Fall World 2016

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 29, Issue 3

Full Contents Now Available!

Jon Seals

Even as government agencies slowly move to the cloud, most end users’ organizations are enjoying many benefits of moving to the cloud. To be successful, each must understand the security controls deployed at each cloud provider. They also need to understand what dedicated security devices are defending, data and applications, and each unique architecture (and potential loopholes). Below are just a few factors cloud and applications vendors should consider when helping end users or government agencies when moving to the cloud:

...

http://www.forbes.com/sites/moorinsights/2016/06/30/security-must-lead-the-cloud-migration-conversation/

See below for webinar slides from Active Shooters to Office Closures: Effectively Communicating with Your Employees where James Green, Business Continuity Program Manager, PSCU, discussed how his organization communicates with employees during emergencies and daily operational activities.

...

http://www.everbridge.com/webinar-slides-active-shooters-to-office-closures/

The Republican National Convention (RNC) is taking place in my hometown, Cleveland, OH, in just a few short weeks. I can feel the energy and excitement everywhere I go. Of course, that energy has been amplified by the fact that the Cavs just brought home the first major sports title in 52 years, but, regardless, the city is buzzing.

Even though most people are excited to see this scale of an event take place in Cleveland – and, let’s be honest, finally have the opportunity to show everyone why the nickname ‘mistake by the lake’ no longer applies – the entire city and nearly all organizations that operate here will be disrupted.

How? Well, access for one thing:

...

http://perspectives.avalution.com/2016/another-example-of-why-business-continuity-planning-matters/

Weather enthusiasts can join the growing community of global members who share accurate, hyper-local weather information and images from places all over the world

SAN FRANCISCO — Weather technology company BloomSky announced the release of its Next Generation Wireless Weather Station featuring the SKY2 and the STORM. The new combo succeeds the original BloomSky device, known as the SKY, which made a big splash in 2014 and changed the way people access the weather. Developed to solve the problem of inaccurate weather forecasts, the SKY was warmly embraced by outdoor enthusiasts, travelers and weather enthusiasts by creating a next generation, crowd-sourcing community that shares accurate, hyper-local weather information and images from places all over the world.

The next-gen SKY2 — a 5-in-1 weather camera station that accurately measures temperature, humidity, barometric pressure and precipitation — was enhanced with Bluetooth LTE for easier setup, but retained most of the core competencies of the original SKY:

  • Measures temperature, humidity, barometric pressure, UV exposure, and precipitation using reliable sensors.
  • Captures pictures of the sky every 5 minutes, creating a time-lapse video at the end of the day
  • Connects seamlessly through a Wi-Fi router and smartphone, as well as with other smart home hardware and applications.
  • With an aerodynamic design, it adapts to the harshest weather conditions, including gusts, downpours, dust and UV radiation.
  • Provides constant data collection with the solar panel option.

BloomSky will also roll out the STORM, a high-precision, 4-in-1 wireless weather device that measures current UV, rainfall, and wind speed and direction. Its 433-MHz radio frequency ensures consistent and reliable transmission with better range. The STORM was designed to work with either the SKY2 or SKY and is app-enabled (iOS or Android).

Key features of the STORM include:

  • Rain collector: Tipping cup accuracy of 0.2 mm per tip, no limit range.
  • Anemometer: Measures wind speeds with accuracy of 1 m/s or ±5%. Startup speed: 0.5 m/s.
  • Wind direction: Measures wind direction in eight compass points.
  • Bird spikes: To deter bird landing and nesting.
  • Smart control ready: IFTTT, Nest, SmartThings, and more.
  • Units of measure: U.S. standard
  • UV light sensor was moved from the SKY to the STORM for more accuracy.
  • Solar Panel: Compact solar grid for continuous operation without recharge interruption.

The BloomSky Plus bundle will include the SKY2, STORM, solar panel and mount with a projected price of $249. The SKY2 Bundle will include the SKY2, solar panel and mount with a projected price of $199. BloomSky will also release the STORM as a separate add-on for original SKY owners for $99. For more information, visit www.bloomsky.com.

Friday, 01 July 2016 00:00

BCI: Brexit - the opportunity?

The Business Continuity Institute - Jul 01, 2016 10:24 BST

Are business continuity managers internal optimists, and do we really believe that we will be effected by an incident? Do we peddle our profession secretly believing, or hoping, that it will never happen to us and that our plans will never be implemented? This has happened to me. I, until the very last moment, believed that ‘remain’ would prevail and I didn’t need to worry about the vote.

There was recently a section on the 1 o’clock news when a number of pollsters and punters gave their predictions for the vote, and almost all said they believed that remain would win. Even a farmer who had four pigs, two named after remain politicians and two named after the leave campaign, including one called ‘Boar-is’, and raced them every day to predict who would win, said the remain campaign would win as remain pigs won more races. I was so sure Brexit would never happen that I hadn’t even bothered to write a business continuity bulletin on the subject. The people in the BC Training office recycled a Scottish Independence bulletin to cover the subject.

Perhaps I was not the only business continuity person who was of this mind-set. I was at the East Midlands BCI forum on the day of the vote, and there was very little talk of the referendum, perhaps we were all fed up of the agro associated with it, and absolutely no talk of any contingency plans for Brexit.

