Continuity Logic’s Frontline Live 5™ is the first leader in Gartner’s Magic Quadrant Business Continuity (BCMP) software category that has effectively converged continuity, risk and compliance in a one easy to use cloud-based solution.

Fall World 2015

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 28, Issue 3

Full Contents Now Available!

Jon Seals

Few words spark more angst in business circles than “controls.” No one wants to be controlled, yet controls are an integral part to any business. Unfortunately, many people equate the word to a costly compliance exercise, largely thanks to the Sarbanes-Oxley Act of 2002 (SOX). This is not an article on SOX, but rather a look at how and why controls should be understood and appreciated by all organizations, regardless of type, industry or size. Defining and assessing controls is simply a sound business exercise regardless of regulatory compliance considerations.

However, before we leave SOX, there is a common question I want to address. Private companies and nonprofit organizations often inquire if SOX makes sense for them. First of all, let’s put this in perspective. SOX contains 66 sections within 11 titles covering a wide range of governance, audit, business, regulatory and enforcement topics. By far, the most common section is 404 entitled Management Assessment of Internal Controls. So for simplicity of addressing this question, I will approach it from this single section. Section 404 requires an annual management assessment of the effectiveness of the Internal Controls over Financial Reporting (ICFR), as well as an external audit opinion on ICFR for public companies reaching certain size thresholds. The answer is a definite “yes” regarding periodic management assessments, as this is simply a prudent business practice. As it pertains to additional attestation work, this is likely not warranted for most organizations. Instead, companies should ask their auditor to point out areas for control improvements as they obtain an understanding of ICFR for planning their audit of the financial statements. This independent feedback can be a valuable piece of the audit value proposition.



It seems that the prevailing wisdom in data center circles these days is that Big Data will simply be too big for the enterprise. When faced with the enormous volumes of sensor-driven and machine-to-machine (M2M) feedback, the enterprise will have no choice but to push the vast majority of the workload onto the cloud.

To be sure, the cloud offers a compelling value proposition when it comes to Big Data, but that does not mean that even small organizations won’t be able to build their own analytics infrastructure for the most crucial data.

The mistake that many executives make when contemplating Big Data is applying those volumes to infrastructure as it exists today. In reality, the infrastructure of tomorrow will be more compact, more scalable and more attuned to these emerging workloads than the legacy systems currently occupying the data center.



By Tyler M. Sharp  Ph.D. (LCDR,USPHS)

Most travelers to Africa know to protect themselves from malaria. But malaria is far from the only mosquito-borne disease in Africa. Recent studies have revealed that dengue, a disease that is well recognized in Asia and the Americas, may be commonly misdiagnosed as malaria in Africa. So if you’re traveling to Africa, in addition to taking anti-malarial medications you should also take steps to avoid dengue.

Map of areas around the world affected by Dengue.

Dengue is a mosquito-transmitted illness that is recognized as a common illness throughout Southeast Asia and much of the Americas. In fact, a study published in 2013 estimated that 390 million dengue virus infections occurred throughout the tropics in 2010. Although 70% of infections were predicted to have occurred in Southeast or Southcentral Asia, the next most affected region (16% of infections) was Africa, followed by the Americas (14% of infections). The large estimated burden of dengue in Africa came as a surprise to some, since dengue is not often recognized to be a risk in Africa.

Dengue is Hard to Diagnose in Africa

There are several reasons why dengue has limited recognition in Africa. First, the lack of laboratory-based diagnostic testing leads to many patients not being diagnosed with dengue. This can be perilous because without early diagnosis and appropriate clinical management, dengue patients are at increased risk for poor outcome. However, in order for a clinician to request dengue testing, they must first be aware of the risk for dengue. This awareness usually comes in the form of a positive diagnostic test result. Hence, without testing there is limited clinical awareness, and without clinical awareness there is limited testing.

Finding Dengue in Africa

Map of Africa

Brown indicates countries in which dengue has been reported in residents or returned travelers and where Aedes aegypti mosquitoes are present. Light brown indicates countries where only Ae. aegypti mosquitoes have been detected.

How do we know that there actually is dengue in Africa? First, since 1960 at least 15 countries in Africa had reported locally-acquired dengue cases. In addition, travelers returning home with dengue had been detected after visiting more than 30 African countries. Still more African countries are known to have the Aedes mosquitos that transmit the 4 dengue viruses. These findings together provide strong evidence that dengue is a risk in much of Africa.

