Fall World 2014

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 27, Issue 3

Full Contents Now Available!

Mike McClain, Senior Web Designer & Site Manager

A CIO once quipped, "Security isn't hard, compliance is." And in fact many companies focus their security efforts on meeting compliance requirements. But if you are audit compliant, have you in fact addressed all of your risks, or are you just kidding yourself? Is it better to focus on the risks presuming that doing so will cover you off on the compliance side? Network World Editor in Chief put the question to two practitioners, both of whom come down on the side of risk.

http://news.techworld.com/security/3443337/viewpoint-when-it-comes-to-enterprise-security-is-it-better-to-focus-on-compliance-or-risk/

Business skills are key components of any chief information security officer (CISO), says Paul Swarbrick, CISO at aeronautical information service, NATS.

“After 25 years in information assurance, I am convinced that in the modern era that the role is not about technical expertise, but about being a business expert,” he told Computer Weekly.

http://www.computerweekly.com/news/2240182100/Business-skills-key-to-CISOs-survival

Gloomy news: Companies across the world are now less prepared to deal with risks than they were two years ago. Even worse: Though companies have had nearly five years to respond to the global economic slowdown — which they cite as as the biggest risk to business — they are increasingly unable to confront the revenue problems it has created.

http://www.riskmanagementmonitor.com/companies-in-2013-are-less-prepared-for-major-risks-than-they-were-in-2011/

When teams are determining and developing their Business (unit) Continuity Plan (BCP) the fact that manual procedures will be used, often crops up. ‘What will you do in a DR situation?’ they’re asked and the answer all too often – and quickly – comes back as “we’ll do ‘x’ manually.” Really, is it that easy to do; just revert to a manual process for what normally includes many checks and balances and possibly varying numbers of applications?

http://stoneroad.wordpress.com/2013/04/22/9-things-to-consider-with-bcm-dr-and-the-use-of-manual-processes/

I was very excited to finally get a copy of the much-anticipated 2013 Verizon Data Breach Investigations Report (DBIR.)  I have found the report to be valuable year after year.  This is the 6th iteration and this year’s report includes 621 confirmed data breaches, as well as over 47,000 reported security incidents.  18 organizations from across the globe contributed to the report this year.  The full report is 63 pages, and I have to say that Wade Baker and company did a great job making it an enjoyable read. I enjoyed the tone, and I found myself laughing several times as I read through it (Laughing and infosec aren't commonly said in the same breath.)  There are tons of great references as well, ranging from NASCAR, to Biggie Smalls, the Violent Femmes and more.  The mantra of this year’s report is “Understand Your Adversary’ is Critical to Effective Defense and Response.”

http://blogs.forrester.com/rick_holland/13-04-22-observations_on_the_2013_verizon_data_breach_investigations_report

Making use of the petabytes of patient data that healthcare organizations possess requires extracting it from legacy systems, normalizing it and then building applications that can make sense of it. That's a tall order, but the facilities that pull it off can learn a lot.

http://www.cio.com/article/732160/6_Big_Data_Analytics_Use_Cases_for_Healthcare_IT

AUSTIN, Texas -- TechAssure Association,
Inc. announces the release of their enhanced website:
http://www.techassure.com
<http://globalmessaging1.prnewswire.com/clickthrough/servlet/clickthrough?msg_id=7441544&adr_order=160&url=aHR0cDovL3d3dy50ZWNoYXNzdXJlLmNvbS8%3D>.

TechAssure members provide specialized insurance and risk management
solutions for the technology industry.

These industries indicate that industry knowledge and access to
specialty tools and products are key drivers of their satisfaction in
insurance brokerage expertise.

"TechAssure differs from the competition, in that it is a one-of-a-kind
association that leverages cross-collaborations to sharpen coverage
offerings, innovate new products and services, combine talents and
advance social causes important to technology firms and their board
members," says Julie Davis, executive director of TechAssure. "Bringing
together groups, with varying perspectives and skill sets can ignite a
group of professionals that can infuse the insurance industry with fresh
ideas and help technology firms manage risk more effectively."

"TechAssure puts years of knowledge and experience to work helping
technology companies address their most critical risk management
issues," says Spence Hoole, chairman, TechAssure.

Through TechAssure's enhanced website, clients have easy access to the
association members and a range of products and services vital to
comprehensive risk management.

Features include:

  * Convenient online applications for a full range of tailored
    insurance products including: Directors' & Officers' Liability,
    Employment Practices Liability, Technology Errors & Omissions,
    Cyberliability, Commercial, Package, Commercial Automobile and
    Workers' Compensation.
  * Simple navigation to access risk management checklists and information
  * View expert film interviews and watch quick film clips on industry
    challenges and opportunities

*_About TechAssure Association, Inc._*

Founded in 2001, TechAssure has 22 worldwide insurance broker members in
seven countries, serving over 4,000 industry clients with annual
industry insurance premiums of $1 billion.

