Spring World 2017

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 29, Issue 4

Full Contents Now Available!

Jon Seals

New Facility Includes Laboratory, Order Fulfillment and Warehousing Space
 

SANTA CLARA, Calif.--()--Agilent Technologies Inc. (NYSE: A) today announced the opening of a new $14.7 million, 53,000 square-foot Technology Center in Folsom, California. The new building, which is adjacent to Agilent's existing facility at 91 Blue Ravine Road, will house approximately 60 additional staff.

“I am extremely pleased to see the completion of this additional space”

Tweet this

The new facility includes a state-of-the-art customer applications laboratory and collaboration space, as well as facilities for providing the company’s groundbreaking scientific consumables and supplies. Agilent Technologies solutions are used by laboratories worldwide, involved in many areas from cancer research to testing the quality and safety of food, water and pharmaceuticals.

"I am extremely pleased to see the completion of this additional space,” said Henrik Ancher-Jensen, Agilent president of Order Fulfillment and Supply Chain. “This new facility expands Agilent’s capabilities for chromatography consumables and hardware, which are used in laboratories around the world and for critical health, safety and product quality decisions.”

In particular, the new Folsom facility will support Agilent’s revolutionary new Intuvo 9000 GC system and consumables products. With the introduction of the Intuvo 9000 GC, Agilent has transformed gas chromatography – improving ease of use, lowering cost of ownership and boosting lab productivity without compromising performance.

“We have always looked to Agilent for innovations that will allow those of us in the analytical laboratory to become more productive, to become more efficient and to provide higher quality data,” said Johnny Mitchell, president of ESC Lab Sciences Corporation and Intuvo 9000 GC system customer. ESC Lab Sciences Corporation, based in Mt. Juliet, Tennessee is the largest, independent, privately held environmental laboratory in the United States, providing analytical testing for soil, water and air across a wide variety of programs.

About Agilent Technologies

Agilent Technologies Inc. (NYSE: A), a global leader in life sciences, diagnostics and applied chemical markets, is the premier laboratory partner for a better world. Agilent works with customers in more than 100 countries, providing instruments, software, services and consumables for the entire laboratory workflow. Agilent generated revenue of $4.20 billion in fiscal 2016. The company employs about 12,500 people worldwide. Information about Agilent is available at www.agilent.com.

Latest Release of CA Identity Suite Strengthens Security and Accelerates Time-to-Value with New Deployment Options
 

NEW YORK--()--CA Technologies today announced a new release of CA Identity Suite that includes integration with CA Privileged Access Manager for governance of privileged accounts and new, flexible deployment options for agility, speed and ease-of-use in identity management and access governance helping to save time and save money.

“Identity and access management technology is designed to both protect and enable the business and its digital transformation initiatives”

Tweet this

“Identity and access management technology is designed to both protect and enable the business and its digital transformation initiatives,” said Mordecai Rosen, senior vice president and general manager, CA Security business. “The latest release of CA Identity Suite enhances security and time-to-value by providing privileged user governance to help mitigate the insider threat, and proven workflow templates and a new virtual appliance option to dramatically accelerate deployment. This allows our customers to focus their time and resources on building new and compelling applications and services, rather than deploying and integrating the underlying infrastructure.”

Privileged User Governance Helps Mitigate Insider Threat

CA Identity Suite’s integration with CA Privileged Access Manager adds a layer of security and compliance measures for privileged users. The integration addresses the need for consistent governance processes and a holistic view of all user access – privileged or not. With capabilities to manage access certifications, requests, provisioning and de-provisioning, CA Identity Suite helps ensure the practice of “least privilege” applies to privileged users so they only have the access needed to do to their jobs. It also helps prevent fraudulent or erroneous actions with the ability to run segregation of duties checks on privileged users and their roles, activity and access.

