On April 8th, Avasant thought leaders partnered with SIM San Diego for a digital forum on what tools technology executives are using to navigate the COVID-19 crisis. The three-part event was kicked off with a fireside chat between Avasant CEO, Kevin S. Parikh along with Naresh Lachmandas, SIM Board Member and Principal and Senior Fellow at Avasant. The CEO Perspective session titled, “Responding to COVID-19 and Adapting to the Demands of the Future,” was centered on how companies are responding to COVID-19 and adapting to the demands of the future.
Parikh began the conversation by explaining how we’ve been in a similar position before with the dot.com bust, 9-11, and the credit crisis, and how looking back at those paralleled circumstances will help us adjust now. He points out that the COVID-19 crisis combines both the travel and security damages of 9-11 with the financial impact of the credit crisis, projecting a similar recovery time of the credit crisis of 8 years.
Parikh then gave an overview of the “Impact Index by Industry” report that was published last month by Avasant’s Computer Economics division, pointing out that certain industries have already shown signs of improvement while others are still struggling, most notably healthcare. Parikh evaluates the response lifecycle of IT organizations for moving back to “normal,” pointing out that we have force majeure clauses and productivity loss on the road ahead which will then move into renegotiations, taking self-help measures, considering business continuity measures and potential termination of vendors in order to return to normal operation. He concludes by pointing out that businesses will recover but will never be the same, and that managing the human side of this will be the biggest challenge.
Following this conversation was a CIO panel discussion on “How are IT Organizations Ensuring Risk Mitigation and Business Continuity and Redefining Success Post COVID-19”. Steve Phillpott, CIO of Western Digital, began the conversation by discussing how the pandemic will change how we work forever and puts an emphasis on putting people first, noting their adjustments throughout this, as well as the importance of communicating with intention and the robustness of communication and collaboration tools.
Karen Gibson, SVP of Business Transformation at Quidel, covers the volatility of supply chain demand within the healthcare industry, emphasizing the need for leadership, staying calm and staying connected to your team and organization. Gibson summarizes that the future will involve more remote work as she notes that the changes to the healthcare industry are uncertain but testing surveillance and data will be a key focus moving forward.
Next, Drew Martin, CIO of Jack in the Box, discusses the dynamics of business operations pointing out how quickly regulations and recommendations change and how those changes affect business policies and processes. Additionally, he notes that franchise partners are focused on financial impacts and corporate staff are adjusting to remote work, implementing collaboration tools, and reprioritizing work and operational plans.
Covering the pharmaceutical industry, Mike Zill, CIO of Acadia Pharmaceuticals, explains that the industry has maintained stability but has been affected by the concern of patient safety, patient availability to receive medication, employee safety and how remote work will be implemented. Ending the panel discussion, Amy Benton, VP of IT at Retrophin, says that their focus is ensuring zero disruption in supply chain for commercial use as well as clinical trials, but the lack of air travel has made it this difficult.
The final session of the day featured five CISO’s discussing, “How Organizations Are Ensuring Security, Compliance, Etc. as Employees Work From Home,” was kicked off with Gary Hayslilp, CISO of Softbank, who opened the conversation by talking about their new reliance on slack and zoom, noting that the importance of communication has grown and changed, and how tech support and self-help for those software’s have been utilized. Gary Martino, CISO of AMN Healthcare, then explains the need to evaluate tools being used in order to foresee possible issues and how to mitigate those before they arrive. Hayslip says that new security policies were created, current policies were tightened and how home-networks have posed challenges.
Tina Lovoy, Global CISO for Encore Capital Group, covers the financial services industry and talks about how having a very tightly controlled environment to ensure security, poses an extra challenge to create a remote work opportunity. Some ways to ensure this included reimaging devices to ensure current configurations along with sign off packages for clean desk requirements that clone the office. Lovoy believes the criticality and enforcement of strong standards along with strong communication have been crucial throughout this process.
Continuing the conversation around the challenges for security in a remote workforce was Robert Yaus, CISO of Generali Global Assistance in North America. Yaus emphasizes user training and the importance of identifying potential devices that pose a security threat. He also agrees with his fellow panelists that focusing on communication is key to mitigating these threats and that tools such as slack and zoom have become essential. Closing the conversation was John Caruthers, Director of Cybersecurity at Illumina, who agrees that work-from-home tools can sometimes create a false-positive and explains how USB blocking has been implemented to reduce security risks and that they have launched a training mechanism surrounding fishing attacks.
- Q: I am curious about what programs/efforts have been undertaken (from each company) to train employees on HOW to work remotely? Secondly, have you partnered with HR in this capacity?
A: Gary Haslip: At SoftBank we are leveraging Slack. We have a channel about Covid for leadership and employees. We also have HR periodically checking on employees, and we have surveys going weekly to check on staff to watch for burnout. For the security and tech teams, we are putting out a lot of self-help documents for our 700+ employees who are working from home and leveraging slack to handle 24/7 IT support to continue providing services.
- Q: What are companies doing to provide IT support to remote workers? People that have never been on a ZOOM call, etc…
A: Pete Dillon: User education documents posted on our internal web page/Service Desk page
A: Gary Haslip: We built out one-page guides to walk them through using it and the new security steps we are putting in place. Doing a lot of virtual conferences, we are calling “virtual brown bags” were everyone brings their own lunch and logs in to learn something new.
A: Brian DeMeulle: At UC San Diego, we developed custom user guides for Zoom, conducted a series of how-to webinars for two weeks, established a direct queue with SNOW for issues, and a Slack channel dedicated to Zoom issues and assistance
A: Eric Hicks: At SBP, we use Bluejeans, which we’ve expanded, and have rolled out Teams to the entire Institute, which we were testing, but had not yet deployed. We also of course published COVID related instructional documentation to our Intranet.
A: John Caruthers: We leverage our internal social media platform to message key advice/guidance to the masses. Within the platform, we have dedicated groups and natural landing places for any/all messages we may need to deliver.
A: Gary Martino: We use Teams and setup training for end users on our Intranet page. One of our IT staff focused on producing 30 min training sessions twice a week. Our Service Desk is going 7 days a week to answer remote user questions.
- Q: How are you preparing for a greater sprawl of shadow IT as users stray to tools that they are more comfortable with?
A: Bill Stephenson: At SAP we have many feedback tools from Qualtrics to take the pulse of employees and resources by line of business, we have few tools like weekly Zoom calls, and we have 1:1 tools like Zoom calls with managers, colleagues, customers, etc.
A: Ravi Nemani: At Mitchell we are doing a lot of similar stuff, multiple channels for collaboration and communication (O365, sharepoint, teams, webex, confluence), lots of 1 pagers, tips and tricks, how to’s. Specific communication plans for partners, vendors, employees and customers and keeping them all updated regularly. Ensuring security stays tight as we have vendors switching to different modes of operation.
- Q: Are any companies deploying Covid19 employee self-reporting applications? And how are you managing that data collection with traditional HIPAA compliance constraints?
A: Mike Zill: Yes, we are asking for self-reporting to make sure that person gets care / their family can isolate and others near them get tested…the pandemic declaration has put our legal at ease on that subject.