• PROTECT AND ENHANCE THE VALUE OF YOUR ENTERPRISE

    FREE CUSTOMIZED DEMO

    The Continuity Logic customized demo provides an opportunity for qualifying organizations to evaluate Frontline Live 5™, with their plans, desired controls, policies, and procedures. This first-of-its-kind system for both business continuity and many other areas of Governance, Operational Risk and Compliance (GRC) is powerful, but often best viewed with some of your familiar plans, data and templates.

    LEARN MORE ABOUT FRONTLINE LIVE 5

Fall World 2015

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 28, Issue 3

Full Contents Now Available!

Jon Seals

A new survey out this week offers good evidence as to why so many businesses today bungle their response to security compromises and breach discoveries.

The study of 170 businesses conducted by the Security for Business Innovation Council (SBIC) and RSA, The Security Division of EMC (EMC), shows the majority of businesses lack incident response plans and have no capabilities to correlate security-related  data from IT infrastructure, can't properly analyze live network forensic  and have no way to take advantage of industry-wide threat intelligence.

"Organizations are struggling to gain visibility into operational risk across the business," said Dave Martin, chief trust officer for RSA. "While many organizations may feel they have a good handle on their security, it is still rarely tied in to a larger operational risk strategy, which limits their visibility into their actual risk profile."

...

http://mspmentor.net/managed-security-services/rsa-study-small-business-needs-help-it-security

Emergency preparedness exercise scheduled for the Three Mile Island Nuclear Power Plant

PHILADELPHIA – The Federal Emergency Management Agency (FEMA) will evaluate a Biennial Radiological Emergency Preparedness Exercise at the Three Mile Island Nuclear Power Plant.  The exercise will occur during the week of April 13, 2015 to assess the ability of the Commonwealth of Pennsylvania to respond to an emergency at the nuclear facility.

“These drills are held every other year to evaluate government’s ability to protect public health and safety,” said MaryAnn Tierney, Regional Administrator for FEMA Region III.  “We will assess state and local emergency response capabilities within the 10-mile Emergency Planning Zone as well as the adjacent support jurisdictions within the Commonwealth of Pennsylvania.”

Within 90 days, FEMA will send its evaluation to the Nuclear Regulatory Commission (NRC) for use in licensing decisions.  The final report will be available to the public approximately 120 days after the exercise.

FEMA will present preliminary findings of the exercise in a public meeting at 11:00 a.m. on Friday, April 17, 2015 at the Hilton Garden Inn, 3943 Tecport Drive, Harrisburg, PA. Scheduled speakers include representatives from FEMA, NRC, and the Commonwealth of Pennsylvania.  

At the public meeting, FEMA may request that questions or comments be submitted in writing for review and response.  Written comments may also be submitted after the meeting by emailing FEMAR3NewsDesk@fema.dhs.gov or by mail to:

MaryAnn TierneyRegional AdministratorFEMA Region III615 Chestnut Street, 6th FloorPhiladelphia, PA 19106

FEMA created the Radiological Emergency Preparedness (REP) Program to (1) ensure the health and safety of citizens living around commercial nuclear power plants would be adequately protected in the event of a nuclear power plant accident and (2) inform and educate the public about radiological emergency preparedness.

REP Program responsibilities cover only “offsite” activities, that is, state and local government emergency planning and preparedness activities that take place beyond the nuclear power plant boundaries. Onsite activities continue to be the responsibility of the NRC.

Additional information on FEMA’s REP Program is available online at FEMA.gov/Radiological-Emergency-Preparedness-Program.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards. FEMA Region III’s jurisdiction includes Delaware, the District of Columbia, Maryland, Pennsylvania, Pennsylvania and West Pennsylvania.  Stay informed of FEMA’s activities online: videos and podcasts are available at fema.gov/medialibrary and youtube.com/fema. Follow us on Twitter at twitter.com/femaregion3.

https://www.fema.gov/news-release/2015/04/09/fema-evaluate-readiness-pennsylvania

Even in today’s wired world, many organizations require access to original documents to deliver goods or services.  If yours is one of them, how you maintain continuity of access to those documents should be part of your Business Continuity Planning.