“Gartner believes that significant value is derived from integrating PAM technologies with other technologies in your IAM portfolio. One specific opportunity for integration involves PAM and identity governance and administration (IGA). A combined PAM and IGA solution provides organizations with increased control, visibility and governance over all user accounts in their environment, which helps reduce vulnerabilities such as an insider threat,” wrote Lori Robinson, Gartner analyst, in Securing Privileged Accounts Through PAM and IGA Integration.*

Simplified Deployment and Configuration Delivers Cost Savings, Scalability

New deployment tools include a virtual appliance and proven, pre-configured user scenarios that provide CA Identity Suite customers with an enhanced user experience and the ability to meet growing security and compliance needs quickly at a lower cost.

In a survey of more than 100 CA Identity Suite Users, 70 percent report that using CA Identity Suite has reduced costs more than 25 percent.** The new virtual appliance reduces costs even further with installation and configuration time going from days to minutes so the solution is up and running faster to support business and compliance needs. Organizations also can avoid high recurring software licensing costs with the appliance providing pre-installed instances of an operating system, application server and directory.

Complementing the virtual appliance in driving fast time-to-value, the latest release of CA Identity Suite includes Deployment Xpress – a marketplace of pre-configured use case scenarios drawn from hundreds of deployments. Instead of developing common identity management scenarios from scratch, the pre-packaged use cases meet most customer needs for common, consistent identity management services and are easily and quickly deployed across the entire enterprise. What can take weeks to configure with other solutions can be done in just a few days with CA Identity Suite, even if customers want to do customization on approval workflows or branding.

CA Technologies is a Platinum sponsor of Gartner IAM Summit held Nov. 29 – Dec. 1, 2016 in Las Vegas. Visit booth #109 or CA.com/security for more information on CA’s Security portfolio and CA Identity Suite.

* Gartner,Securing Privileged Accounts Through PAM and IGA Integration, by Lori Robinson, November 16, 2016.

** TechValidate survey of 107 users of CA Identity Suite, June 2016.

About CA Technologies

CA Technologies (NASDAQ:CA) creates software that fuels transformation for companies and enables them to seize the opportunities of the application economy. Software is at the heart of every business in every industry. From planning, to development, to management and security, CA is working with companies worldwide to change the way we live, transact, and communicate – across mobile, private and public cloud, distributed and mainframe environments. Learn more at www.ca.com.

Follow CA Technologies

Legal Notices

Copyright © 2016 CA, Inc. All Rights Reserved. All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.

Riverbed SteelFusion eliminates remote offices’ physical servers and keeps company data safe in the data center, while fully integrated Riverbed SteelHead enables great application performance
 

SAN FRANCISCO –Riverbed Technology, the application performance company, today announced that CBP, a European insurance provider, is using Riverbed SteelFusion with integrated Riverbed® SteelHead WAN optimization technology to improve application performance, enhance data security, and virtualize servers at its subsidiaries across Europe.

“Riverbed SteelFusion and SteelHead have given us back control over our branch IT. We can be certain that staff are getting the best possible user experience and if we need to scale a branch up or down, we know we can do it quickly and efficiently.”

Tweet this

Tweet This: Riverbed allows European insurance provider CBP to take control of branch IT with a software-defined edge: http://rvbd.ly/2fZTOEN

SteelFusion has allowed the company to greatly simplify and consolidate branch office IT data and operations at the edge, with virtual servers running applications and services on SteelFusion, and subsidiaries’ data now housed centrally where it is secure, eliminating risk for the company. Data security is especially critical in the insurance industry, with the need to protect sensitive customer information and data.

Case Study: Cbp takes control of branch IT with Riverbed: http://rvbd.ly/2f4NESJ

IT can also be easily scaled up and down without the need for remote IT staff to travel to remote locations, and recovery from outages takes only a few hours. Fully integrated SteelHead WAN optimization ensures that centralized applications perform well across the network even in offices located 1,000 km from CBP’s data center.

CBP, an expert in creditor protection insurance, brokerage and loan insurance, consulting and risk products, has been offering its clients a range of bespoke digital solutions for 25 years. With headquarters in the Nantes region of France and operations across Europe in Italy, Spain, Portugal, Germany and Poland, CBP has more than 700 employees.

