Spring World 2017

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 29, Issue 4

Full Contents Now Available!

Industry Hot News

Industry Hot News (6692)

Wednesday, 27 January 2016 00:00

Chasing Black Swans Through The Snow

We had a little snow here in Washington, DC on Friday, and we’re still digging out. The great snowstorm of 2016, a.k.a. Snowzilla, was the kind of outlier event that even the most dysfunctional of local governments must be ready to handle. Even if you think that 2-3 feet of snow in a single day is a “black swan” event, you had better have the snow plows and dump trucks ready for that unlikely scenario.

Software innovators have a much different attitude about black swans. Rather than prepare their response for them, they usually act as though they will never occur. Sure, you might do everything you can to prevent, say, an unexpected architectural glitch to put a critical application into a death-spiral during a period of inconveniently high usage, but there’s only so much risk mitigation that smart design, thorough testing, and other preventive measures can do. The risk of a black swan swooping down to land on your head always exist. (Just look at the painful example of Knight Capital, or the software upgrade that caused a 4-hour outage for the New York Stock Exchange last year.) So what do we do to recover from these events?

...

http://blog.cutter.com/2016/01/26/chasing-black-swans-through-the-snow/

Wednesday, 27 January 2016 00:00

EMC Extends Software-Defined Storage Reach

While the high drama surrounding the proposed acquisition of EMC by Dell continues, EMC’s technology advances continue. Today EMC rolled out an update to its Elastic Cloud Storage (ECS) platform that is at the core of the company’s software-defined storage (SDS) architecture.

Manuvir Das, senior vice president for the Advanced Software unit within EMC’s Emerging Technologies Division, says the latest update adds the ability to search petabytes of unstructured data stored in an object-based storage system using metadata that doesn’t have to be housed in a separate database. Instead, Das says, IT organizations can apply analytics directly against the metadata exposed via ECS.

In addition, DAS says ECS now supports multiple protocols, including AWS S3, OpenStack Swift, HDFS and NFS. That makes it possible for IT organizations to deploy an SDS environment capable of spanning both public and private clouds, Das says.

...

http://www.itbusinessedge.com/blogs/it-unmasked/emc-extends-software-defined-storage-reach.html

WASHINGTON – The U.S. Department of Homeland Security’s Federal Emergency Management Agency (FEMA) is seeking applicants for its Youth Preparedness Council. FEMA’s Youth Preparedness Council was formed in 2012 to bring together leaders from across the country who are interested and engaged in advocating youth preparedness. Council members are selected based on their dedication to public service, their efforts in making a difference in their communities, and their potential to expand their impact as national advocates for youth preparedness.

The Youth Preparedness Council offers an opportunity for youth leaders to serve on a distinguished national council and participate in the Youth Preparedness Council Summit. During their two-year term, the leaders will complete a national-level group project and share their opinions, experiences, ideas, solutions, and questions regarding youth disaster preparedness with the leadership of FEMA and national youth preparedness organizations.

Council activities and projects center around five areas of engagement: programs, partnerships, events, public speaking/outreach, and publishing. Members represent the youth perspective on emergency preparedness and share information with their communities. They also meet with FEMA on a regular basis to provide ongoing input on strategies, initiatives, and projects throughout the duration of their term.

Individuals in their freshman or sophomore year of high school that are engaged in individual and community preparedness, or have experienced a disaster that motivated him or her to make a positive difference in their community, may apply to serve on the Youth Preparedness Council. Adults working with youth or community preparedness are encouraged to share the application with youth who might be interested in applying.

Youth interested in applying to the Council must submit a completed application form, two letters of recommendation, and academic records. Specific information about completing and submitting the application and attachments can be found in the application instructions. All applications and supporting materials must be received no later than March 1, 2016, 11:59 p.m. PST in order to be eligible. New Youth Preparedness Council members will be announced in May 2016.

For more information about the Youth Preparedness Council and to access the application materials, please visit www.ready.gov/youth-preparedness-council.

###

FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Follow FEMA online at www.fema.gov/blog, www.twitter.com/fema, www.facebook.com/fema and www.youtube.com/fema.  Also, follow Administrator Craig Fugate's activities at www.twitter.com/craigatfema.

The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.

OXFORD, Miss. – State and federal disaster survivor assistance teams are now working in three more Mississippi counties, helping residents recover from destructive tornadoes, severe storms and flooding in late December.

The teams are made up of disaster specialists from the Mississippi Emergency Management Agency and the Federal Emergency Management Agency. They are canvassing neighborhoods in Monroe, Panola and Prentiss counties, which were designated for disaster assistance last week.

Affected survivors in Monroe and Prentiss counties can also visit applicant service centers now open at the:

  • Chancery Clerk Building (across from the courthouse), 110 N. Main St., Booneville, MS 38829;
  • The Becker Community Center, 52246 Highway 25 South, Amory, MS 38821.

Survivors in Panola County can visit the disaster recovery center in neighboring Quitman County, which is located at the Marks Fire Department, 108 W. Main St., Marks, MS 38646 or any other center in a county designated for assistance after the December storms.

The teams can register survivors and electronically submit a request for federal assistance. Team members can be easily identified by photo identification and FEMA or MEMA clothing. Mississippi residents are encouraged to ask for official identification before providing personal information.

Federal disaster assistance for qualified applicants may include:

  • Grants to rent a temporary place to live, as needed.
  • Grants for essential home repairs not covered by insurance.
  • Grants for disaster-related needs not covered by insurance — such as medical, dental, transportation, funeral expenses, moving and storage fees, personal property loss and child care.
  • Low-interest disaster loans from the U.S. Small Business Administration to homeowners, renters and businesses of all sizes to cover losses not fully compensated by insurance.

In addition to the registration opportunity offered by recovery teams, survivors can register for assistance by the following methods:

  • Visiting DisasterAssistance.gov with a computer, tablet, iPhone, Android or other mobile device.
  • Calling 800-621-3362 or (TTY) 800-462-7585 for those who are deaf, hard of hearing or speech impaired. Those who use 711 or Video Relay Services can call 800-621-3362 to register. 
  • Business owners can find an electronic loan application on the U.S. Small Business Administration’s secure website at disasterloan.sba.gov/ela. Questions can be answered by calling the SBA disaster customer service center at 800-659-2955/ (TTY) 800-877-8339 or visiting sba.gov.

###

All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD).

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who receive SBA loan applications must submit them to SBA loan officers to be eligible for assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

 
State/Tribal Government or Region: 
Wednesday, 27 January 2016 00:00

Tornadoes' Aftermath Puts Some at Risk for PTSD

(TNS) - A month after tornadoes ravaged North Texas, mental-health experts are warning survivors to be on the alert for another problem: post-traumatic stress disorder.

Though many people associate that syndrome with soldiers who have been through combat, PTSD can affect about a fifth of people who were directly affected by a natural disaster, medical studies show.

After an ordeal like a tornado or hurricane, people often have trouble sleeping and concentrating, feel jumpy and may be easily startled, or see the disaster replaying in their minds.

...

http://www.emergencymgmt.com/disaster/Tornadoes-aftermath-puts-some-at-risk-for-PTSD.html

(TNS) - Early Sunday morning the ground started to rattle in Alaska, and those who didn’t sleep through the 7.1-magnitude earthquake reacted in many different ways.

Some people ran outside of their homes, while others pressed themselves into doorways. Some people hurried down the stairs of hotels in their underwear, while others squatted under kitchen tables.

But what’s the best thing to do when you feel the floors start to sway?

Emergency officials have a few tips and one of them is stay inside.

...

http://www.emergencymgmt.com/disaster/What-you-should-do-when-your-home-or-office-starts-shaking-in-an-earthquake.html

Businesses face significant challenges in applying the new EU Data Protection Regulation to paper records; Iron Mountain offers some advice.

At the end of last year, the European Parliament and Council reached agreement on the General Data Protection Regulation (GDPR) proposed by the European Commission. The new rules, which will come into force in early 2018, represent the greatest change to data protection legislation since the dawn of the Internet. They will affect any organization across the world that handles data of European origin.

According to information management and storage company Iron Mountain, the reforms, which aim to reflect the changing needs of the digital economy and champion the data privacy rights of the individual, could prove difficult to apply to paper-based information. To help companies ensure their paper records don’t fall foul of the regulations, Iron Mountain has prepared the following guidance on some of the key components of the GDPR: 

...

http://www.continuitycentral.com/index.php/news/erm-news/833-paper-records-represent-a-significant-general-data-protection-regulation-compliance-risk

Boards of directors lack understanding of the cyber risk

45% of cyber security professionals believe their board of directors has a major gap in its understanding of cyber risk, or simply don’t understand the risk at all. This is despite over half (54%) of boards being ultimately accountable for the cyber strategy, according to a new study by Harvey Nash and PGI Cyber.

The Cyber Security Survey also revealed that one third of cyber professionals (33%) believe their CEO has major knowledge gaps and almost half (49%) believe the same for their Chief Finance Officer. Chief Marketing Officers, many of whom have increasing responsibility for customer data and driving customer facing digital strategies, were also rated poorly, with 43% of cyber professionals believing they had major knowledge gaps, and one in ten (11%) believing they had no cyber risk awareness at all.

Whilst most cyber professionals feel their organisations have the basics covered, 85% still think there is more to do, and one quarter (26%) believe there is significantly more work to do. Unsurprisingly it is lack of finance that is holding cyber security back with 57% of respondents citing this as a reason for any gaps, while lack of security aware culture (49%) and a lack of understandings of the real threat (43%) were also highlighted.

Understanding of the threat is very high among business continuity professionals according to the latest Horizon Scan Report published by the Business Continuity Institute. 82% of respondents to a global survey expressed concern about the possibility of a cyber attack and 74% expressed concern about a data breach occurring.

Brian Lord, Managing Director, PGI Cyber commented: “Cyber security is as much about people as it is about technology. Whilst there is no doubt many boards are asking more questions about cyber security than they did five years ago, it is clear that there is much more to do to make organisations fully aware and prepared for the challenges of an increasingly global and digital world.

Wednesday, 27 January 2016 00:00

How Secure Is Your Data Store?

In the business world today, the data held by a company can often be their most valuable asset. The value of the data is also dependent on its quality, so the more time you spend making sure that it is fit-for-purpose, the more value can be extracted. These values can be significant too, with the Verizon Data Breach Report reporting an average cost of $201 per lost record in 2014.

Therefore, keeping it safe and secure should be at the forefront of company strategies, but this is rarely the case. When this happens you have situations such as for Ashley Madison or Carphone Warehouse, whereby huge and valuable datasets are stolen or leaked. It is like having a car that you spend several thousand on, but leave it in a high crime rate area, most of the time it won't get stolen, but the chances of it being taken are much higher than they need to be.

One of the key reasons for this lapse in security is that many of the most popular platforms, like Hadoop, have in-built security. The danger here is that people think that their data is safe because of these systems, which is true to a degree, but having only these systems in place is like locking your car - it can still be broken into relatively easily.

...

https://channels.theinnovationenterprise.com/articles/how-secure-is-your-data-store

It’s safe to say that enterprise cloud is here to stay. Cloud services have augmented the way we deliver resources, support new types of users, and create new types of business strategies. Today, organizations are looking at even more ways to leverage cloud computing environments to help their businesses become much more agile.

Spending on cloud infrastructure and platform could rise from $16 billion in 2014 to $43 billion by 2018, according to a recent Goldman Sachs report. The share of cloud infrastructure and platform in enterprise IT spending is forecast to increase from 5 percent in 2014 to 11 percent by 2018. This will be driven by the increasing shift of IT budget from traditional in-house delivery methods to various flavors of cloud computing as a means to cut cost and create new revenue streams.

All this in mind, let’s focus on one of the biggest questions facing enterprises when they look at the modern cloud ecosystem: “How do I create a good cloud connectivity strategy that will allow me to leverage my on-premise investment and a public cloud architecture?”

To answer it, let’s look at two leading public cloud providers and what they’re offering around enterprise cloud connectivity. But first, we’ll need some definitions.

...

http://www.datacenterknowledge.com/archives/2016/01/27/creating-your-enterprise-cloud-connectivity-strategy/

Recent studies have shown that enterprises are embracing advanced analytics and big data projects. But are they getting real value out of these efforts? Or are we headed for a period of disillusionment? Newly private Informatica has refocused on a mission to help enterprises turn their data investments into projects that drive real business value and avoid the disillusionment pitfall.

CEO Anil Chakravarthy spoke with InformationWeek in an interview about the company's mission, and the trends and opportunities he sees ahead this year.

Informatica appointed Chakravarthy as CEO this month, almost six months after naming him as acting CEO in conjunction with the company's acquisition by two private equity firms. The acquisition by Permira funds and Canada Pension Plan Investment Board -- along with strategic investments from Microsoft and Salesforce -- was completed in August 2015. It took Informatica private and gave the company "more flexibility and more time to implement our transformative innovation roadmap and to evolve our business model," the company's chairman, Sohaib Abbasi, said in a prepared statement at the time.

...

http://www.informationweek.com/big-data/big-data-must-deliver-business-value-informatica-ceo/d/d-id/1324062

While 91 percent of enterprises said they still worry about threats to data, many of them are still focusing on the wrong security priorities to best help protect themselves from data breaches and other attacks, according to a recent survey.

The 2016 Vormetric Data Threat Report—sponsored by security startup Vormetric and conducted by analyst firm 451 Research—found that compliance is the top area of focus for enterprises when it comes to security because they equate compliance with protecting critical data.

Common thinking among companies is that if they meet compliance requirements, it will be enough to keep data safe, according to the report, penned by 451 Research Senior Analyst Garrett Bekker. This is despite the fact that data breaches actually occur more often in organizations certified as compliant, he said.

...

http://mspmentor.net/msp-mentor/report-enterprises-still-worry-about-data-threats-focus-too-much-compliance

As devastating severe winter weather continues to attack the Mid-Atlantic and Northeast, cities and counties work tirelessly to keep residents safe and return life to normalcy.   It was a historic storm, as snow totals “topped out near 42 inches in West Virginia and at least 14 states in total received more than a foot of snow from the storm.” 

 

During severe weather and emergency events, Everbridge and Nixle are committed to providing reliable communication channels between emergency managers, law enforcement and the residents they serve.  We are here to help.  Utilize our Emergency Live Operator phone line where a representative will assist you in sending an emergency notification. Or call our Everbridge Support Center, available 24×7 – details on how to reach us can be found here: http://www.everbridge.com/support.

 

Below are a few informative pieces to use in your emergency and severe weather preparation plans:

...

http://www.everbridge.com/ensuring-resiliency-during-jonas-and-severe-winter-weather-season/

(TNS) - Around 8 a.m. Saturday, stiff from sleep and freezing temperatures, more than 150 volunteers formed human chains around five homes near Fenton and passed thousands of sandbags to the curb.

Some bags, dense with frozen floodwater, weighed as much as 50 pounds. “Now, they are sandbricks,” said Jakob Budge, 17, a volunteer from the Mormon congregation in Fenton.

At first, the youth said, his muscles ached from the repetition of lifting and passing. But determination took over. People along the chain peeled off their jackets and wiped sweat from their brows even in the frigid air. An hour and a half later, they cheered as the last of the bags from the back of one home left their hands.

...

http://www.emergencymgmt.com/disaster/Volunteers-rushed-to-help-place-sandbags-during-the-flood-Now-they-need-to-be-removed.html

(TNS) - The inspector general’s office for the U.S. Department of Homeland Security is auditing how Long Beach City schools, the Town of North Hempstead and the Roman Catholic Diocese of Brooklyn are handling superstorm Sandy disaster recovery money.

Audits of the three entities have been ongoing since last year and were included in an end-of-year roundup of investigations and other projects undertaken by the inspector general’s office.

“We end up doing a lot of audits to see if the money is being spent consistent with policies and procedures,” said Homeland’s Assistant Inspector General John Kelly, whose division is emergency management oversight.

...

http://www.emergencymgmt.com/disaster/Homeland-Security-audits-disaster-recovery-money-for-Sandy-on-Long-Island.html

In my upcoming webinar, “Trends in Business Continuity: Recapping 2015 and Looking Ahead,” on January 27th, I will take a moment to look back at 2015 on the types of challenges that the continuity field experienced, and then gaze forward, contemplating what might be next. Once we know what we might likely face, I’ll explore eight ways to reimagine your program to meet the significant challenges ahead.  

One those eight ways is Number Five…“Work Out.” No, I’m not discussing aerobics or yoga (although that couldn’t hurt), I’m talking about the importance of exercises. Practice (aka exercises) breeds familiarity and “muscle memory,” which should be (and could be) the real measure of competence or capability.  The term “muscle memory” has been used synonymously with motor learning, which is a form of procedural memory involving the consolidation of a specific motor task into memory through repetition. When a movement is repeated over time, a long-term muscle memory is created for that task, eventually allowing it to be performed without conscious effort. That is what we want our teams to be able to do – perform their duties without conscious effort.

...

http://www.everbridge.com/guest-blog-series-trends-in-business-continuity-recapping-2015-and-looking-ahea/

Many enterprises are pondering the implications of the all-cloud data center when, in fact, a more immediate change is in the works. This would be the so-called “cloud-first” strategy, which seems to be playing out on the application layer rather than in end-to-end infrastructure deliberations.

The key difference between the two is that while all-cloud focuses largely on how the cloud is built, cloud-first looks at how the cloud is utilized. And in almost all cases, cloud-first offers a leaner, more efficient, and more manageable approach to enterprise functionality than legacy architecture.

According to IDC, cloud-first strategies are responsible for a good portion of the explosion in cloud services that is rocking the enterprise industry. Cloud services are set to increase by nearly 20 percent per year for the remainder of the decade, to top $141 billion by 2019. This will result in the average business spending six times more for cloud services than they do for overall information technology, with software-as-a-service taking the lion’s share of that spend. Ultimately, however, this will lead to broader adoption of cloud-based platform and infrastructure services (PaaS and IaaS), both of which are starting from smaller bases than services but are growing between 27 percent and 30 percent per year.

...

http://www.itbusinessedge.com/blogs/infrastructure/why-taking-the-cloud-first-approach-makes-sense.html

I’ve been writing about IT security for nearly a decade. I’ve seen the progression of cybersecurity problems and cybersecurity solutions. I remember the number of professionals I spoke with who shrugged off the need for security and the businesses who told me point blank that they’d never trust cloud computing because it will never have good enough security protections. I’ve seen the shift in attitudes (not to mention the number of other writers who have picked up the topic because it is “hot” and everybody wants to read about it now).

On one hand, we’ve come a long way in our knowledge and acceptance of cybersecurity needs. Yet, in these early days of 2016, I’m seeing a lot of conflicting reports. One day we are being told that businesses are doing more to increase their security budgets, for example, while the next day, a study is saying that businesses aren’t doing enough to secure their data. We’re seeing a lot of mixed signals – even within the same report.

Take Cisco’s 2016 Annual Security Report, for example. As TechRepublic reported:

...

http://www.itbusinessedge.com/blogs/data-security/cisco-report-shows-why-good-security-is-tough.html

In the latest bout of alarmist frenzy to sweep the security world, researchers disclosed a vulnerability in the Linux kernel’s open source code last week. It turns out the vulnerability poses little real threat.

The flaw, which has existed in Linux since 2012 but remained unknown, was reported by the Israeli security company Perception Point. It allows attackers to gain root access to computers running affected versions of the kernel. With root access, they can do anything they want to the system.

Perception Point ominously warned that the vulnerability affects “tens of millions” of Linux PCs and servers, as well as some Android devices (since Android is based on a version of the Linux kernel). The company urged administrators and users to upgrade their systems as soon as possible in order to apply the fix that the Linux kernel developers created after Perception Point notified them of the flaw.

