Spring World 2015

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 27, Issue 4

Full Contents Now Available!

Jon Seals

In seven years the information security industry will see more cloud delivery and no central IT.

According to recent predictions by Forrester on ‘The CIO's World in 2020', 90 per cent of the 325-strong audience said that central IT would not exist in the future, as IT will be directly embedded in business units such as marketing, product development and customer service.

The audience also said that most technology would be delivered via the public cloud, according to 85 per cent, who agreed that companies will architect and deploy business solutions from a growing pool of external as-a-service resources, with IT playing the role of orchestrator.



With few exceptions, articles about Big Data start off with promises to be smarter, run more efficiently, or make more money.  As proof, each article cites standard examples of how data analytics and robotics have transformed warehouse operations, IBM’s Watson’s mastery over Jeopardy, the game show, and how firms will make decisions more effectively.

Examples of success may be far fewer than we realize given the context of a future state as opposed to the few actual case studies cited above.  Real or not we may learn more from stories of failure to gauge how much progress we have yet to achieve.



The role of the CISO is changing.

For years we have talked about the requirement to make the top security and risk (S&R) role increasingly business-facing, and this is now turning into a reality. Surprisingly, however, we see an increasing number of non-IT security folk stepping up to take the CISO role, often ahead of experienced IT professionals.

These "next-gen" CISOs are commonly savvy business professionals, experienced at implementing change and evolving processes, and adept at dealing with strategies, resource plans and board-level discussions. Their placement into these S&R roles often comes as an unwelcome surprise to those that have been working within the IT security teams; however, we have to recognise that this new breed are simply filling a gap. Unfortunately, although we have talked about the professionalization of the role and the need for greater business engagement, many S&R professionals are still not ready for the leap, and this opens up an opportunity for others to steal their way in.



According to IBM, 90 percent of the data in the world today has been created in the last two years. From social media, mobile devices and digital sensors to e-mails, images and videos, these vast sources of data create a potential goldmine of valuable information about people and their activities. 

Whilst the promise of actionable insight from data is not new — business intelligence and other analysis capabilities have long been present in many organizations — what is new is the rate at which the data is growing, the way the data is changing and the demands being placed upon it.



The Oklahoma tornado and start of hurricane season are throwing up red flags for business owners.

And while Mother Nature often acts as a reminder for creating business continuity plans, it’s the downtime when businesses should be preparing.

“It’s the time when there’s nothing happening that they should be thinking about this,” said Gail Moraton, business resiliency manager for the Insurance Institute for Business & Home Safety based in Tampa.

The Oklahoma tornado hit Moore, Okla., on May 20 as an EF5 storm causing destruction along a 17-mile path. In addition, the National Oceanic and Atmospheric Administration said there’s a 70 percent likelihood of 13 to 20 named storms this hurricane season — with the possibility of seven to 11 becoming hurricanes.



June 1 is the official beginning of hurricane season in the U.S. There are steps you can take now to protect your business and your employees should a natural disaster hit.

The Atlantic coastline of the U.S. is expected to have an above-average level of hurricane activity in 2013, according to Gerry Bell, the lead scientist of the National Oceanic and Atmospheric Administration long-range hurricane outlook team. Many states in the Northeast are still struggling to recover from Hurricane Sandy, which hit seven months ago. This week, President Obama visited the Jersey Shore where he assessed the damage and pledging continued support to the region.

“If there’s one thing that we learned last year, it’s that when a storm hits, we’ve got to be ready. Education, preparation -- that's what makes a difference. That's what saves lives,” Obama said Tuesday. “Make a plan. It’s never too early,” he said, encouraging people to visit Ready.gov, a federal web site with instructions and plans on how to prepare for a hurricane.



Recovering from a flood or fire is hard for a business. But dealing with problems caused by a lack of business continuity plans or inadequate insurance can make it worse.

“The better you can plan for how to deal with an incident, the better off you’ll be,” says Lawrence J. Newell, CISA, CBRM, QSA, CBRM, manager of Risk Advisory Services at Brown Smith Wallace. “I say ‘incident’ because it could be something not always thought about in typical disaster terms, such as a breach of credit card information.”

Smart Business spoke with Newell and William M. Goddard, CPCU, a principal in the firm’s Insurance Advisory Services, about developing business recovery plans and the insurance options available to reduce risk.



A quarter of UK small to medium-sized businesses (SMEs) are risking significant data loss by storing data on-site instead of embracing cloud technology.

The findings are revealed in a new survey by Onyx Group which shows that although most businesses understand the cost effectiveness, resilience, scalability and flexibility of cloud, nearly 40 per cent have no plans to adopt cloud as part of their IT management.

The survey, which questioned SME IT managers, also revealed that many businesses are still using and relying on traditional methods of data backup despite research showing that 50 per cent of all tape backups fail to restore.*



MONSON, Mass. — Two years ago Saturday, a tornado wreaked havoc on a 39-mile stretch of western and central Massachusetts — destroying buildings, toppling trees, and causing injury and death. A full 24 months later, recovery efforts are still ongoing.

Driving along the wooded roads into Monson, you would never guess a tornado hit here two years ago. Then you come to the center of town, and the destruction is abundantly clear. On a hill overlooking new houses and a few damaged buildings is a wide swath of treeless land.

Owners of the First Church of Monson -- seen here in 2011 after the tornado hit -- are still working to replace the toppled steeple. (Robin Lubbock/WBUR)

Owners of the First Church of Monson — seen here in 2011 after the tornado hit — are still working to replace the toppled steeple. (Robin Lubbock/WBUR)

“If you notice driving through downtown that pretty much all the roofs on all the buildings are brand new,” says Dan LaRoche, Monson’s disaster recovery manager.



I recently saw a report on consultant compensation for business continuity practitioners.

According to a post on LinkedIn’s BC-COOP group, Cheyene Marling, founder of BC Management, reports that

BC Management’s 11th Annual BCM Study assesses not only compensations for those who are permanently employed, but also for those who work as independent contractors.

The attached data graph highlights the average low and high billing rates for independent contractors. The data was collected in BC Management's 11th Annual BCM Study between July - December 2012. All currencies were converted to United States Dollar (USD) for comparison purposes. The study received over 2,200 participants with 100 noting “independent contractor”.