When CBP opened its first European subsidiaries, the company soon noticed that applications installed at its headquarters were not fully operational from the remote offices. “The first application that caused us the most headaches was our file sharing application, which we use constantly to manage the various documents required for insurance dossiers. In addition, there were challenges with the messaging service, which was absolutely vital,” explained Olivier Lavry, head of Networks & Telecoms at CBP.

To resolve that problem, CBP installed the industry’s #1 WAN optimization solution, Riverbed® SteelHeadTM, at new sites in Germany and Portugal.

Increased activity and the addition of more subsidiaries a few years later required rethinking its approach to remote IT infrastructure even more broadly.Expanding on the success of SteelHead, CBP deployed SteelFusion at every remote location that formerly had local servers and storage. SteelFusion simplifies remote office IT with a software-defined edge solution that hyper-converges intelligent storage caching, server virtualization, and industry leading WAN optimization technologies, enabling data, storage and backup to be centralized, without any compromise to application performance at remote sites.

“Today, no applications or data are stored locally. Everything is centralized in our data center, with users accessing information in real-time,” said Lavry. “The major advantage of using SteelFusion with integrated SteelHead technology is that the data is protected and, in the event of a business continuity plan being triggered in a remote subsidiary, it can be up and running in just a few hours either from its own premises or from an external structure.”

IT for new offices can be set up very quickly with SteelFusion, and then managed locally. “We can now outsource a subsidiary's maintenance to a local IT expert or a maintenance company, which can intervene in under four hours," explained Lavry. “Riverbed SteelFusion and SteelHead have given us back control over our branch IT. We can be certain that staff are getting the best possible user experience and if we need to scale a branch up or down, we know we can do it quickly and efficiently.”

Riverbed SteelFusion and the Riverbed Application Performance Platform

Riverbed is delivering solutions to help companies transition from legacy hardware to a new software-defined and cloud-centric approach to networking, and improve end user experience, allowing enterprises’ digital transformation initiatives to reach their full potential. The Riverbed Application Performance Platform™ delivers the agility, visibility, and performance businesses need to be successful in a cloud and digital world. By leveraging the Platform, organizations can deliver apps, data, and services from any public, private, or hybrid cloud across any network to any end-point.

A key part of the platform, Riverbed SteelFusion™ delivers unprecedented simplicity, agility, data security, and business continuity to distributed enterprises. SteelFusion enables a software-defined edge by bringing together best-of-breed virtualization, intelligent storage caching, and industry-leading WAN optimization into a single hyper-converged infrastructure solution that meets both the needs of the enterprise for low operational costs, high security, and fast business agility as well as the needs of branch employees for high-performing applications that simply work so they can do their jobs.

Connect with Riverbed

About Riverbed

Riverbed, at more than $1 billion in annual revenue, is the leader in Application Performance Infrastructure, delivering the most complete platform for the hybrid enterprise to ensure applications perform as expected, data is always available when needed, and performance issues can be proactively detected and resolved before impacting business performance. Riverbed enables hybrid enterprises to transform application performance into a competitive advantage by maximizing employee productivity and leveraging IT to create new forms of operational agility. Riverbed's 28,000+ customers include 97% of the Fortune 100 and 98% of the Forbes Global 100. Learn more at www.riverbed.com.

Riverbed and any Riverbed product or service name or logo used herein are trademarks of Riverbed Technology, Inc. All other trademarks used herein belong to their respective owners.

New 425,000 square foot colocation center further expands the preeminent financial services colocation hub in the industry
 

DALLAS – Global colocation solutions provider CyrusOne (NASDAQ: CONE) has broken ground on its newest addition to the Chicago market—a 425,000 square foot data center on the company’s Aurora, Illinois campus. Construction is commencing on part of the land acquired in March 2016 as part of the sale-leaseback transaction with CME Group. The newest data center will provide CyrusOne customers involved in the global financial markets with additional space and connectivity, as well as proximity to the CME Globex platform and it offers a unique ecosystem to energy, enterprise, fintech, and cloud customers.

