Fall World 2014

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 27, Issue 3

Full Contents Now Available!

Jon Seals

Every organization should have an Emergency Action or Evacuation Plan.  Even when it is not required (by the building owner, fire department or occupancy regulations) it is a ‘best practice’ for every organization to plan and practice to evacuate all personnel from the workplace.  Often, evacuation focuses on getting out quickly.  Surely that’s the most critical objective.  .  While simple in principle, there are some considerations that should not be overlooked:

Too Close for Safety:  The standard ‘rule of thumb’ for Assembly points is at least 200 feet from the evacuated building.  This is intended to assure personnel will not be endangered is window glass or other debris falls.  Keep in mind that taller buildings may have a wider potential debris pattern.  Two-hundred feet should be used as the minimum.  Assuring employee safety should be the priority.

Obstruction:  When Emergency Services (Fire, police, ambulance) arrive, will they have sufficient room to do their job?  Crowds of evacuated personnel shouldn’t impede their work.    Emergency services may need room to park and to turn their vehicles around.  Make sure Assembly Points are a reasonable distance from entrances and drive paths- and assure personnel won’t interfere.

...

http://ebrp.net/evacuation-assembly-points/

(MCT) — For six weeks, Florida reeled under the assault of four hurricanes.

First Charley struck Port Charlotte Aug. 13, 2004, with 150-mph winds. Then Frances pounded Martin and Palm Beach counties, collapsing part of Interstate 95 near Lake Worth and sending gusts into Broward that left a quarter-million people without electricity. Ivan came ashore near Pensacola with 120-mile-per-hour winds and a storm surge that swamped coastal towns. Jeanne struck the same area as Frances, turning out the lights in most of Palm Beach County, ripping off roofs and flooding houses.

It came to be known as the Year of the Four Hurricanes.

Following that beating, and another one the next year with Hurricanes Wilma and Katrina, there have been dramatic improvements to Florida’s electric grid, shelters, forecasting abilities and ability to communicate. And while another season like 2004 still would be disastrous, residents would have more warning and stand a better chance of returning faster to normal life.

...

http://www.emergencymgmt.com/training/Year-of-the-Four-Hurricanes-Changed-Florida.html

(MCT) — The good news is people are more alert to and educated about weather this time of year.

Husbands and wives on the Coast can carry on a conversation about how the amount of sand in the upper atmosphere along the Atlantic affects the chances a tropical storm will develop.

But the down side is the array of information can be confusing and the social media sites, looking for clicks, tend to hype tropical activity.

Find a trusted source, local emergency managers say.

...

http://www.emergencymgmt.com/training/Social-Media-Adds-Hype-to-Storms.html

Here’s a tip that might take a little pressure off the data scientist talent search: A data scientist doesn’t necessarily need to be a math wizard with a PhD or other hard science background.

In fact, that type of person might actually prove disappointing if your goal is Big Data analytics for humans, according to data scientist Michael Li.

That may seem odd, given that Li’s work focuses on exactly the kind of credentials normally associated with the term “data scientist.” Li founded and runs The Data Incubator, a six-week bootcamp to prepare science and engineering PhDs for work as data scientists and quantitative analysts.

...

http://www.itbusinessedge.com/blogs/integration/humanizing-the-data-scientist.html

You can’t just wing it anymore. Many things have changed since you first said you wanted to become a fireman, an astronaut, a veterinarian or a nun. This is especially true in the field of business continuity.

Business continuity is not just concerned with IT recovery anymore. Supply chain management is critical to sustaining company operations. How do we determine what is or isn’t critical? Shouldn’t we bring these issues to the attention of our C-Level management?

These are just some of the issues confronting BCP Managers and most practitioners today had to learn how to handle these things along the way. As time goes by, trying to cover all bases regarding continuity has become more and more complicated. Instead of learning while working the job, a little bit of education to start would go a long way to getting ahead of what needs to be done.