The members of TechAssure help a wide range of technology clients
develop effective risk management and workforce productivity solutions,
so they feel more confident about managing their future. TechAssure
members are affiliated with 48 technology associations throughout the world.

TechAssure Association leads TechAssure University, TechAssure
Innovation Labs and is managing partner for VentureInsure.

*_TechAssure University_*

Through TechAssure University, the association also provides technical
and industry training that allows members the opportunity to elevate
their leadership and insurance brokerage skills, service, innovation and
technical capabilities. The University program offers brokers
certifications, for their members, in three distinct areas.

*_TechAssure Innovation Labs_*

TechAssure Innovation Labs has a mission of leading the innovation of
new insurance and risk management solutions for the technology industry.
Innovation Lab sessions are conducted throughout the year for members of
the TechAssure Association and their strategic partners.

*_VentureInsure_*

TechAssure Association is the managing partner of the VentureInsure program.

*_TechAssure members include: _*

The Addis Group, AH&T Insurance, AHM Financial Group, Audit & Risk
Solutions, Avatar, Bolton & Co, Costello & Sons, Diversified Insurance
Group, Giles Insurance Brokers LTD, Globalex, GPL Assurance, Gregory &
Appel, IMA Corporation, JJ Wade & Associates, Keaney Insurance Brokers,
Mason & Mason Insurance, Plexus Groupe, Prudent Brokers, RJ Ahmann & Co,
Roach Howard Smith & Barton, Rollins Agency, Sanderson Risk Advisors. In
addition, TechAssure has worldwide innovation partnerships with legal,
venture capital and key players in the insurance industry.

COLUMBUS, Ohio – A new report from Emerson Network
Power, a business of Emerson (NYSE:EMR) and a global leader in
maximizing availability, capacity and efficiency of critical
infrastructure, finds that nearly half of CIOs consider themselves IT
service providers or cost centers, rather than business game changers or
strategic innovators. Simply keeping up with new technologies has become
a major barrier to embracing the rapid development of the information
era. The report, “The CIO of the Future: Becoming a Business
Game-Changer ,”  also emphasized the importance of budgeting for innovation as one way to
embrace a more strategic role in any organization.

The Emerson Network Power report includes responses from 560 CIOs and
top IT executives of companies with 500 or more employees in the United
States, Latin America, Europe and Asia. Highlights from the report include:

·CIOs from Asia (79 percent) and Latin America (78 percent) lead the
pack in expecting significant change in their role in the next 5 years.
Less dramatic change was expected in the United States and Europe, where
about half believe their role will change significantly in the next 5
years.

·Only 10 percent of CIOs see themselves as a driver of their business’
competitive future; with another 15 percent categorizing themselves as a
business peer and 26 percent seeing themselves as influential
collaborators.

·Latin American CIOs are more likely to see themselves as developers of
business strategy or game changers. U.S. CIOs are the least likely to
see themselves in this way.

·CIOs identified 40 issues as being very or extremely important to their
role as IT leader in their organization. As a result they find
themselves spending most of their time focused on providing services
rather than planning for the future.

“As a former CIO I understand both the demands of the job and the
critical role the CIO can play in supporting and shaping business
strategy,” said Steve Hassell, former Emerson CIO and current president
of Emerson Network Power’s Avocent business. “It can be difficult to get
off the hamster wheel of day-to-day operations, but trends such as
social media, mobility and data-driven decision making are only going to
increase the importance of IT in attracting and serving customers.
Emerson is rapidly addressing some of these challenges by introducing
solutions that reduce complexity and improve management of resources.
This is key to making the transition from service provider to business
leader a seamless effort.”

To view the full report, visit the www.EmersonNetworkPower.com/CIOtopics

For more information on Emerson Network Power products and solutions
that support the data center, visit www.EmersonNetworkPower.com

Cyber-threats, along with breaches in security and privacy, are forcing corporate risk managers to reconsider how they protect their company's data and proprietary business information, according to an annual survey by global professional services company Towers Watson (NYSE, NASDAQ: TW). The survey examined how North American companies use outside resources, tools and frameworks to address their risk exposure across a variety of eventualities, ranging from a hardening property & casualty insurance market to natural catastrophes and the threat of terrorism.

http://online.wsj.com/article/PR-CO-20130422-906674.html

Within the last 11 days there has been a bombing at the Boston Marathon, the related shooting at MIT, an explosion at a fertilizer plant in West, Texas and bomb threats to schools and businesses across the Treasure Valley, including Boise State. In light of these recent events, it seems that emergency preparedness and safety are on a lot of minds.

http://arbiteronline.com/2013/04/22/emergency-management-helps-campus-prepare-for-the-worst/