“Breaking ground on this new data center marks another milestone for us as we solidify our leadership position in the financial services market and enhance our services for enterprise and cloud customers”

Tweet this

“Breaking ground on this new data center marks another milestone for us as we solidify our leadership position in the financial services market and enhance our services for enterprise and cloud customers,” said Kevin Timmons, chief technology officer, CyrusOne. “Upon completion, our new state-of-the-art data center will provide needed data center space and provide customers with expanded cloud connectivity. In addition, the City of Aurora has been a valued partner for CyrusOne, and as one of the preeminent data center providers in Illinois, we are excited to expand our activities with the community by creating new local jobs.”

Located in suburban Chicago, the new data center will have high-speed, high-capacity network connectivity directly to downtown Chicago’s telecommunications hub, with a strong network offering to accommodate customers with specific latency and/or replication needs. As part of CyrusOne’s National IX (Internet Exchange) platform, the Aurora data center will supply interconnection to other CyrusOne data centers.

The groundbreaking will be officially celebrated on Thursday, December 1 at the Aurora campus. For more information, please visit the event page here.

CyrusOne operates 35 carrier-neutral data center facilities across the United States, Europe, and Asia to provide customers with the flexibility and scale to match their specific IT growth needs. CyrusOne facilities are engineered to include the power-density infrastructure required to deliver excellent availability, including an architecture with the highest available power redundancy (2N).

Renowned for exceptional service, building enduring customer relationships, and high customer satisfaction levels, CyrusOne serves nine of the Fortune 20 and 180 of the Fortune 1000 among its more than 950 customers.

For more information about CyrusOne, call 1-855-908-3662 or visit www.cyrusone.com. Connect with us on Google Plus, LinkedIn, Twitter, and Facebook.

About CyrusOne

CyrusOne (NASDAQ: CONE) is a high-growth real estate investment trust (REIT) specializing in highly reliable enterprise-class, carrier-neutral data center properties. The company provides mission-critical data center facilities that protect and ensure the continued operation of IT infrastructure for more than 950 customers, including nine of the Fortune 20 and 180 of the Fortune 1000 or equivalent-sized companies.

CyrusOne’s data center offerings provide the flexibility, reliability, and security that enterprise and cloud customers require, and are delivered through a tailored, customer-service-focused platform designed to foster long-term relationships. CyrusOne’s National IX platform provides robust connectivity options to drive revenue, reduce expenses, and improve service quality for enterprises, content, and telecommunications companies. CyrusOne is committed to full transparency in communication, management, and service delivery throughout its 35 data centers worldwide. Additional information about CyrusOne can be found at www.CyrusOne.com.

Iron Mountain expands its Data Management solutions with IT asset disposition and e-waste recycling services for federal government agencies by partnering with ITRenew
 

BOSTON – As U.S. Federal agencies plan to replace outdated technology equipment, it becomes increasingly important to deploy IT asset disposition (ITAD) programs that ensure data security and provide e-waste recycling and value recovery services. To help address this growing challenge, Iron Mountain Incorporated (NYSE: IRM), the global leader in storage and information management, and ITRenew, a leader in IT lifecycle management, today announced a partnership that combines ITRenew’s ITAD software and services with Iron Mountain’s secure chain of custody and logistics to serve government entities and federal agencies across the U.S.

“ITRenew has the national footprint, scalable architecture and remarketing expertise necessary to process anything from PCs to mobile devices to mass-storage devices with equal levels of security, efficiency and value recovery.”

Tweet this

Iron Mountain’s end-to-end Secure IT Asset Disposition service enables agencies to safely and securely dispose of their equipment, including PCs and laptops, servers, hard drives and mobile devices, with the peace of mind that such disposal complies with applicable data security and e-waste disposal regulations. Through the combination of Iron Mountain and ITRenew, outdated government IT equipment will be securely transported and tracked through Iron Mountain’s secure chain of custody and delivered to ITRenew’s refurbishing and recycling facilities. ITRenew’s ITAD processing services will include 100 percent sector-verified data erasure, asset remarketing, R2-certified recycling and regulation compliance reporting. Data erasure will be performed with Teraware, ITRenew’s proprietary data sanitization platform.