...

http://www.datacenterknowledge.com/archives/2016/01/25/linuxs-latest-security-vulnerability-hype-vs-reality/

Cities on the north-eastern US coast are recovering from a massive weekend snowfall brought by Winter Storm Jonas, but the cloud infrastructure in the region powering websites and services appears to have been largely unaffected.

The service status pages for major cloud services including Microsoft Azure, Google Cloud Platfrom, and Amazon Web Services didn’t report any disruptions to facilities on the east coast.

Hurricane Sandy in 2012 caused several outages including flooding and generator fuel shortages at PEER 1’s facility and Internap’s Mahattan facility going down. In anticipation of winter storm Jonas, AWS has noted that this is unlikely to happen.

...

http://www.datacenterknowledge.com/archives/2016/01/25/major-cloud-service-providers-stay-online-throughout-winter-storm-jonas/

Data breaches, IT incidents or any other corporate disasters have an impact on a company’s standing. Reputation management is a matter of protecting that standing or of keeping damage to minimal levels. In some instances, data breaches for instance may not need to be declared to the public. In other cases, when customer, medical or other personal data is compromised, a company has no choice but to advise consumers, patients and other individuals about the risks engendered. An interesting insight from MIT’s Sloan School of Management into how the public at large perceives enterprises and organisations suggests that trying to leverage feelings may be a bad move, when it comes to reputation management.

...

http://www.opscentre.com.au/blog/when-corporate-reputation-management-is-about-thinking-not-feeling/

Tuesday, 26 January 2016 00:00

Are you the target?

Do you know the basic principle of hunting? Always be vigilant — otherwise you could become the prey! The world of data is a jungle — you could do a lot of hunting, but you could just as easily get lost and become a more experienced hunter’s trophy kill. There are scavengers everywhere, and anyone could become their next target — for them your data is a tasty, tasty snack. So as we come to the end of this series, I will give you a few simple data security tips – I hope you find them useful.

...

http://blog.krollontrack.co.uk/concepts-explained/are-you-the-target/

Tuesday, 26 January 2016 00:00

Zika Throws a Travel Risk Curveball at 2016

It is understandable if you bade an enthusiastic farewell to 2015. International markets whipped up and down, ISIS’ terrorism campaign extended well beyond the Levant, South China Sea tensions escalated, and, of course, a historic refugee crisis consumed Europe (and the attention of much of the West). Oh, and 2015 was by far the warmest year on record.

The political risk consultancy Eurasia Group, headed by noted scholar and author Ian Bremmer, has weighed in on the risk outlook for 2016 and it isn’t pretty. In a nutshell, all of the problems of the past couple of years “will get worse.” The strategically critical countries of Russia, Turkey, and Saudi Arabia are all on a path of decreasing stability or increased international belligerence (or both), and this development is exacerbated by a U.S.- Western Europe alliance that is shrinking away from messy international situations.

...

http://www.riskmanagementmonitor.com/zika-throws-a-travel-risk-curveball-at-2016/

Jack Vonich is VP of Sales for Instor Solutions.

How to effectively balance the power load in data centers is an issue that every data center manager is familiar with. When done correctly, a properly balanced data center helps to secure uptime and is often an important avenue for the facility to utilize extra power capacity. When improperly balanced, available power can become stranded, and the chance of damage to vital infrastructure increases. Taking the time to optimize power distribution when installing or refitting a data center is well worth the effort and is another crucial step toward maximizing its performance.

 

To help avoid stranding power, we can look at the following example (power coming into data centers is measured as either X + Y + Z + Gr or X + Y + Z + Gr + N). In this simplified model (Fig. 1), we’re working with three-phase power which is broken into groups of two phases for each outlet powering the individual devises on the power strip.

...

http://www.datacenterknowledge.com/archives/2016/01/26/importance-balancing-data-center-power-consumption/

Work & Hiring Arrangements
Telework & Emergency Preparedness

Telework is a work flexibility arrangement under which an employee performs the duties and responsibilities of such employee's position, and other authorized activities, from an approved worksite other than the location from which the employee would otherwise work.

All Federal agencies must have a telework policy as required by Public Law 106-346, § 359 and Public Law 111-292, § 6502, and must implement telework to the maximum extent possible for eligible employees.

By law, telework must be integrated into planning for Continuity of Operations (COOP), including a pandemic health crisis.

Agencies must designate a Telework Managing Officer (TMO) that is devoted to policy development and implementation related to agency telework programs. Agencies may also designate a telework coordinator to be responsible for overseeing the day-to-day implementation and operation of telework programs.

Agencies may, at their discretion and subject to agency telework policies, procedures, and provisions of collective bargaining agreements, define and use the types of telework that best fit their business needs.

The choice of how to equip teleworkers is left to agency discretion. Security concerns should be considered in making equipment choices; agencies may wish to avoid use of employees' personal computers and provide agency PCs or laptops as appropriate. In all cases, however, agencies must follow Office of Management and Budget (OMB) security guidelines as outlined in the Telework Enhancement Act of 2010 (external link), and should consider the provisions contained in OMB's June 23, 2006, memorandum, "Protection of Sensitive Agency Information."

Telework can be used as a reasonable accommodation for qualified individuals with medical conditions or other disabilities. At the discretion of an agency, telework can also help with employees who, because of physical injury, are temporarily unable to travel to the workplace. Telework provides an opportunity for agencies to hire qualified individuals (especially those who are mobility-impaired) who might otherwise not consider applying for positions.

All teleworkers and telework managers must receive telework and information security training. Telework training is available via the joint OPM/GSA Website (external link) or may be provided by the agency. Information security training must be provided to all employees by their agencies.

All teleworkers must have signed written agreements, even for ad-hoc, emergency telework arrangements, to provide structure and accountability. Key components of a telework agreement include the following: schedule; communication expectations with the employee's manager, workgroup, and customers; equipment; tasks; information security obligations; expectations for COOP, pandemic, or other emergency situations, including weather closures. Telework agreements should conform to any applicable negotiated agreements.

Managers may deny a telework request or terminate a telework agreement for business reasons. The denial or termination must be documented in writing and shared with the employee.

Teleworkers who work from home must provide an appropriate workspace and should certify that it is free from hazards. Government employees causing or suffering work-related injuries and/or damages at the alternative worksite (home, telework center, or other location) are covered by the Military Personnel and Civilian Employees Claims Act, the Federal Tort Claims Act, or the Federal Employees' Compensation Act (workers' compensation), as appropriate.

Employees who use computers and other information technology while teleworking need effective support during work hours; remote access presents some unique issues, and agencies should ensure tech support can meet these needs. These needs must also be taken into account in planning for using a distributed workforce during an emergency situation.

Employees designated to work from home during an emergency event should telework frequently enough to ensure all systems are working smoothly.

Following is a summary of key federal disaster aid programs that can be made available as needed and warranted under President Obama's disaster declaration issued for the State of Alabama.

Assistance for the Territory and Affected Local Governments Can Include as Required:

  • Payment of not less than 75 percent of the eligible costs for emergency work and repairing or replacing damaged public facilities, such as roads, bridges, utilities, buildings, schools, recreational areas and similar publicly owned property, as well as certain private non-profit organizations engaged in community service activities. (Source: FEMA funded, territory administered.)
  • Payment of not more than 75 percent of the approved costs for hazard mitigation projects undertaken by state, tribal, and local governments to prevent or reduce long-term risk to life and property from natural or technological disasters.  (Source: FEMA funded, territory administered.)

How to Apply for Assistance:

  • Application procedures for state, tribal, and local governments will be explained at a series of federal/state applicant briefings with locations to be announced in the affected area by recovery officials. Approved public repair projects are paid through the state from funding provided by FEMA and other participating federal agencies.

FEMA’s mission is to support our citizens and first responders and ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Stay informed of FEMA’s activities online: videos and podcasts available at http://www.fema.gov/medialibrary">www.fema.gov/media-library and http://www.youtube.com/fema">www.youtube.com/fema; follow us on Twitter at www.twitter.com/fema  and on Facebook at www.facebook.com/fema.

China has become an increasingly important market over the last several years for server technology providers, and leading vendors such as Hewlett-Packard HPE +0.00% Enterprise, IBM IBM +0.81% and Intel INTC +0.00% are all making significant investments to get more than their fair share of the pie. Earlier this week, Qualcomm QCOM -2.13% announced a joint venture in China that I believe could be a game-changer in the server space over the long term. If executed effectively, the joint venture could help China get closer to the locally-sourced datacenter infrastructure that they are demanding.

By some estimates, China is now the #2 country for server sales worldwide and has been growing at a rate much faster than the overall market. And despite the recent economic slowdown, many believe that the datacenter business in China will continue to flourish as demand to expand the capacity of the country’s datacenters doesn’t appear to be waning anytime soon. In an era where much of the world’s server hardware demand has stagnated, leading vendors are looking to opportunities like China to keep their businesses growing. But the Chinese government has made it clear that they want to move toward indigenous datacenter products and reduce their reliance on US and Western European vendors for long term advanced technologies.

In October 2015, Qualcomm publicly announced their plans to go after the server processor market—a market that is dominated today by Intel—and demonstrated their first pre-production server chip based on the low-power ARM architecture from ARM Holdings ARMH +2.33%. In that announcement, Qualcomm specifically mentioned China as a key target market for their server-focused efforts. Qualcomm’s announcement this week to create a joint venture agreement with the Chinese province of Guizou called Guizhou Huaxintong Semi-Conductor Technology Co. to locally design, develop and sell advanced server chipsets is a critical step that may help turn this vision into a reality. Both parties have invested $280 million in the joint venture, which will be 55% owned by Guizhou and 45% owned by a subsidiary of Qualcomm.

...

http://www.forbes.com/sites/moorinsights/2016/01/22/qualcomms-joint-venture-in-china-could-be-a-game-changer-for-the-server-industry/#4cad961d6d94

Monday, 25 January 2016 00:00

Another Day, Another Hack

As if we needed another reminder of the rising threat of cyber attacks, the estimated EUR 50 million ($55 million) loss arising from a cyber fraud incident targeting Austrian air parts supplier FACC AG made us sit up and take notice.

As Bloomberg reports here, if the damages do indeed amount to $55 million this would be one of the biggest hacking losses by size.

Bloomberg also points out that the incident is made more intriguing because FACC is 55 percent owned by China-based AVIC.

...

http://www.iii.org/insuranceindustryblog/?p=4332

Monday, 25 January 2016 00:00

The Cloud: A New Way to Conduct Business

At this point, it doesn’t make much sense to talk about whether IT infrastructure will change in the cloud, or even how it will change, but how data and business processes will change to suit the new reality.

Infrastructure, after all, is merely a means to an end, so the real measure of the cloud is how it will alter the things we do, not the resources we use to do them.

We are already seeing this effect in motion. Traditional applications like BI and CRM are not being ported directly to the cloud anymore, they are being recoded to suit the dynamic, resource-shifting realities that cloud computing brings to the table. At the same time, entirely new business processes are emerging to take advantage of new service- and application-layer flexibility to out-perform their legacy counterparts.

...

http://www.itbusinessedge.com/blogs/infrastructure/the-cloud-a-new-way-to-conduct-business.html

While the rain keeps falling in Northern California, the state’s water supply is nowhere near bouncing back from a shortage caused by years of severe drought, and data center cooling technology that doesn’t use water is one way data center operators in the state can be part of the solution.

Emerson Network Power claims data center operators that installed its pumped refrigerant-based cooling system in North America have saved more than 1.4 billion gallons of water in the last three years. A traditional chilled water-based system uses about 1 million gallons of water to cool 1 MW of IT capacity in a data center for one year, John Peter Valiulis, VP of marketing at Emerson, said.

The savings estimate comes from a process the company recently went through with the California Energy Commission to get pumped refrigerant-based systems approved as accepted form of economization, or free cooling, under the state’s Building Standards Code, known as Title 24. The code requires new data centers to use economizers but until recently only specified air-side and water-side economization systems as appropriate ways to satisfy the requirement.

...

http://www.datacenterknowledge.com/archives/2016/01/22/emerson-claims-water-less-data-center-cooling-tech-saved-1b-plus-gallons-of-water/

Fairfax County, Virginia is home to over 1 million residents across 390 square miles in the suburbs of Washington, D.C.. Since 2003, the county’s Community Emergency Response Team (CERT) has embraced the reality that residents need to be prepared for major emergencies.

“Widespread emergencies like the Derecho windstorm of 2012 and the “Snowmageddon” snowstorm of 2010 emphasize that emergency responders are not always the first responders—bystanders and neighbors are often relied upon during and after disaster,” explained Jeffrey Katz of Fairfax County Fire and Rescue.

Over 2,500 county residents have learned necessary skills for emergency situations. The 25-hour CERT course is delivered by the fire department and in coordination with the county’s Office of Emergency Management. CERT training is based on the national CERT program curriculum administered by the Federal Emergency Management Agency.

...

http://www.everbridge.com/contactbridge-app-helps-fairfax-county-cert-volunteers-report-field-assessments/

In October 2013, Affinity Gaming, a casino operator based in Nevada, heard from customers that their credit cards had been hacked. Before too long, the company’s IT department concluded it likely suffered a data breach.

Within days, professional forensic data security investigators from Chicago-based Trustwave Holdings Inc. were analyzing the company’s system, and suggesting remedial measures.

That account is taken from a federal lawsuit that Affinity filed in Las Vegas. It accuses the IT security company Trustwave it hired to conduct a forensic investigation of failing to proscribe appropriate remedial measures and not removing the malicious malware. The suit states that within three months, a second data breach occurred. Affinity is suing Trustwave for fraud, fraudulent inducement, constructive fraud, gross negligence, negligent misrepresentation, breach of contract and declaratory judgment.

The lawsuit, filed in late December and first noticed by Ars Technica, and poses an interesting test case of whether a security vendor can be held liable for not ensuring the complete safety of a company.

...

https://bol.bna.com/cybersecurity-lawsuit-poses-vendor-liability-question/

JEFFERSON CITY, Mo. – Residents of 33 Missouri counties who have been affected by the recent severe storms and flooding may soon see Federal Emergency Management Agency (FEMA) Disaster Survivor Assistance (DSA) teams and home inspectors in their neighborhoods.

Those counties are: Barry, Barton, Camden, Cape Girardeau, Cole, Crawford, Franklin, Gasconade, Greene, Hickory, Jasper, Jefferson, Laclede, Lawrence, Lincoln, Maries, McDonald, Morgan, Newton, Osage, Phelps, Polk, Pulaski, Scott, St. Charles, St. Francois, St. Louis, Ste. Genevieve, Stone, Taney, Texas, Webster, and Wright counties.

The DSA teams offer survivors registration assistance, up-to-date information on their application status, on-the-spot needs assessments and referrals to help fill any outstanding needs.  Following an individual assistance disaster declaration, FEMA provides this mobile resource to help connect homeowners, business owners and faith-based and community organizations with the necessary resources to start the recovery process.

Home inspectors will also be in the field verifying damages for those who have applied for federal assistance.  Inspectors will contact homeowners and renters to schedule a time to meet to verify flood damages that occurred December 23, 2015 through January 9, 2016.

Inspectors are contractors who will display official photo identification. If the photo identification is not displayed, it is important to ask to see it. This helps prevent fraudulent activities.

Individuals or business owners that apply for a disaster loan with the U.S. Small Business Administration (SBA) may also be contacted by a loss verifier who will inspect the damaged property. 

Residents who were affected can apply for assistance online at www.DisasterAssistance.gov or call 800-621-3362 or (TTY) 800-462-7585, from 7 a.m. to 10 p.m. seven days a week.  Those who use 711-Relay or Video Relay Services can call 800-621-3362.  The application deadline is March 21.

###

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status.  If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). For TTY call 800-462-7585.

 

(TNS) - When officials with the city of Lubbock’s Emergency Operations Center gathered at 6 a.m. Sunday, Dec. 27, they had a prepared list of objectives from emergency management to deal with large snowstorms.

The first two objectives were related to first responders: to make sure they were prepared — and for public safety services to remain active throughout the city.

And while things like equipment, routes for snow plows, communication and employee shift operations are being audited in the storm’s aftermath, city officials say the first two objectives were on target.

...

http://www.emergencymgmt.com/disaster/Revisiting-the-Emergency-Operations-Centers-list-of-objectives-during-Goliath.html

More than half of U.S. consumers think that storing their credit and banking information in the cloud is more risky than driving without a seat belt, according to a new report from Symantec. Those consumers are correct, and the other half of them need to change their thinking – or their wallets may take a hit. The Symantec report states that consumers globally lost $158 billion to cyber crime in the past year. In the U.S. alone, the figure is nearly $30 billion.

Director of the FBI, James Comey, called the Internet, “the most dangerous parking lot imaginable,” and warned people to be just as aware of scams, compromised websites, malware and other threats as they would be of a physical theft.

Symantec, the world’s largest security software company, advises consumers to ‘go boldly, not blindly’ onto the Internet. The company has opened up a lot of eyes to the cyber risks and consequences facing consumers globally in its 2016 Norton Cybersecurity Insights Report.

...

http://www.forbes.com/sites/stevemorgan/2016/01/24/how-consumers-lost-158-billion-to-cyber-crime-in-the-past-year-and-what-to-do-about-it/#32a5d38f6b6f

If the chatter is to be believed, identity theft tops the list of taxpayer concerns for 2016. And it’s not all in your head: a 2015 Identity Fraud Study, released by Javelin Strategy & Research, found that identity thieves stole $16 billion from 12.7 million U.S. consumers in 2014, a new victim every two seconds .

Those statistics are scary but there is some good news to be found in the report: the numbers are actually down from the previous year. The reason? It’s very likely the result of an increased awareness from consumers together with increased protections in place from industry and government. That includes efforts like the Internal Revenue Service (IRS) “Taxes. Security. Together.” campaign. The more you know about how to protect yourself, the better chance you have to not be a victim. Here are 11 tips help you protect yourself from identity theft and identity theft related tax fraud:

...

http://www.forbes.com/sites/kellyphillipserb/2016/01/24/11-tips-to-protect-you-from-identity-theft-related-tax-fraud/#3d1acc704bb6

(TNS) - Southcentral Alaska was rocked by a strong and prolonged magnitude-7.1 earthquake early Sunday morning.

The quake struck 86 miles west-southwest of Anchor Point at 1:30 a.m. Alaska time, according to the U.S. Geological Survey.  The Alaska Earthquake Center said it hit on the west side of Cook Inlet, about 65 miles west of the Kenai Peninsula town of Homer and about 160 miles southwest of Anchorage.

The quake knocked items off shelves and walls and shook buildings throughout the region. A series of aftershocks followed, including a magnitude 4.5 that struck about two hours after the initial quake and could be felt again in Anchorage.

...

http://www.emergencymgmt.com/disaster/No-injuries-reported-but-some-damage-as-71-earthquake-rocks-Southcentral-Alaska.html

(TNS) - The powerful blizzard that slammed the East Coast on Saturday quickly surpassed forecasters’ dire predictions, claiming at least 18 lives, flooding coasts, unleashing hurricane-force winds and paralyzing life for residents of at least 20 states from Georgia to Massachusetts.

The storm was well on its way to smashing snowfall records.

Mayors and governors said they did not expect their cities to be back in business until next week.

“Safety is our number one priority – and right now, it is not safe for the general public to travel,” New York Gov. Andrew Cuomo warned as the heart of the storm hit his state. Visibility was so low that those walking across the Brooklyn Bridge couldn't see the East River beneath or the Manhattan skyline soaring above. Since Thursday night, 25 inches had fallen in Central Park, nearing the city’s record of 26.9 inches, which fell over two days in 2006.

