The Continuity Logic customized demo provides an opportunity for qualifying organizations to evaluate Frontline Live 5™, with their plans, desired controls, policies, and procedures. This first-of-its-kind system for both business continuity and many other areas of Governance, Operational Risk and Compliance (GRC) is powerful, but often best viewed with some of your familiar plans, data and templates.


Fall World 2015

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 28, Issue 3

Full Contents Now Available!

By Brandon Tansey, security research engineer, Lancope

The seemingly endless barrage of attacks on government and enterprise networks has made it clear that organizations need to be much more proactive when it comes to security. Deploying perimeter defences / defences like firewalls and antivirus, and expecting them to keep attackers off of your network, has become just plain foolish in the light of today’s increasingly complex threat landscape. Today it is not a matter of if, but when you will be attacked. Security success is no longer just about keeping threats out of your network, but instead about how quickly you can respond and thwart an attack when it happens.

Despite this scenario, many organizations still haven’t gotten it quite right when it comes to incident response. Here are ‘seven deadly sins’ that Lancope often sees companies committing when attempting to build an incident response function.



Frank Perlmutter

Hello everyone! It’s that time a year again. Our team of BCM consultants and product innovators, along with ResilienceONE software users will come together at the Disaster Recovery Journal (DRJ) Fall World 2015 Conference. For the fall conference, we are preparing a number of presentations and fun activities for attendees. These include:

  1. An exclusive peer-to-peer breakout session 2 (emergency session 2), Managing Global BC Programs as THE Lone Planner, on Monday, Sept. 28 from 2:45 to 3:45 PM PST. Joining me will be Keith Cantando, manager of Global Business Resiliency at Cisco Systems and Michael Lazcano, director of Global Business Continuity Services at Gap Inc. Both are ResilienceONE users who manage their BC programs efficiently. They will share their experiences, and offer strategies and current practices, including how to gain executive support, manage your time, create frugal innovation, and leverage your organization for amazing results.
  1. Formal product demonstrations of ResilienceONE BCM software, held in Sapphire Room 411B at the Hilton San Diego Bayfront Hotel, on Monday, Sept. 28 & Tuesday Sept. 29, 12:30-1:30pm PST & 5:30-6:30pm PST. Food and beverages will be served. We will showcase the latest features within ResilienceONE, including dynamic labeling via Smart Field Technology, which enables faster, more intelligent BC planning. The 5:30 demos will include Whiskey Tasting, featuring leading hand-crafted sprits specially selected by expert tasters.
  1. BCM exchanges during exhibit hours at Booth #401-403, where ResilienceONE users and our Strategic BCP team will offer insights and answer questions.

More details about these events can be found here.

Don’t forget to follow us on Twitter at the conference @strategicBCP or with the hashtag #drjfall.

I hope to see you in San Diego!



It’s that time of year again. College campuses are being flooded with students and faculty returning to begin another semester. For higher education institutions around the country safety is among their administrators’ highest priorities. Yet, when you have thousands of people working and living together the logistics of communication often proves difficult—classes are in session at different times, often spread across acres; students live in dorms and apartments both on and off campus; faculty and staff often commute long distances—how do you manage communication?

Adding an emergency notification service to your campus safety plan will allow you to broadcast alerts to all of your students, faculty, and staff in minutes no matter where they are. And, by using a self-registration feature, you can have them sign up for alerts quickly and easily. Or, you can integrate the notification service with the HR and enrollment databases already in place. It’s that easy.



The key question an enterprise must answer when a new technology becomes available is a very basic one: Is it necessary? In the case of 802.11ac, the question within that question, according to Craig Mathias, is whether the organization really needs the 1.3 gigabits per second (Gbps) throughput that it promises. This becomes an even more important issue in cases in which the move to 802.11ac requires the replacement of 802.11n and earlier access points (APs) that are not fully depreciated.

Mathias writes that there is a lot of life left in 802.11n APs, but there a couple of reasons to keep an eye on 802.11ac nonetheless. It is important for planners to keep in mind that the real throughput of 802.11ac is about half of the advertised 1.3Gbps speed. For the same reasons, however, all 802.11 variants only offer about half the speed that the marketers promise. Thus, appropriate apples-to-apples comparisons should be made. The second thing to plan against is the inexorable increase in per-user data requirements.



As a young programmer, I read a book by Michael Abrash which has provided me guidance through the years. “The Zen of Code Optimization” was published in 1994 and discusses graphics coding and performance using Intel 8086 assembly language, implemented under DOS. 

Today, it is $1.78, used, on Amazon and if you have a little time to kill, I recommend reading at least through chapter 3 where the author provides these words of wisdom.

“Assume nothing. I cannot emphasize this strongly enough-when you care about performance, do your best to improve the code and then measure the improvement. If you don’t measure performance, you’re just guessing, and if you’re guessing, you’re not very likely to write top-notch code.”



AUSTIN, Texas – Apply by Aug. 27 for assistance from FEMA or the U.S. Small Business Administration (SBA). You have every reason to do so. 