Original Documents

Even though we like to think we live in a paperless age, most of us don’t.  In paper-intense industries, access to original documentation may have both financial and regulatory implications. In many other businesses, those ‘original documents’ are fleeting: checks, authorizations, forms and others that are acted upon then discarded.  They are necessary only until converted or input.

Think of original documents as “paper data”.  Even with documents of only temporary importance, their loss (or loss of access to them) may be vital to the performance of our most critical functions or processes.  Why do we put emphasis on Recovery Point Objectives (RPO)?  Because we understand losing electronic data may imperil our business.  There is little difference with “paper data” waiting for conversion to electronic data.  If it’s gone (because of physical destruction) or elusive (because we can’t get postal deliveries, or we’ve been forced out of our office) we can’t fully function.

...

http://www.ebrp.net/original-documents-business-continuity-risk-or-liability/

DENTON, Texas – People living in parts of Arkansas, Louisiana, New Mexico, Oklahoma and Texas are urged to get ready now for potential severe weather that could strike over the next few days in the form of possible severe thunderstorms, hail, strong winds, flash flooding, tornadoes and wildfires.

The Federal Emergency Management Agency’s (FEMA) Region 6 office continues to monitor the situation and stands ready to support state and local partners as needed and requested in any affected areas.

“We encourage people to keep listening to their local and state officials for updated instructions and information. The safety of people is the first priority,” said FEMA Region 6 Administrator Tony Robinson. “We encourage people to have an individual or family emergency plan in place, practice that plan and put together an emergency kit.”

If you have severe weather in your area, you will likely want to become familiar with the terms used to identify a severe weather hazard including:

  • Watch: Meteorologists are monitoring an area or region for the formation of a specific type of threat (e.g. flooding, severe thunderstorms, or tornadoes); and
  • Warning: Specific life and property threatening conditions are occurring and imminent. Take appropriate safety precautions.

More tools and resources are available online to help you prepare for, respond to and recover from any type of disaster. Visit www.Ready.gov or the Spanish language site www.Listo.gov.

https://www.fema.gov/news-release/2015/04/08/get-ready-now-potential-severe-weather-wildfires

Risk is part of nearly every aspect of business. The daily practices for nearly every employee involve some mitigation of certain risks to keep the business moving forward.

Within many enterprises, risk management involves a person or team of individuals who attempt to consider future scenarios and extract possible business risks from them in order to identify areas of liability and possibilities for improvement and success—this is especially important in the area of project management

In the latest edition of the book, “Risk Management: Concepts and Guidance,” author Carl Pritchard, a certified expert in the project management field, identifies systems that project management professionals (PMPs) can apply to manage risks within ongoing projects. Pritchard then explains how to use these systems in the daily work of project management in accordance with the most recent Project Management Body of Knowledge (PMBOK).

...

http://www.itbusinessedge.com/blogs/it-tools/why-risk-management-is-just-as-important-as-project-management.html

ERMS had a great quarter! With an increased demand we have been busy. Busy training new customers and helping them implement their new system. Just how busy? VERY! Our quarterly sales results were almost 50% above target.

Some of our newest customers include: Canadian Red Cross, Desjardin, Intact Insurance, Simon Fraser University, Worker’s Compensation Board of Manitoba (WCB), British Columbia Emergency Management (EMBC), the City of Cambridge, Canadian Federal Government (Shared Services), Independence Bank, Jewish General Hospital, and many more.

