Spring World 2015

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 27, Issue 4

Full Contents Now Available!

Jon Seals

James Leavesley, outlines why risk managers need to be up to speed with the social media revolution.

Social media is no longer just the latest buzz word or an experiment for creative marketing teams. Organizations are fast recognising the importance of social media from a customer, employee and business partnership perspective. Companies are using blogs, videos, Facebook and Twitter to connect with ‘communities’. However, it only takes one disgruntled customer to take to Twitter, You Tube or Facebook and the results can be costly. Even worse damage can be done by a rogue employee with access to corporate social media accounts and a determination to discredit the company.

So here are five reasons why risk managers should get up to speed with social media and how to control it:

...

http://www.continuitycentral.com/feature1159.html

In its latest Bulletin, APEC (Asia-Pacific Economic Cooperation) has provided details of what it is doing to assist regional SMEs to develop business continuity plans.

The Bulletin focuses on a multi-year project launched in 2011 by APEC to enhance the capacity of SMEs to prepare for disasters and to ensure “minimal and tolerable disruption to business operations and supply chains”.

“The main goal of the APEC project is to promote SMEs to establish business continuity plans for sustainable global supply chains,” Johnny Yeh, executive director of the APEC SME Crisis Management Center in Chinese Taipei, told the APEC Bulletin. Mr. Yeh is overseeing the APEC project.

“This is accomplished by training related government, non-profit and private sector organizations in APEC member economies, so they, in turn can train SMEs in their respective economies,” Mr Yeh continued.

As part of the project, experts have developed a simple step-by-step APEC Business Continuity Planning Guidebook for SMEs.

Read the full Bulletin.

Network World — Cisco this week is unveiling two new configurations of its recently-launched Nexus 9000 switches, a new 40G Nexus switch.A In addition, Cisco is celebrating the fifth anniversary of its UCS server.

Cisco also announced certification programs for its new Application Centric Infrastructure (ACI) programmable networking product line, which includes the Nexus 9000 switches. ACI is Cisco's non-SDN response to the software-defined networking trend sweeping the industry.

The 16-slot Nexus 9516 and four-slot Nexus 9504 had been expected, and they join the existing eight-slot Nexus 9508. The Nexus 9516 is positioned as an aggregation layer switch for service provider or high-demand deployments, offering 576 wire-speed 40Gbps Ethernet ports and 60Tbps of throughput. It takes up 21 RUs, supports 2,304 10G ports, consumes 11 watts per 40G port, and uses two to four Cisco and/or Broadcom ASICs per line card.

...

http://www.cio.com/article/750237/New_Cisco_Switches_Take_Aim_at_Big_Data_Centers_Data_Applications

CIO — Few deny that the healthcare industry in the U.S. faces tremendous pressure to change. Few deny the role that technology will play in stimulating this change, either.

Uncertainty creeps in, though, when healthcare organizations try to address their healthcare needs. This is especially true of healthcare providers — the hospitals, medical offices, clinics and myriad long-term care facilities that account for roughly 70 percent of healthcare spending and that have spent much of the 21st century rushing to catch up to other vertical industries.

Most providers, says Skip Snow, a senior analyst with Forrester, are "very new to the idea that they have all this structured data in clinical systems." That's largely because, until recently, the mission of the healthcare CIO was ancillary to a provider's core mission. IT often fell under the CFO's domain, Snow says, since it focused so much on business systems.

...

http://www.cio.com/article/750183/Forrester_Outlines_IT_Imperatives_for_Healthcare_Providers

It was recently revealed that the personal details of 10,000 asylum-seekers housed in Australia were accidently leaked via the Department of Immigration and Border Protection’s website. This has damaged asylum-seekers’ trust in the Australian government and, according to Greens Senator Sarah Hanson-Young, potentially put lives at risk. Such incidents represent significant breaches of local regulations and can result in heavy penalties.

Recent amendments to existing privacy laws in Australia and Hong Kong allow each country’s privacy commissioner to enforce significant penalties for repeated or serious data breaches. Countries like Japan and Taiwan, where new privacy laws have been passed and/or existing ones are being enforced more strictly, also assess penalties for noncompliance.