...

http://www.emergencymgmt.com/disaster/Storm-brings-heavy-snow-strong-winds-flooding-to-East-Coast-at-least-18-are-killed.html

(TNS) - There seemed to be no stopping the snow in Baltimore this weekend, as a historic storm held the region in its icy, gusty grip.

But even as the winds picked up Saturday afternoon, and most people stayed at home with hot chocolate and movies, there were some who refused to be stopped.

On dog sleds, cross country skis and in good old-fashioned sneakers, people hit the nearly empty streets to take stock of the snowfall — more than 2 feet by Saturday evening in some places in Maryland. They were joined by emergency responders, snowplows, National Guard Humvees and others for whom the snow did not mean a day off from work.

...

http://www.emergencymgmt.com/disaster/Even-amid-historic-storm-some-in-Baltimore-area-refuse-to-be-stopped.html

A new report published by the UK Government‘s Science and Technology Select Committee has found that the UK is not well-placed to respond to pandemics and novel epidemics.

As the title suggests, the report ‘Science in emergencies: UK lessons from Ebola’ looked at the lessons that can be learned from the Ebola crisis response. It found that, in a future global pandemic or in a UK epidemic outbreak, the country would be more vulnerable than in the past due to the degradation of the UK’s ability to manufacture enough vaccine to vaccinate UK citizens in an emergency. To respond to this vulnerability, the report recommends that the Government “acts now and negotiates with vaccine manufacturers to establish pre-agreed access to manufacturing capabilities that can be called upon quickly in an emergency.”

Other key points from the report include:

  • The UK Ebola response - like the international response - was undermined by systemic delay. The biggest lesson that must be learnt from this outbreak of Ebola is that even minor delays in responding cost lives. Rapid reaction is essential for any hope of success in containing an outbreak.
  • The UK and other countries were not ‘research ready’ when the outbreak began, prompting a less than optimal and uncoordinated research response.
  • Rapid and reliable communication is integral to delivering an effective response to a disease emergency but throughout the Ebola outbreak the systems to share advice, expertise, epidemiological and clinical data were inadequate.
  • The Government’s communications on Ebola with the UK public were accurate and balanced, but it was disappointing that the Government failed to explain why it went against guidance from the World Health Organization and Public Health England and introduced screening for Ebola at UK ports of entry.  The report recommends that “when interventions like screening are instigated during an emergency, the Government makes the evidential basis for the intervention explicit.”

Read the full report (PDF).

Monday, 25 January 2016 00:00

Who would James Bond be without his toys?

Total and unrecoverable annihilation of data isn’t easy these days, as the GCHQ agents who supervised the drilling through The Guardian’s hard drives knew all too well. The hard drives contained data stolen from the NSA by one Edward Snowden. Drilling is still a popular method of destroying data. But is it effective? Putting aside the fact that data can be easily copied and stored in an almost infinite amount of physical places (for example, when you upload or host it online), it’s actually disputable whether or not drilling through disks is effective. James Bond would surely have done that with more finesse, while ensuring that data is destroyed and unrecoverable (in style, of course). I’ll give you a couple of ideas for how he could do it — but let’s start from the beginning.

 Destroying the storage device physically is your best guarantee that the data won’t ever come back to haunt you. It eliminates the risk of a data leak that is technically possible when wiping a disk programmatically, or when highly sophisticated data recovery equipment is used on the drive (tools of this calibre are not commercially available, but we can’t rule out that they one day will be or that some institutions don’t already have them). There is a downside to this method though – you will not be able to use this storage device again. Unlike a hard drive wiped with data erasure software, a physically destroyed disk can only be recycled. In some cases this will be your best option though.

...

http://blog.krollontrack.co.uk/concepts-explained/james-bond-without-toys/

Gartner estimates that the Internet of Things (IoT) will include 26 billion devices by 2020. Organizations in virtually every industry are using IoT devices to drive higher levels of efficiency, reduce costs, generate new revenue, and understand customers at more granular levels. However, not all of these organizations are prepared to deal with the deluge of data these IoT devices will bring.

"IoT deployments will generate large quantities of data that will need to be processed and analyzed in real time," said Gartner research director Fabrizio Biscotti in a statement. "Processing large quantities of IoT data in real time will increase as a proportion of workloads of data centers, leaving providers facing new security, capacity, and analytics challenges."

One way of addressing these challenges is to put automated, intelligent analytics at the edge -- near where the data is generated -- to reduce the amount of data and networking communications overhead.

...

http://www.informationweek.com/iot/edge-analytics-an-antidote-to-iot-data-deluge-/d/d-id/1323942

The practice of arguing over the validity of technology benchmark tests may be only about a day older than the existence of benchmark tests. It's a longstanding IT industry tradition to try to prove whose product is better with some kind of showdown and use the results to win customers. But organizations often disagree about what should be tested, who should test it, and plenty of other factors of testing in an effort to ensure the tests are fair (and that their own products come out on top and don't underperform).

One such battle has been brewing in big data recently between Informatica and Talend. It all started with a Talend-commissioned benchmark test conducted by MCG Global Services in October 2015 that said Talend Big Data Integration offered about 10 times faster performance than Informatica Big Data Edition.

Not surprisingly, Informatica objected to the validity of these results, saying the benchmark was not independent because it was commissioned by the winner, and Informatica wasn't consulted. Informatica also said in a blog post that the benchmark test pitted its two-year-old product against Talend's month-old product.

...

http://www.informationweek.com/big-data/software-platforms/big-data-benchmark-showdown-talend-vs-informatica/d/d-id/1324006

rhizome (rī′zōm′) – a horizontal, usually underground stem that often sends out roots and shoots from its nodes.

 

Sometimes, people outside of a particular field get ideas for the field that are better than any insiders are capable of, being unencumbered by knowledge of what has and hasn’t worked in the past, or preconceptions about the “right” ways of doing things. Of course, lack of expertise makes them capable of coming up with some of the worst ideas too.

Founders of one European data center design startup aren’t sure at this point where on that continuum their ideas fall, and they don’t pretend to be. What they’re trying to do is envision people’s relationship with computing in the near future and the physical form that relationship will take.

The people behind Tallinn, Estonia-based Project Rhizome don’t all have background in data centers. Two of the three founders have backgrounds in design and architecture, and the third comes from the world of IT. But they believe their architecture sensibility brings a useful perspective to data center design, a perspective that will presumably grow in importance as more and more data storage and processing capacity moves into densely populated areas.

...

http://www.datacenterknowledge.com/archives/2016/01/25/startup-envisions-data-centers-cities-future/

2015 was a tumultuous year for CISOs. Breaches affecting The Home Depot, Anthem Blue Cross Blue Shield, and T-Mobile dominated the headlines worldwide and left no industry, region, or CISO unscathed. These unfortunate spotlights created a slew of negative infosec publicity along with panicked demands from business leaders and customers alike. How secure are we? Ask the CISO. How did this breach occur? Ask the CISO. Why did this breach occur? Ask the CISO. Could we have prevented it? Ask the CISO. How could we let this happen? Ask the CISO.

Yet, CISOs continue to struggle to gain clout and influence with the rest of the C-suite and sometimes it can feel like a thankless role. There is little recognition when you’re doing your job right, but you face a whirlwind of pain and blame the second something goes wrong. The world’s growing emphasis and focus on cybersecurity should be running parallel with the capabilities and reputation of the CISO. Instead, CISOs see their responsibilities increasing with only modest funding increases, recognition, or support from their fellow colleagues.

Lucky for you, S&R’s favorite British analyst, Martin Whitworth, is a CISO and infosec expert. Martin continually writes numerous reports that analyze the evolution of the CISO as well as essentials, best practices, and tricks of the trade for thriving in today’s landscape. Prior to joining Forrester, Martin served as CISO and senior security leader for a number of blue chip organizations, including Coventry Building Society, Steria Group, UK Payments Council, British Energy/EDF Nuclear Generation, and GMAC.

...

http://blogs.forrester.com/stephanie_balaouras/16-01-25-forresters_security_risk_spotlight_ciso_expertise_from_across_the_pond

(TNS) - Although it appears that most of Connecticut will avoid a direct hit from the first major snowstorm of 2016, the rest of the East Coast may not be so lucky this weekend, and heavy snow totals expected in several major cities could affect travel throughout the region.

The storm's current track would bring snow to Connecticut early Saturday morning and persist throughout the day and into the overnight hours, according to the .

Fox 61 says the storm could bring "a coating to a few inches for most of the state with the least snow in far northern Connecticut. Higher amounts are possible in southern areas and especially along the shoreline where up to about six inches are possible."

New York City and Washington, D.C., will likely not fare as well, according to the weather service.

...

http://www.emergencymgmt.com/disaster/Major-Weekend-Snowstorm-Threatens-East-Coast.html

(TNS) - Those in the western half of Anson County may see up to three-quarters of an inch of ice Thursday night through Friday.

The National Weather Service issued an update at 6 a.m. Thursday saying that Anson County is expected to receive a quarter-inch to half-inch of ice, though the western part of the county could see a half-inch to three-quarter inches, from Thursday night until 6 p.m. Friday. The county is under both a winter storm warning and a hazardous weather outlook.

The NWS updated its winter storm warning at 10:44 a.m. Thursday, saying that the storm will likely affect the central part of the state from Thursday night until 6 p.m. Saturday.

The weather service warned that the county could see 1-4 inches of snow in addition to the ice, with snow and sleet beginning Thursday night into Friday morning. Thursday will have a low of 30 degrees while Friday’s high will be only 34 degrees, with a low of 31 degrees that night.

...

http://www.emergencymgmt.com/disaster/-Ice-snow-on-its-way-to-Anson-state-of-emergency-declared.html

The ease of use of cloud-based collaboration and file sharing applications may be putting organizations at risk as they are unaware that 26 percent of documents stored in cloud apps are broadly shared – meaning any employee can access them, and in some cases are discoverable in a Google search.

This is according to the Q4 2015 Shadow Data Report released by Blue Coat’s Elastica Cloud Threat Labs team on Wednesday. The study is based on insights into 63 million enterprise documents within leading cloud applications including Office 365, Google Drive, and Salesforce.

The report identifies shadow data as any sensitive information that is uploaded and shared in cloud apps without the knowledge of IT security teams. This isn’t the first time Elastica has explored the risks of shadow IT, having investigated the risks to the healthcare industry in particular in its Q2 2015 report.

...

http://www.datacenterknowledge.com/archives/2016/01/21/sensitive-data-leaks-cost-average-organizations-1-9-million-report/

We are entering a digital revolution where more companies and users are utilizing even more data and applications. Cisco recently pointed out that annual global data center IP traffic will reach 10.4 zettabytes (863 exabytes per month) by the end of 2019, and that global data center IP traffic will grow three-fold over the next five years. This growth makes the data center an absolutely critical component for IT and the modern business. The challenge, however, becomes updating and integrating everything with modern data center architecture. Most of all, organizations are looking at ways they can optimize the delivery of their resources and create true efficiency.

In a new whitepaper sponsored by NTT, we learn about the next-generation systems that are impacting resource and environmental utilization within the modern data center. The paper outlines the critical points to consider when creating a data architecture that can align with market demands:

...

http://www.datacenterknowledge.com/archives/2016/01/21/getting-digital-state-evolving-data-center/

For a long time, security was one of the top reasons – if not the number one reason – why businesses shied away from using cloud computing.

That appears to be changing.

According to a new study from the Cloud Security Alliance (CSA), nearly 65 percent of IT professionals now say they trust the security of cloud computing as much as or more than their on-premise systems. The survey also found that the cloud isn’t the problem when it comes to securing data; instead, the absence of skilled cybersecurity professionals leads to cloud-based data loss.

As more IT and security professionals become familiar with cloud computing, it follows that there will be a greater comfort level with security within the cloud, Jim Reavis, CEO of the CSA, pointed out in a prepared release. For this reason, more are willing to take the chance to migrate more data to the cloud. Reavis added:

...

http://www.itbusinessedge.com/blogs/data-security/it-professionals-becoming-more-comfortable-with-security-in-the-cloud.html

Google, in conjunction with Cloudera, Data Artisan, Cask and Talend, announced this week that the Dataflow programming model that Google created to develop streaming Big Data applications is now an open source Apache project.

Talend CTO Laurent Bride says this move is significant because it should give IT organizations more freedom to run their Big Data applications wherever they see fit.

Bride says Dataflow is gaining traction because it provides a programming model that enables developers to build Big Data applications that can run on multiple run-time engines. As a result, code developed using Dataflow can run on MapReduce, Apache Spark and Flink engines.

...

http://www.itbusinessedge.com/blogs/it-unmasked/google-dataflow-programming-tools-for-big-data-become-apache-project.html

Switch has agreed to buy renewable energy for its future data center in Michigan.

The Las Vegas data center provider, known for its massive high-security campus in the Sin City, will start by procuring bundled energy and Renewable Energy Credits through the Green Generation program by Consumers Energy, the utility that serves the area in Michigan where the Switch data center will be built, Adam Kramer, the company’s executive VP of strategy, said. However, it is in negotiations with the utility about building a new utility-scale renewable generation project in the state.

“We will have a new generation resource in the market,” Kramer said. “In all likelihood it will be wind.”

The future renewable project will have enough capacity to offset the entire energy footprint of the future Switch data center, he said.

...

http://www.datacenterknowledge.com/archives/2016/01/21/switch-data-center-in-michigan-to-run-on-renewable-energy/

OXFORD, Miss.Mississippi tornado survivors who do not submit their U.S. Small Business Administration low-interest disaster loan applications may be saying no to a primary source of federal disaster assistance.

After registering with the Federal Emergency Management Agency, some survivors receive a disaster loan application from SBA. By submitting the SBA disaster loan application, survivors keep the full range of disaster assistance available as an option. SBA may refer applicants who do not qualify for a home loan to FEMA for grants to replace essential household items and replace or repair a damaged vehicle. But if survivors do not submit their disaster loan applications, further assistance may stop. Survivors are not required to accept a loan offer.

Often, survivors think SBA disaster loans are only for businesses. Some may be counting on a future insurance settlement to cover rebuilding costs. They may not want to take out a loan or fear they cannot afford one. Others may simply need help completing the disaster loan application.

SBA offers disaster loans to businesses of all sizes, private nonprofit organizations, homeowners and renters, for physical damage from the severe storms, tornadoes and flooding which affected northern Mississippi in late December. To be eligible for these loans, damage must have occurred in the following counties: Benton, Coahoma, Marshall, Quitman or Tippah.

Economic injury disaster loans are available to provide working capital to eligible small businesses and nonprofit organizations located in the following Mississippi counties: Alcorn, Benton, Bolivar, Coahoma, DeSoto, Lafayette, Marshall, Panola, Prentiss, Quitman, Sunflower, Tallahatchie, Tate, Tippah, Tunica and Union.

There are several good reasons for FEMA applicants who have been contacted by SBA to submit a completed disaster loan application before the March 4, 2016, deadline. Some of the top reasons include:

  • Your insurance settlement may fall short. You may find out you are underinsured for the amount of work it takes to repair or replace a damaged home. An SBA low-interest loan can cover the uninsured costs. By submitting the loan application, survivors may have loan money available when it is needed. SBA can approve a loan for the repair or replacement of a home up to $200,000. The loan balance will be reduced by your insurance settlement. However, the opportunity for an SBA disaster loan may be lost if you wait until after the application deadline.
  • SBA can help renters repair or replace disaster-damaged personal property. Renters, as well as homeowners, may borrow up to $40,000 to repair or replace clothing, furniture, appliances and damaged vehicles.
  • Disaster loans offer low rates and long-term repayment plans. Interest rates are as low as 4 percent for businesses, 2.625 percent for nonprofit organizations and 1.813 percent for homeowners and renters with terms up to 30 years. The SBA sets loan amounts and terms based on each applicant’s financial condition.

For more information, homeowners, renters and businesses may call the SBA at 800-659-2955 (TTY 800-877-8339), send an email to DisasterCustomerService@sba.gov or visit SBA.gov/Disaster. Survivors can complete disaster loan applications online at https://DisasterLoan.SBA.gov/ELA.

Survivors can visit any of the five disaster recovery centers open in Mississippi to sit down and talk with an SBA representative in person. Disaster recovery center locations can be found by visiting FEMA.gov/DRC or by calling the FEMA helpline at 800-621-3362 (TTY 800-462-7585.)

Survivors who have not yet registered with FEMA can do so online at DisasterAssistance.gov, or by calling the FEMA helpline at 800-621-3362. Survivors who are deaf, hard of hearing or speech impaired can call TTY 800-462-7585.

For more information on Mississippi’s disaster recovery, visit fema.gov/disaster/4248 and msema.org.

###

All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD).

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who receive SBA loan applications must submit them to SBA loan officers to be eligible for assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

Last Updated: 
January 21, 2016 - 17:43
State/Tribal Government or Region: 

After months of dismissing news reports that the company may be considering selling its data centers as rumors, Verizon Communications CFO Francis Shammo finally confirmed that the reports were true.

Speaking with analysts during the company’s fourth quarter 2015 earnings call Thursday, Shammo said the company was exploring opportunities to sell the assets. “We will always look for opportunities,” he said. “The data centers is an exploratory exercise to see if the asset is more valuable inside or outside the portfolio."

Last year, Verizon sold its wireless communications towers, switching from an ownership to a leasing model, and it views its data centers in a similar fashion. If it can sell its data centers in a way that will free up capital that can be used for higher-return investments, they will be sold.

...

http://www.datacenterknowledge.com/archives/2016/01/21/verizon-confirms-may-sell-data-centers/

The term enterprise risk management (ERM) is now bandied around so widely in the business world it would seem reasonable to assume that everyone is doing it. The current reality is significantly different.

The AICPA’s 2015 Report on the Current State of Enterprise Risk Oversight provides some useful insights into where organizations actually are in their risk management practices.

Go back 30 years or so and the term was far from being in common use. The Harvard Business Review published an article in 1996 entitled “The New Religion of Risk Management,” focusing on probability theory, business complexity and the role of computer technology. Conceptually, this may well have had much in common with today’s context for risk management—but in practice, it was seen in a very different light as being more of a technique practiced by specialized statisticians and high-priced consultants.

...

http://corporatecomplianceinsights.com/risk-management-not-yet-enterprise-for-many-organizations/

As tech companies defend the use of encryption and users' privacy over governments' widening survelliance demands at the World Economic Forum in Davos this week, similar battles are brewing from New York to California that potentially carry a legislative bite.

In Davos-Klosters, Switzerland, the World Economic Forum on Thursday held a panel titled Privacy and Secrecy in the Digital Age that explored such issues as whether companies can artfully balance the need for secrecy and security held by consumers and governments. Concerns over privacy and security are increasingly becoming a global debate, as high-profile cases like the Paris attacks point to terrorists using online tools to communicate with each other and attract potential members. 

But as governments throughout the world call on tech companies to provide access to users' encrypted information and data, as well as other private information, those companies often contend that any encryption workaround could potentially weaken security and make it easier for hackers to infiltrate. This, in turn, would create a chilling effect on the use of such technology over of privacy concerns.

...

http://www.informationweek.com/government/encryption-vs-privacy-battles-rage-from-davos-to-us-/d/d-id/1324003

Friday, 22 January 2016 00:00

8 Ways To Monetize Data

Data is the new currency. Armed with it, new companies are disrupting established industries, and traditional businesses are transforming the way they operate. Not all organizations are equally adept at translating data into dollars, but their ability to do so is impacting their ability to compete.