Thus, it was not a surprise in the summer of 2013 when dengue outbreaks were detected in several sub-Saharan African countries. In many cases, detection of dengue was facilitated by the availability of rapid dengue diagnostic tests that enabled on-site testing.

Dengue Field Investigations in Angola and Kenya

In a past blog I described the initial findings of a dengue outbreak in Luanda, Angola, in west-central Africa outbreak: dengue cases were initially identified with a rapid diagnostic test and confirmatory diagnostic testing and molecular epidemiologic analysis performed as CDC demonstrated that the virus had actually been circulating in the region for at least 45 years. This provided strong evidence that dengue was endemic in the area. During the outbreak investigation, CDC and the Angola Ministry of Health conducted house-to-house surveys wherein blood specimens and questionnaires were collected. Of more than 400 participants, 10% had been recently infected.

Teams from the Angola Ministry of Health conduct a dengue serosurvey in Mombasa, Luanda. Image courtesy of the Angola Field Epidemiology Training Program.

Teams from the Angola Ministry of Health conduct a dengue serosurvey in Mombasa, Luanda. Image courtesy of the Angola Field Epidemiology Training Program.

Though nearly one-third reported recently dengue-like illness, and half had sought medical care, none of the patients with laboratory evidence of infection with dengue virus had been diagnosed with dengue, including one person who had symptoms consistent with severe dengue. Although this investigation yielded more questions than answers, it was clear that there was much more dengue in Luanda than was being recognized clinically. By improving clinical awareness through training of clinicians and strengthening disease surveillance, the ability for diagnosis of individuals ill with dengue or other emerging infectious diseases was improved.

On the opposite coast of Africa in Mombasa, Kenya, although dengue outbreaks had been reported for decades, the first outbreak to be confirmed with laboratory diagnostics occurred in the early 1980s. When an outbreak of non-malarial illness was reported in 2013, blood specimens were sent to a laboratory at Kenya Medical Research Institute (or KEMRI) to determine the cause of the outbreak. Three out of the four dengue viruses were detected during this outbreak, which alone suggested that dengue was endemic in the area. To get a better idea for how much dengue there was in Mombasa, CDC and the Kenya Ministry of Health conducted a representative survey in a populous neighborhood of Kenya. Over 9 days, 1,500 people were enrolled in the serosurvey and testing revealed that 13% of participants were currently or recently infected with a dengue virus. Nearly half of infected individuals reported a recent dengue-like illness, most of which had sought medical care.

Field workers from CDC and the Kenya Ministry of Health conduct a dengue serosurvey in Mombasa, Kenya. Image courtesy of Dr. Esther Ellis.

Field workers from CDC and the Kenya Ministry of Health conduct a dengue serosurvey in Mombasa, Kenya. Image courtesy of Dr. Esther Ellis.

However, nearly all patients had been diagnosed with malaria. Because Mombasa is a port city that is also popular tourist destination, not only was the apparent magnitude of the outbreak a concern for patient diagnosis and care in Mombasa, it also meant that visitors to Mombasa may not be aware of the risk of dengue and therefore could be getting sick and/or bringing the virus home with them.

What next?

There is not yet a vaccine to prevent infection or medication to treat dengue. Unlike the night-time biting mosquitoes that transmit malaria, the Aedes mosquitoes that spread dengue are day-time biters. Consequently, both residents of and travelers to Africa should protect themselves from mosquito bites to avoid dengue by using mosquito repellent. Other strategies, like staying in places with air conditioning and screens on windows and doors and wearing long sleeve shirts and pants, can also help whether you’re traveling to Africa or other regions of the tropics. For clinicians, if travelers recently returned from Africa with acute febrile illness, consider dengue as a potential cause of the patient’s illness.

We still have much to learn about dengue in Africa, but learning where there is risk of dengue is the first step to avoiding it.


Wednesday, 29 July 2015 00:00

Brain Design-Inspired Computing Is Here

Computing inspired by the design of brains is rapidly progressing. Very rapidly.

Companies like IBM and Qualcomm are financing neurochip projects, and in the case of IBM’s Cognitive Computing push, it may be betting its own future on neuromorphic technology. Europe is investing US $1.3 billion in the Human Brain Project, which sets out to simulate the human brain. Not to be left behind, the US announced in 2013 it is investing $300 million in its own Brain Initiative with similar objectives. Researchers in the UKCanada, at Stanford University, and at DARPA are all working on various aspects of the neuromorphic computing puzzle, and are now publishing their results.