If you are among thousands of Texans affected by the severe storms, tornadoes, straight-line winds and flooding that occurred from May 4 to June 22, you may be eligible for a grant or low-interest loan from the SBA. If you answer YES to any of the following questions and were affected by the disaster, you may be eligible.

  • Are you a homeowner, renter or business of any size with disaster-related damage? 

  • Did you file an insurance claim for damage and have not received your settlement? 

  • Are you uninsured or under-insured and have unmet needs?

  • Do you need help applying because English is your second language?

  • Are you a Qualified Alien or the parent of a U.S. citizen in your household?

  • Are you a person with a disability or have an access or functional need?

  • Do you receive Social Security, Medicaid food stamps and are concerned help will affect your benefits?

  • Do you need help, but feel others need it more or that there won’t be enough assistance for everyone?

  • Do you feel you will not qualify for a low-interest loan?

If you have questions or concerns about applying for disaster assistance, call the FEMA helpline before the Aug. 27 deadline. Tell your friends and neighbors that help may be available, but they must register before the deadline.

Remember, FEMA grants do not have to be repaid and you are not required to accept an SBA loan. FEMA assistance is nontaxable and will not affect eligibility for Social Security, Medicaid or other federal benefits.

Find answers to questions on http://www.fema.gov/disaster/4223. Topics include rumor control, recovery information, recovery center locations and hours, links to apply for assistance and other resources, information about flood insurance, news releases, fact sheets, photographs and blogs.

You can apply for FEMA assistance online at www.DisasterAssistance.gov or by calling 800-621-3362 toll free from 7 a.m. to 10 p.m. (local time). Multilingual operators are available. Disaster assistance applicants who have a speech disability or hearing loss and use TTY should call 800-462-7585 directly; for those who use 711 or Video Relay Service (VRS), call 800-621-3362.

You also can visit a Disaster Recovery Center. Assistive equipment is available. To find the nearest DRC, go online to http://asd.fema.gov/inter/locator/home.htm.


All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD).

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards. 

The SBA is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. SBA helps businesses of all sizes, private non-profit organizations, homeowners and renters fund repairs or rebuilding efforts and cover the cost of replacing lost or disaster-damaged personal property. These disaster loans cover losses not fully compensated by insurance or other recoveries and do not duplicate benefits of other agencies or organizations. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing disastercustomerservice@sba.gov, or visiting SBA’s website at www.sba.gov/disaster. Deaf and hard-of-hearing individuals may call 800-877-8339.

FEMA’s temporary housing assistance and grants for childcare, medical, dental expenses and/or funeral expenses do not require individuals to apply for an SBA loan. However, those who receive SBA loan applications must submit them to SBA to be eligible for assistance that covers personal property, transportation, vehicle repair or replacement, and moving and storage expenses.

Friday, 28 August 2015 00:00

The Word on Resilience

I was recently on a flight to Florida and had the opportunity to read an interesting article in Governing magazine. Titled The Word on Infrastructure, the story focused on the relative newness of the term “infrastructure” and traced its evolution, explaining how it has become much more prevalent in both industry and society over the past 35 years. 

The article got me thinking about the word “resilience” and how we, in the emergency preparedness realm, have seen a significant uptick in the term, its utilization and even its inclusion in grant guidance. I dare say that even as recently as 10 years ago, we would not have seen the coordinated effort of the Rockefeller Foundation to name the top 100 most resilient cities and fund these cities’ resilience efforts, including the hiring of a chief resilience officer (CRO), for a two-year time period.



Capterra, a free software solutions research firm, surveyed more than 500 businesses to find out more about who uses CRM software and how. Not entirely surprisingly, 52 percent of those responding said that they work for organizations with “less than $10 million in annual revenue.” This goes to show that when we think of customer relationship management (CRM), we should think about all sizes of companies—not just the enterprise.

The report continued to explain that SMBs are one of the fastest growth segments among CRM users. It also found that most companies reported to have adopted CRM software when they had between two and 500 employees—which puts the bulk of them in the SMB category when they began using the software. And two thirds of those surveyed had at least 100 customers when they embraced CRM.

So it seems appropriate that Wix.com, a cloud-based web development platform, is now offering its own CRM solution called MyAccount CRM. The platform is directed toward SMBs that need to better organize their business activities. MyAccount CRM allows them to do so with one simple online platform.



I got an email the other day that said companies shouldn’t let security worries keep them from moving to the cloud. Ironically, the two emails directly below that particular message in my inbox were warnings about the latest security concerns within cloud computing.

Now, I’ve been writing about security and the cloud long enough to know that while overall cloud security has improved, like everything else, it is hardly foolproof. You know the bad guys are going to find ways to penetrate any barrier you put up. So, I thought this would be a good time to think about what’s happening with cloud security right now.

First, I’ll cover the interesting news. According to a new report from CloudLock, 1 percent of users are causing the bulk of your cloud security problems. That 1 percent is also responsible for 62 percent of the apps installed in the cloud. If you want to increase cloud security, you first have to narrow down who that 1 percent includes. According to the report:

Understanding the composition of this one percent of users is crucial for security teams: Often times this subset of users includes super-privileged users, software architects, as well as machine-based identities that grant access privileges and archive data.