Critical Event Management

On behalf of the Australian Government, the Australian Renewable Energy Agency (ARENA) has recently announced $981,000 in funding to the University of New South Wales (UNSW) to develop several tools to better understand the behaviour of rooftop solar and distributed energy resources (DER) in response to a variety of contingency events across the National Electricity Market (NEM).

The AU$ 2.1 million project will look to identify how these assets respond to contingency events such as the sudden loss of a large generator or transmission line, while also assessing opportunities for DER and rooftop solar PV to further protect the NEM from such events in the future.

The study will improve data capture, assess inverter behaviour, inform the development of new standards and set up tools and frameworks for long term monitoring of solar and DER asset behaviour.

The Australian Energy Market Operator (AEMO) and solar monitoring company Solar Analytics are also partnering on the UNSW project.

As part of the study, UNSW will assess inverter compliance rates, identify possible improvements to existing inverter standards, and provide AEMO with new tools to more effectively operate a safe, secure and reliable power system with high levels of rooftop solar in the grid.

To maintain power system security in the NEM, AEMO must consider a range of contingency events. The system needs to withstand these contingency events and quickly return to its regular secure operating conditions.

AEMO’s Renewable Integration Study has identified that high penetration of rooftop solar presents challenges to power system security and that the impacts of it are already occurring, and are expected to increase over the next five years.

Once developed, UNSW’s tools have the potential to help address many of the recommendations made in the Renewable Integration Study, such as informing the refinement of technical performance standards and establishing real-time visibility of rooftop solar and DER assets.

The CEO of ARENA stated that UNSW’s project was a great opportunity to understand how rooftop solar reacts in contingency events and how it can be improved upon.

He said, “UNSW’s project is an exciting step in developing the vital components for rooftop solar and DER and the benefits they bring to supporting the electricity grid. Integrating renewables into the electricity system is a key priority for ARENA, so the tools being developed throughout the project will help to ensure that Australia’s record-breaking solar installations continue to be of benefit to the grid and in helping with system security.”

Pushing greener technology

According to an earlier OpenGov Asia report, Australia’s first pumped hydro plant in 37 years is one step closer, after the Australian Renewable Energy Agency (ARENA) committed to supporting an NSW-based power generation development company’s Kidston Stage 2 Pumped Hydro Energy Storage (PHES) project.

On behalf of the Australian Government, ARENA announced, on 24 March 2021, it has conditionally approved up to AU$ 47 million in funding to the company for the pumped hydro facility, which will be co-located with the existing 50 MW solar farm.

The proposed AU$ 777 million project (including required transmission infrastructure) will be the first pumped hydro plant to be built in Australia since 1984 and the first to be used specifically to support the integration of variable renewable energy generation from solar and wind.

Academicians and government representatives from India and Taiwan gathered together at an online meeting to promote a ‘start pandemic prevention’ system to further the bilateral cooperation between the two countries for the advancement of artificial intelligence (AI) technology.

The ‘start pandemic prevention’ system, developed by the National Chung Cheng University (CCU), automatically detects body monitoring, facial recognition, and performs social contact analysis. According to a news report, CCU installed the system at the entrance of a few of its academic buildings last year in March; the same system was deployed in the buildings of Sri Ramaswamy Memorial (SRM) Institute of Science and Technology in July, last year.

The system uses a thermal camera to detect body temperature and can help in contact tracing if necessary, as it also collects data on student movement on the campus. To address data security, the system does not upload the data on a cloud. It operates through AI computing. According to CCU Institute of Computer Science and Information Engineering professor Hsiung Pao-ann, both CCU and SRM contributed funding for the project.

Given its larger number of students across five campuses, the SRM institute can collect more data to optimise the system’s social contact analysis, while its affiliated hospital could also use the system. The report added that to take the collaboration forward, in May, both the colleges intend to start working on a project to detect fabricated news and videos.

India-Taiwan cooperation in technology focuses on engineering, information technology, and sciences. Other potential areas include technologies related to green energy, energy storage, and biotechnology. Industry experts at the meeting also expect the two to cooperate in low-orbit communications satellites.

India has been working with several countries in the field of AI. Last month, India and Brazil discussed a range of scientific and technical issues and possible multilateral collaborations. The deliberations focused on AI, biotechnology, energy, nanotechnology, information communication technologies (ICTs), and cybersecurity. Also, in healthcare, pharmaceuticals, and COVID-19 vaccines.

The countries agreed to monitor biomes and agricultural areas, oceans, water quality, air quality, and atmospheric pollution by satellite. Further, they will develop earth system modelling for weather forecasting and climate change.

The Indian side mentioned that a series of scientific events have been planned, which would be steered and coordinated by India as Chair of BRICS in 2021. India was also keen to collaborate with Brazil in atmospheric sciences, renewable energy, low-carbon technologies, agriculture, cyber-physical systems, pollution, circular economy, space, innovation, and entrepreneurship.

