City of London still not ready for attack, says police chief

Half the firms in the City of London do not have adequate business continuity plans in place to survive a terrorist incident, the commissioner of the City of London Police warned this week.

Half the firms in the City of London do not have adequate business continuity plans in place to survive a terrorist incident, the commissioner of the City of London Police warned this week.

James Hart said that not enough firms, particularly small and medium-sized businesses, were taking practical steps to ensure they could continue to operate in the wake of a terrorist attack.

"All big businesses are well aware of their vulnerabilities in terms of the need for business planning. How much that planning translates into operational effect, I sometimes wonder," he told the Financial Times.

Hart said that although middle managers were aware of the threats, it was difficult to interest chief operating officers and managing partners in business continuity planning.

"The gap that I sometimes feel we have is at main board level, or managing partner level, where there is an assumption that someone in the management chain will be looking after this sort of thing in the way that they would want," he said.

Hart called on big businesses to help those small and medium-sized firms operating in their supply chain to prepare for business interruptions.

Following the Madrid bombings in March last year, the CBI called for the government to raise the profile of business continuity planning.

"It is great that the issue has been brought to the attention of these companies, and if the police can help these companies understand what business continuity can do, that is a good thing," said Jeremy Beale, head of e-business at the CBI.

Research by the CBI suggests that medium-sized companies find it more difficult to develop business continuity plans than large firms, which have better resources, and smaller firms, which are less burdened by bureaucracy.

IT directors in medium-sized firms often lack the budgets for continuity planning and find it difficult to influence the board, said Beale.

"They don't have their own security staff, and they rely on consultants. They are vulnerable. A lot of them are stuck in a cleft," he said.

"What needs to be done is to draw people’s attention to the fact that they are involved in supply chains. That is a matter of IT people being linked with the board, who understand this is a strategic issue, and with the compliance people, " said Beal.

The London Chamber of Commerce and Industry agreed there are a large number of firms in the City and elsewhere that do not have business continuity plans in place.

The July bombings in London were a "wake-up call," the LCCI said. It urged businesses in areas which were potentially vulnerable to attack to put contingency plans in place "as a matter of urgency."

“Subsequent to 9/11, 50% of the businesses which closed in New York, and which did not have business continuity plans in place, did not re-open. A closure of [just a handful of] days to a low-margin operator can be fatal,” a spokesman said.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close