The Continuity Logic customized demo provides an opportunity for qualifying organizations to evaluate Frontline Live 5™, with their plans, desired controls, policies, and procedures. This first-of-its-kind system for both business continuity and many other areas of Governance, Operational Risk and Compliance (GRC) is powerful, but often best viewed with some of your familiar plans, data and templates.


Fall World 2015

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 28, Issue 3

Full Contents Now Available!

Jon Seals

By Brandon Tansey, security research engineer, Lancope

The seemingly endless barrage of attacks on government and enterprise networks has made it clear that organizations need to be much more proactive when it comes to security. Deploying perimeter defences / defences like firewalls and antivirus, and expecting them to keep attackers off of your network, has become just plain foolish in the light of today’s increasingly complex threat landscape. Today it is not a matter of if, but when you will be attacked. Security success is no longer just about keeping threats out of your network, but instead about how quickly you can respond and thwart an attack when it happens.

Despite this scenario, many organizations still haven’t gotten it quite right when it comes to incident response. Here are ‘seven deadly sins’ that Lancope often sees companies committing when attempting to build an incident response function.



Frank Perlmutter

Hello everyone! It’s that time a year again. Our team of BCM consultants and product innovators, along with ResilienceONE software users will come together at the Disaster Recovery Journal (DRJ) Fall World 2015 Conference. For the fall conference, we are preparing a number of presentations and fun activities for attendees. These include:

  1. An exclusive peer-to-peer breakout session 2 (emergency session 2), Managing Global BC Programs as THE Lone Planner, on Monday, Sept. 28 from 2:45 to 3:45 PM PST. Joining me will be Keith Cantando, manager of Global Business Resiliency at Cisco Systems and Michael Lazcano, director of Global Business Continuity Services at Gap Inc. Both are ResilienceONE users who manage their BC programs efficiently. They will share their experiences, and offer strategies and current practices, including how to gain executive support, manage your time, create frugal innovation, and leverage your organization for amazing results.
  1. Formal product demonstrations of ResilienceONE BCM software, held in Sapphire Room 411B at the Hilton San Diego Bayfront Hotel, on Monday, Sept. 28 & Tuesday Sept. 29, 12:30-1:30pm PST & 5:30-6:30pm PST. Food and beverages will be served. We will showcase the latest features within ResilienceONE, including dynamic labeling via Smart Field Technology, which enables faster, more intelligent BC planning. The 5:30 demos will include Whiskey Tasting, featuring leading hand-crafted sprits specially selected by expert tasters.
  1. BCM exchanges during exhibit hours at Booth #401-403, where ResilienceONE users and our Strategic BCP team will offer insights and answer questions.

More details about these events can be found here.

Don’t forget to follow us on Twitter at the conference @strategicBCP or with the hashtag #drjfall.

I hope to see you in San Diego!



It’s that time of year again. College campuses are being flooded with students and faculty returning to begin another semester. For higher education institutions around the country safety is among their administrators’ highest priorities. Yet, when you have thousands of people working and living together the logistics of communication often proves difficult—classes are in session at different times, often spread across acres; students live in dorms and apartments both on and off campus; faculty and staff often commute long distances—how do you manage communication?

Adding an emergency notification service to your campus safety plan will allow you to broadcast alerts to all of your students, faculty, and staff in minutes no matter where they are. And, by using a self-registration feature, you can have them sign up for alerts quickly and easily. Or, you can integrate the notification service with the HR and enrollment databases already in place. It’s that easy.



The key question an enterprise must answer when a new technology becomes available is a very basic one: Is it necessary? In the case of 802.11ac, the question within that question, according to Craig Mathias, is whether the organization really needs the 1.3 gigabits per second (Gbps) throughput that it promises. This becomes an even more important issue in cases in which the move to 802.11ac requires the replacement of 802.11n and earlier access points (APs) that are not fully depreciated.

