Continuity Logic’s Frontline Live 5™ is the first leader in Gartner’s Magic Quadrant Business Continuity (BCMP) software category that has effectively converged continuity, risk and compliance in a one easy to use cloud-based solution.

Fall World 2015

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 28, Issue 3

Full Contents Now Available!

Jon Seals

WASHINGTON — As part of the U.S. Department of Homeland Security’s (DHS) ongoing efforts to support state, local, tribal, and territorial partners, Secretary Jeh Johnson today announced final allocations for eight Fiscal Year 2015 DHS preparedness grant programs, including the Homeland Security Grant Program. These allocations total more than $1.6 billion to assist states, urban areas, tribal and territorial governments, non-profit agencies, and the private sector with their preparedness efforts.

Together with previous grant funding awarded since 2002, DHS has awarded over $40 billion to these partners. Preparedness grants strengthen our nation’s ability to prevent, protect against, mitigate, respond to, and recover from terrorist attacks, major disasters, and other emergencies in support of the National Preparedness Goal and the National Preparedness System.

The FY 2015 grants focus on the nation’s highest risk areas, including urban areas that continue to face the most significant threats. Consistent with previous grant guidance, dedicated funding is provided for law enforcement and terrorism prevention activities throughout the country to prepare for, prevent, and respond to crimes and other precursors or indicators of terrorist activity.

Preparedness Grant Program Allocations for Fiscal Year 2015:

Homeland Security Grant Program (HSGP)—provides more than $1 billion for states and urban areas to prevent, protect against, mitigate, respond to, and recover from acts of terrorism and other threats. 

  • State Homeland Security Program (SHSP)—provides $402 million to support the implementation of the National Preparedness System to build and strengthen preparedness capabilities at all levels.
  • Urban Areas Security Initiative (UASI)—provides $587 million to enhance regional preparedness and capabilities in 28 high-threat, high-density areas.
  • Operation Stonegarden (OPSG)—provides $55 million to enhance cooperation and coordination among local, tribal, territorial, state, and Federal law enforcement agencies to jointly enhance security along the United States land and water borders where there are ongoing Customs and Border Protection missions.

Awards made to the states and urban areas for HSGP carry pass-through requirements.  Pass through is defined as an obligation on the part of the State Administrative Agency (SAA) to make funds available to local units of government, combinations of local units, tribal governments, or other specific groups or organizations.  The SAA must obligate at least 80 percent of the funds awarded under SHSP and UASI to local or Tribal units of government.  

Per the Homeland Security Act of 2002, as amended, DHS/FEMA is required to ensure that at least 25 percent of grant funding appropriated for HSGP and the Tribal Homeland Security Grant Program are used for law enforcement terrorism prevention activities (LETPA).  DHS/FEMA ensures that this requirement is met in part, by requiring all SHSP and UASI recipients to ensure that at least 25 percent of the combined HSGP funds allocated under SHSP and UASI are dedicated towards LETPA. This 25 percent can be from SHSP, UASI, or both.  The 25 percent LETPA allocation is in addition to the 80 percent pass-through requirement to local units of government and Tribes.

Emergency Management Performance Grant (EMPG) Program—provides over $350 million to assist local, tribal, territorial, and state governments in enhancing and sustaining all-hazards emergency management capabilities. 

Tribal Homeland Security Grant Program (THSGP)—provides $10 million to eligible tribal nations to implement preparedness initiatives to help strengthen the nation against risk associated with potential terrorist attacks and other hazards.

Nonprofit Security Grant Program (NSGP)—provides $13 million to support target hardening and other physical security enhancements for nonprofit organizations that are at high risk of a terrorist attack and located within one of the 28 FY 2015 UASI-eligible urban areas.

Intercity Passenger Rail - Amtrak (IPR) Program—provides $10 million to protect critical surface transportation infrastructure and the traveling public from acts of terrorism and increase the resilience of the Amtrak rail system.

Port Security Grant Program (PSGP)—provides $100 million to help protect critical port infrastructure from terrorism, enhance maritime domain awareness, improve port-wide maritime security risk management, and maintain or reestablish maritime security mitigation protocols that support port recovery and resiliency capabilities.

Transit Security Grant Program (TSGP)—provides $87 million to owners and operators of transit systems to protect critical surface transportation and the traveling public from acts of terrorism and to increase the resilience of transit infrastructure.

