The Continuity Logic customized demo provides an opportunity for qualifying organizations to evaluate Frontline Live 5™, with their plans, desired controls, policies, and procedures. This first-of-its-kind system for both business continuity and many other areas of Governance, Operational Risk and Compliance (GRC) is powerful, but often best viewed with some of your familiar plans, data and templates.


Spring World 2016

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 28, Issue 3

Full Contents Now Available!

Jon Seals

(TNS) — The ER was already busy, close to full — gunshots, car wrecks, strokes — when the “get ready” call came in at 9:45 p.m.

By 10:30, they began arriving by police car, ambulance, anything.

By midnight, 54 had made it to Temple University Hospital, which treated more passengers from Amtrak’s Tuesday night disaster than any other emergency room.

The most critical patients were rushed into one of the three trauma bays just inside the ER door. Teams of doctors and nurses were assigned to each bay, responsible for stabilizing patients and moving them through with skill and speed, making room for the next.



Most IT organizations provide services to the business in several forms. According to author Terry Critchley, services are comprised of three things:

  • Products
  • Processes
  • People

Each of these things come together to ensure that required business functions are available. But every service has the potential for failure and outages even though today’s world demands that uptime be as close to 100 percent as possible. In this scenario, IT must use all of its technologies to provide this availability, including virtualization, cloud computing, disaster recovery, business continuity and strong security. Still, human factors can prevent services from being available, too.



When drive-by drills, known as lockdown in most of the country, were widely used in response to school shootings with little or no adaptation of tactics, we began down a path that ultimately led to the tragic shooting at Sandy Hook that took 26 innocent lives. There were stops along the way in places called Columbine, Virginia Tech, Aurora and many others. These were all opportunities to learn that our model for response was at great risk from those who would seek to use our plan (or lack of plan) against us.

Plans continued to emphasize single-option lockdown, with location dependency on classrooms for a response. Vague and largely unworkable mentions of reverse evacuations or reverse fire drills back to classrooms for active threats or terrorism inside the building, over facility evacuation, continued to be widely used. The single-option hiding concept became common practice in buildings, though every room was occupied. Shoving people into bathrooms, closets, under desks and into corners became recommended, despite the tragic effects of limiting movement. Being mobile in a crisis equals increasing survivability.



(TNS) — Disaster recovery just from extreme weather and wildfires cost American taxpayers $300 billion in the past decade, the White House's former "resilience" specialist told the general session of the 29th annual Florida Governor's Hurricane Conference.

"That is just what Uncle Sam spent," Josh Sawislak told the conference. He said the figure doesn't count billions in insured and uninsured losses by individuals, businesses and local governments. Nearly half of that was just from 2011 to 2013.

"So when someone tells me, 'We can't afford to pay for resilience,'" Sawislak said, "I immediately ask, 'How can we afford not to?'"



(TNS) — Tuesday night's fatal derailment was the worst Philadelphia train disaster in decades. The timing seemed chillingly prophetic: Just one day before the crash, the city's Office of Emergency Management had held a "mass casualty workshop" with police, fire and health personnel.

Moments after Train 188 careened off the tracks, emergency calls went out across the city and scores of first responders rushed to the scene to find the mangled bodies of those killed and more than 200 injured and bloodied passengers.

Here's a look at how the city's response unfolded throughout Tuesday night and into Wednesday:



Investment to support rapid growth and to expand existing technology-related products and services


BRAINTREE, Mass. – OnSource, the platform that connects insurance companies with third-party vehicle and property photo inspections via smart phone apps, announces a boost to its growth and expansion plans by closing a $2.25 million investment from private equity firm, Greybull Stewardship.

"Partnering with Greybull Stewardship and its founder, Mason Myers, is a real win for us," says OnSource co-founder Steve Rubin. "Mason has a proven record of providing support, both financial and operational, that runs parallel to our motives and goals. This growth capital enables us to move ahead quickly with our expansion plans and maintain flexibility for where we take our company long-term."

Over the past year, OnSource has developed and released a suite of self-service inspection apps along with real-time photo and video streaming technology. This growth investment will allow OnSource to broaden the development of new inspection technologies while continuing to invest in their industry leading inspection platform.

"OnSource saves insurance companies time and money through an awesomely effective platform of smart phone apps utilized by independent third parties," said Mason Myers, General Partner of Greybull Stewardship.  "We are pleased to provide the capital to support the very rapid month-over-month growth the company is experiencing."

OnSource has experienced extensive growth in the first quarter of 2015 and is preparing to move their headquarters to larger office space in Braintree, MA to accommodate the onsite staff and support team.

"The opportunities ahead of us are exciting," says OnSource co-founder Tim Schneider. "We're changing the way the industry views and performs inspections and with this investment, we're able to reach higher than ever before."

About OnSource
Headquartered in Braintree, MA, OnSource enables companies to get fast, fair and efficient auto and property inspections through intuitive self-serve smartphone apps and an extensive national network of more than 14,000 photo inspectors. Backed by a team of quality assurance analysts and support professionals, inspections are completed quickly, accurately and cost-effectively each and every time. To learn more, visit www.onsourceonline.com.

