An interesting article in Fortune this morning covered a round table of security and technology experts who discussed the biggest threats to businesses. Stephen Gillett, Symantec’s chief operating officer, said there were three types of threats: script kiddies, organized crime and state-sponsored. In my opinion, he forgot a few, like hacktivism, which I think he includes with script kiddies, though hacktivism needs to stand on its own as one of the most serious threats to business operations.
The panel also raised what I think is a very important question: Do you know your company’s weakest security link? Yes, they talked about insider threats and how they are underestimated in relation to outsider threats:
It’s more likely that an employee doesn’t realize the value of the data access they have, even if they’re a low-profile employee.
Explaining just why cyber attacks and data breaches are a very real concern for business continuity professionals, a report published by ForeScout Technologies revealed that 96% of respondents who took part in their survey had experienced a major IT security incident in the last year. 39% experienced at least two incidents while 16% experienced at least five.
The IDG Connect Cyber Defense Maturity Report 2014 was the result of a study of 1600 decision makers in IT security who work for companies with more than 500 employees located in three distinct regions - the US, UK and DACH (Germany, Austria and Switzerland). The sectors that respondents worked in were finance, manufacturing, healthcare, retail and education are active.
The majority of those surveyed were aware that part of their security measures were immature or ineffective, but only 33% were very confident that they can improve the less sophisticated security checks. It was suggested in the report that growing operational complexities and threats have affected the security capacity with over 43% claiming that prevention, identification, diagnosis and resolution of problems today is more difficult than it was two years ago.
With the threat so high, as also demonstrated in the latest BCI Horizon Scan Report, organizations must ensure they have plans in place to deal with the consequence of IT security incidents should they occur. Organizations are becoming more and more reliant on technology and IT, but even if those systems malfunction, with an effective business continuity plan in place, the organization should still be able to function.
38% of executives claim that supply chain management is their main challenge over the coming year with 42% placing it at the top of their list for increased investment. Those were some of the findings of a study carried out by the Consumer Goods Forum and KPMG International. The figures were even higher for those in the retail sector with over half (51%) of non-food retailers citing supply chain management as their main challenge.
The annual Global Top of Mind survey, a poll of nearly 500 C-suite and senior executives across 32 countries, also revealed how important the digital revolution will be over the next 12 months to consumer goods and retail companies – impacting everything from business growth and supply chain management to food safety, sustainability, and data security and privacy.
Supply chains are becoming longer and more complex with many factors coming into play such as infrastructure and weather - a lot of data needs to be processed in order to make sure they are fully optimised. As the complexity increases however, so does the possibility of disruption.
It is easy to see why supply chain management is an issue when you look at the most recent BCI Supply Chain Resilience Report. This report highlighted that 75% of respondents did not have full visibility over their supply chain and that 75% experienced at least one supply chain disruption over the last year with 42% of these disruptions occurring below the tier one supplier. 15% of respondents experienced disruptions that cost in excess of €1 million and 9% experienced a single disruption that cost in excess of €1 million.
The study concludes that as supply chains become increasingly complex, greater collaboration among suppliers and retailers is needed. Companies need to achieve greater visibility beyond their tier one and two suppliers and that downstream supply chains also need to be more transparent and agile.
The 2014 BCI Supply Chain Resilience Survey is currently live and can be completed by clicking here.
Readers of this blog know I am huge Civil War buff. Growing up in Texas, I only focused on the Southern side as a youngster and while this led to a sometime myopic view of events, in my mid-20s when I did begin to study the Northern side of the war, because I had never seriously studied from that perspective an entire panorama opened up for me.
One thing that never changed however, was the disaster that befell the South from the appointment of John Bell Hood to commander of the Army of Tennessee, which opposed General Sherman’s advance into Georgia since his stunning defeat of the Confederate forces at Chattanooga and later Lookout Mountain in Tennessee in late 1863. On this day 150 years, Confederate President Jefferson Davis replaced General Joseph Johnston with John Bell Hood as commander of the Army of Tennessee. Davis, impatient with Johnston’s defensive strategy in the Atlanta campaign, felt that Hood stood a better chance of saving Atlanta from the forces of Union General William T. Sherman. President Davis selected Hood for his reputation as a fighting general, in contrast to Johnston’s cautious nature. Hood did what Davis wanted and quickly attacked Sherman at Peachtree Creek on July 20 but with disastrous results. Hood attacked two more times, losing both and destroying his army’s offensive capabilities. Over the next two weeks in 1864, Hood’s actions not only led to President Abraham Lincoln’s reelection but spelled, once and for all, the doom of the Confederacy.
