Spring World 2015

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 27, Issue 4

Full Contents Now Available!

Jon Seals

Two months after Hurricane Sandy pummeled New York City, Battery Park is again humming with tourists and hustlers, guys selling foam Statue of Liberty crowns, and commuters shuffling off the Staten Island Ferry. On a winter day when the bright sun takes the edge off a frigid harbor breeze, it's hard to imagine all this under water. But if you look closely, there are hints that not everything is back to normal.

Take the boarded-up entrance to the new South Ferry subway station at the end of the No. 1 line. The metal structure covering the stairwell is dotted with rust and streaked with salt, tracing the high-water mark at 13.88 feet above the low-tide line—a level that surpassed all historical floods by nearly four feet. The saltwater submerged the station, turning it into a "large fish tank," as former Metropolitan Transportation Authority Chairman Joseph Lhota put it, corroding the signals and ruining the interior. While the city reopened the old station in early April, the newer one is expected to remain closed to the public for as long as three years.

Before the storm, South Ferry was easily one of the more extravagant stations in the city, refurbished to the tune of $545 million in 2009 and praised by former MTA CEO Elliot Sander as "artistically beautiful and highly functional." Just three years later, the city is poised to spend more than that amount fixing it. Some have argued that South Ferry shouldn't be reopened at all.

...

http://www.motherjones.com/environment/2013/07/hurricane-sandy-global-warming-flooding

When I was 21, I almost lost several hundred million dollars by threatening to mutilate one of our customers.

In my senior year in college, I worked full time as an intern PM at NetApp NTAP -1%. I spent most of that time at work being groomed and prepared to be a full PM, and given that my background was in cryptography I got pulled into a lot of customer meetings related to security.

One of our customers at the time was undergoing a big change with their security architecture,  and I tagged along with one of the directors to the meeting. I was one of ten PMs giving talks on roadmap and our plans, and I had 30 minutes to convince their CIO and CEO that we could integrate our new systems well with the new security infrastructure they were rolling out.

...

http://www.forbes.com/sites/quora/2013/07/26/what-is-the-most-catastrophic-error-made-by-an-intern-at-a-tech-company/

WASHINGTON, D.C. — U.S. small businesses — widely recognized as the backbone of the U.S. economy — are particularly at risk from extreme weather and climate change and must take steps to adapt, according to a new report from Small Business Majority (SBM) and the American Sustainable Business Council (ASBC).

Titled “Climate Change Preparedness and the Small Business Sector,” the report concludes: “Because small businesses are distinctly critical to the U.S. economy, and at the same time uniquely vulnerable to damage from extreme weather events, collective actions by the small business community could have an enormous impact on insulating the U.S. economy from climate risk.”

Featuring case studies from the retail, tourism, landscape architecture, agriculture, roofing and small-scale manufacturing sectors of the U.S. economy, the Small Business Majority/ASBC report finds:

...

http://www.manufacturing.net/news/2013/07/report-small-businesses-uniquely-vulnerable-to-climate-change-extreme-weather

By David Zahn, FuelQuest

Hurricane season began June 1 and will last for six months. The National Oceanic and Atmospheric Administration (NOAA) predicts 2013 will be an above-average year for tropical storms and hurricanes. NOAA estimates anywhere between 13 and 20 named storms (sustained winds of 39 miles or greater) and between seven and 11 hurricanes (sustained winds of 74 miles or higher), with three to six of those storms possibly becoming at least a Category 3 (111 miles per hour or higher winds).

Contrasted against seasonal averages of 12 named storms, six hurricanes and three major hurricanes, communities, businesses and governments are on notice for 2013.

The devastating, crippling and deadly nature of these storms is without compare. Hurricane Sandy, which hit the New Jersey coast on Oct. 29, illustrates this fact well. According to the National Hurricane Center, Sandy impacted 24 states, caused 72 deaths and generated more than $50 billion in damages. It also left more than 8.5 million customers without power.

...

http://www.csnews.com/top-story-expert_columns-hurricane_preparedness_starts_with_a_storm_-64146.html

“Business Continuity Planning: Is it an Art or a Science?” That discussion rages on, with as much intensity as the chicken-or-the-egg controversy.  But there is no doubt when it comes to Incident Management – there must be an underlying science for the response to be predictable and effective. One key element of that science is the “Causality Chain”, knowledge which can lead to a predictive response (the selection of appropriate strategies, tactics, actions, or plan to invoke) in any disruptive incident.

An understanding of the Causality Chain should start with an understanding of the organization model.  An organization, in its simplest form, can be represented as a collection of interdependent assets – People, Facilities, Processes, Technology and Supply-Chains – all engaged in delivering products and/or services. This is true in any industry; products and services are an outcome in manufacturing, retail, finance, energy, communications, information, services and everything else – including non-profits and government.