It is estimated that AI has the potential to add over 500 billion dollars and 20 million jobs to the Indian economy by 2025. India has a diverse pool of talent working on innovative ideas in the space of AI to solve real-world problems. The AI domain attracted the highest investment in 2020 at US$ 443.8 million. It was followed by the analytics domain with a cumulative investment of US$214.8 million. The automation field received total financing of US$ 91.7 million, followed by conversational AI and NLP domain with US$ 38.6 million. Robotics and IoT received 0.8% and 0.6% of the total funding, respectively.

The Philippine government, through the Department of the Interior and Local Government (DILG), is taking complete control of the StaySafe contact tracing app developed by a local tech firm. This is after the government and the tech firm signed a Memorandum of Agreement (MOA) that will give the DILG complete responsibility and controllership over StaySafe.PH and all sensitive personal data that are collected with the use of the application.

The agency believes that instead of using other apps, local government units (LGUs) must use one app for a unified system that will allow seamless, fast, and efficient contact tracing efforts. The government recognises that they need to further intensify their contact tracing initiatives especially now that the country has a surge of COVID-19 cases. With the help of the app and the dedicated efforts of contact tracing teams nationwide, the agency believes that this can help in successfully tracking down the cases and their contacts and prevent the spread of the virus.

The National Privacy Commission (NPC) welcomed the signing of the agreement even as it stressed that privacy should be considered in government interventions that make use of personal data. When the government collects the personal data of citizenry, they owe these citizens a solemn covenant to protect their data and ensure that we will not use their data for other purposes, said NPC.

The NPC said gaining the trust of the citizens is crucial in the success of the government’s contact tracing efforts. They said that Filipinos need to be assured that data is handled securely; the data demanded of them is proportional to the purpose; they can understand how their data will be used; there is a specific purpose for the processing, and their data will be retained for no longer than is necessary.

Furthermore, the NPC also recognises the immense benefits of data-driven technologies. They said that they treat personal information controllers all the same, and they help those that try to comply with the Data Privacy Act and its principles.

These apps must allow users to opt-in and out of digital contact tracing. Use of the app must be voluntary, with data subjects allowed to withdraw consent at any time. Opting out must not lead to negative consequences for the user. When different purposes exist in the app, there must be a separate consent and the purpose must be explained beforehand to users (e.g., the use of anonymised data for pandemic and epidemiology research and development purposes).

Developers must also ensure that users can exercise their data privacy rights by providing user controls in the initial onboarding and during the use of the app. A user control can be in the form of a dedicated privacy control panel or dashboard. They must also make the contact tracing app’s system access explicit, especially when it tries to access sensitive capabilities of the user’s mobile device (e.g., storage or microphone). When making a permission request, the app must disclose what it is accessing.

They must also define and set where personal data are stored. Put in place strict policies and safeguards to restrict the location points of the digital personal data processed by the contact tracing app. To prevent the data from being retrieved or the data subjects re-identified, delete, and dispose of the personal data securely when the primary purpose for processing has already expired and there is no other legal basis (like law enforcement) to keep the case details for a period longer than the existence of the pandemic.

Lastly, before implementing the app, business, system and process owners, or developers should conduct a privacy impact assessment (PIA) to identify data privacy and security risks.

Throughout history, natural disasters and disruptive events have had the power to throw daily life into chaos. While wildfires, earthquakes and floods have had disastrous consequences, the current COVID-19 pandemic has changed both the personal and professional landscape permanently.

With such critical events hovering on the horizon, organisations’ must intentionally consider the safety of employees, safeguarding assets and the continuity of operations. Such volatile, uncertain, complex and ambiguous (VUCA) environments do not respect organisational boundaries or borders and call for thorough risk monitoring as frequently as possible, in as efficient a manner as feasible.

Having a comprehensive situational awareness of disruptive events significantly increases an organisation’s ability to assess risk and allows them to understand, effectively manage and mitigate the impact of the critical event. They can then disseminate response-information across the entire organisation rapidly.

An effective platform, such as an integrated solution that can automate threat identification, filtration, evaluation, reporting and communication of potential threats based on an organisation’s risk profile is the need of the hour. Solutions that will help improve risk mitigation, reduce business impact, protect the health, safety and productivity of employees, streamline risk-related decision-making processes, and help reduce costs should be the focal points for most organisations’ safety procedures.

Strengthening risk intelligence in an organisation cannot be achieved by simple awareness alone. The dissemination of vital information must be real-time, thorough high quality, and applicable to an organisation’s risk mitigation profile. Furthermore, incident monitoring processes and the supporting technology must be in line with the urgency, the quality and relevance of the information, and comprehensive monitoring to cover even the smallest of risks, not just the big events.