Mathias writes that there is a lot of life left in 802.11n APs, but there a couple of reasons to keep an eye on 802.11ac nonetheless. It is important for planners to keep in mind that the real throughput of 802.11ac is about half of the advertised 1.3Gbps speed. For the same reasons, however, all 802.11 variants only offer about half the speed that the marketers promise. Thus, appropriate apples-to-apples comparisons should be made. The second thing to plan against is the inexorable increase in per-user data requirements.



As a young programmer, I read a book by Michael Abrash which has provided me guidance through the years. “The Zen of Code Optimization” was published in 1994 and discusses graphics coding and performance using Intel 8086 assembly language, implemented under DOS. 

Today, it is $1.78, used, on Amazon and if you have a little time to kill, I recommend reading at least through chapter 3 where the author provides these words of wisdom.

“Assume nothing. I cannot emphasize this strongly enough-when you care about performance, do your best to improve the code and then measure the improvement. If you don’t measure performance, you’re just guessing, and if you’re guessing, you’re not very likely to write top-notch code.”



AUSTIN, Texas – Apply by Aug. 27 for assistance from FEMA or the U.S. Small Business Administration (SBA). You have every reason to do so. 

If you are among thousands of Texans affected by the severe storms, tornadoes, straight-line winds and flooding that occurred from May 4 to June 22, you may be eligible for a grant or low-interest loan from the SBA. If you answer YES to any of the following questions and were affected by the disaster, you may be eligible.

  • Are you a homeowner, renter or business of any size with disaster-related damage? 

  • Did you file an insurance claim for damage and have not received your settlement? 

  • Are you uninsured or under-insured and have unmet needs?

  • Do you need help applying because English is your second language?

  • Are you a Qualified Alien or the parent of a U.S. citizen in your household?

  • Are you a person with a disability or have an access or functional need?

  • Do you receive Social Security, Medicaid food stamps and are concerned help will affect your benefits?

  • Do you need help, but feel others need it more or that there won’t be enough assistance for everyone?

  • Do you feel you will not qualify for a low-interest loan?

If you have questions or concerns about applying for disaster assistance, call the FEMA helpline before the Aug. 27 deadline. Tell your friends and neighbors that help may be available, but they must register before the deadline.

Remember, FEMA grants do not have to be repaid and you are not required to accept an SBA loan. FEMA assistance is nontaxable and will not affect eligibility for Social Security, Medicaid or other federal benefits.

Find answers to questions on http://www.fema.gov/disaster/4223. Topics include rumor control, recovery information, recovery center locations and hours, links to apply for assistance and other resources, information about flood insurance, news releases, fact sheets, photographs and blogs.

You can apply for FEMA assistance online at www.DisasterAssistance.gov or by calling 800-621-3362 toll free from 7 a.m. to 10 p.m. (local time). Multilingual operators are available. Disaster assistance applicants who have a speech disability or hearing loss and use TTY should call 800-462-7585 directly; for those who use 711 or Video Relay Service (VRS), call 800-621-3362.

You also can visit a Disaster Recovery Center. Assistive equipment is available. To find the nearest DRC, go online to http://asd.fema.gov/inter/locator/home.htm.


All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD).

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards. 

The SBA is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. SBA helps businesses of all sizes, private non-profit organizations, homeowners and renters fund repairs or rebuilding efforts and cover the cost of replacing lost or disaster-damaged personal property. These disaster loans cover losses not fully compensated by insurance or other recoveries and do not duplicate benefits of other agencies or organizations. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing disastercustomerservice@sba.gov, or visiting SBA’s website at www.sba.gov/disaster. Deaf and hard-of-hearing individuals may call 800-877-8339.

FEMA’s temporary housing assistance and grants for childcare, medical, dental expenses and/or funeral expenses do not require individuals to apply for an SBA loan. However, those who receive SBA loan applications must submit them to SBA to be eligible for assistance that covers personal property, transportation, vehicle repair or replacement, and moving and storage expenses.