So what should we be doing, as business continuity people, to deal with this new situation? If, like me, you haven’t prepared for this, then let me share a few thoughts:

A good incident tool is to plan for different scenarios taking into account all the different variables. Will it be the two year exit under Article 50 which will be fast and unpredictable, or will it be a slower negation, which gives us time to prepare? What is our exposure to European trade and how might if effect our staff if they are EU, non UK, citizens? There is also the extra dimension of a further Scottish referendum. As the news people would say, we are in uncharted territory, so I think you have to look at all variables and all possible options.

We should then look at what is our worst case, best case and most likely case, and develop appropriate risk mitigation measures. These should be agreed by top management and the organisation should monitor events as they occur and adjust the mitigation measures as the situation changes.

In all crises or incidents there is always an opportunity and the smart business continuity manager will recognise this. As David Cameron warned, we have now jumped out of the plane and we cannot clamber back into the cockpit, so we must embrace the change and look for the opportunity that this new world brings. Maybe it is also for me to review my business continuity plan, because as we tell everyone else, the incident we don’t want to happen could occur tomorrow!

Charlie Maclean-Bristol is a Fellow of the Business Continuity Institute, Director at PlanB Consulting and Director of Training at Business Continuity Training.

The average cost of a data breach for companies surveyed has grown to $4 million, a 29% increase since 2013, with the per-record costs continuing to rise, according to the 2016 Ponemon Cost of a Data Breach Study, sponsored by IBM. The average cost hit $158 per record, but they are far more costly in highly regulated industries—in healthcare, for example, businesses are looking at $355 each, a full $100 more than in 2013. These incidents have grown in both volume and sophistication, with 64% more security incidents reported in 2015 than in 2014.

Ponemon wrote:

Leveraging an incident response team was the single biggest factor associated with reducing the cost of a data breach–saving companies nearly $400,000 on average (or $16 per record). In fact, response activities like incident forensics, communications, legal expenditures and regulatory mandates account for 59 percent of the cost of a data breach. Part of these high costs may be linked to the fact that 70 percent of U.S. security executives report they don’t have incident response plans in place.

With so much on the line, more and more companies and consumers continue to search for whom to hold accountable for cybersecurity failures, and the message is becoming clearer: executives need to get serious or watch out.

...

http://www.riskmanagementmonitor.com/holding-executives-accountable-for-cybersecurity-failures/

(TNS) - A severe weather event during Burlington Steamboat Days was used Tuesday afternoon as a situational example for Des Moines County to discuss how they would respond in an emergency.

If tornadoes, flooding and power outrages were to occur during a major community event - how would county agencies work together to mitigate the disaster?

The almost 80 business leaders, public officials and safety officers participating in the Federal Emergency Management Agency's training course worked through how their different agencies would respond when faced with infrastructure damage and personal injury across the county.

...

http://www.emergencymgmt.com/training/Steamboat-Days-serves-as-real-world-example-in-disaster-prep-for-FEMA-group.html

Symantec makes security software for the enterprise market. They also sell a line of products for the consumer market under their Norton brand. All of their anti-virus products use the same core engine and that engine has been found to have high level and potentially devastating security vulnerabilities. Symantec SYMC +1.18% has patched these vulnerabilities and if you are using a Symantec or Norton anti-virus product you should make sure your software is upgraded right now.

The vulnerabilities in Symantec’s core engine were uncovered by a team at Google's GOOGL +0.27% Project Zero and made public in a blog post by Tavis Ormandy. According to Ormandy

These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.

...

http://www.forbes.com/sites/kevinmurnane/2016/06/29/if-you-are-using-security-software-from-symantec-or-norton-you-should-upgrade-immediately/

COMMUNICATIONS PLANS AND SCHEDULES

Regina Phelps recently joined forces with Everbridge and recorded a webinar that explores in-depth strategies for improving your disaster and crisis management. Previously in part four of this five part series, Regina discussed what a governance document and a communication matrix are, and what their content should be. If you missed part four, you can access it here

In this installment of the series, Regina discusses communications plans, as well as why and how to build a communications schedule.

...

http://www.everbridge.com/improving-disaster-and-crisis-management-with-timely-communication-and-response-part-5/

(TNS) - The people handling security for the nation’s busiest malls and amusement parks are no longer retired cops. They are a 24-year veteran of the FBI, a former CIA operative and the onetime chief of counterterrorism for Scotland Yard.

The theme-park industry’s annual security bill, already roughly $250 million a year, is expected to grow by more than $100 million over the next few years, according to one consultant. Disneyland, Universal Studios Hollywood and SeaWorld all installed metal detectors outside their gates for the first time in December.

“Lone wolf” shootings, including those at the Pulse nightclub in Orlando, Fla., this month, and in San Bernardino in December, have forced businesses to shoulder more of the cost and responsibility of securing America against terrorism.

...

http://www.emergencymgmt.com/safety/Cost-of-keeping-America-safe-from-lone-wolf-shootings-shifts-to-business.html

Page 1 of 1011