During the past week, Scopus’s CEO and Founder, Gal Nir, had the opportunity to sit down and interview Alex Kornhause, Chair of the Advisory Board for Scopus Security Solutions, whom has an extensive corporate background spanning 30 years at Intel Corporation. As Vice President at Intel Corp, Alex was responsible for operational management, grants, and benefits negotiations with the Government of Israel. This role included infrastructure development and implementation of Business Continuity and Emergency Management plans. Alex was ultimately became responsible for global operations for Numonyx.

Given Alex’s expansive career, and therefore locker of knowledge, we thought it important to share with you a window into the interview which focuses on the art of Business Continuity. Each of us can learn a lot from Alex and at Scopus we are always trying to find new ways to expand our knowledge in order to better serve our clientele. Enjoy!


Gal: How critical is it in the business world today to implement a business continuity program in an organization?

Alex: I think the global nature of the economy drives a much higher complexity of businesses than seen in the past. It is quite normal for a company today to have customers all over the globe. R&D, manufacturing facilities, suppliers and vendors are dispersed all over the world. Transportation and logistics of raw material and finished goods is increasingly complex.

As a result there is a potential exposure to a variety of events (natural disasters, pandemics, terror or criminal activity, travel disruptions, communication disruption, etc.) that may disrupt the normal course of a business. Avoiding or minimizing the impact and the ability to recover fast will be essential for the long-term successful existence of companies and organizations.

In order for this to happen every company and organization needs to have a Business Continuity Program (BCP) in place. BCP starts with a risk assessment to highlight the potential business risks and their potential impact on the company. The next step is to develop the plans and the infrastructure to cope with the potential risks. The third step involves continuous learning and continuous improvement, which comes as a result of periodical drilling based on various scenarios. This will keep the organization prepared for whatever event may happen

When an event occurs it will change your mode of operation. You cannot assume that resources and the supply chain will be the same as prior to the event. Therefore, you must assess how your organizations will manage in a situation of resource shortage and disrupted supply chain for extended periods of time. The question is: How fast can the organization manage to bring back business to the normal steady state? At Intel and Numonyx there was an expectation that organizations will be prepared to cope with disruptive events. Having this expectation from the CEO made implementation quite straightforward.

Gal: How critical is management involvement in the process and leadership of the organizations. From your perspective, what are the first steps in adopting risk assessment and business continuity programs?

Alex: For me, this answer is quite obvious. My education and experience is that leadership and role modeling are key pillars of success in everything we do – risk-assessment and BCP included.

Leadership cannot be delegated. The CEO and top management of the organization need to lead and manage business continuity activities at all levels. I think this is part of their accountability and commitment to the shareholders, employees and customers. Therefore, they should lead the risk assessment process and manage development and deployment of business recovery plans in the organization, because the instant that an emergency situation arises all eyes will turn towards the management leaders.

The managers in the organization have to take a personal proactive role in the business continuity program, because this is the way to enroll the whole organization into the program. Leading BCP cannot be delegated to the security and/or to the safety departments.

The security and safety departments will provide the professional knowledge and expertise, the system, the methodology and the training. However, the overall responsibility lies with the CEO. This is responsibility for keeping people safe, securing the company’s assets and ensuring uninterrupted supply to customers. The involvement of the CEO is critical in the planning and execution of the business continuity efforts.

The business continuity program requires an engagement with governments, municipalities, infrastructure, utility companies, and transportation motives. They need to be embedded in your plan in order to strength your organization’s ability to deal with emergency events and ensure continuity.

Gal: What is the connection between a good plan and managing an event? Please share some examples from your previous experiences.

Alex: Some examples that I have encountered in my past are the 2009 flu pandemic and the 2010 Laki Volcano eruption in Iceland that created ash clouds over Europe causing over 60,000 flights to be cancelled.

In the 2009 flu pandemic, the Numoynx operational sites (The Philippines, Malaysia, Singapore, Israel, Italy, USA, etc.) activated their Emergency Operation Centers (EOC) that worked in line with the local authorities’ guidance as well as Corporate Emergency Operation Center (CEOC) directions and procedures.

In each operation we activated a plan that will ensure continuity and therefore reduced potential interruption to production. During this outbreak we did not lose production capacity nor was there any business impact on employees. The commitments to our customers were fully met.

The second example is the ash cloud created by the eruption in 2010 of Laki Volcano in Iceland. This event resulted in a flight limitation issue over Europe. Nevertheless, we were one of the few companies to succeed in using ground transportation alternatives due to the business continuity plan. Therefore, our products were successfully transferred to our customers in a timely fashion.

In general, the creation of a well-thought-out continuity plan that includes exercises and drills will prepare the organization in the best way possible for emergency events. The creation and practice of such a plan puts the organization into a proactive mindset and dialogue toward events could bring the business down. This action creates collaboration with the different parts of the organization, helping to focus on the organization’s continuity, while achieving its business goals.