...

http://www.strategicbcp.com/blog/business-continuity-programs-cropping-up/

The GlaxoSmithKline PLC (GSK) corruption matter in China continues to reverberate throughout the international business community, inside and outside China. The more I think about the related trial of Peter Humphrey and his wife, Yu Yingzeng for violating China’s privacy laws regarding their investigation of who filmed the head of GSK’s China unit head in flagrante delicto with his Chinese girlfriend, the more I ponder the issue of risk in the management of third parties under the Foreign Corrupt Practices Act (FCPA). In an article in the Wall Street Journal (WSJ), entitled “Chinese Case Lays Business Tripwires”, reporters James T. Areddy and Laurie Burkitt explored some of the problems brought about by the investigators convictions.

They quoted Manuel Maisog, chief China representative for the law firm Hunton & Williams LLP, who summed up the problem regarding background due diligence investigations as “How can I do that in China?” Maisog went on to say, “The verdict created new uncertainties for doing business in China since the case hinged on the couple’s admissions that they purchased personal information about Chinese citizens on behalf of clients. Companies in China may need to adjust how they assess future merger partners, supplier proposals or whether employees are involved in bribery.”

I had pondered what that meant for a company that wanted to do business in China, through some type of third party relationship, from a sales representative to distributor to a joint venture (JV). What if you cannot get such information? How can you still have a best practices compliance program around third parties representatives if you cannot get information such as ultimate beneficial ownership? At a recent SCCE event, I put that question to a Department of Justice (DOJ) representative. Paraphrasing his response, he said that companies still need to ask the question in a due diligence questionnaire or other format. What if a third party refuses to answer, citing some national law against disclosure? His response was that a company needs to very closely weigh the risk of doing business with a party that refuses to identify its ownership.

...

http://tfoxlaw.wordpress.com/2014/08/21/what-can-you-do-when-risk-changes-in-a-third-party-relationship/

It’s been said that Big Data and the cloud go together like chocolate and peanut butter, but it looks like more symbiosis is at work here than meets the eye.

While on the surface it may seem like the two developments appeared at the same time by mere coincidence, the more likely explanation is that they both emerged in response to each other – that without the cloud there would be no Big Data, and without Big Data there would be no real reason for the cloud.

Silicon Angle’s Maria Deutscher hit on this idea recently, noting that the two seem to be feeding off each other: As enterprises start to grapple with Big Data, they will naturally turn to the cloud to support the load, which in turn will generate more data and the need for additional cloud resources. In part, this is a continuation of the old paradigm that more computing power and capacity simply causes users to up their data requirements. Of course, the cloud comes with additional security and availability concerns, but in the end it is the only way for already stretched IT budgets to feasibly cope with the amount of data being generated on a daily basis.

...

http://www.itbusinessedge.com/blogs/infrastructure/yin-and-yang-big-data-and-the-cloud.html

An improving economy and updated business practices have contributed to companies sending more employees than ever on international business trips and expatriate assignments. Rising travel risks, however, require employers to take proactive measures to ensure the health and safety of their traveling employees. Many organizations, however, fail to implement a company-wide travel risk management plan until it is too late – causing serious consequences that could easily have been avoided.

The most effective crisis planning requires company-wide education before employees take off for their destinations. Designing a well-executed response plan and holding mandatory training for both administrators and traveling employees will ensure that everyone understands both company protocol and their specific roles during an emergency situation.

Additionally, businesses must be aware that Duty of Care legislation has become an integral consideration for travel risk management plans, holding companies liable for the health and safety of their employees, extending to mobile and field employees as well. To fulfill their Duty of Care obligations, organizations should incorporate the following policies within their travel risk management plan:

...

http://www.riskmanagementmonitor.com/a-proactive-approach-to-travel-risk-management/

Cybersecurity Core Curriculum & Schedule
 

Join the authors of the best-selling  as they offer practical cyber-threat information, guidance, and strategies for lawyers, law firm attorneys, in-house counsel, government attorneys, and public interest attorneys.

The webinar series will discuss:

  • Cyber and data security risks and best practices.
  • Lawyers' legal and ethical obligations to clients regarding data security
  • Cybersecurity as it relates to various practice settings, including small, medium, and large law firms; in-house counsel; government; and public interest
  • Best practices for incidence response and cyber coverage

You may purchase any of the webinars individually or you may purchase one of our three customized packages tailored to your practice setting and receive a 20% discount on the price of each program in the package.  