“Our relationship with ITRenew offers Federal agencies a unique combination of secure logistics and environmentally-sustainable IT asset disposition and remarketing, with Teraware – their industry leading data erasure and asset management workflow platform,” said John Sharpe, general manager of Secure IT Asset Disposition at Iron Mountain. “Federal agencies are facing many of the same IT asset disposition challenges as the private sector, made more complicated by both the nature of the data stored on the equipment and the stringent regulations surrounding the storage and destruction of that data. The combination of ITRenew’s powerful software, services that are ADISA certified for data sanitization at a forensic level, and Iron Mountain’s reputation as the trusted guardian of our customers’ most important assets will deliver peace of mind to Federal agencies. They will know that their data and IT assets are managed and disposed of properly and safely.”

“This is a natural fit between two industry leaders, leveraging each other’s strengths to fill a market need,” said Aidin Aghamari, vice president of corporate strategy, ITRenew. “ITRenew has the national footprint, scalable architecture and remarketing expertise necessary to process anything from PCs to mobile devices to mass-storage devices with equal levels of security, efficiency and value recovery.”

This joint service offering will enable Federal agencies to:

  • Customize a secure IT asset recovery and environmentally sustainable disposition solution to fit their needs.
  • Reclaim value from viable retired equipment, in which assets are wiped clean of sensitive data for a certificate of sanitization, then tested, repaired and resold.
  • Leverage proven processes that ensure sensitive data will not get into the wrong hands and that it has been certifiably destroyed according to DoD NISPOM and NIST standards – either electronically via ITRenew’s Teraware software or physically destroyed.
  • Maintain environmental responsibility by working with an R2 certified recycler, in which electronic waste is disposed of properly to repurpose materials for future use.

About ITRenew
Based in Silicon Valley, ITRenew specializes in complete lifecycle management for enterprise IT, mobile and data center equipment, processing millions of IT assets through a network of company-owned facilities. The independently-owned company has been recognized by Gartner as a Visionary in the 2014 Magic Quadrant for IT Asset Disposition, Worldwide.* Teraware, ITRenew’s proprietary data sanitization and asset management platform, has been adopted by the world’s largest cloud companies and is used to erase more than four million hard drives a year. Through an ADISA Claims Test, Teraware is the only solution to be certified to erase solid-state drives at a forensic level and has been recognized by Gartner as a competitive differentiator. All ITRenew facilities are 100 percent dedicated to ITAD services and have been R2, ISO 9001, ISO 14001 and OHSAS 18001 certified for secure asset recovery and data sanitization, environmental management, quality and occupational health and safety.

About Iron Mountain
Iron Mountain Incorporated (NYSE: IRM) is the global leader for storage and information management services. Trusted by more than 220,000 organizations around the world, Iron Mountain’s real estate network comprises more than 85 million square feet across more than 1,400 facilities in 45 countries dedicated to protecting and preserving what matters most for its customers. Iron Mountain’s solutions portfolio includes records management, data management, document management, data centers, art storage and logistics, and secure shredding, helping organizations to lower storage costs, comply with regulations, recover from disaster, and better use their information. Founded in 1951, Iron Mountain stores and protects billions of information assets, including critical business documents, electronic information, medical data and cultural and historical artifacts. Visit www.ironmountain.com for more information.

Commission established to incorporate ESRM into all ASIS programs and services

ALEXANDRIA, Va. – ASIS International (ASIS), the leading association for security management professionals worldwide, has named Enterprise Security Risk Management (ESRM) a global strategic priority for the association and has committed to infusing its concepts into all programs and services.

Both a philosophy and management system, ESRM uses globally established risk management principles to help security professionals manage the varied security risks facing organizations. By making ESRM a strategic objective, ASIS is looking to shift the profession from a siloed approach to security management to a more collaborative process.

"Threats today are increasingly more sophisticated, targeting organizations in myriad ways. In addition, the rapidly evolving business and compliance landscape requires a more holistic and strategic approach to managing organizational risk," says David C. Davis, CPP, President, ASIS International. "As the only global professional association representing the total spectrum of security, ASIS is uniquely positioned to lead this effort."