Why the increased demand? We believe it’s because more and more organization are starting to understand the value and benefits of emergency and crisis mass communication solutions. Our new, and existing customers, benefit in many ways when they implement an emergency mass notification system (EMNS). Some of those benefits include:

...

http://www.ermscorp.com/blog/10-benefits-of-emergency-mass-notification-systems

Your client calls in a panic. Something’s gone wrong with a server, and the Web store is down. You get there fast, run to the server and determine that it has suffered a hard drive failure. You collect your thoughts, think carefully about the procedure for restoring this piece of equipment quickly, but you draw a blank. The clock is ticking. Downtime is piling up, and your client’s face is reddening with anger because she’s not sure you know what you’re doing. You don’t tell her, but you’re not sure you know, either.

This is the last situation you want to find yourself in. As your client’s frustration mounts, her patience thins, her wallet empties, and her trust in you erodes. There’s only one thing that can stop this from happening, and it goes beyond having a backup and recovery plan. You need to make sure your plans work effectively, and you can only do this by testing them. Remember, you’re not just testing a backup, you’re testing your own ability to recover so you don’t end up testing your client’s patience.

In order to make backup and recovery testing effective, there are some questions you will want to ask yourself. The following should help you gather information you need to create a testing strategy that’s a regular part of your process. This way, when the time comes you’re not just “kind of sure” you can recover—you’re absolutely positive.

...

http://mspmentor.net/blog/five-questions-ask-yourself-about-backup-and-recovery-testing

For extended analysis of regional temperature and precipitation patterns,as well as extreme events, please see our full report that will be released on April 10th.


Significant U.S. Climate Events for March 2015
Significant climate events for March 2015

March was 12th warmest on record for the Contiguous United States

First quarter 2015: Record warmth in the West and cold in the Northeast, dire drought conditions in the West

The March contiguous U.S. average temperature was 45.4°F, 3.9°F above the 20th century average — the warmest March since 2012. Near-record warmth spanned the Great Plains to the West Coast and parts of the Southeast, while the Northeast was cooler than average. The March Lower 48 precipitation total was 2.08 inches, 0.43 inch below average, tying as the 19th driest March on record. Below-average precipitation was widespread across the northern tier states and the Southeast, with above-average precipitation in the Southern Plains and Ohio Valley.

This analysis of U.S. temperature and precipitation is based on data back to January 1895, resulting in 121 years of data.

March

Winter 2015 Statewide Temperature Ranks Map
Winter 2015 Statewide Precipitation Ranks Map
March 2015 Statewide Temperature (top)
and Precipitation (bottom) ranks
  • Fifteen states across the Southeast, Northern Plains, and West had a March temperature that was much above average, while five states in the Northeast had a March temperature that was much below average. No state was record warm or cold.
  • Below-average precipitation was observed along both the East and West Coasts, connected by drier-than-average states across the northern tier. Twelve states had a March precipitation total that was much below average. Above-average precipitation accumulated from the Southern Plains into the Ohio Valley; Arkansas and Texas were both much wetter than average. No state was record dry or wet.
  • According to the March 31st U.S. Drought Monitor report, 36.8 percent of the contiguous U.S. was in drought, up from 31.9 percent at the beginning of March. Drought conditions worsened across parts of the Central Rockies as well as the Central and Northern Plains and the Upper Midwest where spring drought could impact the upcoming growing season. Drought remained entrenched in the West, where mountain snowpack was record low for many locations in the Cascade and Sierra Nevada Mountains. Abnormally dry conditions developed in parts of the Southeast and Northeast. Drought improved in the Southern Plains and the Mid- to Lower-Mississippi River Valley.

