Scott Baldwin: a new committee member for the BCI USA Chapter
Following the leadership nominations and elections for The BCI’s USA Chapter, we are pleased to be introducing the two new members joining the Chapter leadership over the course of two articles. Here, Scott Baldwin outlines his experience in the Business Continuity sector and what he would like to see going forward.
Could you please tell us about your current role and how you got into Business Continuity?
I’m currently working as the head of Resilience Assurance at Amazon Web Services (AWS), where our objective is to define, develop, capture, and articulate our resilience capability metrics in ways that resonate with our customers. These metrics are not the traditional, binary, “Do you have an update plan Y/N?”, but actual, demonstrable resilience capability metrics, or Resilience Risk Controls.
I started as a software engineer during the dot-com boom. During the subsequent bust, I wanted to find a career that could not as easily be off-shored, and found Disaster Recovery. For the past 18 years I have been fortunate enough to work in (almost) all aspects of BCM/Enterprise Resilience.
What do you see as the emerging threats and risks in your region?
Obviously, cybercrime is a growing threat everywhere, and it has particular implications to resilience. I think becoming more crisp around how resilience can address specific areas of security is an important part of mitigating this risk.
Also, I think we are going to see more environmental and weather-related events. For example, I work 100% remotely but the temperature where I live reached 113°F recently and parts of the city lost power due to excessive energy usage. If my home is impacted by a power outage, I don’t currently have a backup plan. It’s a small example, but highlights how two different impacts (widespread WFH, due to COVID, and extreme weather) can cause novel impacts.
What has been one of your greatest challenges in this industry?
Providing partners, stakeholders, and leadership with a clear, logical and convincing narrative around the return on investment (ROI) for BC Management. I do believe what we do is critical, but I don’t think we have the tools to sell it very effectively.
What changes would you like to see in this sector?
I would like to see some modernization of the BC Management toolkit. Virtually everything we do have, at its root, is ‘recovery’. In today’s world, recovery is not a great objective, as organizations are more interested in impact avoidance (availability) and impact absorption (responsiveness) than they are in impact recovery. We need new tools to reflect this change.
What piece of advice can you share for others working in this sector?
There is no one right way to perform BCM. Although we are trained in a specific methodology, that does not mean you cannot deviate when needed. For example, the Business Impact Analysis is not a monolithic activity – create it in a way that makes sense within your organization.
What are your plans for the future within this Chapter?
I hope to help challenge the status quo within our industry and, hopefully, be a hand in improving the ROI we provide to our organizations.
Anything else you want to add?
I’m grateful to everyone for their votes, and am excited to work more closely with you all.
About the author
Global Program Manager, Business Continuity