Friday, 28 August 2015 00:00

The Word on Resilience

I was recently on a flight to Florida and had the opportunity to read an interesting article in Governing magazine. Titled The Word on Infrastructure, the story focused on the relative newness of the term “infrastructure” and traced its evolution, explaining how it has become much more prevalent in both industry and society over the past 35 years. 

The article got me thinking about the word “resilience” and how we, in the emergency preparedness realm, have seen a significant uptick in the term, its utilization and even its inclusion in grant guidance. I dare say that even as recently as 10 years ago, we would not have seen the coordinated effort of the Rockefeller Foundation to name the top 100 most resilient cities and fund these cities’ resilience efforts, including the hiring of a chief resilience officer (CRO), for a two-year time period.



Capterra, a free software solutions research firm, surveyed more than 500 businesses to find out more about who uses CRM software and how. Not entirely surprisingly, 52 percent of those responding said that they work for organizations with “less than $10 million in annual revenue.” This goes to show that when we think of customer relationship management (CRM), we should think about all sizes of companies—not just the enterprise.

The report continued to explain that SMBs are one of the fastest growth segments among CRM users. It also found that most companies reported to have adopted CRM software when they had between two and 500 employees—which puts the bulk of them in the SMB category when they began using the software. And two thirds of those surveyed had at least 100 customers when they embraced CRM.

So it seems appropriate that Wix.com, a cloud-based web development platform, is now offering its own CRM solution called MyAccount CRM. The platform is directed toward SMBs that need to better organize their business activities. MyAccount CRM allows them to do so with one simple online platform.



I got an email the other day that said companies shouldn’t let security worries keep them from moving to the cloud. Ironically, the two emails directly below that particular message in my inbox were warnings about the latest security concerns within cloud computing.

Now, I’ve been writing about security and the cloud long enough to know that while overall cloud security has improved, like everything else, it is hardly foolproof. You know the bad guys are going to find ways to penetrate any barrier you put up. So, I thought this would be a good time to think about what’s happening with cloud security right now.

First, I’ll cover the interesting news. According to a new report from CloudLock, 1 percent of users are causing the bulk of your cloud security problems. That 1 percent is also responsible for 62 percent of the apps installed in the cloud. If you want to increase cloud security, you first have to narrow down who that 1 percent includes. According to the report:

Understanding the composition of this one percent of users is crucial for security teams: Often times this subset of users includes super-privileged users, software architects, as well as machine-based identities that grant access privileges and archive data.



SAIPAN – Over 7,500 registrations have been received by FEMA for disaster assistance as a result of damages sustained by Typhoon Soudelor (DR 4235) and nearly $4.3 Million has been approved for survivors so far.  FEMA encourages all who have been suffered damages from Typhoon Soudelor, August 1-3, to register for Disaster Assistance.

Those who have suffered losses as a result of Typhoon Soudelor but have not yet applied for assistance are encouraged to do so as soon as possible.  Survivors can register by phone at 1-800-621-FEMA (3362) or TTY 1-800-462-7585 for survivors with hearing disabilities.  Online registration is also available 24/7 at www.DisasterAssistance.gov. A Disaster Recovery Center, at Pedro P Tenorio Multi-purpose Center in Susupe is open for assistance with the application process. Normal hours of operation are Monday-Saturdays 8 a.m. to 5 p.m.; Sundays 10 a.m.-4 p.m. Completing and returning the loan application does not mean that you must accept the loan.

After registering for disaster assistance, applicants can expect to 1.) Have a Housing Inspection and then 2.) Receive an Approval or Denial Notification.

Housing Inspections

Registered survivors will be contacted by a FEMA inspector to schedule an appointment for an inspection, so registrants do not need to contact FEMA to set up an inspection. The wait time for an inspection is approximately two weeks.  The inspection is needed to verify and assess damages listed in your application. The inspection generally takes 30-40 minutes or less and consists of a general inspection of damaged areas of the home and a review of your records. There is no fee for the inspection.