The quantity and type of data indicating a potential threat, or an early warning indicator is so massive that one individual or even a team cannot filter through the clutter to find the relevant material needed without wasting much-needed resources. An organisation will need a robust and refined set of tools and systems to scan, detect, and evaluate potential disruptive incidents.

Utilising technology for risk assessment provides hyper-localised, highly customisable information. The detailed and contextual level of the risk intelligence system must trigger proactive notifications based on a personalised organisational profile. To develop such a management approach, organisations must know how to minimise the threats while ensuring operational effectiveness.

However, most organisations find it difficult to create an effective risk awareness programme by themselves, inhouse. To identify, track and analyse information coming from hundreds of millions of sources and then communicate effectively and efficiently across the organisation, perhaps multi-nationally is a tall order. What is needed, then, are partners and experts who can guide organisations on this critical journey of resilience.

This was the focus of the discussion during the OpenGovLive! Virtual Insight: Enhancing Organisational Risk Intelligence – Safeguarding Assets and Ensuring Operational Effectiveness on 16 March with security experts and digital executives from a wide range of organisations and business enterprises from Singapore.

Obtaining intelligence from a vast quantity of data and information

Mohit Sagar: Business cultures need to change if it is to no longer hinder innovation

To kickstart the session, Mohit Sagar, Group Managing Director and Editor-in-Chief at OpenGov Asia highlighted a prevalent contradiction – while disasters are imminent, people, as well as organisations, illogically feel somewhat immune. Most recently is the COVID-19 pandemic that took the world by surprise because we thought we were immune or perhaps ignoring the possibility that it would ever materialise in the first place. The pandemic put an 80-mile wind behind everyone’s back, either propelling people to the next level or thrown them farther from their goals completely.

Mohit stressed that intelligence must be gathered from the available data and information but given the current situation, organisations are struggling to do this. People have too much information, mistakenly believing that raw data can be their weapon in and of itself. As the adage goes – more of something does not always mean better. The fact is that organisations are inundated with so much information, that they cannot process nor understand it properly. Thus, contrarily, forgoing the very intelligence they seek.

Human beings by nature are hoarders. And data, sometimes called the new oil, is next on the grab and stash list; everybody to get their hands on as much as they can.

Like oil, data, too, comes in many different forms and types that need to be processed carefully to extract value. Organisations need the right tools, the right mindset and the right strategy within themselves to gather actionable insights.

With this comes fundamental questions: How much data and what data to collect? How is the data gathered? How is data stored? How is the data to be processed? How do you safeguard vital information and digital assets against another catastrophe and cyber intrusions?

Mohit concluded by emphasising that there needs to a paradigm shift in organisational culture. Business outlook and thinking have been hindering growth and innovation for a while. Organisations need to broaden their vision and look outward. They must seek the right partners who specialise and champion this arena. They must empower decision-makers and the wider employee base to do what needs to be done to prevent future risks.

Transforming intelligence to empowering knowledge

Eric Boger: Intelligence is the result of a systematic process creating relevant and reliable knowledge

Eric Boger, Senior Director of Global Intelligence and Analysis Everbridge took over the discussion. He acknowledged that 2020 proven to be a catalyst – not only with COVID-19 but with other natural disasters that had made businesses harder for everyone. It brought Critical Event Management (CEM) front and centre of all continuity plans and strategies.

Eric agreed that an effective CEM system always starts with intel. However, organisations know the true definition of intelligence. Intelligence is the result of a systematic process where raw materials are transformed into relevant and reliable knowledge. This knowledge should empower decision-makers and operators to act for their organisations.

Eric and his team provide organisations with a platform for disaster management with different phases.

The landscape of delivering intelligence varies across many service providers. Some churn out results quickly while some take their time in evaluating the possible conclusions. Eric stressed that organisations must find the right partner, tailor-fit to their profiles and immediate needs in terms of data and information that affects their operations.

Irrespective, Eric believes that there is a sweet spot when it comes to CEM. It is not just about speed; the information must be factual, especially in the social-media age, where information and intelligence can be received at an instant.

Assessing the situation is the starting point – discovering what is going on. A group or team should be in place to monitor and assess information coming from various sources. Putting adequate and appropriate resources to improve risk intelligence is vital in mitigating possible threats.

Eric explained that intelligence cannot be just one layer. It should be fused with other elements that affect business operations. Experts can help organisations nuance and peel all these layers. In improving risk intelligence, the right partner will provide a platform that supports all business cases in all forms and will find the appropriate solutions for different use cases proactively.

Eric concluded his presentation by pointing out that understanding the situation and acting on it with a sense of urgency will provide organisations with efficient critical event management strategies.