Deep thinkers like Stephen Hawking and tech billionaires like Bill Gates and Elon Musk ominously warn about the impeding perils of this technology while proponents (including Paul Allen, also of Microsoft fame) fight backMany world scientists are dismayed over how the Human Brain Project is unfolding, fearing the project is quixotic and not transparent. They are now raising a ruckus. Philosophers continue to rail against the whole matter of intelligent machines, but this time not so safely detached since, with recent technical advances, the future is a lot closer now than it was in the last artificial intelligence (AI) go-around more than 25 years ago.



EPSOMKroll Ontrack today announced innovative advancements in recovering data from enterprise storage systems, specifically EMC® Isilon®, Commvault® Simpana, Infortrend® EonStor and HP® EVA. With nearly two-thirds of organisations experiencing unplanned system downtime or data loss in 2014 according to an EMC survey, and 71 per cent not fully confident they can adequately recover systems/data to meet business needs*, Kroll Ontrack’s newly developed technologies address complex data recovery in the highly evolving enterprise storage landscape.


“Hardware technologies are progressing at warp speed and every vendor is establishing its own proprietary method of storing data, which means we’re seeing most enterprise-level failures resulting in data loss requiring a custom recovery solution,” says Paul Le Messurier, Programme and Operations Manager at Kroll Ontrack. “Add to that the sheer volume of data streaming through these enormously intricate systems, and the complexity of recovery increases. In such nuanced environments, the recovery process is rooted in thoughtfully assessing the failure, analysing and deciphering proprietary storage designs, rebuilding file systems and developing solutions to restore critical data.”


Recently, Kroll Ontrack achieved success developing custom solutions for several leading enterprise configurations:


Infortrend EonStor RAID array: A large UK public sector organisation learned the hard way that even RAID 6 arrays, known for their reliability, are not 100 per cent impervious to hardware failure. Almost 24 terabytes of confidential data were lost when two hard disks failed. The drives were replaced, but the system failed to rebuild, leaving the data inaccessible. Each RAID controller uses unique algorithms and parity to create a RAID 6 configuration. Kroll Ontrack engineers were able to decipher the complex RAID 6 algorithm used by the hardware producer with a newly developed software toolset. This toolset enabled a successful recovery from the RAID 6 and can be used to aid in the recovery of data across all RAID 6 configurations. [Read full case study]


EMC Isilon IQ 6000x: A large US pharmaceutical company experienced the loss of over four million business-critical files from their EMC Isilon storage system when moving critical research and development data within the system. Isilon systems are highly specialised and designed for managing big data through a unique file system (OneFS). Kroll Ontrack, in collaboration with EMC, developed a set of proprietary data recovery tools to overcome data loss in an EMC Isilon storage system. These tools can be used to reduce downtime and increase the success rate of data recovery on an EMC Isilon system. [Read full case study]


Commcell® Media Server & Commvault Simpana® 9/ Dell MD1200: A US company lost access to more than 230 million crucial files due to a corrupt media agent database file on their Commvault Media Server. Kroll Ontrack software developers and data recovery engineers created a new solution for rebuilding the virtual tape library array to reconstruct the data mapping. This newly developed set of tools will reduce the time needed to recover from Commvault-based systems. [Read full case study]


HP® StorageWorks EVA 6000: A flooded data centre left a client’s servers and storage systems partially submerged in water causing severe damage. At the centre of the damage was a HP StorageWorks EVA (Enterprise Virtual Array) 6,000 containing very important business-critical SQL database files as well as sensitive employee information. The very complex RAID mapping system distributes data among multiple drives and the proprietary file system structure required substantial analysis and reverse engineering to decipher. Kroll Ontrack’s research and development team and its software developers created completely new tools to extract the data, successfully recovering 86 per cent of their most critical data. These tools have revolutionised data recovery from the widely used HP EVA system and have proven successful on multiple cases. [Read full case study]


“While every data loss situation has its own unique identity, the solutions we develop build technical knowledge that can be applied across the enterprise,” says Le Messurier. “Ultimately that leads to faster, more efficient solutions when systems fail or human error leads to data loss.”

*EMC Global Data Protection Index “Global Key Results & Findings”: http://www.emc.com/collateral/presentation/emc-dpi-key-findings-global.pdf


About Kroll Ontrack Ltd.

Kroll Ontrack provides technology-driven services and software to help legal, corporate and government entities as well as consumers manage, recover, search, analyse, and produce data efficiently and cost-effectively. In addition to its award-winning suite of software, Kroll Ontrack provides data recovery, data destruction, electronic discovery and document review services. For more information about Kroll Ontrack and its offerings please visit: Krollontrack.co.uk follow @KrollOntrackUK on Twitter or subscribe to the Kroll Ontrack Data Blog.