U.S. climate highlights: Year-to-date (January-March)

January-March 2015 Statewide Temperature Ranks Map
January-March 2015 Statewide Precipitation Ranks Map
March 2015 Statewide Temperature (top)
and Precipitation (bottom) ranks
    • The year-to-date contiguous U.S. average temperature was 37.2°F, 2.0°F above the 20th century average, and the 24th warmest January-March on record. Record warmth engulfed much of the West, where seven states were record warm, and an additional five states, including Alaska, had temperatures that were much above average. California's year-to-date temperature of 53.0°F was 7.5°F above average and bested the previous record set just last year by 1.8°F.
    • Below-average January-March temperatures were observed across the South, the Midwest, and Northeast where 16 states had a much cooler-than-average January-March period. New York and Vermont were both record cold for the year-to-date. The New York year-to-date temperature was 16.9°F, 6.8°F below average, dropping below the previous record of 17.4°F set in 1912. The Vermont January-March temperature was 13.3°F, 6.4°F below average, tying the same period in 1923.
    • The year-to-date contiguous U.S. precipitation total was 5.66 inches, 1.30 inches below the 20th century average, and the seventh driest January-March on record. This was the driest first three months of a year since 1988. Below-average precipitation was observed across the West and much of the northern half of the nation. Twelve states had much below average precipitation during the first three months of 2015. South Dakota had its driest January-March on record with a precipitation total of 0.85 inch, 1.21 inches below average. Above-average precipitation was observed across the Southern Rockies and Plains.
    • The U.S. Climate Extremes Index (USCEI) for the year-to-date was nine percent above average and the 11th highest value on record. The warm West and cold East temperature pattern during January-March contributed to the much above average USCEI, with the components that measure both warm and cold daytime and nighttime temperatures being much above average. The USCEI is an index that tracks extremes (falling in the upper or lower 10 percent of the record) in temperature, precipitation, and drought across the contiguous U.S.

Note: NOAA's National Centers for Environmental Information (NCEI) is the merger of the National Climatic Data Center, National Geophysical Data Center, and National Oceanographic Data Center as approved in the Consolidated and Further Continuing Appropriations Act, 2015, Public Law 113-235. From the depths of the ocean to the surface of the sun and from million-year-old sediment records to near real-time satellite images, NCEI is the Nation's leading authority for environmental information and data. For more information go to http://www.ncdc.noaa.gov/news/coming-soon-national-centers-environmental-information

For extended analysis of regional temperature and precipitation patterns, as well as extreme events, please see our full report that will be released on April 10th.

http://www.ncdc.noaa.gov/sotc/summary-info/national/2015/3

(TNS) — Gov. Mary Fallin expressed disappointment on Monday that federal assistance was denied to help individuals and businesses in Tulsa and Cleveland counties that were hit by March tornadoes. On April 1, the governor asked for a major disaster declaration for the state based on damages by tornadoes, straight-line winds and flooding March 25-26 in Cleveland and Tulsa counties.

Tornadoes resulted in four deaths with 26 people suffering injuries that required treatment at area hospitals, according to a state press release.

Damage assessments estimated that 1,047 homes and businesses were damaged in the tornadoes, severe storms, straight-line winds and flooding that occurred March 25.

...

http://www.emergencymgmt.com/disaster/Moore-Okla-Infrastructure-Recovery-Plan-Tornadoes.html

While I mostly talk to company, agency or organization leaders about crisis communication and reputation management, sometimes the reputation in question belongs to an individual.  You don’t have to be a celebrity to have potential for reputation disaster.  Individuals whose name is attached to the business or profession they are in, in other words where their name is also a brand, are particularly susceptible. Search engines and the long memory of the internet make the problem so much greater. Yesterday’s newspaper is already in the garbage and yesterday’s TV report is already in the ether along with all past reports, but on the Internet they are retained presumably for ever, and always accessible at the touch of a Google button.

A recent conversation reminded me of how the Internet has changed reputation management and how it therefore changes the response. The really big question when dealing with media coverage of bad news about a brand (personal, corporate or otherwise) is whether or not to respond, and if so, how far and wide to push the response. The basic rule is: don’t make it worse. You can make it worse by bringing the bad reports to the attention of others who might otherwise have missed the 11 pm news. Maybe it will all just go away. Or, not.

...

http://ww2.crisisblogger.com/2015/04/the-three-basic-crisis-communication-strategies/