Fall World 2016

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 29, Issue 3

Full Contents Now Available!

Jon Seals

An Easy to Follow Complete eBook Guide 


This eBook by Rob Burton of PreparedEx provides you with all the necessary information to help you create engaging and meaningful tabletop exercises. As a company that supports mid to large sized organizations in their efforts to become better prepared, we at PreparedEx find that most organizations fail to create impactful exercises, or, they don't conduct them at all. We put these 5 easy steps together to help you create and deliver more productive and engaging tabletop exercises.
 

Company will also share Intelligence on Web Threats, Malvertising and Malicious Mobile Apps with ThreatExchange Community

 

SAN FRANCISCO – RiskIQ, the leading security company defending organisations from threats beyond the perimeter, today announced that its PassiveTotal threat infrastructure analysis product will provide a visual front end for Facebook’s ThreatExchange. With this integration, RiskIQ customers have the option to centralise data from ThreatExchange alongside critical data sets such as passive DNS, WHOIS, and SSL Certificates within PassiveTotal to accelerate security investigations and automate the sharing of findings with the community.

 

“Sharing threat intelligence, whether it’s private sharing of attack campaigns, long-form reports on threat actors or just public lists of indicators, is the most effective way for organisations to pre-empt and protect themselves from attacks,” said Elias Manousos, CEO of RiskIQ. “We believe the process of sharing should occur without friction and that’s why we’ve added full integration of Facebook’s ThreatExchange within the PassiveTotal platform. We are also sharing data from RiskIQ researchers with ThreatExchange to further arm the community with actionable intelligence.”

 

To automate intelligence sharing with the ThreatExchange community, PassiveTotal allows users to set global controls on how, with whom and what data is shared. Once the initial configuration is complete, users can simply begin searching within PassiveTotal much like they normally would. When data related to a search is found within ThreatExchange, PassiveTotal will display a tab and show the specific data along with who submitted it into the exchange. Additionally, when available, PassiveTotal will automatically extract details such as tags or the status of an indicator, including malicious, suspicious, etc.

 

For real-time sharing, PassiveTotal can be configured to automatically add findings to ThreatExchange as investigations are being conducted. For example, a group of individuals that know and trust each other can instantly work as an ad-hoc team to help protect their peers’ organisations while they are protecting their own company. The addition of ThreatExchange to the PassiveTotal platform can facilitate larger, inter-company intelligence sharing efforts that previously would only be performed through email, if at all.

 

Availability

PassiveTotal with ThreatExchange integration is available immediately. RiskIQ threat data is publicly available in ThreatExchange under a TLP GREEN designation.

 

About RiskIQ

RiskIQ provides organisations the visibility and intelligence they need to secure their Enterprise Digital Footprint and to map their Adversaries’ infrastructure. RiskIQ products, powered by a global proxy network, virtual user technology and threat analysis engine, allow organisations to get an actionable and timely picture of both their own and their adversaries infrastructure to proactively defend against threats targeting their websites, mobile applications, brands, customers, and employees. Leading financial institutions, insurance providers and consumer as well as B2B brands use RiskIQ to protect themselves and their users from code level threats, malware, phishing, social media attacks and fraud. RiskIQ is headquartered in San Francisco and backed by growth equity firms Summit Partners and Battery Ventures. To learn more about RiskIQ, visit www.riskiq.com.

European Patent Office (EPO) dismisses appeal

 

DUBLIN – The Appeals Board of the European Patent Office (EPO) last week dismissed an Appeal in Opposition proceedings which sought to revoke Anam’s patent (EP 1683375 B1) on SMS Home Routing. The decision conclusively held that Anam’s patent for an SMS routing system that allows Mobile Network Operators to offer SMS value added services, was both novel and inventive. The decision by the EPO Appeals Board in Munich brings seven years of opposition proceedings to conclusion.

 

Initially filed in 2004, the routing technique is today central to how Mobile Operators are implementing new monetisation strategies. Referred to in the Industry as “Transparent SMS Home Routing”, this ingenious technique gives the mobile network operator full visibility and control of all SMS traffic being delivered to its subscribers, even when they are roaming. A compelling feature of Anam’s patented technique is that it does not require any change in message handling for the interconnecting networks.