8 Terabyte Drives Boost Capacity of Large Form Factor AssuredSAN Chassis by 33 Percent While Two New High-Capacity Drive Options Are Now Available for Small Form Factor Systems

LONGMONT, Colo. – Dot Hill Systems Corp. (Nasdaq:HILL), a trusted supplier of innovative enterprise-class storage systems, today announced immediate availability of three higher capacity hard disk devices, including 8 terabyte (8TB) drives, that allow customers to gain greater storage density in all Dot Hill AssuredSAN® hybrid arrays.

With 33 percent more capacity than 6TB drives, new 8TB 7,200 RPM large form factor devices allow Dot Hill Ultra56™ AssuredSAN ultra-density RAID arrays to store up to 448TB of data in a single 4U chassis. Dot Hill also now offers two high-capacity small form factor drives, including a 2TB 7,200 RPM drive and a 10,000 RPM high-performance 1.8TB model. These small form factor drives allow Dot Hill's Ultra48 AssuredSAN ultra-density RAID arrays to store up to 96TB of high-performance storage.

According to a recent research report from industry analyst firm ESG, today's storage IT decision makers want solutions that allow them to manage storage growth, making high capacity a top consideration. Organizations want features that reduce operational costs such as staff, power and cooling requirements and administrators require storage solutions that optimize application performance for key business processes. Dot Hill AssuredSAN hybrid solutions with high-capacity hard disk drives (HDDs) and solid-state drives (SSDs) deliver on all these fronts.

"The challenge of managing not only growing volumes of data but also increasingly larger files has made storage capacity and density even more critical in today's demanding workflows," said Rob Clark, senior vice president, product operations, at Quantum. "As a provider of Dot Hill disk systems in our tiered storage solutions offerings, we look forward to delivering additional value to customers with the new higher capacity drives."

In April, Dot Hill and Quantum announced a go-to-market partnership making Dot Hill's full line of disk storage systems available through Quantum and its worldwide network of resellers.

"These latest high-capacity disk drive options enhance our AssuredSAN solutions for data centers and our vertical markets such as big data analytics, media & entertainment, telecom, and oil & gas," said Bill Wuertz, senior vice president, products and solutions, Dot Hill. "Dot Hill's unique RealStor™ storage operating system provides the perfect complement to these high capacity solutions by allowing administrators to manage data storage with enterprise features such as RealThin™ thin provisioning. RealThin optimizes capacity management and offers file-system integrated space reclamation which reduces the cost of capacity investments by up to 50 percent."

About Dot Hill RealStor

RealStor is Dot Hill's next-generation real-time storage operating system that delivers simple, smart, and efficient storage management services. AssuredSAN storage solutions with RealStor utilize flash to achieve up to 120,000 I/Os per second (IOPs). Included standard with AssuredSAN 3004 and 4004 SAN storage controller models, RealStor fuels a powerful set of autonomic efficiencies including:

  • RealTier™ - SSD and HDD tiering in real-time
  • RealCache™ - SSD caching
  • RealThin™ - thin provisioning
  • RealSnap™ - zero-impact snapshots
  • RealQuick™ - rapid RAID rebuilds
  • RealPool™ - autonomic storage resource pooling

A new and improved management interface streamlines deployment and simplifies routine storage configuration and management tasks.

About Dot Hill AssuredSAN Arrays

Dot Hill AssuredSAN arrays maximize capacity and performance while keeping costs at a minimum. Dot Hill storage systems deliver exceptional performance for sequential workloads. All highly reliable AssuredSAN systems deliver proven 99.999 percent availability. Backed by a 36-month "bumper-to-bumper" warranty, AssuredSAN storage solutions are available with the latest high-bandwidth interfaces, including 12Gb SAS, 16Gb Fibre Channel, 10Gb iSCSI or dual personality 16Gb Fibre Channel/10Gb iSCSI.

About Dot Hill

Leveraging its proprietary AssuredSAN family of hybrid storage solutions with RealStor, the next generation real-time storage operating system, Dot Hill solves today's storage workload challenges created by the Internet of Things and third platform technologies. In today's interconnected world, Dot Hill storage solutions support people accessing information, and machines collecting sensor data, all in real time. Dot Hill's solutions combine innovative intelligent software with the industry's most flexible and extensive hardware platform and simplified management to deliver best-in-class solutions. Headquartered in Longmont, Colo., Dot Hill has offices and/or representatives in the United States, Europe, and Asia. For more information, contact Dot Hill at http://www.dothill.com/ or @Dot_Hill.


