Spring World 2017

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 29, Issue 4

Full Contents Now Available!

Jon Seals

More than half of this year’s $14.8 million in cash settlements for violating data privacy provisions of the Health Insurance Portability and Accountability Act (HIPAA) involved cases in which offenders failed to conduct proper risk assessments.

As the stakes for ignoring those risk assessments continue to grow, officials at software developer AvePoint are pointing to a tool they developed in conjunction with the International Association of Privacy Professionals (IAPP), which can help make the process of conducing those reviews more consistent and efficient.

...

http://mspmentor.net/msp-mentor/privacy-audit-tool-could-help-guard-against-hippa-breach-fines

As you’ll have no doubt seen in the press, Orlando, Fla.-based backup company Replibit was recently acquired by eFolder. It's not a surprising move, as eFolder was lacking its own solution for disaster recovery (DR). So, what is so special about Replibit?

There are a few core technologies that make Replibit interesting:

...

http://mspmentor.net/blog/why-you-need-take-your-backup-and-disaster-recovery-max

Top FEMA Officials Available for Interviews to Discuss Extreme Heat Safety Tips, Urge Residents to Download FEMA Smartphone App Designed to Help Families Before, During, and After Disasters


Washington – The Federal Emergency Management Agency (FEMA) is urging residents across the nation to take steps now to prepare their families and communities for extreme heat, by reviewing important safety information and downloading the FEMA smartphone app. 

The National Weather Service announced today that “dangerously hot and humid conditions are expected this week across a large portion of the nation.” Additionally, NOAA’s Climate Prediction Center’s latest outlooknotes that most of the continental United States is facing elevated chances of well-above-average summer temperatures. According to the Centers for Disease Control & Prevention, heat kills more people than hurricanes, lightning, tornadoes, earthquakes and floods.

To help Americans stay safe during extreme heat, FEMA urges residents to consider taking the following actions in affected areas:   

  • Postpone outdoor games and activities and limit exposure to the sun.
  • Drink plenty of water and avoid caffeine; limit alcoholic beverage intake.
  • Dress in loose-fitting, lightweight and light-colored clothing.
  • Spend the warmest part of the day in temperature-controlled buildings such as libraries, schools, movie theaters, shopping malls, or community facilities.
  • Check on family, friends, and neighbors who do not have air conditioning and who spend much of their time alone.

FEMA also urges residents to download and use the free FEMA app, which provides valuable safety tips to help families prepare for and recover from more than 20 natural and man-made hazards. The FEMA app enables users to receive weather alerts from the National Weather Service for up to five locations across the nation, making it easy to follow severe weather that may be threatening family and friends.  The app also provides family communication plans, customizable checklist of emergency supplies, and maps of open shelters and disaster recovery centers. The app is available on the Apple App Store and on Google Play.

What:  Interview opportunity with FEMA officials to share information on how to stay safe during extreme heat and FEMA’s updated Smartphone App

Who:  FEMA Director of External Affairs Josh Batkin

          FEMA Director of Public Affairs Rafael Lemaitre  

          FEMA Director of Individual and Community Preparedness Helen Lowman

When:  Upon request

RSVP:  To schedule a media interview contact the FEMA News Desk at 202-646-3272 or FEMA-News-Desk@fema.dhs.gov


###

FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Follow FEMA online at www.fema.gov/blogwww.twitter.com/femawww.facebook.com/fema and www.youtube.com/fema.  Also, follow Administrator Craig Fugate's activities at www.twitter.com/craigatfema.

The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.

Monday, 01 August 2016 00:00

Storm Debris Will Fuel Power Plant

(TNS) - Out of sight, out of mind. That's how many of us may feel after fallen trees and branches have been hauled away from our homes.

But what will become of all that tree debris culled by last week's destructive storm?

Pakou Ly, a spokeswoman for the city of Duluth, Minn., said most of it will be chipped and hauled, ton by ton, to Minnesota Power's Hibbard Renewable Energy Center, where it will be used to generate steam for the neighboring Verso paper and recycling mills, as well as renewable energy for local electric customers.

The plant can consume up to 40 semitrailer loads of biomass fuel per day, said Amy Rutledge, manager of corporate communications for Minnesota Power and its parent company, Allete.

...

http://www.emergencymgmt.com/disaster/Storm-debris-will-fuel-power-plant.html

(TNS) - About 50 first responders from around the Hill Country gathered at Schreiner University on Thursday to discuss successful practices and lessons learned from various critical incidents.

Gregory Pratt, a training coordinator with the Federal Bureau of Investigation — San Antonio division, said similar conferences like these are conducted throughout the state and country each year.

“This gives every department involved training on any event involving an active shooter or a similar situation,” Pratt said. “Our bureau offers supportive resources like victim assistance, crime scene management, crisis and media management.”

...

http://www.emergencymgmt.com/training/First-responders-take-part-in-FBI-training.html

(TNS) - A new smartphone app is aimed at keeping Kanawha County residents up to date on emergency news and prepared in the event of local disasters.

The app, KC Ready, was a joint effort by Kanawha County Emergency Management and Metro 911. Dale Petry, director of Emergency Management, said that KC Ready is a valuable resource to have when disaster strikes in the county or when residents simply want to prepare for the worst.