 

Company Founder Louise O’Sullivan, who attended the appeal hearing, sees the decision as indicative of Anam’s technical prowess in the sector. “Retaining the patent after such rigorous testing is a resounding endorsement. Our position as the foremost provider of SMS Firewalling technology is beyond question”. The routing technique is central to how SMS Firewalls are best deployed by Mobile Operators to protect their subscribers against SPAM, fraudulent & grey route SMS traffic. Mobile Operators can also generate new revenue by using the Anam invention to expose “free loading” A2P traffic on their networks and moving it onto a paid footing. In the wake of OTT services growth, Operators are actively looking at introducing other new revenue generating Value Added Services using the Home routing capability.

 

Truly delighted with the outcome of the appeal court, Anam’s CTO and Inventor of the patent, John Murtagh flagged impact beyond the SMS arena stating “the technology behind the patent is fundamental to SS7 firewalling”. He goes on “SMS Home Routing plays a central role in the measures that a Mobile Network Operator would deploy to counteract SS7 attacks based on the inherent vulnerabilities with the global SS7 network”. This means that the technology can be used to secure networks against well publicised hacking attempts.

 

The decision is also welcomed by Anam’s R&D Board Chairman, Professor Gerry Byrne who is responsible for driving Anam’s Technology Innovation programme. “I am delighted to be leading the creative process at Anam and the EPO’s acknowledgement of such a widely used invention is huge encouragement for the team.

 

About Anam Technologies

Anam Technologies Limited (www.anam.com) is a Global company focussed on solutions to secure and monetise Mobile Operator Networks. Anam’s technology has been deployed in over 60 networks worldwide.

Anam’s SMS ASSURE product combines a patented SMS Firewall with a suite of Managed Services that enables mobile operators to fully monetise A2P SMS. In addition to generating new revenue on the mobile messaging channel, the firewall technology allows for filtering of unwanted SMS traffic (SPAM).

Anam’s patent-protected SMS Home Routing™ is the basis of its intelligent & transparent firewall platform. Anam’s solutions are easily integrated into the network or deployed as cloud-based services.

Anam Technologies is a private company headquartered in Dublin, Ireland with an office in Malaysia and Managed Services presence also in Hong Kong and Vietnam.

Easynet, the global managed services provider, has selected Fairsail’s award-winning cloud HRMS to support its global HR function following a significant merger and continuing expansion into new geographic markets. Supporting comprehensive processes such as talent acquisition, performance management and talent development, Fairsail was implemented in just 80 days, delivering a truly global system and enabling Easynet to better manage its people.

 

Easynet, an Interoute company, is a multinational business services organisation with 900 employees located in 15 offices, across 9 countries including Belgium, China, France Germany, Italy, Spain, Switzerland, the UK and the US. The company’s continuing market expansion and business growth proved to be the catalyst in highlighting the increasing need for one comprehensive HR system with global and local capabilities.

 

Prior to engaging Fairsail HRMS, Easynet was using an Oracle HR system which required monthly data uploads before any effective HR reporting could be undertaken. In addition, the company’s HR was fragmented with different systems being used in different countries, many of which were driven by different payroll providers. Aware that there was a better alternative – and knowing that the upcoming merger would only complicate global HR matters further – senior management recognised the pressing need to ensure better workforce visibility through improved accuracy of, and accessibility to, its people data.

 

Easynet initially looked at more than a dozen different industry HRMS providers before shortlisting five global HRMS vendors. Oracle and Workday were among those considered but Fairsail was favoured for its more flexible, cost effective, and user-friendly offering.

The benefits of having one HR system of record that meets the often complex global and local needs of a modern and geographically diverse workforce are already being seen by the Easynet team. Fairsail is delivering consistent workforce experiences across a range of processes, including employee self-service and absence management. The HRMS is also being used in the UK to validate health and safety checks, and perform background checks.

 

The HR team has seen tangible benefits immediately with a reduction in the amount of administration associated with managing employee records, payroll information, and timesheet processing. HR productivity has increased by 25% since the implementation of Fairsail HRMS, and Easynet’s HR leaders are now able to offer more strategic value to the business as a consequence of the reduction in administration and manual tasks.

 

Fairsail is also helping to improve Easynet’s financial reporting process, by replacing 10 different sources of HR data with a single source of employee records integrated with benefits and payroll. This has made it much easier for the finance team to source accurate workforce related information, such as the estimation of employee costs and associated financial reports.