Intercity Bus Security Grant Program (IBSGP)—provides $3 million to assist operators of fixed-route intercity and charter bus services within high-threat urban areas to protect bus systems and the traveling public from acts of terrorism, major disasters and other emergencies.

Further information on DHS’s preparedness grant programs is available at www.dhs.gov and http://www.fema.gov/grants.


FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Follow FEMA online at www.fema.gov/blog, www.twitter.com/fema, www.facebook.com/fema and www.youtube.com/fema.  Also, follow Administrator Craig Fugate's activities at www.twitter.com/craigatfema.

The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.

By and large, organizations tend to invest in preventative cybersecurity measures and they also concentrate their resources on detecting and stopping cyberattacks, rather than on painstaking “who did it?” investigations. They want to close the gap, manage the public opinion fallout, learn from the episode and move on.

From an enterprise perspective, this makes sense, as resources dealing with cybersecurity are usually overstretched and the organization does not stand to gain much from determining, with a certain degree of certainty, who was behind a cyberattack. The incentive equation, of course, is different if the target of the attack is a government or a large organization that is part of a country’s critical national infrastructure.

Attack attribution has traditionally been approached from the perspective of enabling the target or victim entity to pursue the attacker either for damages in a court of law; or from a national, military or intelligence “strike back” perspective.



Business And IT 

In today’s world, company operations function at two distinct levels: the business operation level and the IT infrastructure operation level. While the two functions operate independently, IT exists to support the business. Many of the IT operations, like the deployment and management of IT infrastructure, applications and services are driven by the business layer requirements in a top-down fashion to enable the company to carry out its business. IT infrastructure management, including addressing cyber security risks is exclusively done in the IT layer. There are several tools, such as FireEye, McAfee, Qualys, ArchSight and BMC Software which IT deploys and uses in order to identify and manage IT security risk, but something is missing.

A chasm exists between the IT layer and business layer, when looked at from a bottom-up perspective.



Every once in a while it’s good to take stock of a situation. A projected 1.25 billion Android users for 2015 (according to Gartner) is such a situation. Either your organisation is already an Android shop or it is likely to become one in the near future. A plethora of software apps for the Android OS and a decidedly spotty security record for many Android users means that reviewing your approach to Android security could be a wise move as well.

While advanced technology exists to help protect Android systems, a reminder about security basics can go a long way to avoiding problems:



That the cloud is a major boon to the enterprise is beyond question. At this point, it’s kind of like saying the CPU was a really good idea.

But no matter how valuable the cloud becomes, there will always be questions over its design, implementation and efficacy when it comes to specific applications and workloads. Already, cloud architectures have diverged along three distinct tracks – SaaS, PaaS and IaaS – and countless sub-tracks that use one or more of the three to achieve targeted goals, such as data center as a service, disaster recovery as a service and networking as a service.

So while increased use of enterprise-facing cloud services seems inevitable, the hows, wheres and whys of this transition are still unclear, which is why leading IT vendors like Intel are hoping to move things along.



Anyone who has been around the managed services market a while knows this: Companies can get pretty creative with their definitions of “managed services.”

While inventive definitions of the term may deliver food for thought or some level of entertainment, it’s hard to get customers to understand what a service delivers if providers can’t agree on its meaning. It’s no wonder, then, that even customers who hire an MSP don’t always know what “managed services” means.



New ISO/IEC 27001:2013 and PCI-DSS 3.1 Critical Compliance Certifications Strengthen Data Security Practices


CHANHASSEN, Minn. — In order to enhance its data security practices, IWCO Direct, a leading provider of direct marketing solutions, has announced it has achieved ISO/IEC 27001:2013 certification through BSI. The company has also achieved Level 1 Payment Card Industry – Data Security Standard 3.1 (PCI DSS) compliance certification. These certifications extend to Mail-Gard®, a division of IWCO Direct which provides business continuity and disaster recovery services.


In 2013 IWCO Direct achieved ISO 27001:2005 and PCI DSS 2.0 certifications. Since then, both standards have been upgraded. To demonstrate its commitment to Continuous Improvement and data security, IWCO Direct devoted significant time and resources to updating and validating its practices to encompass the latest data security standards.