Utilising acquired knowledge to mitigate risks

Dr Peter Simpson: Information must be relevant, timely and granular

After Eric’s informative presentation, the session was followed up by Dr Peter Simpson, Global Head, Safety and Security Standard Chartered.

Peter revealed that his organisation treats risk intelligence not merely as a data-gathering exercise but as a way to protect their people, buildings, assets and ensuring that their operations are unhindered. He acknowledged that risks such as natural disasters, protests, pandemics, etc. would happen, like it or not. They are inevitable. Accepting this, they aim to minimise the effects of these imminent threats.

He solidly agreed that more data and information is not needed. What is needed is the intelligence and wisdom to analyse the data so that organisations can make or shape decisions that will have a meaningful impact to mitigate risk.

When decision-makers in the organisation need important details to arrive at a verdict, people around should be well equipped to provide supporting data. The information needs to be relevant, timely and granular. Peter reiterated that organisations need to know when data is not valid and unreliable.

Peter understands that organisations get their share of information from a huge number of data or news sources including social media. while it is not bad to get intelligence from various sources, organisations need to take this information, validate it, automate it, evaluate what details will prove useful. Only then should they disseminate the information within the organisation to further ease possible threats. He shared several case studies on various risks and threats. One example was a physical protest that happened worldwide which was simultaneously being mirrored online with a cyber protest (where demonstrators takedown systems in the digital space).

Organisations affected by such threats such, who have a presence in multiple countries, do not want to go on full alert and disrupt their operations just because of one isolated incident. Organisations can just address the ongoing issues in the selected areas beforehand, by utilising intelligence gained from early risk management measures.

For Peter, it is all about organisations mitigating the present and future effects of threats in all proportions through relevant and reliable intelligence and knowledge gained from vast amounts of data and information.

Polling questions and discussion 

After the engaging and informative presentations by the speakers, the session transitioned to an interactive discussion with polling questions posed to the audience.

The first question was about what level of risk awareness an organisation can attain given its capabilities. Over 80% of the delegates said that they have some clarity on risk awareness, and they want to improve it.

A senior executive delegate said that they have SOS platforms and numerous risk management companies, but they currently do not have the overview to pull things together and process information thoroughly. Other delegates also said that they do not have the templates to do the assessment needed.

The next question was asked what the biggest threat to the organisation’s physical safety and security was. More than half the delegates agreed that disruptive events like the ongoing pandemic takes the pole position.

A representative from the Commonwealth Bank of Australia said that manmade disasters are on the top of his list because of threats of a cyber shutdown. Another delegate from Johnson & Johnson said that natural disasters like typhoons that cut communication platforms that hinder government services are his organisation’s biggest threat.

Eric supported the fact that communication platforms are essential regardless of the threat and attack. Digital communication plans should be in place beforehand and speed is of the essence when it comes to disaster management strategies.

The delegates were also asked about how critical is it for their respective organisations to have a robust system or technologies in place that enables them with full risk awareness. About 63% of the delegates said having a system in place for risk awareness is critical for an organisation.

A delegate from PLUS Malaysia Berhad said that having a system in place will further help them manage information dissemination across their organisation and other related parties while mitigating physical and cyber threats at the same time.

Conclusion

The session ended with the closing remarks by Eric Boger. He thanked the delegates for attending the virtual event and for their insightful contributions.

He reiterated that they are in the critical event management business to help and enable organisations and their people with the technology and platforms to mitigate the forthcoming risks in all forms and all timelines in the best way they can. He encouraged the participants to reach out to his team to explore ways to collaborate on their risk intelligence journey.

Technology has been central to Singapore’s COVID-19 response, and more broadly to its government’s work. The government has progressively built up the digital infrastructure and engineering capabilities of the country to combat the effects of the pandemic. This enables them to respond decisively and swiftly to the COVID-19 outbreak with a wide array of digital tools to help disseminate timely and accurate information to Singaporeans and to enable other agencies to better manage the crisis.

Prime Minister Lee Hsien Loong recently said that while the country has a supportive environment for technology, the key factor is talent. Therefore, to further aid the national effort against the pandemic, an application developed by a Singapore start-up conducts mini-medical check-ups just by using a smartphone. In just 45 seconds, the app can tell the user of  their heart rate, oxygen levels and even his/her stress levels. It can also tell the user if he/she should see a doctor.

It offers a diagnosis of the user’s health condition, relying solely on a smartphone camera that can measure heart rate by picking up changes in the reflectivity of light on the user’s skin between heartbeats according to blood flow underneath.

Workers at various sites have used the application as part of a government-initiated programme that provides companies with trial-stage technology to help them adjust to the new pandemic-era norms. The construction firm that used the app believes that a medical check-up is the first line of defence against another outbreak of the novel coronavirus. The city-state has kept a tight lid on its infections and wants to avoid a repeat of last year when a series of clusters emerged in migrant worker dormitories.