 

Matthjis van Geldere, Group Compensation and Benefits Director at Easynet, explains why his company took the key decision to partner with Fairsail: “We needed an agile HR system that would allow changes to be made quickly and easily, without an army of implementers. The combination of flexibility and comprehensibility that Fairsail offers was therefore a key driver in our decision to engage with them. The Fairsail team was also fantastically supportive and great to work with from the outset, so we felt confident that a strong cultural fit – as well as product fit – was there.”

 

“We are delighted to have partnered with Easynet to provide a truly intuitive system that has delivered tangible business benefits and instant workforce visibility quickly,” said Fairsail CEO, Adam Hale. “We love working with progressive international firms that want to transform their business and we’ve enjoyed working with Easynet to greatly increase HR productivity and deliver a world class workforce experience to their employees. We’re extremely pleased to have been chosen from a base of much larger competitors, and even more pleased to have met the ambitious implementation and delivery schedule that was set out for us.”

 

Easynet is now continuing to roll out new processes, capabilities and functionality across its multinational workforce, with internal communications, talent acquisition and performance management expected to be the next priorities.

 

About Easynet:

Easynet, an Interoute company, is a leading managed service provider with over twenty years' experience delivering integrated networks, hosting and unified communications solutions to national, international and global customers. Enhancing these core areas of expertise is a range of complementary services including colocation, security, voice and application performance management.

Easynet has established relationships with key vendors, government bodies and industry standard accreditors and operates to a number of recognised industry standards, including ISO9001, ISO14001, OHSAS18001, ISO20000 and ISO27001. Easynet is also one of a select number of managed service providers approved and appointed by the Government Procurement Service to assist the UK Government in its mission to create a network of networks.

 

Easynet's mission is to deliver integrated solutions that enable an organisation to collaborate more effectively, operate more efficiently and improve customer engagement by connecting their people, sites and machines in a secure and reliable way.

 

About Fairsail

Fairsail enables mid-size, multinational companies to manage modern workforces through its global cloud HRMS, transforming how organizations acquire, engage, manage and develop their people. Implemented quickly and simple to use, the award winning system increases company productivity, reduces operational costs and provides better experiences across the entire workforce. Fairsail’s customer portfolio includes Aveva, Betfair/TVG, Cobalt International Energy, Huddle, Mitsubishi UFG, SDL, Skyscanner, SolarWinds and Zipcar.

 

Additional Resources

Learn more about Fairsail on the website.

Follow Fairsail on Twitter and the Fairsail Blog.

Join the Fairsail Regatta HR leaders group.

Flexible, quick to deploy, cloud offering transforms call management and enhances customer experience

 

LONDON – Interoute has today announced the launch of its cloud hosted Contact Centre add-on for Hosted Microsoft Skype for Business (SfB) and Microsoft Lync. Interoute Hosted Contact Centre helps companies enhance their call or contact centre services by leveraging the features of the popular Microsoft enterprise collaboration suite using Interoute’s global and private networked cloud.

 

Interoute’s solution offers organisations with remote and office based users secure access to:

  • - Microsoft Certified SIP trunking with global telephony routing and call recording
  • - natively integrated extension to SfB and Lync with simple per agent pricing
  • - the Lync/SfB presence mechanism to instantly see if a relevant in-house expert is online and available
  • - IM routing for chat support with the ability to mix and move between chat and voice sessions
  • - standardised call flows to meet typical customer requirements, easily adapted to any scenario

 

Interoute’s Contact Centre capability can be deployed with Hosted SfB and/or Lync services with global telephone access numbers in a matter of weeks using Interoute Virtual Data Centre (VDC), a global networked cloud platform. Interoute VDC offers 14 locations across Europe, Asia and the USA, giving customers much greater choice over the location of their communications service. The ability to choose hosting locations closer to users can reduce latency and help meet any local data sovereignty requirements. In addition, as a fully cloud hosted service, Interoute’s solution requires no on-site management, lessening the burden on the IT team, as well as being highly price competitive.

 

Mark Lewis, VP for Communications & Connectivity at Interoute, said: “Contact centres have tended to be stuck behind the times when it comes to integrating with the collaborative ways people today communicate within a business. Interoute’s offering turns this on its head, saving time for IT teams and putting users in control. If you want to move to Skype for Business, but couldn’t because it doesn’t integrate with your existing contact centre solution, you can now take our standard model and implement it at a transparent price, quickly, efficiently and globally. Businesses rely on flexible and seamless services to improve their customer experience and our solution offers them just that.”