"Where knowledge is power, data is wealth. It's not intrinsic in the data, it's what you do with it," said Bruce Daley, an analyst at market intelligence firm Tractica and author of Where Data Is Wealth: Profiting From Data Storage in a Digital Society. "The companies that are most progressive in thinking about data differently are the companies that are changing the economy, like Google and Uber. Most businesses lag way behind in terms of the idea that data could be their primary reason for being."

Some businesses, such as information service providers, have always been about deriving value from data. However, the ability to use and monetize data is now impacting almost every type of business. As a result, driving value from data must now be contemplated as part an overall business strategy.

...

http://www.informationweek.com/big-data/big-data-analytics/8-ways-to-monetize-data/d/d-id/1323932

If you haven’t thoroughly analyzed your vendor resiliency and potential supply chain interruptions, there may be a gaping hole in your business continuity plan no matter how thorough your internal team has been according to the PwC whitepaper, “Business continuity beyond company walls: When a crisis hits, will your vendors’ resiliency match your own?” As the business world becomes more intertwined and dependent, it is essential for you to assess the resiliency of your vendors with these five steps in order to be sure you can count on your vendors when a crisis strikes.

...

http://www.missionmode.com/blog/5-steps-to-verify-vendor-resiliency/

Without skilled professionals running the operations, how effective are our security systems? More importantly, how mature are these security systems?

According to Hewlett Packard Enterprise’s newly released study, State of Security Operations Report 2016, companies are failing when it comes to security monitoring and goals. The report measured four areas of performance in security maturity: people, processes, technology and business function. As the report stated:

The reliable detection of malicious activity and threats to the organization, and a systematic approach to manage those threats are the most important success criteria for a mature cyber defense capability.

...

http://www.itbusinessedge.com/blogs/data-security/lack-of-skilled-security-pros-leads-to-less-mature-security-operations.html

A new survey of 402 small and medium-sized businesses (SMBs) indicated the majority of IT service providers received lower client satisfaction ratings than business-to-business (B2B) service industry benchmarks. 

The survey, conducted by B2B ratings and reviews website Clutch, showed IT services firms averaged a Net Promoter Score (NPS) of 13; comparatively, B2B companies typically average a 20 to 25 NPS, according to Clutch. 

What factors are affecting SMBs' views of IT service providers? Clutch noted that specialized IT services firms "may lack the ability to deliver strategic, top-level recommendations for their clients."

...

http://mspmentor.net/managed-services/are-it-service-providers-meeting-customers-expectations

In response to recommendations from the Government Accountability Office (GAO) and the Department of Homeland Security’s (DHS) Office of Inspector General, FEMA has posted a notice of proposed rulemaking in the Federal Register seeking comment on the concept of a disaster deductible for states and local governments in lieu of raising the threshold for disaster declarations.

The concept of the deductible would be tied to a predetermined “level of financial commitment” as a condition of eligibility for financial assistance under the Public Assistance Program made available through presidential disaster declarations.

The overall goal is to reduce the burden on taxpayers through mitigation incentives and risk-informed decisions that promote resilience.

Faced with the recommendations from the GAO and Office of the Inspector General that would raise the threshold for disaster declarations, which the agency thought would be regressive and put many states in a precarious position, FEMA staff came up with the deductible concept but is seeking details from state and local emergency managers. “This is not a done deal; this is a concept that we’re asking the state and local emergency managers to weigh in on,” said FEMA Administrator Craig Fugate. “We still have to respond back to the GAO and Inspector General about how we are going to address their concerns that the threshold for getting a declaration is too low.”

...

http://www.emergencymgmt.com/disaster/FEMA-Seeks-Comment-on-Potential-Disaster-Deductible-Concept.html

Thursday, 21 January 2016 00:00

New Thinking in Data Lake Design

The closer the enterprise gets to implementing Big Data analytics, the more daunting it appears. Even organizations that are well-versed in data warehousing realize that building infrastructure for the so-called “data lake” is a completely different ballgame.

Not only does the data lake require large amounts of computing power and storage access, it has to be integrated with cutting-edge analytics, automation, orchestration and machine intelligence. And ideally, this state-of-the-art infrastructure should be accessible to the average business executive who has little or no experience in the data sciences.

But as we’ve seen many times, things that seem impossible at the outset are often possible once you put your mind to it. And data lake technology is already starting to make its mark at the top end of the enterprise market and shows every indication of trickling down to the lower tiers.

...

http://www.itbusinessedge.com/blogs/infrastructure/new-thinking-in-data-lake-design.html

Thursday, 21 January 2016 00:00

Report: OpenStack Hampered by Skills Shortage

More than eighty percent of enterprises plan to adopt OpenStack as a cloud computing solution or already have. Yet, half of organizations that have tried to implement it have failed, hampered by lack of open source cloud computing skills. That’s according to a survey out this week from SUSE, the Linux vendor, which sheds vital light on current OpenStack adoption trends.

The survey results suggest strong enthusiasm for open source cloud computing, with ninety-six percent of respondents reporting they “believe there are business advantages to implementing an open source private cloud,” according to SUSE.

Strong interest in private clouds of the type OpenStack enables is also clear. Ninety percent of businesses surveyed have already implemented at least one private cloud, SUSE reported.

...

http://www.datacenterknowledge.com/archives/2016/01/20/suse-openstack-cloud-demand-high-but-hampered-by-skills-shortage/

The problem of e-waste, which has been growing for decades, shows no signs of receding in terms of the amount of retired products that are produced. The good news, however, is that the current focus on environmental issues appears to be creating an atmosphere in which more substantial actions are possible.

Curbed lays out the e-waste problem, which is pretty straightforward: People buy huge amounts of electronic equipment. Those numbers continue to grow. Two things are true of that equipment: Only a small portion gets recycled or carefully destroyed when its useful life ends and the vast majority of the equipment contains dangerous elements.

The numbers are staggering:

...

http://www.itbusinessedge.com/blogs/data-and-telecom/e-waste-problem-lingers-but-hopeful-signs-emerging.html

If you use a cloud service or let your employees access company systems from their own smartphones, you’ve probably already noticed how your IT security world has expanded. What used to be a tightly defined domain behind a firewall has morphed into something that now extends to the far confines of cyberspace. As a matter of principle, any business data that travels outside the company perimeter is automatically at greater risk, even if enterprises make great efforts to keep the risk delta as small as possible. However, the macro style solution of a bigger firewall no longer works when you have to deal with the Internet at large. Micro-oriented approaches offer another approach.

In essence, the idea is to equip each piece of data, each application, each system and each user with the security required to function autonomously and securely, whether inside or outside the traditional IT security perimeters. Instead of an external blanket approach to try to shield everything from harm, security is built in from the inside towards the outside.

...

http://www.opscentre.com.au/blog/micro-answers-to-expanding-it-security-perimeters/

Thursday, 21 January 2016 00:00

Slack space, or the devil is in the details

When I told you in my previous email that the only way to successfully erase a file is to COMPLETELY overwrite it, I wasn’t just trying to be dramatic. A few months ago, my friend had mistakenly deleted some photos from her SD card, so I encouraged her to try out some data recovery software. She was very surprised to find not only the pictures that she’d deleted, but also some very old ones — including her parents’ holiday pictures from when they used the SD card with their own camera.

I mentioned before that when a file is deleted, the physical slot in which it is stored becomes free, and new data can be saved there. So it might be tempting to leave things to run their course and wait for the file to be overwritten by another. Don’t give in to that temptation — waiting is not enough. Here’s why:

...

http://blog.krollontrack.co.uk/concepts-explained/slack-space-or-the-devil-is-in-the-details/

QTS Realty Trust has been one of the fastest-growing publicly traded data center REITs since its 2013 IPO, and its shares returned more than 80 percent price appreciation to shareholders for the last two years.

Can the company maintain this momentum going into 2016? That’s the question we asked its CIO Jeff Berson and COO Dan Bennewitz in a recent interview.

Last week, JP Morgan selected QTS as one of two data center REITs with an Overweight rating, along with sector peer CyrusOne.

...

http://www.datacenterknowledge.com/archives/2016/01/21/qts-execs-share-data-center-strategy-for-maintaining-growth/

According to the latest predictions from analyst firm IDC, “more than 80% of enterprise IT organizations will commit to hybrid cloud by 2017.” That means that your organization is likely to evaluate an Infrastructure-as-a-Service (IaaS) solutions this year, if you haven’t chosen one already. As you consider options, it can be difficult to evaluate the different management platforms and sort through the vendor claims. A team of technical experts developed a list of evaluation criteria to make it easier. They have recently published a white paper that provides a clear comparison between Cisco UCS Director and HPE OneView.  The paper looks at three critical areas of IaaS functionality:

  • Orchestration and automation
  • Self-service provisioning
  • Heterogeneous provisioning and management

A concise side-by-side comparison is provided in a table on page 5 of the document with details provided in the other sections of the paper.

...

http://blogs.cisco.com/datacenter/evaluating-iaas-solutions-comparing-ucs-director-to-hpe-oneview

AUSTIN, Texas – Texas homeowners and renters who have registered for disaster assistance with the Federal Emergency Management Agency (FEMA) are encouraged by recovery officials to “stay in touch,” even after the Jan. 25 application deadline.

Applicants changing their addresses or phone numbers should update that information with FEMA. Missing or erroneous information could result in delays getting a home inspection or in receiving assistance.

FEMA has provided two ways for homeowners and renters to update their information:

  • Log on to the FEMA website at DisasterAssistance.gov to upload documents, and
  • Call the toll-free FEMA Helpline (voice, 711 or relay service) at 800-621-3362. TTY users should call 800-462-7585. Lines are open 7 a.m. to 10 p.m. seven days a week. Multilingual operators are available.

When updating status information, callers should refer to the nine-digit number issued at registration. This number is on all correspondence applicants receive from FEMA and is a key identifier in tracking assistance requests.

For more information on Texas recovery, visit the disaster web page at www.fema.gov/disaster/4245, Twitter at https://www.twitter.com/femaregion6 and the Texas Division of Emergency Management website, https://www.txdps.state.tx.us/dem.

###

All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD).

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.  

The SBA is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. SBA helps businesses of all sizes, private non-profit organizations, homeowners and renters fund repairs or rebuilding efforts and cover the cost of replacing lost or disaster-damaged personal property. These disaster loans cover losses not fully compensated by insurance or other recoveries and do not duplicate benefits of other agencies or organizations. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing disastercustomerservice@sba.gov, or visiting SBA’s website at www.sba.gov/disaster. Deaf and hard-of-hearing individuals may call 800-877-8339.

Last Updated: 
January 19, 2016 - 09:32
State/Tribal Government or Region: 
 

Skip footer content.

 

 

(TNS) - State officials have ended a ban on public bird shows and sales in North Carolina because they say it’s no longer needed to prevent the spread of a deadly avian flu virus.

But state and industry officials also say the threat of a flu outbreak will never go away, meaning some of the measures adopted in recent months to protect the state’s $5 billion poultry-growing industry will become common practice.

“Some of the ways we’ve done business in the past can’t be the way we do business going forward,” said State Veterinarian Doug Meckes. “All that guidance, all the caution, has been taken to heart, and I know the poultry industry has changed the way they do business.”

...

http://www.emergencymgmt.com/health/Avian-flu-scare-over-in-NC-but-vigilance-continues.html

Wednesday, 20 January 2016 00:00

New 911 Center Enters Final Stretch

(TNS) - Construction of a new, $8.25 million 911 call center, which will serve residents throughout Doña Ana County, has entered the final stretch.

The project has seen several delays, putting it months behind schedule. But it is still within budget, according to county and 911 call-center officials.

Staff with the 911 dispatch center organization, known as the Mesilla Valley Regional Dispatch Authority, have been eager to move into the new building, which will replace an aging and outdated facility near Lohman Avenue and South Main Street.

MVRDA Executive Director Hugo Costa said the work is in its final weeks.

...

http://www.emergencymgmt.com/next-gen-911/New-911-center-enters-final-stretch.html

Wednesday, 20 January 2016 00:00

Putting the Cloud Pricing Wars in Perspective

As the enterprise becomes more steeped in the cloud, greater attention is being paid to the real costs of moving workloads onto third-party infrastructure.

The prevailing attitude is that the cloud is cheaper than on-premises in just about every circumstance, and by a wide margin. But is this really true? And does that mean we don’t need to run the same cost-benefit analysis in the cloud to make sure we are getting an optimal return on our investment?

After a brief respite, it seems that the price-cutting has resumed among the top public cloud providers. AWS and Google both announced price cuts shortly after the new year, and now Microsoft is following suit for its Azure service. All three are playing fast and loose with the cost basis, however, as they usually revolve around service bundling, machine categories, automated tiering and a host of other factors that can cause prices to fluctuate wildly.

...

http://www.itbusinessedge.com/blogs/infrastructure/putting-the-cloud-pricing-wars-in-perspective.html

Wednesday, 20 January 2016 00:00

ARE YOU MANAGING YOUR RISK?

The Bank Secrecy Act (BSA) requires that every Money Services Business (MSB) implement a BSA/anti-money laundering (AML) compliance program.  Risk assessments provide a clear view as to the organization’s policies and procedures. Failure to implement a comprehensive BSA/AML compliance program may result in significant fines and/or penalties by state and federal regulators. So what does this have to do with risk management?  Having a risk assessment allows the company to establish a comprehensive AML compliance program.

Regulations state that a company’s BSA/AML compliance program must be commensurate with the risks posed. This means that a comprehensive risk assessment must effectively evaluate the adequacy of policies, procedures and internal controls that have been developed to mitigate the company’s risk.

...

http://corporatecomplianceinsights.com/are-you-managing-your-risk/

Cybercrime is quickly rising as one of the leading causes of data center outages.

After having risen from being behind 2 percent of outages in 2010 to 18 percent in 2013, cybercrime caused 22 percent of data center outages in 2015, reported in a recent survey conducted by the Ponemon Institute and sponsored by Emerson Network Power. Cybercrime is now the fastest-growing cause of data center outages, the report’s authors said in a statement.

 

The biennial report’s primary focus is cost of data center downtime to the operators, and that cost is quickly rising. Among operators of the 60-plus data centers surveyed, the average total cost per minute of unplanned downtime went from about $8,000 in 2013 to about $9,000 last year.

...

http://www.datacenterknowledge.com/archives/2016/01/19/cybercrime-fastest-growing-cause-data-center-outages/

Wednesday, 20 January 2016 00:00

Nine Main Challenges in Big Data Security

Every year the protection of private and confidential information gains more and more attention. According to the World Quality Report 2015-16, the only global report for application quality, security is the most highly ranked priority in the IT strategies used by survey respondents.

Until recently, a company’s applications were mainly internal and its security was viewed as low risk. However, with the increased adoption of web-based, mobile and cloud-based applications, sensitive data has become accessible from different platforms. These platforms are highly vulnerable to hacking, especially if they are low-cost or free.

Nowadays, organizations are collecting and processing massive amounts of information. The more data is stored, the more vital it is to ensure its security. A lack of data security can lead to great financial losses and reputational damage for a company. As far as Big Data is concerned, losses due to poor IT security can exceed even the worst expectations.

...

http://www.datacenterknowledge.com/archives/2016/01/19/nine-main-challenges-big-data-security/

Wednesday, 20 January 2016 00:00

The IoT, IPv6 and DDoS: A Dangerous Mix

The Internet is awash in new things, and two of them, IPv6 and the Internet of Things (IoT), could potentially lead to a whole lot of trouble. Experts say that it is possible that the new addressing scheme, which is necessary to accommodate the explosion of wireless technology and the billions of IoT devices that are flooding the Internet, will create a landscape that allows malicious hackers (crackers) to launch potentially potent distributed denial of service (DDoS) attacks.

A DDoS attack is launched when crackers take over numerous Internet endpoints and turn them into “bots.” These bots, as the name implies, do the bidding of the bad guys. In a DDoS attack, the bots are instructed to repeatedly send data in an effort to overwhelm the target and take it offline.

Together, the IoT and IPv6 raise a series of concerns, as Rene Papp has pointed out at Dark Reading, writing that a number of factors point to potential danger: Tools aimed at identifying malicious traffic in IPv6 are immature and the devices that translate between IPv4 and IPv6 are “brittle.” The term is a shortcut for the idea that the devices’ CPU, memory and bandwidth tend to be maxed out by the stringent demands of mediating the relationship between IPv4 and IPv6.

...

http://www.itbusinessedge.com/articles/the-iot-ipv6-and-ddos-a-dangerous-mix.html

AUSTIN, Texas – State and federal recovery officials encourage Texas residents to watch for and report any suspicious activity or potential fraud from scam artists, identity thieves and other criminals who may try to prey on survivors vulnerable due to the October severe storms, tornadoes, straight-line winds and flooding. The Federal Emergency Management Agency (FEMA) does not endorse any commercial businesses, products or services. FEMA encourages survivors to be especially vigilant for these common post-disaster fraud practices: 

• Fraudulent building contractors. When hiring a contractor: 

o Use licensed local contractors backed by reliable references. 

o Demand that contractors carry general liability insurance and workers’ compensation. 

o Don’t pay more than half the costs of repairs upfront. 

• Bogus pleas for post-disaster donations: Unscrupulous solicitors may play on the emotions of disaster survivors. Disaster aid solicitations may arrive by phone, email, letter or face-to-face visits. 

o Verify legitimate solicitations by asking for the charity’s exact name, street address, phone number and Web address, then phone the charity directly and confirm that the person asking for funds is an employee or volunteer. 

o Don’t pay donations with cash. 

o Request a receipt with the charity’s name, street address, phone number. 

• Fake offers of state or federal aid: 

o Beware of visits, calls or e-mails — claiming to be from FEMA or the State of Texas — asking for an applicant’s Social Security number, bank account number or other sensitive information. Avoid scam artists who promise a disaster grant and ask for large cash deposits or advance payments in full. 

o Federal and state workers do not solicit or accept money. FEMA and U.S. Small Business Administration staff never charge applicants for disaster assistance, inspections or help in filling out applications. 

• Phony housing inspectors: Homeowners and registered FEMA applicants may be vulnerable to phony housing inspectors claiming to represent FEMA or the SBA. 

o Inspectors have each applicant’s nine-digit registration number. FEMA inspectors NEVER require banking or other personal information. 

o The job of FEMA housing inspectors is to verify damage. Inspectors do not hire or endorse specific contractors to fix homes or recommend repairs. They do not determine eligibility for assistance. 

If you suspect fraud, call the FEMA Disaster Fraud Hotline at 866-720-5721. If you are the victim of a home repair scam or price gouging, call the Office of the Texas Attorney General at 800-252-8011. Texas homeowners and renters who register for disaster assistance with the Federal Emergency Management Agency (FEMA), prior to the Jan. 25 deadline, are encouraged by recovery officials to "stay in touch." Survivors changing their address or phone numbers should update that information with FEMA. Missing or erroneous information could result in delays getting a home inspection or in receiving assistance. 

Survivors with questions regarding the application or the appeals process, or who need to register for assistance may visit online at DisasterAssistance.gov or by phone (voice, 711 or relay service) at 800-621-3362. (TTY users should call 800-462-7585.) The toll-free lines are open 7 a.m. to 10 p.m. seven days a week. Multilingual operators are available. For more information on Texas recovery, visit the disaster web page at www.fema.gov/disaster/4245Twitter at https://www.twitter.com/femaregion6 and the Texas Division of Emergency Management website, https://www.txdps.state.tx.us/dem

### 

All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD). 

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards. 

