A Business Guide to Security and Resilience

If we learned anything from the COVID-19 pandemic, it’s that resilience is vital in the face of adversity. Business owners who were able to think outside the box and planned for business continuity fared better than others. And, while the pandemic was unique, businesses face external threats all the time in the form of natural disasters, supply chain delays, cyber attacks, climate change, and even changing consumer tastes.

It’s difficult to predict everything that could go wrong in the world and impact your enterprise. However, there are ways to create security against some of the more common threats that could interrupt your operations. In this guide, we’ll break down some of the most likely emergencies that could arise and how to prepare.

Supply chain disruptions

The pandemic disrupted supply chains across many industries. Businesses that relied on overseas manufacturing, as well as American-made product businesses, saw significant shipping delays and raw material availability issues. Business owners had to find creative solutions. Some changed suppliers and manufacturing partners. Other companies adjusted their products, services, and their distribution method to stay in business and to reach customers.

Supply chains were beginning to change even before the pandemic. In many industries, supply chains are becoming less linear as e-commerce demands grow. The convenience of shopping online is causing many businesses to reimagine brick-and-mortar locations as fulfillment centers that deliver orders faster and smooth out the returns process.

For businesses seeking to mitigate the risk of supply chain disruptions, the Harvard Business Review recommends taking the following steps:

1. Assess vulnerabilities in your current supply chain. Map your complete supply chain and find out who supplies your suppliers so that you know where there might be an issue.
2. Diversify your supply base. Decrease your dependency on a single factory, supplier, or region to build some reliability into your supply chain.
3. Keep an extra supply of inventory or vital materials. Of course, you don’t want to hold inventory so long that it becomes obsolete, but keeping an emergency supply of inventory can be worth it in the long term.

Many business owners also make contingency plans for getting their product or service to the customer, adding options like curbside pickup or delivery to their normal operations.

Natural disasters

Hurricanes, tornadoes, floods, and earthquakes can devastate businesses. First and foremost, every business should have a plan to keep everyone safe. It also helps to have a roadmap for a speedy recovery.

Plan for the worst by creating a business continuity plan. A business continuity plan outlines how a company will continue to operate after a crisis. This plan should cover everything from supplies and equipment to data backup and even key personnel — including emergency contact information for first responders.

At the very least, document everything and make sure at least three people have copies. Keep your data backed up to at least one offsite location. And, if applicable, diversify your business: offering an online store, for instance, will allow you to stay open if your storefront is compromised.

Cyberattacks

Cyberattacks continue to plague businesses of all sizes. The pandemic has accelerated and changed the volume and nature of cyber threats. According to Trend Micro, in the first quarter of 2020, there were nearly one million spam messages sent, 48,000 hits on malicious URLs, and 737 pieces of malware detected — all tailored with content related to COVID-19.

There are several steps businesses and employees can take to enhance their cybersecurity, especially as companies continue to work remotely. Here are six recommendations that every business can use to reduce cyber and ransomware risks:

1. Accelerate safe, robust, and secure use of cloud services.
2. Bolster strong identity practices by instructing employees to eliminate bad passwords and enable multi-factor authentication.
3. Use a properly configured virtual private network (VPN).
4. Use encryption to protect data at rest.
5. Have a plan to identify and manage third-party and supply-chain risk.
6. Recognize every device on your network, including Bring Your Own Device (BYOD), and ensure security is deployed to the edge.

Businesses need to continuously revisit cybersecurity to prepare for the threats of the future. Transitioning to more secure and resilient network infrastructure will not be a quick or easy task, but rather a series of incremental improvements made over time. Remember Rome was not built in a day, and it certainly was not built alone.

Preparing for the future

Part of building a resilient business is to anticipate future trends and macro changes that can impact your operations. Long-term changes like climate change, consumer demographics, and employee demands will inevitably impact how you run your business. Even succession planning can help prepare your company for the future.

While it’s challenging to plan for every eventuality, there are a few things you can build into your business operations to mitigate disasters.

1. Create redundancies: Keep backup supplies of critical inventory and other inputs. Work with multiple vendors who can supply the same products, or use different materials to achieve the same purpose.
2. Diversify: Research shows that employing people from different backgrounds and with different skill sets can create an innovative environment with outside-the-box approaches to problem-solving.
3. Work in modules: Without sacrificing efficiency or collaboration, find a way to group elements of your business together so that if one part fails, the rest can continue to operate.
4. Build adaptability: Create policies and procedures for working remotely, operating without your usual resources (like the internet), or evolving your product mix in the future.
5. Clarify your mission: Finally, aligning the company’s activities with an overarching mission or purpose can help guide your business through times of crisis.

Adversity can be the mother of invention, and by preparing for the worst, you can not only save your operations from suffering greater damage but also support the larger community, help other businesses, and grow strong relationships with your customers. Understanding some of the most common threats to businesses today — and planning for the possible emergencies of tomorrow — can help enterprises turn a threat into an opportunity for greatness.

For more information and resources, check out the US Chamber of Commerce’s guides to Cyber, Intelligence, and Supply Chain Security and Combating Coronavirus. You can also check out the U.S. Chamber Foundation’s Resilience in a Box workbook for preparing your business to survive in case of disaster.