 

About the Magic Quadrant

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

 

About Interoute

Interoute is the owner-operator of one of Europe's largest networks and a global cloud services platform which encompasses 12 data centres, 14 virtual data centres and 31 colocation centres, with connections to 195 additional third-party data centres across Europe. Its full-service Unified ICT platform serves international enterprises and many of the world’s leading service providers, as well as governments and universities. Interoute’s Unified ICT strategy provides solutions for enterprises seeking connectivity and a scalable, secure advanced platform on which they can build their voice, video, computing and data services, as well as service providers in need of high capacity international data transit and infrastructure. With established operations throughout Europe and USA, Interoute also owns and operates 24 connected city networks within Europe's major business centres. www.interoute.com

Tuesday, 01 December 2015 00:00

2015 Extreme Weather Events in Review

From hurricanes to hail to droughts to tornadoes, 2015 was a busy year for extreme weather events. Drought in California continued to worsen, increasing the risk of wildfires. While record rainfall in Texas and Oklahoma alleviated drought, it caused severe flash flooding in Texas. There have been 25 Category 4-5 northern hemisphere tropical cyclones—the most on record to date, breaking the old record of 18 set in 1997 and 2004.

The Insurance Information Institute reported that insured losses from natural disasters in the United States in just the first half of 2015 totaled $12.6 billion—well above the $11.2 billion average in the first halves of 2000 to 2014.

Interstate Restoration provides a look at 2015 weather events:

...

http://www.riskmanagementmonitor.com/2015-extreme-weather-events-in-review/

At the Discover 2015 event in London, Hewlett-Packard Enterprise unveiled a new generation of “composable” systems that enable IT organizations to dynamically provision server, storage and networking resources within the system using a common application programming interface (API).

Gary Thome, vice president and chief engineer of converged data center infrastructure for HPE, says the HPE Synergy platform will for the first time give IT organizations managing IT infrastructure on premise the ability to programmatically manage the entire environment via a single high-level API.

Thome says that the HPE energy platform, scheduled to be available in the second half of 2016, is designed from the ground up to provide IT organizations the flexibility needed to address rapidly changing application workload requirements in a matter of minutes.

...

http://www.itbusinessedge.com/blogs/it-unmasked/hpe-unveils-synergy-platform-to-drive-composable-infrastructure-era.html

Tuesday, 01 December 2015 00:00

BCI: Communicating in a Crisis

Communicating in a crisis

Organizations are beginning to understand the need for having an emergency communications plan in order to improve stakeholder communications during a crisis

CAVERSHAM, UK – A newly published report from the Business Continuity Institute (BCI) has demonstrated the need for organizations to invest in an emergency communications plan by revealing that nearly two thirds of respondents (62%) to a global survey had activated their plan during the previous year. The urgency of emergency communications is further highlighted by over three quarters of those activations taking place within 30 minutes of an incident commencing.

The Emergency Communications Report, supported by Everbridge, noted that over a quarter of emergency communications plans do not request a response when activated. This is a worrying statistic as, if an incident is important enough to justify the plan being activated, then surely it warrants knowing that the message has been received by the intended recipients.

Further findings from the report include

  • 14% of respondents reported that they do not have an emergency communications plan.
  • Of these which do not have an emergency communications plan, over two-thirds (68%) state they would only create one after a business affecting event.
  • Email is the primary method of communication used during an emergency with 83% claiming to use this, while 63% use manual call trees, 55% use emergency communication software, 55% use crisis telephone lines and 53% use website announcements
  • Over two-thirds of respondents noted that their organization has emergency communications training and education with regularly scheduled events.
  • Nearly three quarters of respondents (72%) stated that their plan is exercised at least once per year, with a further 16% stating it is done at last twice per year
  • Common triggers for activating the emergency communications plan include unplanned IT outages (50%), weather related incidents (49%), power outages (47%), natural disasters (45%) and fire (42%)
  • Over two-thirds of respondents (70%) use mobile communications in private messaging to staff.

Patrick Alcantara, Research Associate at the BCI and author of the report, commented: “Reliable emergency communications saves lives and demonstrates how organizations approach their duty of care to their employees, customers and stakeholders. The survey results affirm that many organizations take this duty seriously and offer opportunities for further improvement. We thank Everbridge for supporting this study and sharing our goal of producing top-quality research that impacts practice.