The SBA is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. SBA helps businesses of all sizes, private non-profit organizations, homeowners and renters fund repairs or rebuilding efforts and cover the cost of replacing lost or disaster-damaged personal property. These disaster loans cover losses not fully compensated by insurance or other recoveries and do not duplicate benefits of other agencies or organizations. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing disastercustomerservice@sba.gov, or visiting SBA’s website at www.sba.gov/disaster. Deaf and hard-of-hearing individuals may call 800-877-8339. 

Visit www.fema.gov/texas-disaster-mitigation for publications and reference material on rebuilding and repairing safer and stronger.

Last Updated: 
January 19, 2016 - 15:32
 
State/Tribal Government or Region: 
Wednesday, 20 January 2016 00:00

Destroying Data: Mission Impossible

Why is it possible to recover files that have already been deleted? It’s because a file remains on the hard drive until the physical place where it’s stored becomes overwritten with another file. The process of overwriting is beyond the user’s control (although of course the likelihood of deleted files being overwritten is higher the more files you subsequently save onto your hard drive). Both deleting a single file and formatting a partition are processes that involve system modifications within the file allocation tables (some of the most popular file systems – such as FAT and NTFS – are based on a system of file allocation tables). This process doesn’t include the disk space, which is modified only when another process of writing a file begins, after the file has been ‘deleted’ or the partition has been formatted. So if nothing gets written over the physical space that is occupied by the removed file, it will be fairly easy to restore it (there’s a detailed instruction of how to do it on our blog).

The same goes for all system files that I mentioned previously (such as temporary files, paging files, print and hibernation files), even if a file has been overwritten in one place, it could still be restored from some other place on the hard drive. So as you can see, ‘manual’ deletion is more like playing a game of cat and mouse with your data.

...

http://blog.krollontrack.co.uk/concepts-explained/destroying-data-mission-impossible/

Welcome to 2016 – the year of our digital [r]evolution.

The next few years will be defining moments for the modern data center and the entire cloud ecosystem. We’re beginning to see more markets, industries, and verticals adopting next-generation technologies. All of this impacts the way we design data centers and all of the resource supporting our diverse applications and users.

We’ve reached a point where almost every person has a digital footprint. We can create a digital identifier with critical pieces of information for babies who don’t even have a heartbeat yet. Our data is in the cloud before we’re even born. That’s something we must all become accustomed to.

Today, new market disruptors are pushing organizations to rethink their entire business strategies and find ways to intelligently align their IT environments. With all of this in mind, let’s take a look at the top five trends that will be impacting your data center and cloud environments in 2016.

...

http://www.datacenterknowledge.com/archives/2016/01/20/top-five-data-center-and-cloud-considerations-for-2016/

Five of the seven individual billion-dollar insured loss natural disaster events in 2015 were recorded in the United States, according to Aon Benfield’s Annual Global Climate and Catastrophe Report.

The other two billion dollar events were recorded in Europe.

All of the events were weather-related and below the average of eight. The five events in the U.S. were equal to the 2000-2014 average.

...

http://www.iii.org/insuranceindustryblog/?p=4322

Tuesday, 19 January 2016 00:00

BCI: The high cost of natural disasters

The high cost of natural disasters

Not much more than a quarter of global economic losses caused by natural catastrophes during 2015 were covered by insurance according to a new report by Aon Benfield. During the year there were 300 separate global natural disasters, as defined by the report's authors, significantly more than the 15-year average of 269 events. These caused a combined global economic loss of US$123, yet only US$35 billion was covered by insurance.

Despite the higher than average number of incidents, losses were down overall with the global economic loss being 30% below the 15-year average of US$175 billion, and the total insured loss being 31% below the 15-year average of US$51 billion. The Annual Global Climate and Catastrophe Report highlighted that there were 14 multi-billion dollar economic loss events around the world, with the costliest being forest fires that burned out of control in Indonesia. At US$16.1 billion, The World Bank noted that the economic loss from the fires represented 1.9% of the country's GDP.

Stephen Mildenhall, Chairman of Aon Analytics, said: "In many regions, economic catastrophe losses are very material relative to national GDP and yet are insured at much lower levels than in the United States and Europe. Of our top five economic losses, four occurred outside the United States and yet none of these was a top 10 insured loss owing to low insurance penetration in the affected countries."

The study reveals that the three costliest perils – flood, severe thunderstorm, and wildfire – accounted for 59% of all economic losses during the 12 months under review.

Steve Bowen, Associate Director and Meteorologist at Impact Forecasting, said: "While a notable uptick in recorded natural disaster events did not directly translate to greater financial losses in 2015, the year was marked by 31 individual billion-dollar disasters, or 20% more than the long-term average. For just the fourth time since 1980, there were more than 30 such events in a year. Asia once again incurred the greatest overall economic losses, representing 50% of the world total and four of the five costliest events. Despite 32% of global economic losses occurring in the United States, it accounted for 60% of the insured loss and seven of the top 10 costliest insured events."

Tuesday, 19 January 2016 00:00

Striving for Balance Between Data and Power

The data center is becoming more efficient by the day. This much is a given. But data loads are also increasing at an exponential rate, which leads many to believe that the two trends will cancel each other out: more data, but processed more efficiently, leading to a net neutral effect on things like energy consumption.

But is this really the case? Will our insatiable demand for data be met in perpetuity, or is there a risk that at some point it will exceed the support capabilities of worldwide energy production?

For starters, let’s look at the data side. According to Synergy Research Group, the cloud market alone is growing at a rate of about 28 percent per year. This is in terms of revenue growth, not infrastructure development, but it still points to a rapidly expanding market that will have to invest in new buildings and systems if it hopes to maintain this pace. And since this is the cloud, expect these facilities to be large and getting larger. The silver lining, of course, is that giant regional facilities serving multiple enterprises are bound to be more efficient than multiple smaller data centers each serving one owner.

...

http://www.itbusinessedge.com/blogs/infrastructure/striving-for-balance-between-data-and-power.html

On Monday, the U.S. Supreme Court declined to consider an appeal from Nestle, Archer Daniel Midlands Co. and Cargill Inc., allowing a slave and child labor lawsuit to proceed against the three food industry giants.

Three plaintiffs who claim they were trafficked from Mali as child slaves and forced to work harvesting and cultivating beans in Cote d’Ivoire, and allege that the companies aided, abetted or failed to prevent the torture, forced labor and arbitrary detention they suffered.

According to Reuters:

The plaintiffs, who were originally from Mali, contend the companies aided and abetted human rights violations through their active involvement in purchasing cocoa from Ivory Coast. While aware of the child slavery problem, the companies offered financial and technical assistance to local farmers in a bid to guarantee the cheapest source of cocoa, the plaintiffs said.

...

http://www.riskmanagementmonitor.com/legal-woes-highlight-dangers-of-the-food-industry-supply-chain/

Following is a summary of key federal disaster aid programs that can be made available as needed and warranted under President Obama's disaster declaration issued for the State of Washington.

Assistance for the State and Affected Local and Tribal Governments Can Include as Required:

  • Payment of not less than 75 percent of the eligible costs for emergency protective measures taken to save lives and protect property and public health. Emergency protective measures assistance is available to state, eligible local and tribal governments on a cost-sharing basis. (Source: FEMA funded, state administered.)
  • Payment of not less than 75 percent of the eligible costs for repairing or replacing damaged public facilities, such as roads, bridges, utilities, buildings, schools, recreational areas and similar publicly owned property, as well as certain private non-profit organizations engaged in community service activities. (Source: FEMA funded, state administered.)
  • Payment of not more than 75 percent of the approved costs for hazard mitigation projects undertaken by state and local governments to prevent or reduce long-term risk to life and property from natural or technological disasters.  (Source: FEMA funded, state administered.)

How to Apply for Assistance:

  • Application procedures for state, local and tribal governments will be explained at a series of federal/state applicant briefings with locations to be announced in the affected area by recovery officials. Approved public repair projects are paid through the state from funding provided by FEMA and other participating federal agencies.

FEMA’s mission is to support our citizens and first responders and ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Stay informed of FEMA’s activities online: videos and podcasts available at http://www.fema.gov/medialibrary">www.fema.gov/media-library and http://www.youtube.com/fema">www.youtube.com/fema; follow us on Twitter at www.twitter.com/fema and on Facebook at www.facebook.com/fema.

OXFORD, Miss. – Less than a month after severe storms, tornadoes and flooding swept across Mississippi, more than $1.5 million in state and federal disaster assistance has been approved to help those affected by the storms.

The Federal Emergency Management Agency has been contacted by 775 people for help or information regarding disaster assistance.

In addition to FEMA grants for individuals and families, other forms of disaster assistance are provided by partner agencies such as the U.S. Small Business Administration and voluntary agencies. The Mississippi Emergency Management Agency and FEMA often refer survivors to those agencies. All businesses are also referred to the SBA. Some survivors may be interested in other programs such as disaster unemployment assistance and disaster legal services.

The following is a snapshot of the disaster recovery effort as of Jan. 15:

  • Nearly 170 individuals and households approved for FEMA grants, including:
    • Nearly $1.3 million approved for housing grants, including short-term rental assistance and home repair costs.
    • More than $264,000 approved to cover other essential disaster-related needs such as medical and dental expenses and lost personal possessions.
  • 489 home inspections completed.
  • 283 visits to disaster recovery centers by people affected by the disaster.
  • Five disaster recovery centers open in Individual Assistance-designated counties.

No matter the degree of loss or insurance coverage, survivors in the five disaster-designated Mississippi counties are urged to apply for help. The Individual Assistance-designated counties are Benton, Coahoma, Marshall, Quitman and Tippah. Survivors can use any of the following methods to register:

  • By phone, call 800-621-FEMA (3362). People who are deaf, hard of hearing, or speech-impaired and use a TTY should call 800-462-7585. Lines are open 7 a.m. to 10 p.m. local time. Assistance is available in most languages.
  • Online registration can be done by computer, tablet, iPhone, Android or other mobile device at www.DisasterAssistance.gov.

Survivors who register with FEMA and are referred to SBA will be contacted with options on how to apply for a low-interest disaster loan. After being contacted by SBA, survivors should complete and submit an application even if they do not plan to accept a loan in order to continue the federal assistance process. It is part of the FEMA grant process and can pave the way for additional disaster assistance. SBA disaster loans are available with interest rates as low as 2.188 percent and terms up to 30 years.

Complete the SBA application online at https://disasterloan.sba.gov/ela. Call the SBA customer service center with questions at 800-659-2955. People who are deaf or hard of hearing and use a TTY can call 800-877-8339. For more information, visit sba.gov/disaster.

For more information on Mississippi disaster recovery, go to fema.gov/disaster/4248. Visit the MEMA website at msema.org or on Facebook at facebook.com/msemaorg.

###

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). For TTY call 800-462-7585.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who receive SBA loan applications must submit them to SBA loan officers to be eligible for assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

Tuesday, 19 January 2016 00:00

BCM / DR: Managing a Schedule

When planning our various BCM/DR components, you need to build and maintain some level of a schedule.  If you don’t have a schedule built for let’s say the BIA or the development of a Crisis Communications Plan, then Executives will never know when to expect the results and participants will continually ‘put you off’.  This is because they’ll know there’s no deadline so there’s no level of urgency to complete their tasks and thus, the BCM/DR component will never be completed.

When you do develop a schedule, don’t develop it in a silo.  You need participation and feedback from everyone involved so that dates and timelines are realistic and achievable.  If not, then no one will buy into your schedule and will do what they want when they want to- if at all.

A schedule also helps other managers assign resources at the appropriate times, as it’s their job to ensure their department employees are fully engaged with work and those that have timelines and specific goals and objectives will end up with the resources.  Your project – BCM program components – will fall by the wayside because you don’t have it mapped out for when they need to have a resource(s) available to assist.  If they don’t/ know when you need someone, they can’t and won’t, keep a resource sitting on the sidelines.

...

https://stoneroad.wordpress.com/2016/01/16/bcm-dr-managing-a-schedule/

Following is a summary of key federal disaster aid programs that can be made available as needed and warranted under President Obama's emergency disaster declaration issued for the State of Michigan.

Assistance for the State and Affected Local Governments Can Include as Required:

  • FEMA is authorized to provide appropriate assistance for required emergency measures, authorized under Title V of the Stafford Act, to save lives and to protect property and public health and safety, or to lessen or avert the threat of a catastrophe in the designated areas.
  • Specifically, FEMA is authorized to provide emergency protective measures (Category B), limited to direct Federal assistance, under the Public Assistance program at 75 percent Federal funding. This emergency assistance is to provide water, water filters, water filter cartridges, water test kits, and other necessary related items for a period of no more than 90 days. 

FEMA’s mission is to support our citizens and first responders and ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Stay informed of FEMA’s activities online: videos and podcasts available at http://www.fema.gov/medialibrary">www.fema.gov/media-library and http://www.youtube.com/fema">www.youtube.com/fema; follow us on Twitter at www.twitter.com/fema and on Facebook at www.facebook.com/fema.

Tuesday, 19 January 2016 00:00

What is the black market value of your data?

In 2008 two big banks — The Royal Bank of Scotland (RBS) and NatWest — experienced a massive security breach. When an employee sold an old company computer on eBay, private data of over a million clients was compromised — their credit histories, details of their bank transfers and even their signatures leaked out. All of this valuable and sensitive data had been purchased for a mere £35. Two years later, in 2010, a similar story happened at NASA – the agency decided to sell redundant IT equipment left over from the defunded space programme. It soon turned out that many of those computers had contained ‘highly sensitive’ data, and the whole thing ended in a scandal.

Gigantic dumping grounds of e-waste, most of which are located in Africa, Asia and South America, are routinely scoured by professional scavengers who specialise in salvaging old equipment and retrieving valuable data left on old hard drives. In Ghana, Nigeria and Guatemala, our old hard drives full of sensitive data collected by banks, the healthcare industry and e-commerce end up on piles of landfill. Some of that data could potentially compromise national security (of most countries, including the US), while some could no doubt compromise your personal online identity. All it takes to dig it out is a lot of free time and some determination.

There are plenty of takers for your bank accounts, infrastructure and personal data. Some of them might be closer to you than others, but they all know exactly what to look for. If you’re still not convinced that it’s worth your while to wipe your storage devices properly, just take a look at this list of things that could be found on them:

...

http://blog.krollontrack.co.uk/concepts-explained/what-is-the-black-market-value-of-your-data/

Employers focus on flexible working to manage absence rates

Blue Monday is considered by some to be the day when employers should brace themselves for the possibility of increased absences as staff struggle with low morale and motivation following the Christmas break.

While a quarter (25%) of UK employers have seen their absence rates improve over the last 12 months, one in 10 have seen their rates worsen over the same time period according to new research from Group Risk Development (GRiD).

Of course it is not just on Blue Monday that organizations should be prepared to manage staff absences, but every day. There are many reasons why staff could be absent with illness being one of them. The Business Continuity Institute’s latest Horizon Scan Report highlighted that Human Illness was a major threat to organizations with 42% of business continuity professionals expressing concern about the prospect of this threat materialising. It is therefore essential that organizations have succession plans in place, so important work does not get missed during someone’s absence.

According to the study by GRiD, 57% of businesses said absence cost them up to 4% of payroll, but employers are using a range of initiatives to address this, and to improve general attendance. This includes introducing flexible working initiatives (36%), a 4 percentage points increase on last year, allowing employees to work around schedules which suit them. By introducing flexible working, it also enables organizations to become more adaptable to other crises that may arise.

It is estimated that long-term sickness absence costs private sector businesses in the UK a total of £4.17 billion a year, and is set to reach £4.81 billion a year by 2030. This makes it all the more important that employers work with staff to manage their return to work, maintain morale and invest in their wellbeing.

Katharine Moxham, spokesperson for Group Risk Development, said: “It’s important that strategies to manage absence are kept up, and that rates aren’t allowed to increase as it really will have a significant impact on business costs in the long-run. That said, it can’t be denied that a quarter have seen rates improve – whether or not this is down on last year – and employers are actively introducing initiatives that focus on the health and wellness of their staff. Flexible working can help to retain talented staff, allowing them to balance home commitments as well as focus on work.

(TNS) - Recent storms that deluged homes and cars, along with the likely prospect of more to come because of El Niño, have thrown into stark relief the region’s age-old approach to flood control.

Ahead of this month’s rain-related flooding, San Diego city officials repeatedly debated how fast and aggressively to perform the costly stormwater maintenance on its channels that are considered most prone to spilling over.

Officials said they inspected and cleared all of the city’s more than 24,000 storm drains and repaired several corrugated metal pipes in the run-up to the first series of storms.

...

http://www.emergencymgmt.com/disaster/Urbanization-financial-backlog-hurt-flood-control.html

(TNS) - A quiet, Pittsburgh-based cybersecurity nonprofit expects to announce plans this week for offices in New York City and Los Angeles, marking its first expansion out of Western Pennsylvania, the Tribune-Review has learned.

The National Cyber-Forensics & Training Alliance keeps a low profile but has been hailed by President Obama and national leaders for bringing together public agencies and private companies to fight online crime.

The group began informing its members about the expansion during the past two weeks.

“It's only going to make us stronger,” Matt LaVigna, the group's interim president, CEO and director of operations, told the Trib. “By going to Los Angeles and New York, these are going to be extensions of the work we're doing here. The command and control will still be here in Pittsburgh.”

...

http://www.emergencymgmt.com/safety/Pittsburgh-based-cybersecurity-nonprofit-to-expand-to-Los-Angeles-NYC.html

Tuesday, 19 January 2016 00:00

Flood Insurance: A Roll of the Dice

(TNS) - You’ve seen the headlines, and you’ve heard the hype.

Now you’ll have to decide: Does the arrival of El Niño call for buying flood insurance?

“Yes,” thousands of Californians have concluded. The Federal Emergency Management Agency, which administers the nation’s public flood insurance program, says more than 28,000 new policies were purchased from September through November, a 12 percent increase that is unmatched in recent history.

Stockton and much of San Joaquin County are prone to flooding at the bottom of this Central Valley bathtub. And this year, some Calaveras County residents may be vulnerable to mudslides from the Butte Fire burn scars.

...

http://www.emergencymgmt.com/disaster/Flood-insurance-A-roll-of-the-dice.html

(TNS) - Behind New Orleans, streets in Hampton Roads are the most vulnerable in the nation to sea level rise.

Picture Boush Street near Nauticus and City Hall Avenue up to MacArthur Mall as a new urban canal. Bits and pieces of roads in Chesapeake, Virginia Beach and Norfolk would be water.

That picture is bad, but even a little bit of permanent flooding drastically alters connectivity. Easy access from Downtown Norfolk to I-264 would be severed by the Boush Street/Waterside Drive artery. Many bridges are not expected to be inundated, but the roadway approaches are susceptible to flooding, making bridges inaccessible.

...

http://www.emergencymgmt.com/disaster/Transportation-planners-create-map-contingencies-for-sea-level-rise-effect-on-local-roads.html

Users of eBay may be the latest victims of a spearphishing campaign, thanks to an XSS security vulnerability. The good news is that eBay has patched the vulnerability. The bad news is that it is an example that spearphishing is a problem that’s not going away and, in fact, tops the list of security concerns among enterprises, according to a new study from Cloudmark.

Let’s start with the eBay story. According to ZDNet:

The Cross-Site Scripting (XSS) vulnerability, implemented through Java, allowed an attacker to inject their own malicious page within eBay via an iframe. MLT leveraged the weakness in eBay's domain to inject a login page into eBay's URL system, which made the malicious URL look like it was hosted on the legitimate eBay website.

...

http://www.itbusinessedge.com/blogs/data-security/spear-phishing-top-security-concern-for-it-decision-makers.html

OXFORD, Miss. – The Mississippi and federal emergency agencies are operating five disaster recovery centers in Mississippi to offer a number of services to individuals affected by the December storms. The centers, located in Benton, Coahoma, Marshall, Quitman and Tippah counties, are jointly operated by the Mississippi Emergency Management Agency and the Federal Emergency Management Agency in partnership with county and local agencies. They serve as one-stop-shops to provide community access to recovery services, referrals and information.