...

http://blogs.forrester.com/manatosh_das/14-03-24-what_asia_pacific_firms_must_learn_from_the_data_privacy_breach_in_australia

It’s funny how some myths continue to be believed, even by hard-nosed business people. The notion that virtualisation will save a company’s data is such a myth. Although it can be valuable in optimising an organisation’s use of IT resources and reacting quickly to changing IT needs, virtual environments are not inherently safer than independent physical servers. But data recovery provider Kroll Ontrack found that 80 percent of companies believe that storing data virtually like this is less or no riskier. Beliefs are one thing, statistics are another. 40 percent of companies using this virtual mode of storage were hit with data loss in 2012 – 2013. What’s going on?

...

http://www.opscentre.com.au/blog/why-server-virtualisation-is-not-a-disaster-recovery-plan/

Computerworld — Driven by a very strong belief in the future of software-defined data center technology, Bank of America is steering its IT to almost total virtualization, from the data center to desktop.

The technology does for the entirety of a data center what virtualization did for servers: It decouples hardware from the computing resources. Its goal is to enable users to create, expand and contract computing capability virtually, quickly and efficiently.

The software-defined data center is not yet a reality. But there are enough parts of the technology in place to convince David Reilly, Bank of America's global infrastructure executive, that it is the future.

"The software-defined data center is going to dramatically change how we provide services to our organizations," said Reilly. "It provides an opportunity for, in effect, the hardware to disappear.

"We think it's irresistible, this trend," said Reilly.

...

http://www.cio.com/article/750194/Bank_of_America_Sees_Software_Defined_Data_Centers_as_Irresistible_

Dell yet again signaled its intentions to compete more aggressively in the analytics space with the acquisition today of StatSoft.

With 1,500 customers, StatSoft is the second major analytics acquisition that Dell has made since acquiring Quest Software. In 2012, just prior to being acquired by Dell, Quest Software acquired Kitenga, a provider of high-end analytics software that usually gets applied to Big Data problems.

In contrast, John Whittaker, director of product marketing for Dell Information Management, says StatSoft represents a more mainstream play into the realm of predictive analytics. As there is definitely a blurring of the line these days between analytics applications, Whittaker says customers should expect to see Dell Software being significantly more aggressive in terms of delivering analytics capabilities into the midmarket.

...

http://www.itbusinessedge.com/blogs/it-unmasked/dell-buys-way-into-predictive-analytics-by-acquiring-statsoft.html

About a month ago, I reported on a study from Ponemon Institute and AccessData that revealed that most companies are doing a poor job when it comes to detecting and effectively responding to a cyberattack. As Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, said in a statement when the report was released:

“When a cyber-attack happens, immediate reaction is needed in the minutes that follow, not hours or days. It’s readily clear from the survey that IR processes need to incorporate powerful, intuitive technology that helps teams act quickly, effectively and with key evidence so their companies’ and clients’ time, resources and money are not lost in the immediate aftermath of the event.”

AccessData’s Chief Cybersecurity Strategist, Craig Carpenter, has been looking at this problem in some depth. We aren’t totally clueless on why these attacks are able to cause tremendous amounts of damage, both financial and reputational, to companies. For example, as information about the Target breach continues to trickle out, we have a pretty good idea of how and why the incident occurred. Our concern now, Carpenter said in a blog post, is fixing these problems. The key, he said, is prioritization and improved integration. In an email to me, Carpenter provided a few steps every company should take to prevent a “Target-like” breach in the future:

...

http://www.itbusinessedge.com/blogs/data-security/improving-cyberattack-response.html

InfoWorld — Apache Cassandra is a free, open source NoSQL database designed to manage very large data sets (think petabytes) across large clusters of commodity servers. Among many distinguishing features, Cassandra excels at scaling writes as well as reads, and its "master-less" architecture makes creating and expanding clusters relatively straightforward. For organizations seeking a data store that can support rapid and massive growth, Cassandra should be high on the list of options to consider.

Cassandra comes from an auspicious lineage. It was influenced not only by Google's Bigtable, from which it inherits its data architecture, but also Amazon's Dynamo, from which it borrows its distribution mechanisms. Like Dynamo, nodes in a Cassandra cluster are completely symmetrical, all having identical responsibilities. Cassandra also employs Dynamo-style consistent hashing to partition and replicate data. (Dynamo is Amazon's highly available key-value storage system, on which DynamoDB is based.)

...

http://www.cio.com/article/750171/Cassandra_Lowers_the_Barriers_to_Big_Data