ESRM covers not only traditional security issues such as loss prevention and terrorism, but also a broad array of topics including brand protection, business continuity, corporate espionage, cybersecurity, information security, resilience, and white collar crime. Davis goes on to note "by embracing an ESRM mindset, our members will become more effective security professionals and more valuable members of their organizations."

To lead this initiative, the Board of Directors has established a two-year ESRM commission, headed by Dave N. Tyson, CPP, 2016 ASIS International chairman of the board. Tyson notes that while ASIS has been involved in ESRM for years, it has never committed to driving the approach in this manner or emphasizing its vital importance to the work ASIS members do.

"The commission will develop a framework to integrate ESRM into all ASIS education, white papers, research, and other professional offerings," said Tyson. "We believe the result will be a more empowered membership, safer enterprises, a more strategic approach to risk, and a more cost-effective security function."

Serving alongside Tyson on the commission are Brian J. Allen, CPP; Raymond T. O'Hara, CPP, executive vice president, AS Solution; John A. Petruzzi, Jr., CPP; John E. Turey, CPP, senior director of Enterprise Security Risk Management, TE Connectivity; and Volker Wagner, senior vice president, Deutsche Telekom. Additional members -- from across the globe, industries, and specialties -- are expected to be added. ASIS will also look to collaborate with other organizations to advance the richness and value of the content it develops. For more information, visit www.asisonline.org/esrm.

About ASIS International
ASIS International (ASIS) is the largest membership organization for security management professionals that crosses industry sectors, embracing every discipline along the security spectrum from operational to cybersecurity. Founded in 1955, ASIS is dedicated to increasing the effectiveness of security professionals at all levels.

Through hundreds of chapters across the globe, ASIS develops and delivers board certifications and industry standards, hosts networking opportunities, publishes the award-winning Security Management magazine, and offers educational programs, including the Annual Seminar and Exhibits -- the security industry's most influential event. Whether providing thought leadership through the CSO Center for the industry's most senior executives or advocating before business, government, or the media, ASIS is focused on advancing the profession, and ensuring that the security community has access to intelligence, resources, and technology needed within the business enterprise. www.asisonline.org

ST. LOUIS, Mo. – Darwin Global, LLC has selected TierPoint's private cloud and managed security services to support the ongoing expansion of Darwin Global's cloud-based training, education, and professional development services, continuing a longstanding partnership between the two companies.

Darwin Global manages the IT infrastructure and web presence of two online educational and training organizations: Smart Horizons, which offers early childhood education, law enforcement education, and security professional certification and Smart Horizons Career Online Education, the first fully accredited online school district in the US, which serves adults and older youth. With offices in Pensacola and Pompano Beach, Florida, and Oklahoma City and Lawton, Oklahoma, the rapidly growing company has more than three million clients in more than a dozen countries, including Fortune 100 companies, leading universities, government agencies and correctional facilities.

"Over the past ten years we've achieved an average annual growth rate of 194 percent," said Dr. Rob Miller, Chief Knowledge Officer of Darwin Global. "By moving from public to private cloud, we will improve our ability to scale up to meet rapid growth while tightening security through new managed services. TierPoint's private cloud will also help us meet increased client demand for continuous uptime."

"As TierPoint has continued to expand our hybrid IT solutions portfolio, we've been able to stay in step with Darwin Global's tremendous growth and work together to develop the right solutions to meet their needs and those of their clients," said Russ Koch, TierPoint Regional Vice President.

About TierPoint
TierPoint is a leading national provider of best-in-class IT infrastructure services that help clients improve agility, drive performance, and manage risk. TierPoint offers multi-tenant, private, and hybrid cloud solutions; disaster recovery, business continuity and other managed services; and colocation -- all backed by a commitment to superior customer service and highly-redundant, carrier-neutral data centers coast to coast.

