Spring World 2017

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 29, Issue 4

Full Contents Now Available!

Jon Seals

Wednesday, 13 July 2016 00:00

Cognitive Risk Framework for Cybersecurity

Cybersecurity has gotten a great deal of attention these days for two reasons: 1) billions of dollars are being spent in response to a growing threat in cybersecurity and 2) there has been a real lack of meaningful and sustainable success in preventing hackers from stealing data.

Every organization is vulnerable to attack and no matter the amount of money spent hardening the enterprise, threats continue to escalate. This phenomenon is called the Cyber Paradox. The definition of a paradox: “something (such as a situation) that is made up of two opposite things and that seem impossible but is actually true or possible.” How is it that incremental investments in security have not impacted the marginal cost of cyber risk? The answer may surprise you:



Additional complicating factors include the necessary balances between different parts of the chain and the extension of supply chains to include many different external partners.

However, as supply chains are the way many enterprises differentiate themselves from competitors, managers will have to take the bull by the horns and ensure supply chain resilience. But what kind of resilience?

There are different definitions of what resilience in supply chains concerns. One point of view is that a supply chain will break at some time and that building in resilience is about minimising the damage through:

  • Resistance. The impact of a disruption is either avoided or contained. For example, you organise different modes of transport to avoid being blocked by a rail strike (avoiding a general problem) or you reroute all your truck deliveries to contain the impact of major roadworks (containing a specific problem).
  • Recovery. You repair a breakdown or fix a problem, stabilise your supply chain and return to normal or at least steady performance, as soon as possible. For example, having decided to use just one supplier for a certain good or service, if the supplier stops supplying, you scramble to find and bring on board an alternative supplier.



Wednesday, 13 July 2016 00:00

How data corruption works

Modern drives have advanced at an astounding rate in recent years, but despite all these innovations, media corruption still remains an issue in today’s data recovery industry. Before we delve into the deeper issues associated with media corruption, we need to understand what causes corruption and how it can be diagnosed within the context of data recovery.

What is media corruption?

Media corruption can be described as the loss or change of computer data during transmission or retrieval.

What causes media corruption?

Corruption is often caused when the data transfer process is interrupted or disturbed. This can be caused by electronics failure, power surges or internal mechanical problems.



Meeting DOT Compliance and other related Federal requirements in 2016 (and beyond) will continue to be one of the major challenges facing internal risk management teams in the transportation industry.

And as if the transportation industry was not already a business full of more than enough risk factors, this posting will present recent trends very likely to add to that risk list and broadly impact transportation enterprises (e.g. trucking) the rest of 2016 and long into 2017.

There’s no longer much question about whether federal health authorities are serious about cracking down on technology solutions providers that don’t take cybersecurity seriously.

Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS) has agreed to pay $650,000 to settle “potential violations” of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), after patient data was stolen from a smartphone.



A funny but expected phenomenon is hitting the nascent 5G market: Providers and vendors are announcing tests, choosing sides and generally building hype long before anyone knows precisely what 5G is.

CNET’s Roger Cheng reported today that Verizon has made what appears to be a broad announcement regarding its path forward on 5G. The company has established radio specifications for 5G with its vendors that put in place “a common blueprint for everyone regarding the network infrastructure, processors and devices.”

The reality is that 5G standards are still in the formative stages. According to Franz Seiser, the vice president of Core Networks and Services at Deutsche Telekom, standards are important, but achieving global standards will also be central to realizing the full potential of the emerging technology: “There is a huge competition but we need to be very careful about not ending up with fragmentation if some [in the industry] are moving too fast and too far. We need global standards,” Seiser explained.



Tuesday, 12 July 2016 00:00

DevOps Done Right, the First Time

The benefits of converting to a DevOps model of IT operations are becoming plainer by the day, but the process of converting today’s management stack to an agile architecture is still mired in confusion.

DevOps alone, of course, will not make you agile, but it is a key enabling technology that allows for much of the continuous development and IT automation that will finally allow organizations to shed the hands-on control of data infrastructure to focus on more productive activities.