The tech’s founder said that the government was very interested in the technology, and they see the most traction coming from healthcare providers, both private and public, which will help further help in the country’s mission of containing the virus. The app is still undergoing local review but the Director of the National University of Singapore’s Institute of Health Innovation and Technology said it could have a big impact if approved by regulators.

Department of Finance Minister Heng Swee Keat allocated over S$24 billion of the Budget over the next three years to help businesses and workers to be well-equipped with technological resources. This budget also aims to enable firms and businesses to emerge stronger. About S$1 billion will be allocated to mature firms to get co-funding for the adoption of digital solutions and technological improvements.

As reported by OpenGov Asia, governments from all over the world, not just in Singapore are pushing for the development of these innovative apps to aid their effort in containing the coronavirus. One of which is a contact-tracing app. The public sector is keen to introduce a digital contract tracing as traditional methods are slow. Transmission of the virus is fast, many of the infected do not show symptoms straight away and by the time authorities have identified those who have been exposed, they have already transmitted the virus to others.

Motivated by these challenges and constraints, got Mohit Sagar, founder and CEO of Access Anywhere, envisioned a solution that would empower citizens to take responsibility for their wellbeing in their own hands. He partnered with industry leaders Microsoft, SAS and Confluent to create a cloud-based solution that gives people real-time risk assessment of their health: Liberty and Passage.

Liberty and Passage is a total outbreak management system application that offers users the ability to continue routine activities like going to work and socialising with friends without compromising their own or the health of those around them.

Gerard Mcdonnell, the Regional Solution Director of Fraud & Security Intelligence of SAS, said the Liberty App as a digital risk assessment tool can proactively warn organisations’ corporate management about the health risk status of employees.

Australia is aiming to develop a nationally consistent bushfire modelling and prediction capability under an agreement between CSIRO, Australia’s national science agency, and AFAC, the National Council for Fire and Emergency Services.

The joint effort entails the development of Spark Operational – a cutting-edge bushfire simulation tool based on CSIRO’s ‘Spark’ fire prediction platform. Fire and emergency services agencies across Australia will be able to use Spark Operational which provides bushfire prediction capabilities across borders and over different landscapes.

CSIRO’s Spark platform merges its existing knowledge of fire behaviour with state-of-the-art simulation science. The potent combination is designed to produce predictions, statistics and visualisations of bushfire spread, as well as simulating hours of fire spread across a landscape in a matter of seconds.

AFAC’s Fire Prediction Services Group will collaborate with CSIRO to improve existing technology. Together they aim to build a national system that allows for consistent bushfire predictions that will support emergency service and response teams across borders.

CSIRO Chief Executive Dr Larry Marshall accepted that 2020 changed the game forever, and to stay abreast, the agencies were deploying new science and technology to protect firefighters and Australian communities.

Acknowledging that the innovation built on decades of expertise, he said, “Our solutions from science have protected Australians from the threat of bushfires for over 70 years, from roadside fire danger signs to advanced burn-over protection materials.”

The solution is a cutting-edge platform, based on current breakthrough technology and built on a strong foundation of research into understanding and predicting the behaviour and spread of bushfires.

Spark, he felt, was a great example of combining environmental, digital and materials science and listening to Australia’s front-line responders to deliver a real-world solution that works for front-liners. He firmly believes the advanced system will allow firefighters outthink fire, to anticipate its actions, and to get ahead of it and, eventually, to beat it.

AFAC CEO Stuart Ellis said the new technology will support fire agencies to keep communities safe, “Spark Operational will play a significant role in allowing our emergency response teams to effectively plan for and respond to fire emergencies in a variety of landscapes and climates.”

He confirmed that it had been identified as the best solution to achieve a nationally consistent system that would take Australi to the next generation of firefighting intelligence. It would ensure that the ability to protect as many lives and assets as possible across multiple scenarios, mitigating the dangers of bushfire.

Through a partnership with AFAC, Minderoo Foundation is supporting the development of Spark Operational as part of its Fire Shield Mission, which aims to detect and extinguish dangerous fires within an hour by 2025.

CEO of Minderoo’s Flood and Fire Resilience Initiative, Adrian Turner, said the development came at a critical time. The Black Summer Bushfires burned with devastating impact,  in extremely dry fuels and at a scale that is rarely seen, driving extreme fire behaviour, which meant that the modelling was not able to accurately predict spread. The experience last summer has highlighted the need for better decision support tools to help firefighters protect people and the environment.

“Fire services will be able to test this tool during this next fire season, and this pilot project is a critical step towards better supporting firefighter decisions across a full range of fuel types to inform the earlier detection of fires in the future,” he opined.