When a FEMA housing inspector comes to visit your home, be sure they show you proper identification. All FEMA inspectors have prominent photo ID badges. If you are not shown photo identification, then do not allow the inspection. Unfortunately, disasters often bring out criminals who prey on the needs of disaster survivors – so beware of scams and scam artists.

When a FEMA Housing Inspector visits your home, someone 18 years of age or older who lived in the household prior to the disaster must be present for the scheduled appointment. The inspector will ask to see:

  • Photo identification.
  • Proof of ownership/occupancy of damaged residence (structural insurance, tax bill, mortgage payment book/utility bill).
  • Insurance documents: home and/or auto (structural insurance/auto declaration sheet).
  • List of household occupants living in residence at time of disaster.
  • All disaster-related damages to both real and personal property.

If you are unable to provide traditional proof of ownership/occupancy (such as tax bill, mortgage payment books, deed, title, insurance), you can get a signed letter by a local precinct representative to validate the physical location of a home/dwelling (a P.O. Box address is not sufficient).  Letters can be picked up at:

  • Fire Stations
    • Kagman
    • Garapan
    • Susupe
    • Koblerville

Once filled out, please take the form to your local fire station. They will provide you with a contact number to reach your local precinct representative to validate.

If you have been displaced and need transportation to and from the housing inspection, you can contact the Commonwealth Office of Transit Authority at 670-237-8000 to schedule transportation.

Approval or Denial Notification Letters

Once the inspection process is complete, your case will be reviewed by FEMA and you will receive a letter or email outlining the decision about your claim.

If you qualify for a FEMA grant, FEMA will send you a check by mail or deposit it directly into your bank account. You will also receive a letter describing how you are to use the money.  You should only use the money given to you as explained in the letter and save receipts on how you spent the money.

If you do not qualify for a FEMA grant, you will receive a letter explaining why you were turned down and will be given a chance to appeal the decision*. Your appeal rights will be described in this letter. Appeals must be in writing and mailed within 60 days of FEMA’s decision.

If you’re referred to the Small Business Administration, you will receive a SBA application. The application must be completed and returned in order to be considered for a loan or for additional FEMA grant assistance. SBA representatives are available to help you with the application at local Disaster Recovery Center.

*An appeal is a written request to review your file again with additional information you provide that may affect the decision.  You may appeal any decision provided by FEMA regarding your Individual Assistance.

Appeals may relate to your initial eligibility decisions, the amount or type of assistance provided to you, late applications, requests to return money, or a denial of Continued Temporary Housing Assistance.  Prior to requesting an appeal review, you should review your file with a FEMA helpline agent at 1-800-621-3362 (FEMA), or (TTY) 1-800-462-7585, or request a copy of your file from FEMA so you can understand why you received the decision you want to appeal.

To appeal the decision:

  • Explain in writing why you think the decision about the amount or type of assistance you received is not correct. You, or someone who represents you or your household, should sign the letter and have it notarized. If the person writing the letter is not a member of your household, there must be a signed statement saying that that person may act for you.
  • Include the FEMA registration number and disaster number (shown at the top of your decision letter) in your letter of appeal.  You should also include the last four digits of your social security number, your full name, your address, and your date and place of birth.
  • You may also want to include a copy of a government-issued identification card or include the following statement "I hereby declare under penalty of perjury that the foregoing is true and correct".
  • If you have supporting documentation for your appeal, include that in your correspondence to FEMA.
  • Mail your appeal letter to:

FEMA - Individuals & Households Program
National Processing Service Center
P.O. Box 10055
Hyattsville, MD 20782-8055

or you can fax you appeal letter to:

(800) 827-8112
Attention: FEMA - Individuals & Households Program.

IMPORTANT: To be considered, your appeal letter must be postmarked within 60 days of the date of the decision letter's date. Remember to date your letters.

  • All appeals are reviewed.
  • Decisions usually are made within 30 days of receiving the request. 
  • Additional information may be requested from you if FEMA does not have enough information to make a decision.
  • You will be notified by mail of the response to your appeal.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Page 1 of 605