About Greybull Stewardship
Greybull Stewardship exists to provide business owners an ideal co-owner and steward of their business and earn attractive long-term, compounding, cash-on-cash returns for investors.  Greybull's evergreen fund structure and flexible investment horizon is designed to align with the objectives of portfolio company co-owners and management, comprised of growing, profitable companies in the lower middle market with between $1 to $3 million in free cash flow. To learn more, visit www.greybullstewardship.com

Good Morning Monday – Hello Cyber Attack

New research published earlier this week in the annual NTT 2015 Global Threat Intelligence Report shows a massive increase in malware detections on Monday mornings when users reconnect their devices to the corporate network. This trend supports the contention that the security perimeter in organisations is dissolving. This is because end users increasingly use their devices both inside and outside the corporate security perimeter. In fact, the user is today’s new organisation perimeter. What’s more, IT and security management can no longer count on well-defined network security perimeters to protect their organisations.


The Global Threat Intelligence Report contains analysis of over six billion security events worldwide gathered during 2014 by NTT Group companies including Dimension Data, Solutionary, NTT Com Security, NTT R&D, and NTT Innovation Institute (NTTi3). Matthew Gyde, Dimension Data’s Group Executive – Security, says threats targeting end users are higher than ever. In addition, security vulnerabilities are mostly related to end-user systems and not servers.


“It appears that successful exploits occurs over the weekend when end users – and their devices – are outside the security controls of the corporate network. This indicates that traditional security controls are effective at protecting the corporate network, however assets that transition between corporate and external access points are at greater risk,” Gyde says. “Controls that address this trend must focus on the user and their devices, regardless of location, and points out that seven of the top 10 vulnerabilities identified were on end-user systems. End-users become a liability and that’s because their devices often have many unpatched vulnerabilities.”


According to Gyde, the malware industry is maturing, with malware becoming commoditised and available through dark net marketplaces. This means the barrier to entry for cybercriminals is a minimal financial investment, but for a potentially large return. “And, this trend is not about to disappear As users become more accustomed to always-on, real-time access to corporate data, they also become the targets of criminals wanting those same data sources. In summary, users and their devices become the criminal’s entry point.”

Other highlights of the Global Threat Intelligence Report include:

  • Finance continues to represent the number one targeted sector with 18 percent of all detected attacks
  • Across the world, an astounding 56 percent of attacks against the NTT global client base originated from IP addresses within the United States. This does not necessarily mean that the attackers reside in the US
  • 76 percent of identified vulnerabilities throughout all systems in the enterprise were more than two years old, and almost 9 percent of them were over 10 years old
  • Of the vulnerabilities discovered across enterprises worldwide, 7 of the top 10 exposed vulnerabilities resided within user systems and not on servers
  • Threats against the end user are higher than ever, attacks show a clear and continuing shift towards success in compromising the end point
  • Attacks against Business and Professional Services increased from 9 percent to 15 percent


About Dimension Data

Founded in 1983, Dimension Data plc is an ICT services and solutions provider that uses its technology expertise, global service delivery capability, and entrepreneurial spirit to accelerate the business ambitions of its clients. Dimension Data is a member of the NTT Group. www.dimensiondata.com. Visit us at Facebook and LinkedIn, or follow us on Twitter.

What do Edward Snowden, the U.S. PRISM scandal and the corporate data hack on Sony Corp. have in common? All involved breaches in data security and sovereignty. While the cloud offers many benefits--such as cost savings, scalability and flexibility--there are also added risks. Data security always tops that list of risks.

To combat these risks, it’s crucial for service providers to have a fundamental understanding of data security and data sovereignty. Use these 10 facts as your foundation to ensure you’re offering customers the best security, reliability and performance in the market.



When a disruptive incident impacts critical national or regional infrastructure, or when public safety is at stake, multiple emergency agencies are often involved in the response.

Those responders could be from federal or state agencies as well as local teams of EMT’s, police, firefighters and other volunteers.  Emergency response organizations specialize in a certain aspect of response based on their skill sets.  From coastguards, firefighters, bomb-disposable squads and EMT’s animal control and hazmat clean-up or cyber expert, those teams’ skills and actions are generally unique, well defined and perfected through regular practice.

In the event of multi-disciplinary emergency response, command, control and communication (between the responders) are critical for an effective – and efficient – response.  Protocols for collaboration among responders are defined by NIMS (the National Information Management System) of which the Incident Command System (ICS) is a critical component.



Taking the whole concept of data security to its most logical conclusion, Secure Islands has come up with a method that automates the application of security to any piece of data, depending on how it’s classified, as that data is being generated.

Secure Islands CEO Aki Eldar says version 5.0 of the IQProtector Suite (IQP) adds what the company describes as a Data Immunization process. IQProtector automatically assigns security controls to data at the point that data is actually created, regardless of location. Those controls then attach themselves to that data wherever it is consumed.

Based on rights management technology developed by Microsoft, Secure Islands has different renditions of IQProtector for endpoints, servers, clouds and applications to make sure that wherever data is created, a security policy gets enforced.