The creation of a nationally consistent bushfire modelling and prediction capability was recommended by CSIRO in a report to the Commonwealth Government last year Climate and Disaster Resilience.

Phase one of the technology’s implementation commenced in January 2021 with further developments ensuring it will become fully operational over the next three years.

With each phase of its implementation, Spark Operational will be grown and adapted into a tool that all agencies nationwide can tailor to specific landscapes and bushfire behaviour, enabling them to better predict – and thereby protect – local environments.

Many years ago, adding a new technology or imaging modality in the operating room meant connecting devices like endoscopy cameras, computers, scanners and surgical displays through dedicated audio visual (AV) equipment. Operating room (OR) technology today is becoming increasingly digitised, and many hospitals in Singapore and around the world will have difficulties keeping pace. Even more drastic developments can be expected in the next decade and the groundwork for these changes is being laid today.

By adopting an OR-over-IP approach, which integrates devices over an IP network for the operating room, hospitals will be able to implement many of the emerging technologies that will shape the complex OR environment of the future.

Surgical data, images and video can be easily shared, stored and displayed on any screen inside or outside the operating room. Integration over IP also makes it possible to manage the multitude of imaging systems and devices from a single point and to streamline the OR workflow.

A future-proof OR

The digital OR is no longer a nice to have. The OR-over-IP approach will be the necessary foundation for the adoption of many innovative technologies, including 4K imaging and 3D imaging, which   allows surgeons to perform surgery with the highest precision and enhances surgical efficiency and accuracy in laparoscopic procedures to shorten operating times. In the future, virtual and augmented reality, as well as artificial intelligence will be used to help surgeons and clinicians acquire proficiency in complicated technologies faster.

The same can be said of OR. A digital OR is essential to reduce complexity, simplify workflows, and increase efficiency and productivity.

Bringing more technology into the OR made set up and configuration before surgeries more complex and time-consuming. The OR-over-IP approach simplifies installation and reduces set-up time in the OR due to its standard architecture. These reductions in setup and turnover times are improving the productivity of surgical teams and efficiency in the use of ORs. Running OR technology over IP also reduces the number of cables and devices needed to run the navigation devices, machine-controlled applications, and PACS equipment, which creates a much cleaner and more comfortable working environment for surgeons to make quick and accurate decisions. Technical maintenance efforts are also simplified, and downtime minimised, with an IP-based OR platform due to its use of unified fibre cabling that connects directly to the devices.

Flexibility today and tomorrow

Technology continues to evolve and ORs need to be easily adaptable to meet future requirements. Its environment must be flexible enough to accommodate the most recent technologies, such as 4K and 3D imaging. IP-based video integration is an approach that will support this expansion of technologies well into the future.

In an environment where the patient’s stakes are so high and where every minute means money, digital technology can help improve the productivity and efficiency of today’s highly-skilled OR professionals. The OR of today and of the future delivers highly accurate images and provides the most ergonomic working conditions to enable surgeons do their best work.

As the world continues to navigate the waters of the new normal, unprecedented accelerated digital transformation continues to be the need of the hour. However, as organisations increasingly migrate to virtual operations and transactions, there is an urgent need to protect against potential breaches and cyber intrusions. Cybersecurity threats are indeed on the rise. Ransomware and cyber incidents have multiplied, adding to the already complex crisis management morass for many organisations. Executives are now looking for the best and most sustainable critical event management strategy, while also saving time and cost.

In recent months, cybersecurity has been inextricably embedded into operations frameworks of organisations, in both the government and the private sector. Reports showed that companies’ budgets for these systems have spiked by more than 50% and towards the end of 2020, these security solutions were anticipated to form as much as half of the overall funding. Despite this, several agencies are uncertain as to how to adapt these tools and solutions. In the absence of adequate precaution, planning and programmes, many organisations are left stranded and exposed when hit by an unexpected critical event.

Such eventualities can be addressed by setting up a robust critical event management programme (CEM). This was the essence of the OpenGovLive! Virtual Breakfast Insight: Strengthening Cybersecurity and Emergency Preparedness: Enhancing Readiness, Response and Recovery.

On the 21 January, OpenGov Asia, in collaboration with Everbridge, hosted the OpenGov Live! Virtual Breakfast Insight for senior digital executives from both the public and the private sectors in the Philippines. The event focussed on establishing strong cyber resilience in organisations with effective risk management tools to be fully prepared for managing crises and cyber risks.

The role of critical event management in upgrading work systems

Mohit Sagar: By investing in a risk management programme, cyber resilience becomes muscle memory

Mohit Sagar, OpenGov Asia’s Group Managing Director and Editor-in-Chief, opened the session with a short introduction of the participants and the topic. He highlighted the importance of having a reliable incident management programme to ward off potential data security risks.