“Everyone understands the importance of data security, but many companies haven’t taken the necessary steps to ensure they are doing everything possible to protect client data,” stated Jim Andersen, CEO of IWCO Direct. “When evaluating potential business partners, we encourage all direct marketers to evaluate whether a company places as high a priority on protecting customer data, and the potential consequences if they don’t.”


About ISO/IEC 27001:2013

Developed by the International Organization for Standardization (ISO), ISO/IEC 27001:2013 is the only auditable international standard which defines the requirements for an Information Security Management System (ISMS).

IWCO Direct aggressively pursued certification through BSI due to the growing use of consumer data to drive relevancy and performance in direct mail campaigns. Since adopting the ISO best practice framework, IWCO Direct has continually maintained and enhanced its corporate information security management program and considers it an important competitive advantage.

To maintain its certification, IWCO Direct conducts regular internal and external audits to verify that its security practices remain in compliance with the standard, ensuring that information security remains integrated into the core of its business.


About PCI DSS 3.1

The PCI DSS standard is established by the PCI Security Standards Council, LLC, an open global forum responsible for the development, management, education and awareness of the PCI Data Security Standard (PCI DSS).

The new standard, which was released in April of 2015, incorporates requirements added to address recent vulnerabilities as well as recommendations for incorporating PCI DSS into everyday business processes, best practices for maintaining ongoing PCI DSS compliance and enhanced testing procedures to clarify the level of validation expected for each requirement. Upon release of the new standard, IWCO Direct took immediate steps to comply with the update to support its client base in highly regulated industries. Required to be performed annually to maintain certification, the latest audit provided IWCO Direct a fresh look at its security controls and implementation methodologies.

By achieving this compliance in data management in accordance with the highest security standards founded and supported by major payment card brands, IWCO Direct underscores its commitment to ensuring it has the technology and processes in place to support its customers’ statement processing and financial mailings.


About IWCO Direct
IWCO Direct (iwco.com) is one of the nation’s largest providers of direct marketing solutions. Earning customers’ trust by collaborating with North American marketers for more than 45 years, the company’s full range of direct mail services includes one of the industry’s most sophisticated postal logistics strategies. Guided by the “Power your Marketing™” approach, the company’s Proprietary Intelligence model encompasses data, strategy, creative, execution and analysis to inspire performance across all marketing channels. Through Mail-Gard®, IWCO Direct offers business continuity and disaster recovery services that provide peace of mind in case of a business interruption. The company is ISO/IEC 27001 Information Security Management System (ISMS) certified through BSI, reflecting its commitment to data security. Stay current on direct marketing trends, industry news, postal regulations and more by subscribing to IWCO Direct’s SpeakingDIRECT blog.

ROCHESTER, NY – Savage IO, a leading designer, manufacturer and provider of high-performance storage, networking and server systems for demanding environments, today announced the highest-performing, most-densely populated Open Storage Platform server on the market – SavageStor.

Designed without the inherent physical bottlenecks or software incompatibilities of other storage products, SavageStor is an all-in-hardware (server, networking, controller and storage) solution that satisfies the ruthless capacity and IO requirements of cloud storage, big data analytics, HPC, enterprise and ROBO environments. SavageStor provides up to 40 percent faster compute performance, requires 90 percent lower management resources, and uses 50 percent less power and cooling in 75 percent less floor space to present an ideal alternative to companies that are dissatisfied with their current IT infrastructures.
“Traditional enterprise storage systems are often designed with hardware and software limitations that restrict the maximum performance that they might otherwise achieve,” said Jim Miller, Senior Analyst of Enterprise Management Associates. “Savage IO has found a way to overcome these obstacles with an Open Storage Platform that takes full advantage of the hardware’s potential while working with nearly any configuration, application and OS available”.
SavageStor systems are assembled in the U.S. with top-of-the-line components from audited suppliers, to omit cross talk, packet loss, and power jitter - loss often associated with cheaper mass-produced parts. SavageStor systems are sold software-free and work seamlessly with existing networks, whether they incorporate NAS, SAN, or other protocols. The - platform eliminates performance drains and extra costs caused by poor integration, vendor lock-in, rigidly defined management and unjustifiable licensing schemes, offering an ideal foundation for open-source software.
SavageStor can combine HDD or SSD in any configuration of SATA or SAS hard drives, depending on user workload. Four grid-redundant power supplies, an innovative sliding “drive drawer” that allows drives to be swapped without powering down or compromising any cabling in the back, and cabling that delivers speeds up to 25GB per second, maximizing throughput and reliability. Because of its radically efficient engineering, and spectacular density, SavageStor minimizes power consumption and overall footprint for low up-front costs and better long-term cost of ownership.
The company’s flagship solution, SavageStor 4800, combines a massive front-end SSD cache of 512GB and up to 288TB native capacity in one compact 4U system with an extremely low power footprint. It also features dual CPUs, hard drives, RAID controllers, grid-redundant power supplies and high speed network ports for aggressive reliability.
“For too long vendors have used the tired cliché that they are ‘thinking outside the box’ to mean that they are producing something innovative and unique,” said Phillip Roberto, CEO of Savage IO. “However, in my experience, it’s what’s inside the box that makes or breaks innovation. With SavageStor’s Open Storage Platform, we have optimized the IT experience with the best components in the best-aligned configuration to provide the greatest performance, capacity and cost reduction available on the market today. Organizations can use it with whatever OS, hypervisor or application they choose and know that what’s inside the box is what is going to give them the best user experience available.”
SavageStor is available for purchase through Savage IO’s direct sales force. For more information, interested parties may visit http://www.savageio.com or call 1-888-963-4581.
About Savage IO Savage IO designs, manufactures, and sells high-performance storage, networking, and server systems for demanding IO environments. The company was founded in 2010 to build a mechanically flawless hardware architecture without the inherent physical bottlenecks or software incompatibilities plaguing existing storage hardware. Founded by nine-year U.S. Navy veteran Phillip Roberto, , Savage IO is based in Rochester, NY, a region well known for precision manufacturing. Savage IO is proud of its guiding principles: trust, servitude, discipleship, and integrity, which guide all their interactions with customers, partners, and each other, and create a foundation for spiritual, personal and business growth.
Disaster recovery initiatives ensure minimum business impact during times of unforeseen business disruption


HANOVER, Md. – Validating the ability to guarantee continuous business operations during a major disruption or natural disaster, Ciena ® (NYSE: CIEN) was recently awarded ISO22301 certification for its International Business Continuity Management System (BCMS). Designed to certify resilience in managing business disruptions and other unexpected events, ISO 22301 stipulates demanding requirements for implementing, operating, maintaining and improving a business continuity management systems (BCMS).

Key Facts:

·         Ciena received its ISO 22301:2012 certification from the British Standards Institution (BSI), an independent, impartial third party that helps organizations manage risk, performance and sustainability activities that transform best practices into habits of excellence.

·         The ISO 22301 standard, released in 2012, provides an internationally accepted standard for BCMS to meet the needs of the global industry. To receive the certification, Ciena participated in a series of audits and provided a documented plan/procedure describing how the organization would respond and handle a business disruption.

·         Ciena has a corporate incident management structure and business continuity plans for critical functions occurring throughout the enterprise. In response to customer demand, these plans are designed to ensure Ciena is prepared to continue its core business operations—including product design, manufacture, delivery, and customer service—in the event of a significant business disruption to fulfill customer expectations.

·         In addition to the ISO 22301 certification, Ciena is also certified to TL9000/ISO 9001:2008 and OHSAS 18001, which contain disaster recovery and emergency preparedness elements.

Executive Comments:

  • “Receiving the ISO 22301 certification from BSI highlights our ability to effectively deliver on all customer commitments even during a business disruption. It is also another example of Ciena’s customer-first philosophy and high-touch approach to customer relationships, which continue to be strategic differentiators and drivers of our success.”

­   James Moylan, Senior Vice President & Chief Financial Officer

·          “By earning ISO 22301 certification, Ciena is further demonstrating its commitment to making its company more resilient and leading by example. By formalizing their Business Continuity Management System and using ISO 22301 as an extra set of eyes, Ciena will be able to improve quality of services as well as customer satisfaction and remain at the cutting edge of their industry”.

­   Todd VanderVen, President, BSI Group Americas

Supporting Resources:

·         Webpage: Business Continuity Management

·         Webpage:ISO 22301


About BSI

BSI (British Standards Institution) is the business standards company that equips businesses with the necessary solutions to turn standards of best practice into habits of excellence. Formed in 1901, BSI is the UK National Standards Body and a founding member of the International Organization for Standardization (ISO). Over a century later it continues to facilitate business improvement across the globe by helping its clients drive performance, manage risk and grow sustainably through the adoption of international management systems standards, many of which BSI originated. Renowned for its marks of excellence including the consumer recognized BSI Kitemark, BSI’s influence spans multiple sectors including Aerospace, Automotive, Built Environment, Food, Healthcare and ICT. With over 80,000 clients in 172 countries, BSI is an organization whose standards inspire excellence across the globe. To find out more, please visit: www.bsigroup.com


About Ciena

Ciena (NYSE: CIEN) is the network specialist. We collaborate with customers worldwide to unlock the strategic potential of their networks and fundamentally change the way they perform and compete. Ciena leverages its deep expertise in packet and optical networking and distributed software automation to deliver solutions in alignment with its OPn architecture for next-generation networks. We enable a high-scale, programmable infrastructure that can be controlled and adapted by network-level applications, and provide open interfaces to coordinate computing, storage and network resources in a unified, virtualized environment. For updates on Ciena news, follow us on Twitter @Ciena or on LinkedIn http://www.linkedin.com/company/ciena. Investors are encouraged to review the Investors section of our website at www.ciena.com/investors, where we routinely post press releases, SEC filings, recent news, financial results, and other announcements. From time to time we exclusively post material information to this website along with other disclosure channels that we use.

New Unified Enterprise Security (UES) Certified Partner Tops List

DALLAS – Masergy Communications Inc., a global leader inmanaged networking and cloud services, today announced new Platinum and Gold partners for Fiscal Year 2016 in its Global Partner Program. Masergy is leading the way in providing channel partners with award-winning Unified Communication as a Service (UCaaS) and Unified Enterprise Security (UES) solutions that help their customers transform rigid IT infrastructures into flexible and secure cloud services.

The Platinum and Gold partner status is based on sales performance for Fiscal Year 2015 which ended June 30, 2015. For the second year, top revenue-generating partners for FY15 were Avant Communications for overall sales and Bridgepointe Technologies for Unified Communications as a Service (UCaaS) sales. Intelisys was the top partner in Unified Enterprise Security (UES) sales status.

Masergy is now offering partner certification on its UES solutions. The self-paced, online training program provides channel partners with all of the information needed to fully understand the cyber security vulnerabilities that pose a threat to their customers’ data. Cyber security topics include:

      Motivation and methods used by hackers

      The limitations of current enterprise IT security strategies and products

      Five top qualifying questions to profile potential customer accounts

      Masergy’s unique approach to advanced threat detection

Masergy is proud to announce that Intelisys has completed the UES Partner Certification in addition to achieving top UES sales status.

FY 2016 Platinum Partners include:

      Advantage Communications Group

      Agent Alliance

      Avant Communications

      Bridgepointe Technologies

      Business Communications Management (BCM)

      Fluent Edgeworks


      PlanetOne Communications


      Sandler Partners

“Masergy’s Software Defined Network (SDN) Platform, UES and UCaaS solutions continue to drive channel partner sales, as their customers are seeking an agile means to transform their businesses, upgrade IT infrastructures and manage growth,” said Chuck Ward, Masergy Global Channel VP. “We are proud to have expanded our programs to encompass cyber security certification as well as hybrid networking and cloud integration to boost partners’ opportunities.”

Platinum and Gold partners are eligible to receive special benefits such as participation in Masergy's Partner Advisory Board, co-branded collateral, as well as participation in and sponsorship of joint programs and events. A complete list of Masergy’s Platinum, Gold and Certified partners can be found here.

To inquire about partner opportunities, contact Masergy's Global Channel team at partners@masergy.com.

About Masergy

Masergy owns and operates the largest independent global networking platform and delivers fully-managed hybrid networks to enterprises. Masergy also provides advanced managed security and cloud unified communication solutions. Our patented technology, customizable solutions and unmatched customer experience are why a growing number of global enterprises rely on Masergy to deliver performance beyond expectations. Learn more about Masergy and follow us on our blog Transforming Enterprise IT, Twitter @Masergy, LinkedIn and Facebook.

Page 1 of 564