I thought about the risks of appointing Hood to command when I read a recent article in the Compliance Week Magazine by Carol Switzer, co-founder and President of the Open Compliance and Ethics Group (OCEG), entitled “A Strategic Approach to Conduct Risk”. Her article was accompanied by an entry in the OCEG Illustrated Series, entitled “Managing Conduct Risk in the GRC Context”, and she also presented thoughts from a Roundtable which included John Brown, Managing Principal, Risk Segment, Financial and Risk Division at Thompson Reuters; Tom Harper, Executive Vice President-General Auditor Federal Home Loan of Chicago and Dr. Roger Miles, Behavioral Risk Lead, Thompson Reuters.
Historically, corporate Boards of Directors have held the responsibility of risk management oversight, ensuring that risk management processes are clearly defined and appropriately enacted. Their role in managing risk has been to provide guidance and leadership on matters that impact the strategic direction of a company or its public image. In this traditional view, C-level management is left with the responsibility of actual risk assessment and mitigation, including issue resolution. But in today’s fast-paced and social-media driven world, the speed at which a risk can turn into a widely publicized issue means Board members must now provide both tactical and strategic supervision over risk management as part of their membership.
In the wake of recent financial crises, increased awareness and interest from a broader array of company stakeholders now exists. High-profile and highly reported product quality problems continue to impact multiple industries and both regulators and Boards have been forced to re-evaluate the structure and the role of their risk governance efforts. Whether required by law or not, many corporate Boards, especially (but not solely) those in the financial industry, have taken a more active role in managingcorporate risks. Regardless of regulation or stakeholder demands, an active risk management initiative at the Board level makes good business sense because each risk, whether strategic, operational, political, reputational or other, presents companies with an opportunity to build competitive advantage. The proliferation of risks in the current environment has intensified and forced companies to focus on impacts that must be avoided and opportunities that should be seized. From our point of view, the Board of today should play a direct role in the new risk environment paradigm by creating an active Board-level risk management program. Such an approach will allow organizations to transition from a position defending against risk to a more proactive approach that leverages risks as new opportunities and perhaps even advances organizations to more “blue ocean” possibilities.
Factonomy’s Robin Craib gives his view on why business continuity management tools need to be built around a genuine relational database.
Across the business continuity management marketplace we see a variety of competing solutions that stakeout various concepts from across the BCM landscape. Many of these tools help to contribute to the progression of the industry through developing concepts from best practice and helping to reduce the administrative burden.
Most business continuity management tools use a genuine relational database (RDBMS) and, whilst all companies will be eager to compete on the specifics of their features, all are aspiring to provide extensive reporting features that unlock the carefully collected data for the business continuity management system that the solution is being used to manage. In many cases, these solutions represent a process of application development that has involved significant investment in time, money and expertise; whether as newly released solutions on the market or solutions that have iterated over time using market feedback. It’s fair to characterize most solutions as looking to capture and maintain real BCM data, competitors can argue over the extent to which this occurs, but most solutions are moving towards this approach with the solution representing the data warehouse for BCM inside the organization.
There is, however, a minority of business continuity management tools that have in recent years sprung up that have circumvented this process for application development and the related investments in time money and expertise. These solutions have piggy-backed on existing content management solutions (CMS) or document management solutions in the market. Typically the approach is to re-badge the tool to identify it as a business continuity management tool and to quickly take existing menus, options and interfaces and modify them to align to aspects of the BCM lifecycle.
FEMA has announced that the ISO 22301 business continuity standard has been accepted as a PS-Prep standard and two of the previously adopted PS-Prep standards have been removed, after being retired by the standards development organizations that originally developed them.
The retired standards are:
- National Fire Protection Association (NFPA) 1600: Disaster/Emergency Management and Business Continuity Programs, 2007 and 2010 editions.
- British Standard (BS) Institution 25999-2:2007 Business continuity management Part 2: Specification.
The situation now is that PS-Prep recognizes three business continuity standards:
- ASIS SPC. 1-2009 Organizational Resilience: Security, Preparedness and Continuity Management System
- NFPA 1600 Standard on Disaster/Emergency Management and Business Continuity Programs, 2013 edition
- International Organization for Standardization, ISO 22301:2012: Societal security -- Business continuity management systems --- Requirements
PS-Prep program information and references will be updated to reflect these changes.
Sources: ICOR and FEMA
So, I was recently helping a colleague prepare a management presentation to discuss her plans for advancing the business continuity program in her company. Maybe it’s just a matter of semantics, but we had a lengthy discussion over “objectives”, “goals” and “tasks”.
If you have read any of my recent blogs you might recognize a pattern in which I think business continuity planners have become victims of our own methodology. This discussion helped me to emphasize that point. When I suggested to my colleague that she should first succinctly define her objective, she merely listed the steps of the methodology. I strongly disagree.
A business continuity planner’s objective is not to complete the BCP methodology. The methodology is simply a recipe towards achieving an end. What is that “end” you hope to achieve? That “end” is your ultimate objective.