Statements contained in this press release regarding matters that are not historical facts are "forward-looking statements" within the meaning of the Private Securities Litigation Reform Act. Because such statements are subject to risks and uncertainties, actual results may differ materially from those expressed or implied by such forward-looking statements. For a discussion of such risks and uncertainties that Dot Hill may face, please consult the Company's most recent Forms 10-Q and 10-K filed with the Securities and Exchange Commission. All forward-looking statements contained in this press release speak only as of the date on which they were made. Dot Hill undertakes no obligation to update such statements to reflect events that occur or circumstances that exist after the date on which they were made. Dot Hill is not responsible for statements made by third parties, including ESG and Quantum.

ANAHEIM, Calif. – Cloudsurance™ today announced the launch of the world´s first cloud insurance program, designed for modern cloud consumers.

Cloudsurance™ is the world's first cloud insurance program designed for cloud consumers. Cloud insurance can help mitigate against the inherent risks of cloud computing, such as downtime, data loss and cyber-attack by providing basic insurance coverage for cloud based data and IT assets.

In our initial launch, Cloudsurance™ intends to provide basic insurance to cloud consumers who use cloud storage services like Dropbox and Box. Typically these cloud storage consumers currently lack an SLA or insurance coverage.

Cloudsurance™ coverage will include data-loss insurance, designed to financially compensate you in the event of a cloud provider losing your data.  It will also include downtime insurance, just in case your cloud provider ever experiences downtime causing your cloud based assets to become unavailable.

An essential component of Cloudsurance™ is cyber-attack insurance, designed to provide you with financial compensation if your cloud provider is affected by a cyber-attack which affects any of your IT assets.

CEO of Cloudsurance, Mr. Alexander Saca said today "There are hundreds of millions of individuals and businesses who entrust their data to cloud providers and have virtually no protection in the form of insurance against downtime, data loss or cyber attack. Our ambition is to provide a basic level of protection to cloud consumers where cloud providers have systematically failed to do so."

Cloudsurance™ is not yet available for sale, but Cloudsurance™ is launching their private consultation process and invites interested parties who wish to learn more about cloud insurance coverage, or those who wish to partner with Cloudsurance™ contact them via their website or by emailing beta@cloudsurance.com

About Cloudsurance™: Based in Anaheim, California, Cloudsurance LLC is a privately held corporation, backed by a group of well-known cloud computing CEO´s, some of which form the management of the company.

Cloudsurance was formed in early 2015 to address a growing concern in the cloud space that cloud consumers had little or no protection against any of the inherent risks involved with cloud computing.

Cloudsurance is not associated or affiliated with Dropbox or Box in any way.


CONTACT:  For more information, please visit the Cloudsurance™ website at www.cloudsurance.com, call them on (888) 769-7797 or email them using info@cloudsurance.com.

WASHINGTON — As part of the U.S. Department of Homeland Security’s (DHS) ongoing efforts to support state, local, tribal, and territorial partners, Secretary Jeh Johnson today announced final allocations for eight Fiscal Year 2015 DHS preparedness grant programs, including the Homeland Security Grant Program. These allocations total more than $1.6 billion to assist states, urban areas, tribal and territorial governments, non-profit agencies, and the private sector with their preparedness efforts.

Together with previous grant funding awarded since 2002, DHS has awarded over $40 billion to these partners. Preparedness grants strengthen our nation’s ability to prevent, protect against, mitigate, respond to, and recover from terrorist attacks, major disasters, and other emergencies in support of the National Preparedness Goal and the National Preparedness System.

The FY 2015 grants focus on the nation’s highest risk areas, including urban areas that continue to face the most significant threats. Consistent with previous grant guidance, dedicated funding is provided for law enforcement and terrorism prevention activities throughout the country to prepare for, prevent, and respond to crimes and other precursors or indicators of terrorist activity.

Preparedness Grant Program Allocations for Fiscal Year 2015:

Homeland Security Grant Program (HSGP)—provides more than $1 billion for states and urban areas to prevent, protect against, mitigate, respond to, and recover from acts of terrorism and other threats. 

