Bird Flu Pandemic Planning--Are Your Assets Covered?

Bird Flu Pandemic Planning--Are Your Assets Covered?
Just because it hasn’t happened yet, don’t think that the avian influenza pandemic isn’t going to happen. “It’s not a matter of if, it’s a matter of when,” a DHS representative said during a presentation to a financial services industry group. And when the avian flu does make the jump to human to human transmission, the mortality rate of 54% seen between 1997 and 2005’s more than 100 human victims will increase dramatically. Short of a nuclear exchange between nations, nothing has the potential to threaten as many lives and cause as much disruption to the global economy as the H5N1 avian influenza.

The build up of planning, and writing a pandemic response plan for financial institutions needs to happen. A year ago, headlines were screaming about a looming disaster: the rapid spread of bird flu across two-thirds of the globe. That worldwide pandemic hasn't yet materialized, and bird flu has been out of the headlines for a while.

Financial institutions need to realize that their business continuity plan that is prepared for the “normal” disaster scenario won’t translate effectively into a plan for handling their continuity plans during a pandemic, said Tom Walsh, CISSP and certified business continuity professional, of Overland Park, KS.

“Pandemic flu is different than other threats, so traditional continuity planning needs to be addressed and altered for a pandemic flu outbreak,” Walsh explained. In a normal business disaster the building or equipment is impacted by damage, in a pandemic, it’s the people who will fall ill. As far as predictions go, experts are estimating anywhere from 20 to 40 percent of the workforce will be impacted. That number includes your institution, so take that number into account.”

Another reason to treat a pandemic differently than a “normal” disaster is the move to an offsite location, Walsh noted. “What if 40 percent of your workers don’t make it to the branch or your operation center, or if they must relocate to a smaller, closed-in space?”

According to Walsh, pandemic planning experts say, “That will be a big no-no in terms of prevention. To help stem the spread of the influenza, minimum distances will be enforced. This will make a great deal of difference in terms of how many people you’re able to accommodate at an offsite location.”

As for operating financial institutions during a pandemic, “A great deal of thought needs to be put into how to implement influenza prevention measures. I don’t know about you, but wearing a mask inside of a bank isn’t my idea of a best business practice,” Walsh said. The preventative act of “social distancing” may create another question of how to handle customers when they visit your institution.

Financial institutions need to view their pandemic plan as something that can stretch out over more than one or two weeks too, he noted. Planning for disaster recovery is usually a one-time event, with a quick recovery period, where you want to get back you’re your normal business as quickly as possible. In planning for a pandemic, the infection period may stretch out from 6 to 12 weeks, and may come in waves, as different portions of the population are infected. Being able to sustain business over a prolonged period of time will need a different type of approach than what most BCPs contain,” he explained.

One example of this that Walsh pointed to was the “just-in-time” delivery contracts with suppliers and other vendors. “This is where it will become a struggle, because if you’re facing a pandemic over a wide geographic area, your local suppliers will be facing the same types of disruption in their workforce as you’re experiencing. So the question for institutions is, how to store the supplies they will need?”

Preparing a pandemic plan is a task that every financial institution can do, Walsh concluded. “It’s something that has a high likelihood of occurring and unlike a tornado, or earthquake, we’ll have at minimum a few hours notice of when it’s going to hit, it’s just having that plan ready to implement that is key.”


About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.