The current scenario in many organisations in both the public and private sectors is a delicate balancing act. He painted a picture of a group of ballerinas in a difficult balancing pose. Like these ballerinas, organisations have to balance technology, customers, employees, regulations and stakeholders in the precarious new normal. If any one of these components fail or shift, the whole construction can crash.

This tightrope act works well when everything is in equilibrium. However, an imbalance, misstep or unmanaged tension can have catastrophic results.

Reflecting on how the world responded to the pandemic, Mohit then questioned the readiness of the organisations in dealing with cyber risks and their continuity plans. Lacunae were painfully evident last year with the onset of the COVID-19 pandemic. Technology did help manage the pandemic in terms of being able to work from home but was only a temporary solution.

Prior to the pandemic, the need to consider the impact of potentially critical events was more of a theoretical pursuit and organisations plodded along with traditional plans in place. However, when the crisis hit, organisations were floundering, ill-prepared for such a massive disruption. Significant changes were urgently required to just stay afloat.

Many organisations were able to turn things around and somewhat mitigate the impact of the pandemic. But the fact is, not all organisations were able to come out unscathed, and the reality is that there is still a lot to be done to upgrade work systems and processes to accommodate the new normal.

The solution, Mohit said, is not to hope for an auspicious year to get through 2021, but to learn from past mistakes. There is a need to find out what went wrong, develop a better understanding of organisational cyber risks and determine to set a robust resilience plan in place. From this, organisations can incorporate changes in their operation models, retrain employees and most importantly, invest in strategic tools like a critical event management system.

Technology is at our fingertips and it proved to be the saving grace last year. But resilience must not be equated with being able to keep the business running through remote methods.

Mohit emphasised that putting up event management systems must not be shouldered by organisation management alone. Operational resilience is tied to effective communication that is well-received on both ends – employers and employees, management and staff. To do this, ensuring seamless communication is key and becomes crucial in crises. It may come at a price, but in the end, it must be done.

According to Mohit, creating an operational resilience plan is not an easy task. It relies heavily on cybersecurity expertise and professional critical event management systems. Therefore, it is expedient for agencies to work with the right partners to ensure that they have the best strategy in managing upcoming cyber risks.

Setting up an adaptive event management programme suited for each organisation

Sonia Arista: Cybersecurity needs to be constantly improved to remain current and relevant

Sonia Arista, Vice President and Chief Information Security Officer at Everbridge, furthered the discussion after Mohit. She briefly shared her background in information security management and introduced Everbridge.

Everbridge is a global critical events management company that strives to keep businesses running continuously through any events that affect the workforce and supply chain, such as IT disruptions, and to maintain visibility and communications between employees and leaders on events that might affect the business.

Working in information security program management means that half of the time, Sonia needs to oversee product development as well as operational areas. The other half of the time, she is responsible for maintaining the security of Everbridge’s employees’ information and environments and maintaining a standard of security.

This can be challenging for several reasons. First, full visibility in the context of what is happening is difficult to achieve. Second, determining the level of severity of the events and the parties is not straightforward. Thirdly, how to notify relevant people, what messaging is needed, it is a one-way communication or is feedback required can make response complicated.

In short, identifying the appropriate response plan to the event and putting it into action is the name of the game. She also felt that assessment post-crisis is important to determine areas of improvement and potentially developing guidelines for other members in the industry.

To address this, there must be an adaptive critical event management programme integrated within operations models. However, Sonia was quick to acknowledge that deploying a CEM programme is no walk in the park. None the less, the rationale is that the more time spent to impact-proof operations, assets and people the better the resilience during critical events.

Sonia went on to explain her take on simplifying and unifying critical event management. To streamline the whole process, Everbridge views 4 factors to be at the core:

  1. Assessing an incident
  2. Locating what is happening, identify stakeholders and assets impacted
  3. Acting and responding to the event – inform, notify, rally, collaborate, mitigate, fix, and recover.
  4. Analysing the performance on the course of the incident, and to offer possible improvements on the processes

According to Sonia, there are instances where organisations need to manage multiple crises. Events can happen in tandem and are often caused by multiple factors such as supply chain disruption, disease outbreaks, severe weather, etc. All of these elements together contribute information to the events, and by applying the four core factors mentioned above, an organisation can fully mitigate and resolved any event.

Different business models will have different focus areas and critical event management takes different forms for organisations across various sectors. For example, companies with multiple factories will want to focus on physical access control to maintain standards in their facility, weather services for health systems to predict patient influx caused by natural disasters and threat intel engines in cybersecurity. She underscored this point by showing a list of partners that collaborated with systems such as Everbridge to bring comprehensive intel and context in remediation planning.

Sonia summarised her presentation by acknowledging that there are various programmes that an organisation can utilise. It all depends on which key areas that a specific agency would want to focus on so that the proper critical incident management can be deployed.