In today’s fast-paced economy, DevOs will not only be the preferred means of pushing new services to users, it will be the only way. As Datamation’s Andy Patrizio notes, the six-month or more time lag between request and fulfilment for new services simply will not cut it, particularly now that the cloud has provided a convenient alternative to IT. Under a DevOps model, everyone with a stake in the application – which includes developers, users, infrastructure managers and even the bean counters – gets a seat at the table to determine the scope and nature of the project and its implementation within the data ecosystem. In this way, services not only play a more pivotal role in the business process, but multiple eyes can track their progress to see exactly how they can be made more relevant or powered down if necessary.



There are three things you need in order to turn a technology concept into a viable revenue-generating services business:

  1. The market opportunity. The stars need to be aligned and momentum needs to be in your favor.
  2. The building blocks. The vision to capitalize on enabling technology. The tight-knit plan to get you to where you need to be, and the GTM speed to get there quickly and efficiently.
  3. Execute, automate and scale. In today’s modern era, speed-to-market has never been more important, and scale is critical to long-term business success. Think not only about how you can implement, but how can you automate.



AUSTIN, Texas – Businesses and nonprofit organizations that sustained damage or losses from the May-June storms and floods can apply for a low-interest disaster loan from the U.S. Small Business Administration to help with their recovery.

“SBA disaster loans are the major source of federal disaster recovery aid,” said Federal Coordinating Officer William J. Doran III, who is in charge of FEMA’s operations in Texas. “The interest rates are low—as low as 4 percent for businesses and 2.625 percent for nonprofits for the life of the loan.”

SBA offers two types of disaster loans to businesses, small agricultural cooperatives, aquaculture and most nonprofits, including faith-based ones: physical disaster loans and economic injury disaster loans.

Physical disaster loans are used to repair or replace damaged buildings and business assets. Economic injury disaster loans help small businesses, small agricultural cooperatives, aquaculture businesses and most private nonprofits meet financial obligations they cannot meet because of the disaster.

Business owners may also be eligible to refinance existing liens or mortgages.

SBA low-interest disaster loans for businesses have several advantages:

  • SBA requires no collateral for both physical loans or economic injury loans less than $25,000. SBA requires the borrower to pledge as collateral only what is available, plus satisfactory credit and the ability to repay.
  • Applicants don’t have to wait for insurance settlements to obtain loans.
  • Loans are written for a length of time appropriate to the type of loan, but SBA may make adjustments in the length of the loan to lower the monthly payments. Loan amounts and terms are set by SBA and are based on each applicant’s financial condition.
  • SBA offers mitigation loans to help pay for improvements to reduce potential for future damage. These mitigation funds are available for up to 20 percent of the total amount of disaster damage.
  • SBA never charges an application fee or points for its disaster loans.

By law, SBA business loans cannot exceed $2 million.  If a business is a major employer, SBA may waive the limit.

The deadline to file for a physical damage disaster loan is August 10. The deadline for an economic injury disaster loan is March 11, 2017.

No one is obligated to accept a loan if approved. SBA gives applicants six months to decide whether to accept a loan.

Applicants may apply online using the electronic loan application via SBA’s secure website at DisasterLoan.sba.gov/ela.

Disaster loan information, application forms and a list of counties eligible for assistance are available online at SBA.gov/disaster, from SBA’s Customer Service Center at 800-659-2955 or by emailing DisasterCustomerService@sba.gov. Individuals who are deaf or hard of hearing may call 800-877-8339.

SBA representatives are also available at disaster recovery centers to provide information about disaster loans, the application process or help completing an SBA application. To find the nearest one, go online to the disaster recovery center locator at asd.fema.gov/inter/locator.

Completed applications can be mailed to:
U.S. Small Business Administration
Processing and Disbursement Center
14925 Kingsport Rd.
Fort Worth, TX  76155

# # #

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

No matter what precautionary measures schools take, there are many risks and “fires” that need to be put out on a daily basis. To keep staff and students safe and to protect school assets, a proactive approach to mitigating risk in schools is a necessity. The keys to a successful risk management program include careful, strategic planning while taking all relevant and potential factors into consideration, but how can administrators get started?

By identifying potential risks and applying a process to assess them, schools can focus on their objectives more clearly, including top priorities like student and employee wellbeing. Effective risk management reduces the disruption of a student’s education, damage to a school’s reputation, lost time, stress from managing incidents, and the potential risk of legal intervention in an increasingly litigious world. School administrators can explore these strategies as they strive to enhance their risk management initiatives: