CIO — Nearly six years before Sept. 11, 2001, Citibank, the Pittsford, N.Y.-based multinational financial services company, became starkly aware how vulnerable its operations were to terrorist attack. On the evening of Friday, Feb. 9, 1996, as weary office workers in London’s Canary Wharf area were heading home, IRA terrorists telephoned a series of coded warnings to media organizations about a bomb they had placed. As police hastily cleared the target area, the device exploded, killing two people, hospitalizing more than 100 others and damaging several buildings so badly that they subsequently had to be demolished.
The advanced warning and the fact that many workers had already left for the weekend undoubtedly contributed to the low number of fatalities. But so too did the fact that the building that took the brunt of the blast housed Citibank’s European backup hot site with 1,000 empty desks set up and ready to be used should any one of Citibank’s European offices?staffed and managed by Europeans?go out of action. Had the building not been purposely left empty, the police believe that the casualty toll would have undoubtedly been far higher.
For Citibank, which had operations in some 14 European countries, the blast was an unlucky reminder that?despite careful contingency planning?there’s no safe haven from terrorism’s disruption. While few disaster plans start with the premise that the backup facility may be devastated, throughout Europe?a region that has an unfortunate history of terrorism?planning for debilitating disasters is considered a normal part of business.
And there’s a growing sense that American companies are only now waking up to the same realization. "Businesses in the U.S. have been extremely complacent about terrorism," says Professor Wendy Currie, director of the Centre of Strategic Information Systems at Brunel University in Uxbridge, England. "It’s very different from the attitude in some parts of Europe?such as London, Madrid and Paris?where people tend to be subconsciously on their guard."
Consequently, American companies have a lot to learn from companies that operate in Europe. Certainly, the events at the World Trade Center and the Pentagon demonstrate the enormous disruption terrorism can cause. But, as European-based companies have learned, preparations in the form of backup sites and contingency plans are only part of the equation. Just as important is the adoption of a mind-set that acknowledges the threat of terrorism yet at the same time insists on a determination that business will go on.
Revamped Plans
Despite the devastation at Citibank’s hot site, not every company at Canary Wharf was so fortunate as to merely have empty desks disabled. While Citibank scrambled to find an alternate backup facility, other companies at Canary Wharf were addressing more fundamental issues. Like getting their company up and running again.