Thursday, 01 December 2016 00:00

Active Hurricane Season Comes to an End

Texas Coast Spared

HARRIS COUNTY, Texas – Today marks the official end of the 2016 Atlantic hurricane season and once again the Texas Coast has been spared. Even though Texas escaped the season untouched, weather experts say this season has been one of the most active since 2012 with 15 named storms including seven hurricanes, three of those major hurricanes (Category 3 or stronger).

Hurricane season kicked off very early this year with Hurricane Alex forming in January, only the second hurricane on record to form during that month. Then, Tropical Storm Bonnie developed in May, a few days ahead of the June 1st official start.

“This is why we need to be prepared year-round,” said Harris County Judge Ed Emmett. “While we may not be able to control the weather, we need to be ready to tackle whatever Mother Nature throws our way.”

Harris County has had its share of severe weather this year. In April, up to 17 inches of rain caused widespread flooding in Harris County and surrounding areas. Flash flooding from this historic event killed seven people and caused millions of dollars in damage. In late May, more than 13 inches of rain fell in 24 hours in Northwest Harris County impacting some previously flooded areas.

So far this year, Harris County has had two Presidential Disaster Declarations and has activated its Emergency Operations Center seven times for weather events.

“Our region is one of the best-prepared areas in the country for responding to natural and man-made disasters,” said Emmett. “We will continue to work closely with our emergency management partners to ensure that all of our communities are prepared.”

As the 2016 hurricane season ends, and winter arrives, residents are encouraged to remain informed and prepared. Go to www.readyharris.org or download the ReadyHarris app on iTunes or Google Play for the latest emergency information and preparedness tips.

Wednesday, 30 November 2016 00:00

BCI: The maturing world of business continuity

The Business Continuity Institute - Nov 30, 2016 16:31 GMT

It’s been two years since winning the BCI Global Newcomer of the Year Award, and just as long since I featured in the Business Continuity Institute’s '20 in their 20s' publication, so I’ve decided to re-read my contribution to see what’s changed.

In 2014 it was clear to me that the academic world of business continuity was rapidly maturing. My undergraduate degree had a BC-specific module much like many other courses at the time. The BCI was also developing its very own diploma, and you only had to do a quick search online to realise the growing number of universities offering BC-dedicated postgraduate courses, and see just how popular the subject was becoming.

Add to this the emergence of the Business Continuity Management Academic Journal and it’s easy to see how some individuals were embarking on an exclusively theoretical BC journey for several years before ever even working a single day in the field. As a junior professional at the time I was becoming concerned about not having the right skills to take the next step in my career.

Professional immaturity and hindsight

So what has changed? On a personal level, my views on the development of junior professionals in our field has matured and I certainly see things differently now. At the time I remember being particularly frustrated by what felt like a lack of structured development and clear direction available to me. The BCI mentoring scheme was in its infancy at the time and I was probably one of the first to sign up along with the available mentors. My BC mentor wasn’t really sure what to do with me as the process was meant to be 'self-driven' by the mentee, and I wasn’t sure where to take it so I didn’t get very far with that. I’m pleased to say the mentoring framework by the BCI has made steady progress over the last couple of years and I have now signed up to the Mentor-Match scheme as a mentor should anyone wish to have me!

In 2014 I was also desperate for a competency self-assessment to help me understand exactly where to improve. I had already passed the CBCI with merit, but I still wasn’t any clearer on personal strengths and weaknesses other than that I could remember the contents of the Good Practice Guidelines. It’s because of this perceived lack of support, validation and long term development goals that I started to wonder if becoming a BC professional was even a real career.

I realise now of course that I rather naively expected the industry to mark out every inch of my career path and to explain to me at checkpoints how I was doing. I’ve since spoken to many undergraduates during my guest lectures over the last two years and I’ve come to realise that I’m not alone in this assumption. In fact, I get the impression that a number of people out there still have this level of expectation which I think needs to be levelled. This is a very self-driven process!

However, before even embarking on a career in BC/resilience, many students and graduates are looking to the industry for a solid step by step development structure, providing them with a warm cosy feeling that they have long term career journey ahead of them. I think this expectancy is partially driven by the current wealth of graduate recruitment schemes available which clearly offer this kind of structure (just take a look at the PwC, KPMG schemes etc). Although I’m yet to see any major firms offering a scheme specifically involving BC.