Anyone who needs reasonable accommodations when visiting the centers may request them by calling the FEMA helpline at 800-621-3362, or (TTY) 800-462-7585. Accommodations include American Sign Language interpreters, listening devices for the hard of hearing, magnifiers for low vision and video remote sign language interpreting. Service animals are welcome, and the centers are accessible to everyone.

While individuals are encouraged to register with FEMA before visiting a disaster center, they can use on-site services to contact FEMA and register for disaster assistance by calling 800-621-3362 or (TTY) 800-462-7585. Those who use 711-Relay or Video Relay Services can call 800-621-3362 to register. Online registration can be done at DisasterAssistance.gov by computer, tablet, iPhone, Android or other mobile device. MEMA and FEMA staff are available to answer questions on the status of applications and on special programs such as disaster unemployment assistance and disaster legal services.

Survivors are strongly encouraged to submit their claims to their private insurance providers early. If private insurance leaves coverage gaps, survivors may be eligible for FEMA assistance for their remaining needs. “Remaining needs” includes temporary lodging, personal property losses, medical or dental expenses, moving and storage fees or other costs not covered by personal insurance.

Applicants with questions about the determination letters they receive from FEMA can sit and talk with staff members who are prepared to explain the terms of the letters and to help applicants with the appeal process.

The Mississippi State Board of Contractors has provided the centers with two handouts – “A Consumer’s Guide to Home Improvement Contracts” and “Don’t Get Scammed!” – to aid people facing property repairs. State regulations require contractors to be licensed. Consumers can contact the Board’s hotline at 800-880-6161or 601-354-6161 to report fraudulent activity.

Center staff may direct storm survivors dealing with high levels of stress after the December storms to call the Mississippi Department of Mental Health hotline at 877-210-8513 from 9 a.m. to 4 p.m. Monday through Friday. The call is free and confidential.

Business owners, homeowners, renters and private nonprofit organizations whose losses were not fully covered by their private insurance can apply for a low-interest loan from the U.S. Small Business Administration. The SBA is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. An SBA representative is available at each center to assist applicants with the application process. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing disastercustomerservice@sba.gov, or visiting SBA’s website at sba.gov/disaster. Deaf and hard-of-hearing individuals may call 800-877-8339.

All of these resources are located at the following disaster recovery centers:

Benton County

Ashland Fire Department

60 Third St.

Ashland, MS 38603

Coahoma County

Clarksdale Civic Auditorium

506 East 2nd St.

Clarksdale, MS 38614

Marshall County

Spring Hollow Plaza

198 N. Memphis St.

Holly Springs, MS 38635

Tippah County

The former Magnolia Women’s Center

41 B Mitchell Ave.

Walnut, MS 38683

Quitman County

Marks Fire Department Station

108 W. Main St.

Marks, MS 38646

###

All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD).

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who receive SBA loan applications must submit them to SBA loan officers to be eligible for assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

Last Updated: 
January 18, 2016 - 17:53
State/Tribal Government or Region: 

Once upon a time, enterprises made products and supplied the occasional service. Now it seems this situation is being turned upside-down. The trend is to supply far more as a service or a subscription, with one-off product sales becoming the exception, instead of the rule. Much of this started in IT, as cloud computing became popular. Enterprises saw the advantage of paying for software and hardware usage month by month and according to how much they wanted, instead of large lump sum capital payments for resources they did not always use fully. Cloud providers often offered better business continuity too. But will the same be true when the client enterprises become service providers in their own right?

...

http://www.opscentre.com.au/blog/why-business-continuity-will-now-be-even-more-visible/

Remember Alice in Wonderland? For most of us, the world of data is a wonderland — we don’t care how it works, we just want it to work. But I’m here to take you all the way down the rabbit hole of binary code to show you what’s hiding at the bottom. You’ll have to be vigilant — a mole could follow you down there when you aren’t looking. You make a mistake, he infiltrates your hard drive!

Who could be a mole?

Data thieves, IT investigators, forensic data experts – one thing they all have in common is that they’d follow exactly the same traces when going through your hard drive (I will describe these traces in this part of the course). All of these could be used either against you, or to your advantage (for example, if you accidentally lose your data, it would be retrieved in the same way). Only someone intent on hurting you, who would go behind your back and without your consent, would be considered a mole. Here are some sample situations that would call for your heightened interest in thoroughly erasing your data:

...

http://blog.krollontrack.co.uk/concepts-explained/a-rabbit-hole-full-of-data-and-in-it-a-mole/

Remember the hover boards in the "Back to the Future" movies--those levitating skateboards that characters in the films used to get around? As you’ve no doubt seen if you’ve stepped outside your house lately, more than 25 years after they first appeared in those movies, hover boards are finally here—in the real world—sort of. (They unfortunately don’t actually levitate.)

Science fiction often provides the inspiration for real-world innovations. And one very recent example in the medical industry offers an important lesson to you as an MSP. An amazing new personal medical device, which CNN reported on in early 2015, is based on the fictional medical “tricorder” from Star Trek. The real device is a handheld scanner that, when placed against your forehead, measures your heart rate, blood pressure, oxygen levels and other key details about your health.

Then (and here’s the lesson for your MSP business) the device will send all of this medical data wirelessly, via a Bluetooth signal, to a smartphone or other device—or directly to your doctor.

...

http://mspmentor.net/blog/what-star-trek-can-teach-you-about-helping-your-healthcare-clients-secure-patient-data

Tuesday, 19 January 2016 00:00

BCI: A world at risk in 2016

A world at risk in 2016

An increased likelihood for all risks, from the environmental to society, the economy, geopolitics and technology, looks set to shape the global agenda in the coming year, the World Economic Forum’s Global Risks Report 2016 has found.

In this year’s annual survey, almost 750 experts assessed 29 separate global risks for both impact and likelihood over a 10-year time horizon. The risk with the greatest potential impact in 2016 was found to be a failure of climate change mitigation and adaptation. This is the first time since the report was published in 2006 that an environmental risk has topped the ranking. This year, it was considered to have greater potential damage than weapons of mass destruction (2nd), water crises (3rd), large-scale involuntary migration (4th) and severe energy price shock (5th).

The number one risk in 2016 in terms of likelihood, meanwhile, is large-scale involuntary migration, followed by extreme weather events (2nd), failure of climate change mitigation and adaptation (3rd), interstate conflict with regional consequences (4th) and major natural catastrophes (5th).

Geopolitical instability is exposing businesses to cancelled projects, revoked licenses, interrupted production, damaged assets and restricted movement of funds across borders. These political conflicts are in turn making the challenge of climate change all the more insurmountable – reducing the potential for political co-operation, as well as diverting resource, innovation and time away from climate change resilience and prevention,” said Cecilia Reyes, Chief Risk Officer of Zurich Insurance Group.

One potential black swan event could be in the area of technological risk. While cyberattacks rises slightly in terms of likelihood and impact in 2016, others, including failure of critical information infrastructure, appear to be declining as a risk in the eyes of experts. Technological crises have yet to impact economies or securities in a systemic way, but the risk still remains high, something that potentially may not have been fully priced in by experts.

Unemployment and under-employment appears as the risk of highest concern for doing business in more than a quarter of the 140 economies covered, and is especially featured as the top risk in two regions, sub-Saharan Africa and the Middle East and North Africa. The only region where it does not feature in the top five is North America. Energy price shock is the next most widespread risk, featuring in the top five risks for doing business in 93 economies. Cyberattacks, mentioned above, feature among the top five risks in 27 economies, indicating the extent to which businesses in many countries have been impacted already by this rising threat.

Tuesday, 19 January 2016 00:00

Enterprise Still Unclear on Storage

Of the three pillars of enterprise hardware – compute, storage and networking – the future of storage is the least clear. Servers are being virtualized and containerized, networking is being defined by software, but storage is still swirling amid a plethora of media types and architectures.

For any given application, then, data managers or their automated systems have to match data loads to tape, disk, Flash or optical systems, using in-line, near-line or even off-line architectures in the data center, on the cloud or in a colocation setting for real-time, short-term, medium-term or long-term archival purposes. And all of these situations must be built, managed and maintained under tight budgets and in ways that accommodate rapidly shifting data requirements.

...

http://www.itbusinessedge.com/blogs/infrastructure/enterprise-still-unclear-on-storage.html

El Niño refers to the periodic disruption to the normal climatological state over the central and east Pacific Ocean that causes widespread atmospheric changes across North and South America. This phenomenon, combined with recent climate changes, has caused this year’s El Niño to be one of the most disruptive on record. Areas like California and Missouri have already been experiencing the devastating effects of flooding caused by higher than average rainfall levels.

Recently, we sat down with Dr. Mike Gold from Weather Decision Technologies, Inc. (WDT) who helped shed some additional light on what exactly El Niño is, and what effects we can expect to see from this year’s event. Dr Gold is a senior scientist and forecaster for WDT, focused on providing long-term forecasting for high impact weather events, such as El Niño.

We also had the pleasure of speaking to Mike Gauthier, Senior Vice President of Enterprise Solutions for WDT. He gave us a short presentation on what tools are available to manage critical assets in both routine and severe weather events, including a use case involving the recent Oklahoma ice storms.

...

http://www.everbridge.com/el-nino-2015-16-whats-ahead-winter-weather-preparedness/

Energy consumption is perhaps the chief concern for data center operators, both in terms of cost and public image. A sensational headline at DatacenterDynamics highlights one perspective: “The truth is: data center power is out of control.” In the article, Peter Judge said, “The plain fact is that, no matter how efficiently we run them, data centers are expanding uncontrollably, and consuming increasing amounts of power. In fact, the efficiency improvements are contributing to the rapid growth.” He describes the effect of the Jevons paradox, which observes that efficiency increases with regard to consumption of a resource tend to increase—rather than decrease—demand for that resource.

Judge rightly notes that “there’s a very real way in which data center providers can’t be held responsible for ths [sic]. Data centers are just meeting a demand.” Effectively, it’s consumers of the services that data centers provide who are driving the increasing energy consumption. But even if data centers are increasing their consumption hand over fist, noting the larger energy picture is critical.

...

http://www.datacenterjournal.com/concerns-about-data-center-energy-consumption/

A lot of wholesale data center capacity was gobbled up last year and the bulk of it was leased by cloud providers and companies providing other popular web services.

Jim Kerrigan, managing principal at North American Data Centers, a data center-focused commercial real estate firm, said wholesale data center providers did a lot more business with cloud companies than they did in 2014. Cloud, he said, was one of the things responsible for 2015 being one of the best data center leasing years ever.

“I was surprised how much cloud has done last year,” he said. “Forty percent of those deals are cloud-based companies.”

...

http://www.datacenterknowledge.com/archives/2016/01/14/who-leased-the-most-data-center-space-in-2015/

PipelineDB announced the release of PipelineDB Enterprise today. The product is the first commercial version of the open-source product the company released last summer.

PipelineDB is built on a new way of looking at SQL databases, thinking about streams of data rather than data at rest in big silos, co-founder Derek Nelson explained.

He says the company made a big bet on this type of database and so far it appears to be working quite well. While they don’t have exact numbers, he pegs the number of installations in the low thousands with deployments running all day long in the low hundreds.

...

http://techcrunch.com/2016/01/14/pipelinedb-releases-first-enterprise-version-of-its-streaming-sql-database/

In his article for Security Week, Rafal Los asked an interesting question: Do you have a security policy for the Internet of Things (IoT) gadgets in your office?

We’re familiar with BYOD policies for our smartphones, tablets and laptops. Wouldn’t BYOD security policy cover IoT devices, which technically include smartphones and tablets? The difference, Los pointed out, is that many of our IoT devices are constantly connecting or streaming, and he asked:

How many things are showing up at the office this week that are an always-on conduit to your network from some external third party you really shouldn’t be trusting?

...

http://www.itbusinessedge.com/blogs/data-security/why-you-should-separate-your-iot-security-policy-from-byod-policies.html

(TNS) - A rare January hurricane formed Thursday in the Atlantic, the first one to form in that month in 78 years.

Hurricane Alex, with maximum sustained winds of 85 miles per hour, is projected to head almost straight north, a track that would pose no threat to the United States. At 11 a.m. Thursday, the storm was about 1,100 miles off the coast of Morocco, a position that put it closer to Africa than North America, according to the National Hurricane Center.

A hurricane warning was issued for the central Azores, a cluster of islands about 900 miles west of Portugal.

Alex formed six weeks after the end of the official hurricane season, a period from June 1 to Nov. 30 that sees the vast majority of hurricanes.

...

http://www.emergencymgmt.com/disaster/January-hurricane-forms-in-Atlantic-first-in-78-years.html

Friday, 15 January 2016 00:00

Silent Data Corruption, the Backup Killer

Data corruption is simply an unintentional change to a bit. An occasional bad bit or unrecoverable read error is unlikely to take down an application or render a restore useless. However, corrupted data is not uncommon.

When data corruption goes undetected, it becomes silent data corruption and is a high risk for applications. And when they creep into backup and remain undetected, you have a real data integrity and restore problem on your hands.

Hardware and software both introduce errors into the data path. On the hardware side, head failures, noisy data transfer, electronic problems, aging and wear can introduce bit errors. And with a nod to 1950s science fiction movies, cosmic rays can cause DRAM soft errors (memory bit flips.)

...

http://www.enterprisestorageforum.com/storage-management/silent-data-corruption-the-backup-killer.html

Many firms are dealing with the explosion of data, applications and new technology that are stretching IT infrastructure to its limits. According to recent reports, analysts expect to see continued growth in data center consolidation as data-centric companies seek efficiencies while mega-data centers continue to offer benefits of scale.

Data centers can enable customers to ‘right-size’ their environment, deliver enterprise-class DR solutions and provide trusted advisers with new IT solutions. Importantly, they can also support IT consolidation efforts.

Complementary actions, such as upgrading equipment and retrofitting sites, are top priorities for enterprise efficiency. Additionally, greater coordination and deployment of resources can include aligning facilities and IT teams’ processes.

...

http://www.cyrusone.com/blog/learn-how-data-center-consolidation-creates-efficient-use-of-it-assets/

If you’ve noticed a few more empty offices or cubicles than usual around your workplace, there may be a good reason. This week, the Center for Disease Control (CDC) reported elevated flu activity in several regions of the country. Flu season in the U.S. is about to peak.

Thankfully, it doesn’t appear a major epidemic is on the horizon. However, even localized outbreaks of the flu can be highly detrimental to an organization’s operations. Each year more than 111 million work days are lost due to the flu. This equates to approximately $7 billion per year in sick days and lost productivity, according to www.flu.gov. That number doesn’t even include other seasonal illnesses.

A number of measures can be taken by employers to reduce the business impact of illness. Most of these measures involve some form of persistent and effective communications with employees, suppliers, partners and other stakeholders.

...

http://blog.sendwordnow.com/flu-season-is-peaking-is-your-organization-prepared

Cyberattacks are now the greatest risk to doing business in North America, according to the just-released World Economic Forum’s (WEF) Global Risks Report 2016.

In North America, which includes the United States and Canada, cyberattacks and asset bubbles were considered among the top risks of doing business in the region.

The WEF noted that in the United States, the top risk is cyberattack, followed by data fraud or theft (the latter ranks 7th in Canada, which is why it scores 50 percent in the table below).

The risks related to the internet and cyber dependency are considered to be of highest concern for doing business in the wake of recent important attacks on companies, the WEF observed.

...

http://www.iii.org/insuranceindustryblog/?p=4320

Thursday, 14 January 2016 00:00

CDC: Global Health Security Agenda

The Plan for 2016: CDC and the President’s Global Health Security Agenda

2015 was a powerful reminder that a health threat anywhere is a health threat everywhere.  In 2016, CDC and partners are looking forward to continuing work on the President’s Global Health Security Agenda (GHSA), an initiative led by the Department of Health and Human Services.

In 2012, only 1 in 6 countries reported being fully prepared for disease outbreaks. As the Ebola epidemic in West Africa tragically demonstrated, it is often the countries with the fewest resources who are hit hardest by public health emergencies.  To better protect people everywhere, the United States has committed more than $1 billion over the next 5 years to help 30 countries better prepare for the health impacts of natural and man-made disasters.  More than half of this historic investment will focus on the continent of Africa to help prevent future outbreaks.

World map of pixels in gray and light gray

There are 30 GHSA countries: Bangladesh • Burkina Faso • Cameroon • Cambodia • Côte d’Ivoire • Democratic Republic of Congo • Ethiopia • Georgia • Ghana • Guinea • Haiti • India • Indonesia • Jordan • Kazakhstan • Kenya • Laos • Liberia • Mali • Mozambique • Pakistan • Peru • Rwanda • Senegal • Sierra Leone • Tanzania • Thailand • Uganda • Ukraine • Vietnam

Global Health Security Agenda Goals

The vision of GHSA is to stop disease outbreaks as quickly as possible.  Partners will work together to build a global network that can respond rapidly and effectively to disease outbreaks and help countries build their own capacity to prevent, detect, and respond to public health emergencies.

The GHSA focuses on accelerating progress toward a world safe from disease threats by supporting enhanced surveillance and biosecurity systems, immunization campaigns, and curtailing antimicrobial resistance. Establishing national laboratory and disease reporting systems will help detect threats early.  In addition to building epidemiologic and laboratory workforce capacity, GHSA also focuses on incident management system training and establishing emergency operations centers around the globe.

As President Obama said at the Global Health Security Agenda Summit in 2014, “We issued a challenge to ourselves and to all nations of the world to make concrete pledges towards three key goals:  prevent, detect, and respond.  We have to prevent outbreaks by reducing risks.  We need to detect threats immediately wherever they arise.  And we need to respond rapidly and effectively when we see something happening, so that we can save lives and avert even larger outbreaks.”

CDC’s Role in Global Health Security
CDC is improving preparedness and response internationally by building close relationships with ministries of health and other public health partners abroad to encourage public health and emergency management capacity building. The agency also provides GHSA countries with resources such as funds, administrative support, and dedicated personnel, including experts in emergency response, electronic surveillance systems, and specific health threats. CDC also links emergency response efforts to recovery efforts to ensure systems and processes that have been put in place for one response can be ready for the next public health emergency.

A person is giving another person a vaccine.

Ebola has reminded us that  to protect its citizens, each country should be equipped with a core set of public health capabilities to detect a threat when it emerges, respond rapidly and effectively, and prevent it wherever possible. All countries need to be prepared, since disease monitoring and emergency response begin at the local level.  Local responses will be quicker, more efficient, and more cost-effective than responding from a great distance. However, epidemics do not stay within borders and are not the problem of individual countries or regions. GHSA is an important step toward helping build capacity in other countries and ensuring that when national capacities are overwhelmed, the world moves immediately and decisively to contain the outbreak.

Three surveys provide data on the state of mobile development and security, and the news is not particularly heartening.

Perhaps the most interesting of the surveys is from Evans Data, which found that 56.7 percent of mobile developers follow security protocols set by their governments. The true nature of the result becomes more apparent when it is turned around: More than 40 percent don’t do what their governments tell them is the right thing.

The press release offered a vague but useful breakdown. In North America, 67 percent follow their governments. The percent in Asia was “only slightly less” but dropped to one-third in the combined Europe, Middle East and Africa (EMEA) category.

...

http://www.itbusinessedge.com/blogs/data-and-telecom/developers-not-walking-the-walk-on-mobile-app-security.html

What are some technical considerations for cloud-based vulnerability scanners? originally appeared on Quora: The best answer to any question.