Enhancing cybersecurity measures through critical events management

Charlotte Wood: Cybersecurity needs a risk-based approach that is people-centric

Following Sonia’s presentation, Charlotte Wood, Director of Policy and Awareness of Cybersecurity at New South Wales Government shared her experience with the participants.  Her department is responsible for setting standards and providing leadership in cybersecurity and affects all 120 entities in the NSW Government that consist of approximately 400,000 employees.

According to Charlotte, there are 3 pillars of cybersecurity: 1) Confidentiality of digital information held, 2) Availability of the information accessed digitally by people whenever it’s needed and 3) Maintaining the integrity of the digital system and services – data must not be modified improperly, whether maliciously or accidentally

Charlotte explained that the initial question to be answered is: what is an agency trying to protect when integrating cybersecurity measures. As with most, if not all workplaces, protecting the confidentiality of data is paramount, as well as keeping such information intact and readily available. In and of themselves, these two components are not sufficient. There must be workplace safeguards to ensure the integrity of data and that malicious activities do not compromise it.

One way to balance these three key components is by applying a risk-based approach and the NSW Government uses this methodology. With their standard, they address the level of risk in 3 main areas: 1) Technology and Infrastructure – in protecting their digital system and services, 2) Procession and Organisation – the standards set and 3) People and Culture – the employees’ understanding of cybersecurity

However, more critical than these 3 areas is the risk and impact of the events to the people of NSW. The risk level dictates how they prepare for the attacks, and how they prioritise the different attacks. The risk-based approach has allowed the NSW government to have a standard framework that will work in different agencies with different needs.

Mitigating the impact of critical events does not end with a cyber risk approach. It is a holistic process that improves on key aspects of the workforce including retraining employees. She added that while the notion that cyber threats can be prevented is a myth, agencies can mitigate impacts by training people and by putting up a solid cybersecurity framework.

Charlotte concluded her talk by reiterating that investment in a cybersecurity programme is a continuous cycle. As data breaches become more sophisticated, systems must be improved and defences against these threats must be fortified. Organisations can do this through prevention and simulation of potential threats.

Polling questions

After the engaging discussion by the speakers, participants participated in polling questions and discussions regarding their risk management and cybersecurity protocols, as well as the challenges that they see in this area.

When asked about their key concerns around cybersecurity in their organisations, nearly half (49%) of the attendees voted for employee education in IT security.

A delegate from the Department of Energy said that educating employees is one of the major hurdles that his agency is experiencing. The reason is that most employees fail to grasp the importance of cybersecurity and because of this, the responsibility is left in the hands of IT professionals.

An executive from the Department of National Defense shared the same sentiment. She noted that with their current remote work programme, educating employees and enforcing security policies has become more difficult.

When it comes to measuring the effectiveness of cybersecurity architecture, two thirds (66%) of the participants said that they do this by looking at the ability of the organisation to respond effectively to impending cyber threats. Data protection, threats response and effective mitigation are their main measurements.

Interestingly, 20% of the participants stated they did not have any measurement and wanted to learn from the others. One participant from the government said they are interested to find ways to measure this area in their cybersecurity policies.

The third question was on how the participants rate the level of preparedness of their organisation to cyber threats. Few were unsure and some admitted that they are not well prepared. 45% of the participants felt that they are prepared but they have doubts if it can withstand infiltration.

The fourth question asked the participants on their biggest challenge for accelerating their response to IT incidents, a large portion, mostly government officials, voted it to be the lack of skilled Cybersecurity or IT professionals. They experienced budget constraints and felt policies in hiring these professionals were difficult to follow.

For well over half of the delegates (60%),  the lack of skilled Cybersecurity/ IT Professionals is the biggest challenge they see in boosting their cybersecurity protocols. Others felt information overload and alert fatigue to be challenging since IT incidents involved not only cybersecurity but also operations.

The last question was on how participants’ security operations are currently driven. For the most part, delegates said they were compliance and incident driven but now realise the importance of risk-based or intelligence-driven parameters and were working towards it.

Conclusion

The session came to a close with Sonia stressing the need to establish a critical incident management programme in order to ramp up cybersecurity in the overall organisational framework.

She re-emphasised how different elements contribute to an incident and that it is important to look beyond the confines of technology. Keep educating and spreading awareness, pick up intelligence from suppliers and partners that are helpful for the organisation in responding rapidly to events in an automated consistent fashion.

Sonia thanked the participants for their wonderful insights and contributions and encouraged them to reach out to her team and her on their CEM journey.

OpenGovLive!

In collaboration with Everbridge, we hosted an OpenGovLive! Virtual Insight Session discussing practical solutions to go beyond surviving critical events risks to proactively protecting people, customers, and business operations.