Imad Mouline, Chief Technology Officer at Everbridge, commented: “The findings highlight that the unpredictability of global threats continue to necessitate a comprehensive enterprise critical communications strategy. While it’s refreshing to see that organizations are more actively developing plans, and using mobile as part of their strategy, there is still work to be done to ensure that communications are securely and reliably reaching employees and customers.

The report concludes that top management buy-in and integration among different functional roles contribute to the successful embedding of emergency communications capability. Furthermore, organizations must focus on encouraging responses to emergency communications and this begins by defining acceptable response rates. This should be made easier as mobile communications are increasingly used by organizations as part of their emergency communications arrangements and technology has advanced so much so that this is a basic capability. Key to getting buy-in is education and training programmes which must be implemented as part of an overall holistic approach to continuity and resilience.

For more information, please contact the Senior Communications Manager at the Business Continuity Institute – Andrew Scott CBCI – by emailing andrew.scott@thebci.org or by phoning 0118 9478241.

Notes:

  • Download a full copy of the report by clicking here.
  • Note to the online survey: This report features 467 responses from 67 countries.

About the Business Continuity Institute

Founded in 1994 with the aim of promoting a more resilient world, the Business Continuity Institute (BCI) has established itself as the world’s leading Institute for business continuity and resilience. The BCI has become the membership and certifying organization of choice for business continuity and resilience professionals globally with over 8,000 members in more than 100 countries, working in an estimated 3,000 organizations in the private, public and third sectors.

The vast experience of the Institute’s broad membership and partner network is built into its world class education, continuing professional development and networking activities. Every year, more than 1,500 people choose BCI training, with options ranging from short awareness raising tools to a full academic qualification, available online and in a classroom. The Institute stands for excellence in the resilience profession and its globally recognised Certified grades provide assurance of technical and professional competency. The BCI offers a wide range of resources for professionals seeking to raise their organization’s level of resilience, and its extensive thought leadership and research programme helps drive the industry forward. With approximately 120 Partners worldwide, the BCI Partnership offers organizations the opportunity to work with the BCI in promoting best practice in business continuity and resilience.

The BCI welcomes everyone with an interest in building resilient organizations from newcomers, experienced professionals and organizations. Further information about the BCI is available at www.thebci.org.

About Everbridge

Everbridge is a global provider of SaaS-based unified critical communications solutions. During mission-critical business events or man-made or natural disasters, the Everbridge platform enables customers to quickly and reliably deliver the right message and reach the right people, on the right device, in the right location, at the right time. Utilizing sophisticated communications technologies, Everbridge has the ability to deliver and verify messages in near real-time to more than 100 different communication devices, in over 200 countries and territories, in multiple languages – all simultaneously. Everbridge is based in Boston and Los Angeles, with additional offices in San Francisco, Beijing and London. For more information, visit www.everbridge.com, read the company blog, and follow on Twitter and Facebook.

Tuesday, 01 December 2015 00:00

Data Security and the 'Low-Hanging Fruit'

Protecting an organization from a data breach can seem daunting, and impossibly technical.  But the good news is that there are some basic precautions that can help.

There is a saying in the data security community that is a bit tired, but nevertheless true: There are two kinds of companies – those that have been hacked and those that will be hacked.  When clients come to us with questions about data security, it is often necessary to consult technological experts in this arena, especially when the client suspects that its data may have been breached.  All too often, the client first consults us only after this suspicion has arisen.  In these cases, we frequently find that basic and non-technical security best practices have been ignored.  In fact, an organization can make some fairly rudimentary changes to secure its data more fully, even without information security expertise.

These suggestions will by no means insulate a company from a data breach, but they may serve to diminish the probability of one.

...

http://corporatecomplianceinsights.com/data-security-and-the-low-hanging-fruit/

The state-owned company that operates all of Russia’s nuclear plants has kicked off construction of what may ultimately become the largest data center in the country.

The project is taking place near one of the company’s plants, on a site it has previously pitched as a location for service providers with infrastructure overseas to house their servers so they can comply with the new law that requires companies to store Russian citizens’ personal data within Russia’s borders.

The company, Rosenergoatom, plans to launch the first phase of the data center in March 2017, the government-owned news agency RIA Novosti reported, citing an official announcement. At full build-out, the facility’s capacity will reach about 80 MW, which according to the announcement will make it the largest data center in Russia.

...

http://www.datacenterknowledge.com/archives/2015/11/30/russian-nuclear-plant-operator-building-80-mw-data-center/