Interview: New DRI Board Chair Michele Turner, MBCP on Her History in Business Continuity and What’s on the Horizon
DRI International is pleased to welcome Michele Turner, MBCP, as Chair of the DRI Board of Directors. Currently Vice President of Risk Management for Marriott International, she brings a wealth of resilience experience to the table. We spoke with her about her career, her views on the profession, and her work with DRI.
For those who don’t know, what has been your experience, both professionally and with DRI?
My career has been filled with both business and disaster recovery aspects, as well as governance, risk management, and cybersecurity. Adding a master’s degree in business continuity has offered academic aspects to learned experiences.
I began my continuity career in 1993 with Household International as a business recovery coordinator. Developing plans with the DP90 plus software (state of the art DOS tool 😊), color coordinating plan sections, coordinating Comdisco tests, and assisting in managing crisis comms. I took this base of recovery to the consulting arena, and enhanced the technology aspect, engaging with AS400s, NOVELL and MS system optimization, business continuity and disaster recovery plan development. EMC2 was next where I was a systems engineer and architecture liaison supporting the Comdisco contract. I then drove disaster recovery efforts for Washington Mutual, and then various roles at the Microsoft organization including the coordination of the IT Governance Council, and the development of the operational risk pillar. After 10 years there, I spent five and a half years at Amazon where I developed the Global Business Resilience Organization for Amazon Corporate, inclusive of business continuity, crisis management, and workplace resilience. I am now blessed to lead the Global Business Continuity Organization for Marriott where, in addition to corporate/above property BC, my team is focused on emergency response for all Marriott managed properties, operational resilience product management, and BC risk mitigation and contract review.
As for DRI, I began my career as a member of the Certification Commission around 1994, which led to my being a member of the Strategic Committee, and now a member of both the DRI Foundation and the Board of Directors. I have served on the committee updating the Professional Practices for the past two iterations, engaged in the pilot Veterans Outreach Program training session, and am also an instructor in the Cyber Resilience, Business Continuity, and Risk Management Continuity courses.
I enjoy giving back to an industry that has given me a wonderful career for more than 30 years.
As new board chair, what strengths do you feel you bring to the table?
Being in this arena for over 30 years (and with DRI for the same time), I have had the opportunity to implement programs and lead change as a subject matter expert, as well as offer sponsorship and strategic development at the senior and executive levels. It is the culmination of these aspects, along with my skillset in relationship management, C-Level, and corporate board communications that I will bring as the Chair of the DRI Board of Directors. I look forward to working with my Board colleagues to continue to drive thought leadership supporting the needs of the industry and our constituents around the globe.
You’ve been on the frontlines for a long time – what do you think has been the most persistent BCM/risk/resilience issue professionals face, and how do you characterize your response to it?
I see the most persistent risk that we face as consistent communication, both from a cross discipline and senior and executive level perspective.
Cross-discipline: To be clear, while BCM, risk, and resilience has been referenced in the question, these teams, and others (global security – including InfoSec, physical security, and cyber, crisis management, emergency response, etc.) do not always collaborate or leverage information as effectively as may be warranted. Without this communication, we may: 1) create redundancies in controls causing impact to finances, and oversaturating the environment, 2) lose the ability for diverse and community thought that could be leveraged to drive needed innovation.
Senior and executive level: Ensuring that the value add of BC and resilience is directly tied to the organization’s strategy, mission, and vision is critical. It is advantageous to have BC and resilience seen and discussed as part of the overall strategy, versus a focus outside of, or in addition to. The connected comms can support financial viability, enhanced credibility with customers, and mitigation to risks which may be identified in corporate 10-Ks. The key is making the connections and sharing this information with sponsors on a recurring basis to support the upleveled communication and action.
We’ve just released this year’s Predictions report, I’d like to get your take. What topics in there concern you the most – AI, geopolitical strife, etc.? Are there any that didn’t make the top 10 that you’re keeping an eye on?
Cybersecurity remains an area of significant concern for me both from a nation-state threat and direct risks within immediate organizations. As the industry grows in controls, threat actors are also expanding their reach and tactics. This does not mean that we are fighting a losing battle however, this means that we must be vigilant in areas of awareness, training, and testing. Collaboration is key. Aligning the common themes, threads, and controls across the disciplines of DR, BC, cyber, etc. to show the connection points that can lead to protective resilience is strong remediation. There is strength in numbers, there is strength in community, there is strength in collaborative understanding and action.
What is your view on the resilience profession as it exists today? How do you think it’s evolved over the years and where do you see it heading?
I am excited for the resilience profession. Using the resilience definition in the DRI Glossary for Resilience, I definitely see evolution over the years. I see it in how we are applying the operational resilience framework to reduce risk in financial and even non-financial organizations. I see the evolution in agencies such as the National Institute of Standards and Technology (NIST) expanding cybersecurity guidance for industries outside of “standard” technological orgs. I see the evolution in orgs taking a standard definition and then customizing it directly to their own organizations to “make it real” for them. With this, it is important that we do not think about the end destination for this evolution…because there is not one. We will continue to evolve. We will continue to adjust and adapt and bounce forward based on the lessons that we have learned and applied.
DRI2024 in New Orleans is coming up – what are you most looking forward to?
Outside of networking with senior leaders in the industry and sharing and receiving great insights, I am excited to participate in the full day Volunteer event: “Riding, Planning and Building.” Being able to plant cypress trees in the central wetlands, which will offer protection during storms, is something that I am looking forward to supporting.
How’s the family?
The family is AMAZING. My husband and I are enjoying the East Coast and doing our best to convince the “kids” to move out this way. Mom and Dad are doing well, and the grandkids are growing by leaps and bounds. We are blessed 😊