...

http://ebrp.net/the-importance-of-causality-chain-in-effective-incident-management/

By Brandon Butler

Network World — Oracle had a busy couple of weeks at the end of June, rolling out a new version of its database software and announcing partnerships with Microsoft, Salesforce.com and NetSuite. In doing so the company who's CEO Larry Ellison at one time bemoaned cloud computing has almost overnight become a major player in the industry. Here's why.

The moves are not just significant for Oracle; the partnerships that the company has garnered are significant to the partnering with Microsoft and Salesforce, too. And they'll also reverberate across the industry to competing companies such as Amazon Web Services and SAP, predicts Holger Mueller, vice president at Constellation Research who recently published a report about these developments. "The bottom line: Oracle technology will play a fundamental role accelerating cloud adoption," he writes.

...

http://www.cio.com/article/736984/3_Things_Oracle_has_Done_to_Become_a_Big_Cloud_Player

Disaster Recovery and Business Continuity are completely different. They are siblings but still two separate and unique topics. Disaster Recovery is technology + process + people for IT systems. Business continuity is people + process for business functions. You can have Business Continuity without Disaster Recovery. The opposite is a total waste of money. If there is no plan for the business to recover and connect to IT systems, you are pouring money down the drain.

In addition, Disaster Recovery is not all about technology. There have been some good discussions about Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO) in the industry. However, the linkages to the business functions have not thoroughly been detailed. Even large companies have issue with correlating the IT systems to business functions. In fact, one very large airline I worked with is a perfect example. They named 55 mission critical business functions. IT identified 55 mission critical applications. After some due diligence in aligning business function to applications, only 9 of the applications named by IT supported mission critical business functions and 46 mission critical business functions were not properly supported. So, there were many applications which had clusters, replication, and expensive Disaster Recovery techniques employed that did not need it.

...

http://mdjohn.wordpress.com/2013/07/25/disaster-recovery-business-continuity-operational-recovery-clearing-up-misconceptions/

When a deluge of rain and river water hit Calgary's streets last month, many of the city's businesses were forced to shut their doors and stop employees from coming into work. In fact, an estimated 180,000 workers that live in the downtown core and were forced to evacuate from their homes had no way of getting to work. Some of the country's largest energy corporations were forced to contact staff through social media channels to notify them that their workplaces were no longer accessible. Others asked available staff to log in remotely if they could do so safely. And others set up makeshift satellite offices outside the areas affected by the flood and asked workers to convene at the nearest one instead of overloading the computer systems by logging in remotely all at once.

While the cost of Calgary's floods to local businesses is still being tabulated, the overall economic cost is estimated to be more than $1-billion. Much of that will be related to business losses in the wake of the flood. Tragedies such as the Alberta flood bring to the fore more frequently the often-overlooked issue of risk management and business continuity planning.

...

http://www.canada.com/news/Alberta+floods+vivid+reminder+growing+relevance+business+continuity+plans/8703299/story.html

July 25, 2013

Plan Vs. Technology

Technology is not a Plan. Technology enables a Plan. A Plan coordinates the people and processes that are then enabled by the technology. A replication package only “copies” (I realize it does more than copy, but for simplification purposes that’s what we will call it) bits from one location to another one. How do you decide what to replicate? How do you decide whether there is corruption? How do you handle a hardware failure on one or both of the arrays which are involved in the replication during a disaster? Who declares disaster? Who makes the decision to purchase an array, if necessary? How do you communicate between team members if cell phones and land lines are down? Where do you go to connect if the normal location is inaccessible (blocked off by police, etc.)?

These are the things that a Plan addresses. Apologies for stating the obvious for some. As you can tell, one of my pet peeves is the belief by IT that technology IS the Plan. The same is true for the business assuming that because they think it is “backed up” it is instantly available and synchronized.

...

http://mdjohn.wordpress.com/2013/07/24/plan-vs-technology/

The Wharton School’s Risk Management and Decision Processes Center is joining forces with Zurich Insurance Group in an effort to enhance flood resilience.

In this one-of-a-kind multiyear interdisciplinary approach, Wharton and Zurich, which provides a wide range of insurance services worldwide, will expand upon current research on flood resilience, risk reduction and economic and communal security.

The Risk Management and Decision Processes Center focuses its research on catastrophic risk management as it applies to manmade hazards — floods impact more people across the globe than does any other natural disaster.

“Catastrophic floods — from hurricanes such as Katrina or Sandy, from tsunamis, or from inland flooding as recently happened in Europe—have caused billions of dollars in losses and displaced millions of individuals and businesses in recent years,” Managing Director of the Wharton Risk Center Erwann Michel-Kerjan, who will lead Wharton’s research efforts, said in a statement.

...

http://www.thedp.com/article/2013/07/wharton-partners-to-study-flood-resilience