Answer by Sai Ramanan, Corporate Information Security Lead at Quora, on Quora:

Vulnerability scanning is a stalwart practice of the Information Security community.

Vulnerability scanners help identify potential security weaknesses at scale; e.g. missing patches, default passwords, coding or configuration weaknesses. As part of security best practices or meeting compliance requirements (PCI, HIPAA, GLBA and NERC CIP, etc), when you decided to implement a vulnerability scanning solution in your datacenter and scan your servers in the Cloud, you have to submit a third-party scan request to your cloud provider and whitelist the IPs, which can be time-consuming. There are also pre-authorized vulnerability scanning products available in the AWS marketplace such as Tenable Nessus Enterprise for AWS and QualysGuard Virtual scanner appliances, which can scan your instances on demand. In this article, I’m going to focus some of the considerations to keep in mind specific to pre-authorized vulnerability scanning products on Amazon Web Services environments.

As with any security tool, automated vulnerability scanners also play a vital role in helping you understand, manage, and remediate the security risks that may exist in your environment. There are multiple vulnerability scanning products available for free trial from AWS marketplace – Tenable Nessus, QualysGuard Virtual scanner appliance, Acunetix, Alert Logic, etc. Having evaluated the first two products for Quora, I can tell you that the cloud vulnerability scanning products has their own challenges and architectural considerations need to be properly vetted. Let’s look at some of these:

...

http://www.forbes.com/sites/quora/2016/01/13/a-cyber-security-pro-shares-the-best-tricks-for-cloud-based-threat-scanning/#2715e4857a0b3d2799795f86

Have you ever looked at an IT security plan and wondered, “what’s wrong with this picture?” When words like “policy”, “procedure” and even “implementation” are prominent, but others like “user”, “training”, “performance” and “awareness” seem to be pushed into the background, there may be room for improvement. Unless your context is entirely “lights-out” and computer-driven (still rare even in this age), human beings will be an integral and fundamental factor in your IT security planning and management. And unless your context is completely on-premises without any connections to the cloud (increasingly rare), the days of the bolt-on, “bigger fence” are numbered.

...

http://www.opscentre.com.au/blog/it-security-and-the-end-of-ivory-towers-bolt-ons-and-bigger-fences/

Thursday, 14 January 2016 00:00

Key risk management issues for 2016

Chief risk officers (CRO) will need to keep close watch on a number of strategic, operational, and external risks this year, according to new research by KPMG LLP. Effective risk management and mitigation will be critical , since companies' strategies, business models, operations, reputations, and, ultimately, survival are on the line.   

"CROs today face an unprecedented number of new and emerging risks that can threaten corporate strategy if they are not identified quickly and managed properly," said Kelly Watson, National Service Group Leader for Risk Consulting at KPMG LLP.  "The CRO needs to lead an integrated, organization-wide risk management program that can turn potentially crippling risks into opportunities for innovation, cost reduction, improved compliance and competitive advantage." 

KPMG has identified seven key strategic, operational and external risk areas that should top CROs' risk management agendas this year:

...

http://www.continuitycentral.com/index.php/news/erm-news/805-key-risk-management-issues-for-2016

Correspondent banking could arguably be one of the most difficult business lines for AML (anti-money laundering) suspicious activity systems to monitor, but are there any opportunities for improvement and increased sophistication? The fundamental conundrum for compliance departments monitoring correspondent banking payment activity is that they must rely on the respondent bank’s AML policies, procedures, controls and technology systems to identify suspicious activity and to take appropriate steps to mitigate the risks, which could result in the respondent bank ending relationships with nefarious customers. In order to remain proactive, banks providing access to the U.S. financial markets via correspondent banking relationships should consider increasing the sophistication of how they detect suspicious activity based on what information is already contained in the wire payments and existing watch lists.

If, correspondent banks are monitoring their customers’ customers, then it requires several parsing algorithms to determine several key pieces of information such as:

  • Creating pseudo account numbers based on the originator and beneficiary names and addresses referenced in the wire payments.
  • Extracting country codes for the originator of the payments and, when available, for the beneficiary as well.

...

http://corporatecomplianceinsights.com/why-risk-rating-customers-is-problematic-for-correspondent-banks/

If you are a tech investor trying to follow the money right now, then the market can be very confusing in terms of deciding where to place your bets. If you are a tech job seeker thinking about a career change in 2016, then the market can be just as confusing when it comes to finding a position with the most upward mobility.

But if you properly separate out your view on the various sectors within tech, then it all becomes quite clear.

Personal computers (PCs) and software made for those machines were originally referred to as ‘tech’ - as in the ’tech industry’.  Tech broadened into information technology (IT) and more recently the cloud – or cloud computing. The internet and digital media are also called tech, along with all things mobile including smart phones and apps for those devices. Cybersecurity is a tech sector that was originally categorized within IT, but it has evolved to become relevant to the entire tech industry.

Here’s a fresh look at polar opposites in tech (in terms of growth) – the PC market and the cybersecurity market:

...

http://www.forbes.com/sites/stevemorgan/2016/01/14/pc-shipments-suffer-largest-decline-in-history-cybersecurity-to-add-100-billion-by-2020/#2715e4857a0bf1d5ed2640a8

Thursday, 14 January 2016 00:00

Big Data Goes Mainstream: What Now?

Now that big data initiatives are going mainstream in Fortune 1000 companies, CIOs and other C-level executives are targeting the next frontier -- how to transform all that information into products and services – according to a new report.

As we enter 2016, big data initiatives are becoming more the mainstream than cutting-edge, and many CIOs are now heading up efforts that go well beyond what they dreamed of implementing a decade ago.

Many organizations are still in transition as they look at the data they have, the data they want to add, the products and services they want to create with that data, and what infrastructure and tools they need to accomplish those goals, according to Randy Bean, CEO and managing director at NewVantage Partners, a management consulting firm that works with C-level executives at many financial services firms in the Fortune 1000.

"The past five years have been about big data," he told InformationWeek. "Organizations want to bring in new sources of data. They want to create new information-based products and services."

...

http://www.informationweek.com/big-data/big-data-analytics/big-data-goes-mainstream-what-now/d/d-id/1323874

Wednesday, 13 January 2016 00:00

Converging Your Way to a New Data Center

Vested interests in the IT industry have a lot riding on the hope that the enterprise will want to keep some of its infrastructure in-house rather than push everything onto the cloud as the decade unfolds. But this is only likely to happen if on-premises hardware is low-cost, highly scalable and maintains a tight footprint.

This is why so many designers are touting converged and hyper-converged infrastructure. By filling small, modular appliances with massive computing, storage and networking capabilities, converged solutions will offer an efficient means to support critical workloads without sending data beyond the corporate firewall.

Expect CI and HCI to take the lion’s share of the IT narrative in the coming year, says NetApp’s Lee Caswell. By breaking down the barriers between servers, storage and compute, convergence not only simplifies hardware infrastructure, but makes it easier to manage as well. Admins will finally be able to shake off the tedium of hardware integration and focus on the more productive aspects of software innovation. This is why 451 Research predicts that 40 percent of enterprises plan to increase spending on converged solutions in the coming year.

...

http://www.itbusinessedge.com/blogs/infrastructure/converging-your-way-to-a-new-data-center.html

After a rough year of cyberattacks and data breaches, the federal government is getting serious about protecting its sensitive information when in the hands of its contractors. As a result, contractors are being sent to the front lines of the fight.

Already, the Defense Department has imposed requirements to protect ""unclassified controlled technical information"," and it recently expanded these obligations via interim rules with immediate effect. The National Archives and Records Administration is about to complete its new regulation to better protect sensitive but unclassified federal information. The National Institute of Standards and Technology has issued new cyber protection standards intended for commercial companies. And the General Services Administration stands poised to issue new rules for schedule holders.

We are going to see new cyber protection requirements in many solicitations and contract modifications. And an unwary contractor might become a casualty when it certifies compliance, even implicitly, with "all IT security standards." For example, the second draft request for proposals for GSA's Alliant 2 subjects contractors to "all ordering activity IT security standards … and government wide laws or regulation applicable to the protection of government wide information security." How can a contractor certify before it knows what "sensitive data and information" will be part of the performance of a task order? Or even what all the standards will be? Yet if a contractor does not certify or impliedly certify, it may lose the chance to compete for award.

...

https://fcw.com/articles/2016/01/12/miller-oped-false-claims.aspx

Wednesday, 13 January 2016 00:00

Measurement: the next big resilience challenge?

Robin Gaddum looks at the ‘capabilities and capacity’ aspect of organizational resilience and explains why dynamic measurement is an essential requirement.

Resilience is a journey, not a destination. It is a dynamic characteristic because every organization is in a constant state of change, as are the environment in which it operates and its direct and indirect inter-dependencies with other organizations. An Organization may pursue resilience but may only be demonstrably resilient to a particular disruptive event at a moment in time.

So, how do you measure resilience? This is an important question. If you cannot measure its benefits, then making the business case for a resilience programme will be challenging. Quantifying return on investment (ROI) requires some form of measurement to show how the investment input results in valuable output. But how do you measure the unmeasurable?

...

http://www.continuitycentral.com/index.php/news/resilience-news/802-measurement-the-next-big-resilience-challenge

This month, we focus on data center design. We’ll look into design best practices, examine in depth some of the most interesting recent design trends, explore new ideas, and talk with leading data center design experts.

Groupon may be the future of merchant discounts, but it uses a mathematical problem solving method formulated in the 1930s to optimize the data center design that supports its popular service.

Linear Programming models are used to maximize specific outcomes given numerous variables. The word “linear” refers to linear relationships between the variables.

The approach is common in other industries, such as transportation, energy, and telecommunications, but it also applies well in data center design, the Groupon team found, since there are clearly desirable outcomes and lots of variables.

...

http://www.datacenterknowledge.com/archives/2016/01/13/linear-programming-helps-groupon-optimize-data-center-design/

(TNS) - As was the case in both 2014 and 2015, flood recovery will again dominate much of Boulder County government's work load this year, county commissioners said Tuesday.

"Even though flood recovery may no longer be at the forefront of the general public's mind, our staff continues to work tirelessly on this issue," Commissioner Cindy Domenico said.

Flood-related issues were just part of a package of topics that Domenico and Commissioners Elise Jones and Deb Gardner covered in their "State of the County" review of what they identified as Boulder County's accomplishments in 2015 — and what residents can expect from their county government in 2016.

...

http://www.emergencymgmt.com/disaster/Flood-recovery-to-again-dominate-Boulder-County-agenda-in-2016.html

With Director 7.7, you have the capability of configuring policies, rules and conditions that will alert you when the configured threshold has reached in your XenDesktop 7.7 environment. You can configure and manage proactive alerts and notifications either through the Director UI or using Powershell cmdlets.

In this post, we will take a look at how to configure, visualize your alerts, manage them, analyze their details and historically track alert trends.

...

https://www.citrix.com/blogs/2016/01/13/configuring-managing-alerts-and-notifications-using-director/

Wednesday, 13 January 2016 00:00

BCI: Cyber incidents rank as major new threats

Cyber incidents rank as major new threats

The risk landscape for businesses is substantially changing in 2016 according to a new report by Allianz Global Corporate and Specialty. While businesses are less concerned about the impact of traditional industrial risks such as natural catastrophes or fires, they are increasingly worried about the impact of other disruptive events such as cyber incidents.

According to the Allianz Risk Barometer, business and supply chain interruption (BI) remains the top risk for businesses globally for the fourth year in succession. However, many companies are concerned that BI losses, which usually result from property damage, will increasingly be driven by cyber attacks, technical failure or geo-political instability as new 'non-physical damage' causes of disruption.

The corporate risk landscape is changing as many industrial sectors are undergoing a fundamental transformation,” explains AGCS CEO Chris Fischer Hirs. “New technologies, increasing digitalization and the ‘Internet of Things’ are changing customer behaviour, industrial operations and business models, bringing a wealth of opportunities, but also raising awareness of the need for an enterprise-wide response to new challenges. As insurers we need to work together with our corporate clients to help them to address these new realities in a comprehensive manner.

An area of increasing concern for businesses globally are cyber incidents which not only include cyber crime or data breaches, but technical IT failures as well. Loss of reputation (69%) is the main cause of economic loss as result of a cyber incident followed by business interruption (60%) and liability claims after a data breach (52%). These three cyber incidents are also the top three concerns for business continuity professionals according to the Business Continuity Institute's latest Horizon Scan Report.

The top ten risks according to the Allianz Risk Barometer are:

  • Business interruption (incl. supply chain disruption)
  • Market developments (volatility, intensified competition, market stagnation)
  • Cyber incidents (cyber crime, data breaches, IT failures)
  • Natural catastrophes (storm, flood, earthquake)
  • Changes in legislation and regulation (economic sanctions, protectionism)
  • Macroeconomic developments (austerity programs, commodity price increase, inflation/deflation)
  • Loss of reputation or brand value
  • Fire, explosion
  • Political risks (war, terrorism, upheaval)
  • Theft, fraud and corruption

Do businesses understand the cloud and its benefits? Recent data indicates confusion and doubt are prevalent among many cloud adoptees. 

A May 2015 survey of 300 IT managers completed by West IP Communications showed that many businesses are divided on the inherent benefits and risks associated with the cloud.

The survey results included:

...

http://mspmentor.net/cloud-computing/3-common-cloud-misconceptions-and-how-clear-them-customers

AUSTIN, Texas – Disasters such as floods and tornadoes commonly result in the loss of important documents. While it can seem like a daunting task, the good news for Texans is that many official papers and vital records are relatively easy to replace.

Survivors of October’s severe storms, tornadoes, straight-line winds and flooding, who have registered and applied for federal disaster assistance, should keep their personal information updated with the Federal Emergency Management Agency (FEMA) throughout the recovery process. Supplying copies of important documentation is a necessary part of registering with FEMA. Applicants should share any change of address, telephone and bank account numbers and insurance information with FEMA to keep that information up to date.

Check the list below to find out where to obtain official copies of your lost or damaged documents.

SNAP Card (Food Stamps):
Phone: 800-777-7328
Website: https://www.hhsc.state.tx.us/providers/LoneStar/EBT/EBThowto.html

Green Cards:
Phone: 800-375-5283
Website: http://www.uscis.gov/green-card/after-green-card-granted/replace-green-card

Birth and death certificates:
Phone: 888-963-7111
Website: https://www.dshs.state.tx.us/vs/reqproc/default.shtm

Texas Driver License:
Phone: 512-424-2600
Website: https://www.txdps.state.tx.us/DriverLicense/replace.htm

Bank Checks, ATM/Debit Cards, or Safe Deposit Boxes:
Phone: 877-275-3342
Website: www.fdic.gov

Credit Cards: Contact the issuing institution:

Texans in the following counties may register for disaster assistance for damage or losses sustained during the period Oct. 22 to Oct. 31: Bastrop, Brazoria, Caldwell, Cameron, Comal, Galveston, Guadalupe, Hardin, Harris, Hays, Hidalgo, Liberty, Navarro, Travis, Willacy and Wilson.

Survivors can apply online at DisasterAssistance.gov or by phone (voice, 711 or relay service) at 800-621-3362. TTY users should call 800-462-7585. The toll-free lines are open 7 a.m. to 10 p.m. seven days a week. Multilingual operators are available.

For more information on Texas recovery, visit the disaster web page at www.fema.gov/disaster/4245, Twitter at https://www.twitter.com/femaregion6 and the Texas Division of Emergency Management website, https://www.txdps.state.tx.us/dem.

# # #

All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD).

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards. 

The SBA is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. SBA helps businesses of all sizes, private non-profit organizations, homeowners and renters fund repairs or rebuilding efforts and cover the cost of replacing lost or disaster-damaged personal property. These disaster loans cover losses not fully compensated by insurance or other recoveries and do not duplicate benefits of other agencies or organizations. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing disastercustomerservice@sba.gov, or visiting SBA’s website at www.sba.gov/disaster. Deaf and hard-of-hearing individuals may call 800-877-8339.

Visit www.fema.gov/texas-disaster-mitigation for publications and reference material on rebuilding and repairing safer and stronger.

(TNS) - Gov. Rick Snyder on Tuesday night activated the Michigan National Guard to assist with the ongoing crisis of the lead contamination of Flint's drinking water.

"As we work to ensure that all Flint residents have access to clean and safe drinking water, we are providing them with the direct assistance they need in order to stretch our resources further," Snyder said in a news release late Tuesday.

"The Michigan National Guard is trained and ready to assist the citizens of Flint."

Members of the National Guard are expected to staff fire stations and distribute bottles of water and water filters, freeing members of the American Red Cross to handle the door-to-door distribution of those items, Snyder Chief of Staff Jarrod Agen said. There were no immediate plans to use tanker trucks to distribute water, he said.

...

http://www.emergencymgmt.com/health/Snyder-activates-National-Guard-to-help-in-Flint.html

Nitin Donde is CEO of Talena, Inc.

To succeed in today’s data-rich and data-centric world, companies are building new, high-value applications on top of NoSQL, Hadoop and other modern data platforms. According to IDC, the big data market will reach $48 billion by 2019. At the same time DevOps processes are rapidly penetrating the Global 2000, impacting the very companies that are adopting these new data platforms. These teams and their processes are now responsible for managing data infrastructures that are orders of magnitude larger than anything companies have dealt with previously. As a result, big data, DevOps and data management are rapidly intersecting, and the speed at which groups are expected to support this new world order and launch new applications raises a new set of challenges, considerations and questions, including:

  1. How do data management principles change in the world of Big Data?
  2. How can agility and security co-exist in modern data environments?

Let’s address each of these issues in more detail.

...

http://www.datacenterknowledge.com/archives/2016/01/13/colliding-complementary-worlds-devops-big-data-data-management/

Data volumes have been on a dramatic upswing since the decade began and are about to rise even faster now that Big Data and the Internet of Things are ramping up. So it would seem that enterprises of all sizes should be scrambling to boost their storage capacity, and yet the market is largely flat.

What’s going on here? Is storage infrastructure becoming so efficient that organizations are really doing more with less? Or are workloads already porting to the cloud in such great amounts that commodity platforms are supplanting high-cost on-premises deployments?

There is probably a little bit of truth to both notions, but many other factors are affecting the storage industry right now. Chief among them is the plethora of storage media in the channel that makes it hard to gauge exactly what is happening with storage in general. Gartner, for instance, notes that solid state storage and traditional hard disk are on pace to cross each other in 2017; that is, Flash is growing by about 20 percent per year while HD is at 4 percent. By mid-2017 or so, Flash will start to exceed hard disk in terms of revenue. Meanwhile, shipments of sub-1TB capacity are at the lowest level since 2012, which is counterintuitive considering that, while speed is important in modern architectures, raw capacity should also be growing to accommodate increasing volumes.

...

http://www.itbusinessedge.com/blogs/infrastructure/big-data-is-almost-here-so-why-is-storage-demand-lagging.html

By Talkin’ Cloud

2016 could provide many growth opportunities for cloud services providers. Here’s why:

1. Total Cloud Infrastructure Spending Could Grow

International Data Corp predicted total spending on cloud IT infrastructure (server, storage and Ethernet switch, excluding double counting between server and storage) would grow by 24.1 percent to $32.6 billion in 2015. In addition, IDC noted it expected cloud IT infrastructure spending to expand at a compound annual growth rate (CAGR) of 15.1 percent through 2019.

2. Cloud Security Will Remain a Top Priority

Cloud application security provider Elastica recently found that the cost of exposed data in software-as-a-service (SaaS) may total up to $13.85 million per incident. However, CSPs can resolve security issues for businesses, ensuring these companies can protect their sensitive data that is stored in the cloud at all times.