KC Ready can help clear the Metro 911 phone lines for those with emergencies as well, Petry said. The app does this by sending push notifications to its users about weather situations and traffic accidents using Metro 911’s live feed, so that a large number of residents don’t call in to report the same problem.

...

http://www.emergencymgmt.com/disaster/KC-Ready-app-intended-to-be-mobile-resource-during-disasters.html

According to the results of a recent survey of 3,476 IT and IT security practitioners worldwide, just one third of all sensitive corporate data stored in cloud-based applications is encrypted.

The survey, conducted by the Ponemon Institute and commissioned by Gemalto, also found that 73 percent of respondents said cloud-based services and platforms are important to their organization's operations, and 81 percent said they will become more important over the next two years.

Just over a third (36 percent) of respondents said their companies' total IT and data processing needs are met using cloud resources today, and that's expected to increase to 45 percent over the next two years.

...

http://www.esecurityplanet.com/network-security/only-a-third-of-sensitive-data-stored-in-cloud-based-applications-is-encrypted.html

News  •  Jul 29, 2016 11:59 BST

​Businesses vulnerable due to shortage of cyber security talent

 

There is serious talent shortage crisis impacting the cyber security industry according to a new report published by Intel Security, in partnership with the Center for Strategic and International Studies (CSIS). 82% of respondents to a global survey admit to a shortage of cyber security skills, with 71% of respondents citing this shortage as responsible for direct and measurable damage to organizations whose lack of talent makes them more desirable hacking targets.

The Hacking the Skills Shortage Report highlighted that the demand for cyber security professionals is outpacing the supply of qualified workers, with highly technical skills the most in need across all countries surveyed. Despite a quarter of respondents confirming their organizations had lost proprietary data as a result of this skills gap, there are no signs of it abating in the near-term. Respondents estimate an average of 15% of cyber security positions in their company will go unfilled by 2020.

The Cyber Resilience Report, published by the Business Continuity Institute, revealed that two-thirds of organizations experienced a cyber security incident during the previous year and 15% experienced at least 10. This shows that the cyber threat is very real and organizations must take it seriously, and this starts by making sure resources are available to combat the threat. Such is the level of the threat that cyber attacks and data breaches were identified as the top two concerns to business continuity professionals in the BCI's Horizon Scan Report, which also identified availability of talents / key skills as a top ten concern.

The Hacking the Skills Shortage Report analysed four dimensions that comprise the cyber security talent shortage, which include:

Cyber security spending: The size and growth of cyber security budgets reveals how countries and companies prioritize cyber security. Unsurprisingly, countries and industry sectors that spend more on cyber security are better placed to deal with the workforce shortage.

Education and training: Only 23% of respondents say education programmes are preparing students to enter the industry. This report reveals non-traditional methods of practical learning, such as hands-on training, gaming and technology exercises and hackathons, may be a more effective way to acquire and grow cyber security skills. More than half of respondents believe that the cyber security skills shortage is worse than talent deficits in other IT professions, placing an emphasis on continuous education and training opportunities.

Employer dynamics: While salary is unsurprisingly the top motivating factor in recruitment, other incentives are important in recruiting and retaining top talent, such as training, growth opportunities and reputation of the employer’s IT department. Almost half of respondents cite lack of training or qualification sponsorship as common reasons for talent departure.

Government policies: More than three-quarters (76%) of respondents say their governments are not investing enough in building cyber security talent. This shortage has become a prominent political issue as heads of state in the US, UK, Israel and Australia have called for increased support for the cyber security workforce in the last year.

A shortage of people with cyber security skills results in direct damage to companies, including the loss of proprietary data and IP,” said James A Lewis, senior vice president and director of the Strategic Technologies Program at CSIS. “This is a global problem; a majority of respondents in all countries surveyed could link their workforce shortage to damage to their organization.”

The security industry has talked at length about how to address the storm of hacks and breaches, but government and the private sector haven’t brought enough urgency to solving the cyber security talent shortage,” said Chris Young, senior vice president and general manager of Intel Security Group. “To address this workforce crisis, we need to foster new education models, accelerate the availability of training opportunities, and we need to deliver deeper automation so that talent is put to its best use on the front line.

Many organisations report that they are improving their disaster recovery capabilities, and that their confidence in being prepared for a disaster has increased. Still, there is much work to be done in ensuring adequate preparation and protection.

The cost of a business interruption, whether due to network attack, data breach or natural disaster, can be a rude awakening. An estimation of system downtime costs when a data disaster strikes takes into consideration not only productivity losses, missed sales opportunities and staff’s hourly time, but also less quantifiable impacts such as damage to corporate image and customer confidence. This highlights the growing need for additional protection against business interruptions.

...

http://blog.krollontrack.co.uk/pieces-of-interest/leveraging-virtualisation-business-continuity/

CIOs at fast-growing and dynamic enterprises are frantically trying to keep pace with business demands, as email, enterprise apps and offsite storage are increasingly moving to cloud.

As more companies migrate data and applications to the cloud, connectivity to and from cloud is very critical.

Traditional connections require long-term contracts, fees and may or may not be secure. This may slow down user experience, and in turn, business growth.

...

http://www.cyrusone.com/blog/better-cloud-connection-elastic-interconnection/