On Monday 10 December the UK Regulators Network facilitated a debate on resilience preparedness, response and recovery. The debate brought together member regulators from our Strategy, Cyber Security and Infrastructure and Resilience networks with the following leading industry and government experts:
- Lord Toby Harris of Haringey, the UK Coordinator of the Electrical Infrastructure Security Council who has been prominent in leading the debate around preparedness for once in a lifetime crisis events known as ‘Black Sky Hazard’ events.
- Elizabeth Weston, Assistant Director for Critical Sectors’ Security and Resilience Policy in the UK Cabinet Office, whose team provide cross-Government leadership and coordination of work to improve the security and resilience of the UK’s thirteen Critical Sectors, in particular it’s Critical National Infrastructure.
- Rob Hall from Resilience First, who talked about his work to strengthen resilience in the business community and the particular challenges faced by SMEs in addressing resilience planning.
Speakers posed some challenging questions to the participants. Including:
- Are your industries focussed enough on the interdependencies of others?
- How much are resilience plans dependent on other systems still operating?
- How much should regulators invest in resilience against low probability but high impact events?
These questions underlined a common theme running through all the speakers’ contributions: the need to think collectively when it comes to resilience, rather than focusing on resilience plans for individual organisations or sectors. Our systems and our society are now too interconnected for this approach to work and we need a collective plan of action, response and recovery. The need to understand the community element of resilience planning was also stressed, with Rob Hall questioning the value in ‘keeping your lights running’ when everyone else’s were out.
The discussion that followed touched upon the change that has taken place across industry, with a movement away from a traditional red/amber/green approach to risk profiling and a recognition that the fluidity of threats means there are no clear categorisations anymore. Additionally, there was a strong feeling that Brexit is making people thing about the ‘interconnectedness of things’ in a way that wasn’t done before.
Regulators will now be exploring how to take forward discussions in this area and will consider the common factors of resilience that cut across all sectors.