadership cannot be delegated. The CEO and top management of the organization need to lead and manage business continuity activities at all levels. I think this is part of their accountability and commitment to the shareholders, employees and customers. Therefore, they should lead the risk assessment process and manage development and deployment of business recovery plans in the organization, because the instant that an emergency situation arises all eyes will turn towards the management leaders.

The managers in the organization have to take a personal proactive role in the business continuity program, because this is the way to enroll the whole organization into the program. Leading BCP cannot be delegated to the security and/or to the safety departments.

The security and safety departments will provide the professional knowledge and expertise, the system, the methodology and the training. However, the overall responsibility lies with the CEO. This is responsibility for keeping people safe, securing the company’s assets and ensuring uninterrupted supply to customers. The involvement of the CEO is critical in the planning and execution of the business continuity efforts.

Gal: How does a business continuity program interact with vendors and clients?

Alex: “Vendors and clients are key players in your business. When you look at your business in many areas you build a strong dependency on suppliers such as outsource, infrastructure, data and knowledge. Therefore, it is very important that vendors and clients are part of the business continuity program in order to ensure continuity.

Nevertheless, you must take an overarching approach making sure to evaluate the supplier’s business continuity plan in order to ensure that their business continuity is interfacing your overall plan. If the business continuity plan does not include the vendor and client, you create a chain hindered with weak links. In this process you recognize and reduce the SPF (Single Point of Failure). Working together internally and with your supplier to bring out alternatives to those SPF’s, will help to strengthen the confidence with in your clients.

If your products don’t get to your clients in a proficient and timely manner, this could cause a loss in company revenue and the market share due to competition.

The business continuity program requires an engagement with governments, municipalities, infrastructure, utility companies, and transportation motives. They need to be embedded in your plan in order to strength your organization’s ability to deal with emergency events and ensure continuity.

Gal: What is the connection between a good plan and managing an event? Please share some examples from your previous experiences.

Alex: Some examples that I have encountered in my past are the 2009 flu pandemic and the 2010 Laki Volcano eruption in Iceland that created ash clouds over Europe causing over 60,000 flights to be cancelled.

In the 2009 flu pandemic, the Numoynx operational sites (The Philippines, Malaysia, Singapore, Israel, Italy, USA, etc.) activated their Emergency Operation Centers (EOC) that worked in line with the local authorities’ guidance as well as Corporate Emergency Operation Center (CEOC) directions and procedures.

In each operation we activated a plan that will ensure continuity and therefore reduced potential interruption to production. During this outbreak we did not lose production capacity nor was there any business impact on employees. The commitments to our customers were fully met.

The second example is the ash cloud created by the eruption in 2010 of Laki Volcano in Iceland. This event resulted in a flight limitation issue over Europe. Nevertheless, we were one of the few companies to succeed in using ground transportation alternatives due to the business continuity plan. Therefore, our products were successfully transferred to our customers in a timely fashion.

In general, the creation of a well-thought-out continuity plan that includes exercises and drills will prepare the organization in the best way possible for emergency events. The creation and practice of such a plan puts the organization into a proactive mindset and dialogue toward events could bring the business down. This action creates collaboration with the different parts of the organization, helping to focus on the organization’s continuity, while achieving its business goals.

Scopus provides security and risk management services worldwide, empowering and enabling our clients to operate globally. Wherever our clients need to go, we protect them through technology, on the ground tactical support and our global intelligence network. We’re ready for any challenge.

Certifications

Services

Case Studies

Contact

Offices: Middle East | Europe | China | APAC
Phone: +44-203-318-6540
Phone: +972-733-744-779
Email: info@scopussecurity.com

Services

Case Studies

Contact

Languages