  • State Homeland Security Program (SHSP)—provides $402 million to support the implementation of the National Preparedness System to build and strengthen preparedness capabilities at all levels.
  • Urban Areas Security Initiative (UASI)—provides $587 million to enhance regional preparedness and capabilities in 28 high-threat, high-density areas.
  • Operation Stonegarden (OPSG)—provides $55 million to enhance cooperation and coordination among local, tribal, territorial, state, and Federal law enforcement agencies to jointly enhance security along the United States land and water borders where there are ongoing Customs and Border Protection missions.

Awards made to the states and urban areas for HSGP carry pass-through requirements.  Pass through is defined as an obligation on the part of the State Administrative Agency (SAA) to make funds available to local units of government, combinations of local units, tribal governments, or other specific groups or organizations.  The SAA must obligate at least 80 percent of the funds awarded under SHSP and UASI to local or Tribal units of government.  

Per the Homeland Security Act of 2002, as amended, DHS/FEMA is required to ensure that at least 25 percent of grant funding appropriated for HSGP and the Tribal Homeland Security Grant Program are used for law enforcement terrorism prevention activities (LETPA).  DHS/FEMA ensures that this requirement is met in part, by requiring all SHSP and UASI recipients to ensure that at least 25 percent of the combined HSGP funds allocated under SHSP and UASI are dedicated towards LETPA. This 25 percent can be from SHSP, UASI, or both.  The 25 percent LETPA allocation is in addition to the 80 percent pass-through requirement to local units of government and Tribes.

Emergency Management Performance Grant (EMPG) Program—provides over $350 million to assist local, tribal, territorial, and state governments in enhancing and sustaining all-hazards emergency management capabilities. 

Tribal Homeland Security Grant Program (THSGP)—provides $10 million to eligible tribal nations to implement preparedness initiatives to help strengthen the nation against risk associated with potential terrorist attacks and other hazards.

Nonprofit Security Grant Program (NSGP)—provides $13 million to support target hardening and other physical security enhancements for nonprofit organizations that are at high risk of a terrorist attack and located within one of the 28 FY 2015 UASI-eligible urban areas.

Intercity Passenger Rail - Amtrak (IPR) Program—provides $10 million to protect critical surface transportation infrastructure and the traveling public from acts of terrorism and increase the resilience of the Amtrak rail system.

Port Security Grant Program (PSGP)—provides $100 million to help protect critical port infrastructure from terrorism, enhance maritime domain awareness, improve port-wide maritime security risk management, and maintain or reestablish maritime security mitigation protocols that support port recovery and resiliency capabilities.

Transit Security Grant Program (TSGP)—provides $87 million to owners and operators of transit systems to protect critical surface transportation and the traveling public from acts of terrorism and to increase the resilience of transit infrastructure.

Intercity Bus Security Grant Program (IBSGP)—provides $3 million to assist operators of fixed-route intercity and charter bus services within high-threat urban areas to protect bus systems and the traveling public from acts of terrorism, major disasters and other emergencies.

Further information on DHS’s preparedness grant programs is available at www.dhs.gov and http://www.fema.gov/grants.


FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Follow FEMA online at www.fema.gov/blog, www.twitter.com/fema, www.facebook.com/fema and www.youtube.com/fema.  Also, follow Administrator Craig Fugate's activities at www.twitter.com/craigatfema.

The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.

By and large, organizations tend to invest in preventative cybersecurity measures and they also concentrate their resources on detecting and stopping cyberattacks, rather than on painstaking “who did it?” investigations. They want to close the gap, manage the public opinion fallout, learn from the episode and move on.

From an enterprise perspective, this makes sense, as resources dealing with cybersecurity are usually overstretched and the organization does not stand to gain much from determining, with a certain degree of certainty, who was behind a cyberattack. The incentive equation, of course, is different if the target of the attack is a government or a large organization that is part of a country’s critical national infrastructure.

Attack attribution has traditionally been approached from the perspective of enabling the target or victim entity to pursue the attacker either for damages in a court of law; or from a national, military or intelligence “strike back” perspective.



Business And IT 

In today’s world, company operations function at two distinct levels: the business operation level and the IT infrastructure operation level. While the two functions operate independently, IT exists to support the business. Many of the IT operations, like the deployment and management of IT infrastructure, applications and services are driven by the business layer requirements in a top-down fashion to enable the company to carry out its business. IT infrastructure management, including addressing cyber security risks is exclusively done in the IT layer. There are several tools, such as FireEye, McAfee, Qualys, ArchSight and BMC Software which IT deploys and uses in order to identify and manage IT security risk, but something is missing.

A chasm exists between the IT layer and business layer, when looked at from a bottom-up perspective.



Page 1 of 565