(MCT) — Efforts to put in place an earthquake warning system for the West Coast gained ground Tuesday as a congressional committee recommended the first federal funds — $5 million — specifically for the project.
Its prospects remain shaky, however.
Election-year fights over other issues could keep Congress from completing work on its spending bills.
Still, the warning system enjoys bipartisan support.
"It's critical that the West Coast implement an earthquake early-warning system that will give us a heads up before the 'big one' hits, so we can save lives and protect infrastructure," said Rep. Adam Schiff (D-Burbank), who led a group of a West Coast lawmakers in seeking the funding.
New brand reflects the company’s unified mobile monetization solution that helps app developers accelerate revenue across connected devices
SAN FRANCISCO, Calif. – SponsorPay, a mobile supply-side platform, today announced that it has rebranded to Fyber. Fyber enables publishers like GREE International, Inc., Glu Mobile, Inc., ZeptoLab UK Ltd. and more, to integrate, manage and optimize all ad revenues sources through a single, unified platform. Since its inception in 2009, the company has grown globally to over 180 employees and plans to add 70 more by the end of this year. To support the significant market growth in the U.S., the San Francisco office is slated to triple its headcount this year. Fyber will be celebrating the rebrand and momentum at Casual Connect USA with a product demo, panel discussion and brand launch party. More information can be found at http://www.fyber.com.
“The rebrand to Fyber is beyond just a new company name. We’ve been enhancing our product offerings over the past eighteen months, empowering our partners to discover and execute smarter ad monetization strategies,” said Andreas Bodczek, co-founder and CEO, Fyber. “It’s our mission to unify the fragmented mobile advertising ecosystem and deliver pain-free experiences that grow our partners’ revenue. Rebranding as Fyber is a natural evolution for our company as we work to define the future of connected advertising.”
Through Fyber, developers have access to a mobile supply side platform that encompasses a complete product suite for smarter ad monetization and user acquisition. Today, Fyber reaches over 100 million unique users per month and works with thousands of the world’s leading developers, publishers and advertisers who use the platform to integrate, manage and optimize their mobile ad revenues. The platform has seen strong and steady quarter-over-quarter adoption, growing by 63% in integration, and by 250% in mediated revenue just in the last quarter alone.
“In this constantly evolving market, we are always looking to work with partners who offer tools that can help take our ad monetization strategies to the next level," says Alex Rosen, VP of Product, GREE International, Inc. "Fyber has tackled this issue head-on and their platform unifies the tools that a publisher needs to be successful. We look forward to seeing what the team at Fyber comes up with next."
Fyber takes an open approach, giving developers access to hundreds of demand sources and ad networks including Facebook Audience Network, Google AdMob, Apple iAd, AdColony, InMobi and more. With Fyber, developers have a transparent view of their revenue streams, so they can detect new monetization opportunities and make smarter decisions based on actionable insights. Fyber's key offerings include:
1. Ad Network Mediation – With an easy drag-and-drop SDK integration, developers can integrate, manage and optimize all their mediated ad networks to increase their advertising demand, while continuing to preserve their direct contractual relationships with the ad networks.
2. Ad Marketplace - Developers can access campaigns from hundreds of demand partners, video networks, agencies and direct advertisers without investing additional resources. This allows developers to achieve higher fill rates and higher eCPMs.
3. User Acquisition - Developers can acquire valuable users at scale by running CPI & CPE campaigns across the entire Fyber platform on iOS and Android. They can also build, manage and track ROI-positive campaigns with powerful targeting and bidding of rewarded and non-rewarded ad formats.
4. Multiple Ad Formats - Fyber offers the flexibility of both rewarded ad formats (offer walls and rewarded videos) and non-rewarded ad formats (interstitial ads and videos) to accommodate all of the developers’ needs with a single platform.
5. Dashboard - Developers utilize a unified dashboard to analyze all streams of advertising revenue in a consolidated view with advanced yield optimization features, and can gain instant insight into new monetization opportunities. An underlying proprietary predictive algorithm enables customers to serve the highest-paying ads based on expected user behavior and payout.
In this $18 billion mobile ad revenue market, app developers recently voted Fyber (SponsorPay) to VentureBeat’s index of the Top Ten Mobile Advertising Companies. Ranked alongside Facebook and Google in the index, which is compiled based on feedback from readers and clients, Fyber (SponsorPay) was lauded for easy integration, product support and a “fan favorite” dashboard.
Attending Casual Connect and want to meet up? Contact us at email@example.com.
For more information on Fyber, please visit: http://www.fyber.com.
Fyber (formerly SponsorPay) is a leading advertising technology company that empowers app developers to execute smart ad monetization strategies across all connected devices through a unified mobile supply side platform. Serving over 100 million unique users per month, Fyber works with thousands of the world’s leading developers, publishers and advertisers. Fyber is privately held and co-headquartered in San Francisco and Berlin.