Receive your own ABA Certificate of Completion when you've completed one of the packages.  As part of an ICOR partnership with the American Bar Association, ICOR Members and Friends receive the same rate as ABA members. 

   

Schedule for the Cybersecurity Core Curriculum

September 24, 2014 -

October 21, 2014 -

November 19, 2014 -

December 4, 2014 -

January 20, 2015 -

February 19, 2015 -

April 21, 2015 -  

For further information about the Curriculum and to register,  please visit the below link:

www.ambar.org/cybersecurityseries

Icon Labs’ Floodgate Defender Security Software for Real-Time Operating Systems (RTOS) and McAfee ePO platform together provide a proven security solution for protecting and managing the Internet of Things (IoT), industrial control, Smart Grid and DoD Operational Assets

WEST DES MOINES, Iowa – Icon Labs (www.iconlabs.com), a leading provider of embedded networking and security technology, today announced that its Floodgate embedded software solution has achieved “McAfee Compatible” status.  The newly integrated solution integrates with the McAfee® ePolicy Orchestrator® (McAfee ePO™) platform, a key component of McAfee’s security management offerings, and Icon Labs’ Floodgate Software products for embedded devices. With this solution, joint customers can manage security policies and receive security events for embedded devices including, industrial control, IoT, Smart Grid and DoD operational assets.  

Icon Labs products provide embedded security for IoT and Machine to Machine (M2M) solutions such as aerospace, military and space probes, industrial and medical control devices, and even consumer electronics products. The Floodgate products provide a “defense in depth” solution to protect control units and endpoint devices from cyber threats, aid in compliance with regulatory mandates and guidelines, and gather and report command, event and device status information for audit requirements.

“By integrating Icon Labs Floodgate products with the McAfee ePO platform, we are able to bring enterprise level security capabilities to RTOS-based devices,” says Alan Grau, President of Icon Labs. “Our solutions extend the McAfee Security Connected architecture to devices that have historically lacked key security capabilities.  The result is a simplified operational experience at a significantly reduced TCO.”

The McAfee Security Innovation Alliance program is the foundation of a technology ecosystem designed to assemble the world's leading security innovations. It is the security industry’s premier technology-partnering program, delivering integrated solutions that maximize the value of existing customer investments. Working together, McAfee and its partners deliver solutions that are more comprehensive than those available from any single vendor.

“We’re pleased to see Icon Labs again complete McAfee compatibility testing for an additional product that will be important to our joint customers,” said Ed Barry, Vice President of Global Technology Alliances for McAfee, part of Intel Security. “Benefits of our joint solution include greater protection, and improved compliance costs for protecting and managing IoT, industrial control, Smart Grid and DoD Operational Assets.”

Icon Labs Software products are now available through McAfee’s invitation only Security Innovation Alliance (SIA) Sales Teaming Program (STP). Through this alliance, mutual customers will have access to Icon Labs’ Floodgate Security products – now tightly integrated and tested with the McAfee ePO platform.

Icon Labs Floodgate Defender Software Solutions are integrated into McAfee ePO platform, the first platform that lets enterprises and governments centrally manage security and compliance products from multiple vendors, offering unprecedented cost savings and return on investment. With more than 45,000 customers and managing more than 60 million PCs and servers, this unique platform is helping McAfee SIA partners to extend their reach and create complementary functionality. The Floodgate innovation allows this capability to extend to RTOS-based endpoints, making them visible to the enterprise while concealing them from hackers. For more information please visit: http://www.mcafee.com/sia.

 

About Icon Laboratories, Inc.
Icon Labs, a 2014 Gartner “Cool Vendor”, is a leading provider of embedded software for device security, device protection and networking management, including the award winning Floodgate Defender. Founded in 1992, Icon Labs is headquartered in West Des Moines, Iowa. For more information, visit www.iconlabs.com, send email to info@iconlabs.com, or call 1.888.235.3443 (U.S. and Canada) or 515.226.3443 (International).

Page 1 of 325