I also think the universities are partly responsible. They all look to reassure their students of life beyond the books by suggesting that there is a structure in place for them to develop which isn’t always the case. I’ve had some conversations with students who genuinely believe they will be guided by the hand through their career, which we all know simply doesn’t happen in the way they think.

I also expected too much from the BCI, senior colleagues and mentors. Their time and resources are extremely limited and so their efforts are essentially wasted if not used in the right way. Again, I fell into the trap of assuming the seasoned veterans would tell me exactly what I needed to do. I still believe we need to think smart and redesign the development journey for our members but that also requires us spell out what a BC professional actually looks like and how to get there. I think this alone is a major challenge given the emergence of popular concepts such as organizational resilience and cyber. We are still very much in the process of finding our place in that particular evolution so it might be a touch too difficult to fully define what is essentially a moving target.

More recently, there were some worthwhile discussions at BCI World 2016 during the #hire2retire session which looked at the business continuity career path. I would urge everyone to take a look. A very good insight from these discussions was captured by PwC’s Rebecca Robinson who recognises the need to remain flexible, but also to get out there and broaden your experience. Again this goes back to being a sell-driven professional.

Self-driven career positioning

If anything, the last two years have taught me the importance of self-driven career development. I needed to undertake some self-evaluation and decide on what direction I needed to take. My main aim for the future is to become a highly effective resilience manager with a good understanding of the threat landscape for the business in which I work. It’s because of this approach that I started to identify some seriously worrying knowledge gaps (namely IT security or cyber). I started to notice that more and more of my business disruptions/major incidents at work specifically related to IT/data breaches or threats thereof. I found myself constantly at the whim of the Chief Technology Officer and other technical staff to assure me that controls were in place, which of course found to be lacking when incidents really did occur.

I’ve spent the last year being immersed into cyber security so I can get ahead of the game. I’ve retrained in, CompTIA Security +, CSX – Cyber Security Fundamentals and CRISC and I now work closely on new and emerging technology in banking networks. I’m already stronger for the experience and I can comfortably challenge the views expressed by those in the business who are deemed technical who often try to bamboozle other management with 'tech-speak'. Ultimately this will make me a more effective resilience manager in the future when the right role comes my way. 

Luke Bird MBCI received the 2014 BCI Global Award for Best Newcomer and is a self published author in business continuity and has several articles published on the BCI and Continuity Central websites. He has successfully delivered and maintained a full programme of ISO 22301 certification and fully completed a series of major Work Area Recovery rehearsals around the UK . Luke is also widely known for his 'BlueyedBC' brand where he uses his online presence to share learning and experience among professionals in the industry and often attends universities to provide guest lectures to undergraduates studying the discipline.

Risk avoidance is the elimination of hazards, activities and exposures that can negatively affect an organization’s assets. Whereas risk management aims to control the damages and financial consequences of threatening events, risk avoidance seeks to avoid compromising events entirely.

When determining your risk mitigation strategies, don’t confuse the strategies of risk avoidance or risk acceptance with risk ignorance. Risk ignorance is a situation where the knowledge about the risk (and any underlying phenomena and processes) is poor. Just because there are no remediation strategies currently in place does not mean that a conscious decision has been made to accept the risk.

We perform assessments regarding risk and risk impact on a daily basis. We then use those assessments to determine our choice of action. A good example is wearing a seat belt. We might observe that experienced drivers are more likely to understand the risks inherent in car travel, and thus choose to wear seat belts, whereas the less experienced driver (think teenagers) may have to be reminded constantly of those risks– at least in my house. These are contrasting examples of risk avoidance (seat belt use) and risk ignorance (no seat belt use). Neither should be confused with risk acceptance (car travel is dangerous, but I don’t want to wrinkle my clothes, so I’m not going to wear my seat belt).

...

https://www.mha-it.com/2016/11/defining-risk-avoidance/

Page 4 of 1186