...

http://www.datacenterknowledge.com/archives/2016/01/13/seven-reasons-to-feel-good-about-cloud-services-in-2016/

Muda. It’s the Japanese word for waste and the enemy in modern supply chain management and manufacturing. Since the 1980s, lean thinking has revolutionized the way businesses operate by seeking to eliminate muda and free capital held in wasteful assets—that is, assets that do not add value to the overall process (e.g. excess inventory or underutilized equipment). Lean thinking is important and helps businesses to improve their processes and their bottom lines. It does however beg one key question that risk managers and business continuity professionals must ask: “how lean is too lean?” Wantonly cutting out all perceived muda to save money can actually have the opposite effect down the road. Organizations with global supply chains inherit significant risk due to the potential impact associated with a supply chain disruption.  In some cases, a disruption could threaten an organization’s ability to continue business or require large amounts of capital to recover. Organizations must fully examine their processes and supply chains to identify risk and make informed decisions on how lean is too lean.

This perspective—the third in the Risky Business Series—leverages a case study of the recent west coast dock worker strike to demonstrate the inherit risk of a supply chain that is too lean due to a virtual monopoly. This article also revisits evaluation and mitigation strategies from the first two Risky Business perspectives that organizations can use to reduce risk to an acceptable level.

...

http://perspectives.avalution.com/2016/risky-business-part-3-a-supply-chain-continuity-case-study/

Sticking to the rules of business continuity

Why do we have business continuity management programmes? Is it because we want to make sure our organizations are able to respond to a disruption? Probably yes! It is common sense that we would want to be prepared for any future crisis.

In some cases however, it is also because there is a legal obligation to do so. Many organizations are tightly regulated depending on what sector they are in or the country they are based, and therefore must have plans in place to deal with certain situations. Furthermore, the rules and regulations that govern us are often being revised, and sometimes it can be difficult to keep up with which ones are applicable.

There is a solution however. The Business Continuity Institute has published what it believes to be the most comprehensive list of legislation, regulations, standards and guidelines in the field of business continuity management. This list was put together based on information provided by the members of the Institute from all across the world. Some of the items may not relate directly to BCM, and should not be interpreted as being specifically designed for the industry, but rather they contain sections that could be useful to a BCM professional.

The ‘BCM Legislations, Regulations, Standards and Good Practice’ document breaks the list down by country and for each entry provides a brief summary of what the regulation entails, which industries it applies to, what the legal status of it is, who has authority for it and, of course, a link to the full document itself.

The BCI has done its best to check the validity of these details but takes no responsibility for their accuracy and currency at any particular time or in any particular circumstances.

A new year brings new resolutions—commitments to achieve certain goals or make specific improvements.  While it’s certainly a good time for pledging to lose those few extra pounds, it’s also a great time to make resolutions for improving your business continuity communications. Maybe your mass notification program could use an improved diet and more exercise in 2016?

Feeding Your Emergency Communications System

A successful notification program starts with “feeding” the service with the right data. Accurate, up-to-date contact information is essential for effective enterprise alerting. Consider these tips for improving your notification system’s data diet:

...

http://blog.sendwordnow.com/new-year-new-resolutions-for-mass-notification

Nearly four-fold increase in computing capacity to innovate U.S. forecasting in 2016

 

NOAA’s Weather and Climate Operational Supercomputer System is now running at record speed, with the capacity to process and analyze earth observations at quadrillions of calculations per second to support weather, water and climate forecast models. This investment to advance the field of meteorology and improve global forecasts secures the U.S. reputation as a world leader in atmospheric and water prediction sciences and services.

The computers — called Luna and Surge — are located at computing centers in Reston, Virginia and Orlando, Florida. They are now running at 2.89 petaflops each for a new total of 5.78 petaflops of operational computing capacity, up from 776 teraflops of processing power last year.

“This significant investment in our operational supercomputers equips us to handle the tidal wave of data that new observing platforms will generate and allows us to push our science and operations into exciting new territory, said Kathryn Sullivan, Ph.D., NOAA’s administrator. “The faster runs and better spatial and temporal resolution that Luna and Surge provide will allow NOAA to improve our environmental intelligence dramatically, giving the public faster and better predictions of weather, water and climate change. This enhanced environmental intelligence is vital to supporting the nation’s physical safety and economic security.”

Sullivan said the ultimate goal of investment in operational and research supercomputing capacity is to build resilient communities in the United States by arming people with reliable environmental intelligence to make good decisions, as NOAA works to build a Weather-Ready Nation.

The increase in supercomputing strength will allow NOAA to roll out a series operational model upgrades throughout 2016. For example:

  • Upgrades to the High Resolution Rapid Refresh Model (HRRR) will help meteorologists predict the amount, timing and type of precipitation in winter storms and the timing location and structure severe thunderstorms.
  • Implementation of the Weather Research and Forecasting Hydrologic Modeling System (WRF-Hydro) will expand the National Weather Service’s current water quantity forecasts at 3,600 locations to forecasts of flow, soil moisture, snow water equivalent, evapotranspiration, runoff and other parameters for 2.67 million river and stream locations across the country, representing a 700-fold increase in spatial density. This new information, provided nationally at the neighborhood scale, will enable forecasters to more accurately predict droughts and floods, and better support water resources decisions.
  • Upgrades to the Hurricane Weather Research and Forecasting Model (HWRF) will mark the first time NOAA models have had direct connections between the air, ocean and waves to improve forecasts of hurricane tracks and intensity. This upgrade will increase the number of storms NOAA can forecast for at any given time to 8.

The increase in supercomputing capacity comes via a $44.5 million investment using NOAA's operational high performance computing contract with IBM, $25 million of which was provided through the Disaster Relief Appropriations Act of 2013 related to the consequences of Hurricane Sandy. Cray Inc., headquartered in Seattle, serves as a subcontractor for IBM providing the new systems to NOAA.

NOAA’s mission is to understand and predict changes in the Earth's environment, from the depths of the ocean to the surface of the sun, and to conserve and manage our coastal and marine resources. Join us on FacebookTwitterInstagram and our other social media channels.

Business continuity priorities don’t come much bigger than having a properly functioning supply chain. Whether an organisation is in the private or the public sector, supply chains have to work without interruption, profitably and to the satisfaction of end-customers. Over time, observations and experience have helped put together the following list of tips for BC management of this critical part of all companies. As we progress through 2016, here’s what to look out for.

...

http://www.opscentre.com.au/blog/7-business-continuity-tips-for-keeping-supply-chains-working-well-in-2016/

Tuesday, 12 January 2016 00:00

Revive Your PC or Mac with an SSD

SSD hard drive technology is extremely fast in terms of reading data. It can either optimise a PC that is usually dedicated to video games with premium features, such as 4K or 3D, or revitalise an old PC or Mac. Most importantly, the computer can be adapted to accommodate a standard 3.5″ desktop or a 2.5″ laptop hard drive.

What is the procedure to be followed?

Changing a hard drive requires several steps. It can be done by yourself or by a professional. There are several things you should know before having a go at this task, in particular, including software that allows copying from one hard drive to another if you want to keep your regular working environment. In addition, you may need more specific software if you intend to copy a Macintosh hard drive (a PC can copy Macintosh hard drives) because the purpose of the drive-to-drive copy is that the software knows how to copy correctly the so-called partitions.

In the case of Macintosh, these are partitions of the HFS+ type, while Windows partitions are of the NTFS type. Generally, it is best to have a desktop PC running Windows (7, 8 or 10) to perform the operation because you may actually use the original PC drive to work with the copying software. This is then used to copy to the replacement drive or to copy the laptop drive to the SSD that will replace it.

...

http://blog.krollontrack.co.uk/top-tips/revive-your-pc-or-mac-with-an-ssd/

Organizations are moving past the hype and into actual value when it comes to big data and analytics implementation, according to a new survey by CompTIA. But challenges remain, including a skills gap and the struggle to wrangle the growing quantity of data generated.

Companies are moving to the next stage with big data -- past the hype and into broader adoption. But new challenges are on the horizon, such as how to master all that data. Those are a couple of several key findings in a recent Computing Technology Industry Association (CompTIA) study.

The industry organization surveyed 402 IT professionals for the report released in December and found that 72% of respondents said big data projects had exceeded their expectations, and about 75% said their businesses would be stronger if they could harness all of their data.

...

http://www.informationweek.com/big-data/big-data-analytics/big-data-moves-from-hype-to-reality-comptia-finds-/d/d-id/1323816

Tuesday, 12 January 2016 00:00

The Hybrid IT Mash-up

Matt Gerber is CEO of Digital Fortress

Love it or hate it, hybrid IT is here in force and it’s here to stay. The global market for hybrid cloud computing is estimated to grow from $25.28 billion in 2014 to $84.67 billion in 2019, according to a 2015 study published by Markets & Markets. Nearly half (48 percent) of enterprise respondents say they will adopt hybrid cloud systems and services in the near future.

Public cloud purists don’t like the idea of companies taking a steppingstone approach to cloud adoption; yet the reality is, many large companies are not ready to make a wholesale change. Compliance and regulatory requirements may stand in the way, or, they have invested too much money in on-premise systems that are still business-critical and don’t transition easily to the cloud. Hybrid cloud is, for many companies, a wonderful blend of the old and the new, offering a highly practical and manageable approach to innovation. You can maintain your highly customized, workhorse ERP system inside your own data center, while adding new agile customer-facing apps to the cloud.

...

http://www.datacenterknowledge.com/archives/2016/01/12/the-hybrid-it-mash-up/

One of the first use cases that most organizations have for the cloud involves some form of data protection. Rather than invest in a massive amount of infrastructure to house data that will be rarely accessed, many organizations prefer to take advantage of low-cost cloud services.

With that in mind, Quantum Corp. today extended its support for AWS with the release of Q-Cloud Protect, a virtual data deduplication appliance that serves to reduce the amount of data that organizations host on AWS. As a monthly service, Eric Bassier, director of product marketing for Quantum, says that unless AWS is actively managed, the amount of data on the cloud service can grow rapidly. Over time, the cost of hosting that data on AWS grows as well. Q-Cloud Protect is designed to reduce the amount of data on AWS by working with other data protection software from Quantum on AWS to identify data that is duplicated, says Bassier.

Bassier notes that over an extended period of time, storing data on AWS and other public clouds can wind up being more expensive than hosting it locally. For that reason, many organizations prefer to archive data in a public cloud, while using data protection software to store a copy of their more recent and important data locally. That hybrid cloud approach frequently eliminates the need to access data in AWS in all but the most dire of disaster recovery scenarios, says Bassier. That’s critical because while storing data in AWS is relatively inexpensive, accessing that data remotely over the network is an expensive proposition. More challenging still, the amount of time it can take to pull data down from the cloud probably exceeds most organizations’ recovery time objectives.

...

http://www.itbusinessedge.com/blogs/it-unmasked/quantum-hosts-virtual-data-duplication-software-on-aws.html

The city of Sacramento, Calif., is at the center of a video warning presumably posted by the hacker group Anonymous regarding an anti-camping ordinance aimed at the homeless Jan. 6.

In the roughly three-minute video, shown below, a masked figure claiming to represent the group said the city would face the “formidable talents” of its hackers unless the ordinance disallowing camping in public spaces was reconsidered.

Though the reported cases of Anonymous targeting local governments are relatively few, cities and counties nationwide have experienced similar threats over the last few years: In November of 2013, a Missouri town was singled out for the way it handled the rape investigation of two teenage girls; in December of 2014, the city of Fort Lauderdale, Fla.’s website was targeted due to laws passed around homeless behavior; and in mid-May of 2015, the Hancock County, Miss., Department of Human Services was included among threats made by the group as it pushed for reform in child protection agencies and family courts.

...

http://www.govtech.com/security/Anonymous-Hacker-Group-Threatens-Sacramento-Calif-for-Anti-Camping-Ordinance.html

(TNS) - The unique topography of southern W.Va. has dictated a somewhat steady regime of flooding events.

In Logan County, the confluences of streams from Island Creek, Copperas Fork and Mud Fork into the Guyandotte River as well as myriad other streams and waterways have presented a constant challenge for residents.

Over the last year, fema.gov reports there were five disaster declarations in W.Va., and three of the five included flooding-related events in Logan County.

In response to continued problem in Logan County, local and state governments have addressed the issue with mitigation projects at Garrets Fork, Island Creek, Deskins Addition and Copperas Fork.

...

http://www.emergencymgmt.com/disaster/Flood-insurance-on-the-rise-Examining-skyrocketing-rates.html

(TNS) - The federal government's disaster relief agency has sent three officials to assist Michigan with the Flint drinking water crisis at the state's request, but Gov. Rick Snyder has not yet requested federal financial aid in connection with the ongoing public health emergency, a Michigan State Police spokeswoman said Saturday.

Rafael Lemaitre, director of public affairs for the Federal Emergency Management Agency in Washington, D.C., said on Twitter on Friday that FEMA has deployed two liaison officers to the Michigan Emergency Operations Center to provide technical assistance. A third FEMA liaison officer arrived Saturday, a state police official said.

Capt. Chris Kelenske, deputy director of emergency management and homeland security for the state police, asked FEMA on Wednesday to send the officials "to provide support if we have any questions" about the emergency response process, MSP spokeswoman Nicole Lisabeth told the Free Press on Saturday.

...

http://www.emergencymgmt.com/health/FEMA-sends-officials-to-help-with-Flint-water-crisis.html

(TNS) - With their own muscle and help from platoons of volunteers, victims of the recent flood spent much of last week hauling soggy debris out of their homes.

Hopes for quickly repairing their lives hinge on two questions: Did they have flood insurance, and did they have enough of it?

Joe Nelson didn’t. His little wood-frame home in Eureka had 20 inches of water in the first floor. When the water went down, he called his insurance company. “They said there was nothing they could do for me,” he said.

Nelson rents the house from his 97-year-old grandfather. Nelson had a renters insurance policy, but standard policies don’t cover flood damage. To get coverage, renters must buy a separate policy.

...

http://www.emergencymgmt.com/disaster/Some-flood-victims-didnt-have-insurance-some-didnt-have-enough.html

(TNS) - Lori Lawrence said she was standing in the hallway of her home near Central and Hillside on Wednesday night when the bedroom door started rattling. It was, she said, the sixth earthquake she’s felt in the past two years.

Friends filled up her Facebook feed with comments about the latest quake, which was actually two back-to-back quakes, the largest of which had a magnitude of 4.8.

It was intense enough that the city of Wichita, for the first time, sent out a team to examine whether any of its infrastructure had been affected by an earthquake. Reports had already been coming in about three water lines that had burst around the time of the quake. After a day of inspections, a few more potential cracks had turned up, including one at a wastewater treatment plant.

...

http://www.emergencymgmt.com/disaster/With-great-uncertainty-geologists-try-to-predict-the-chance-of-a-big-quake-striking-Kansas.html

For years, cyber security has been the province of IT specialist and technicians. Those days are long gone. If you ask a Board of Directors to identify a company’s most significant risk – cyber security is tops.

That is no big surprise. When you consider the consequences of a cyber intrusion or a more likely breach, companies suffer serious reputational and financial harm. Directors, senior executives and compliance officers should be concerned about cyber security.

But what is the role of the Chief Compliance Officer in cyber security risk management?

A CCO is not the sole owner, or even the most significant owner, of cyber security risk management. The Chief information Security Officer (CISOs) owns the risk. However, the CCO should be a strategic partner to the cyber security risk management program.

...

http://blog.volkovlaw.com/2016/01/cyber-security-compliance-role-cco/

Monday, 11 January 2016 00:00

5 Steps To Good Social Media Governance

“How can compliance officers meet the challenge of building good governance in a world where new communications are consistently emerging?” asked Melissa Callison, Global Marketing and Corporate Affairs Compliance Executive of Bank of America during a recent event. Callison joined other financial services compliance professionals on a panel to discuss how to enable the business to use social media and other new forms of communications while meeting the regulatory requirements for communications with public.

In the end, it boils down to five key steps:

Clarify Everything

Callison said the first step is to define the entire social media program. Clarify the channels that you plan to use. Discover which entity of the business wants to use social media and why. Various job functions and activities within your firm may be regulated differently, so you need to know exactly who will be using social media so you may set employee use polices that comply with various rules and regulations. Build those policies by bringing the key stakeholders into the conversation to identify and mitigate risks together. These could include representatives from the business, sales, marketing, investor relations, compliance, risk, HR, Data, Security, Privacy and IT. Callison concluded by saying “good governance is really good social.”

...

http://corporatecomplianceinsights.com/5-steps-to-good-social-media-governance/

Monday, 11 January 2016 00:00

Who May Buy Verizon’s Data Centers?

While officially Verizon remains quiet about the alleged auction for its massive data center portfolio, the report that it is looking to offload some $2.5 billion worth of data centers isn’t far-fetched.

Other telecoms too have realized they aren’t prepared to spend as much as they learned was necessary to grow a data center business and stay competitive. This is generally considered a good time to sell, and at least some of the data centers in Verizon’s portfolio are highly valuable from a strategic point of view. There are plenty of companies that could benefit from taking them over, given that the price is right.

...

http://www.datacenterknowledge.com/archives/2016/01/11/who-may-buy-verizons-data-centers/

(TNS) - The ranking member on the congressional committee overseeing the American Red Cross wants answers to how the organization's West Virginia chapter responded to several natural disasters in the state.

A letter, sent by Rep. Bennie Thompson, D-Miss., presses the organization's CEO Gail McGovern on how layoffs and cutbacks have affected its ability to respond to disasters. Thompson, the second-highest member sitting on the House's Homeland Security Committee, specifically asked about the effects on West Virginia and California.

Heavy criticism is aimed at the organization's national office in Washington, D.C., as McGovern leads the Red Cross through unprecedented cuts in both services and manpower while focusing more attention on fundraising. As a result, local emergency officials, not-for-profits and people closely associated with the regional chapter said services have declined drastically.

...

http://www.emergencymgmt.com/disaster/Congress-asks-Red-Cross-about-WVa-responses.html

Monday, 11 January 2016 00:00

Avnet CIO: Put Business At The Center Of IT

As an IT and electronics distributor, Avnet is in a unique position to view the trends driving the technology industry. It's also in the position of implementing those trends itself, including cloud computing and customer self-service. Here's how CIO Steve Phillips aligns IT with business at Avnet.

The giant tech distribution companies that serve as conduits between technology buyers and sellers are uniquely suited to observe trends in the IT space. Distributor Avnet's vantage point offers a particularly broad view, because it serves not only the IT market -- its Technology Solutions market -- which is in the midst of a big transformation to digital business, but also the Electronics Marketing business, serving the component market, which has gained more visibility with the rise of the Internet of Things (IoT).

And Avnet is not simply witnessing the transformation of the tech market, it's experiencing it, too.

Avnet CIO Steve Phillips, who also serves as a member of the InformationWeek Editorial Advisory Board, is driving that transformation within the distribution company by aligning his IT organization with the goals of the overall business. It's not a job he started yesterday, either. He's been in the role for 10 years at this $27.9 billion company, which has 19,000 employees in 90 countries.

...

http://www.informationweek.com/avnet-cio-put-business-at-the-center-of-it/d/d-id/1323793

The National Capital Region (NCR), a collection of 18 sovereign jurisdictions including DC and parts of Maryland and Virginia, is responsible for promoting a safe environment for over five million residents. Equally important, NCR needs to communicate securely and effectively to their resident-base during both emergencies and non-emergency events.

After 10 years with the same notification system, NCR was looking for additional technology.  They turned to Sulayman Brown of Fairfax County for help. Sulayman, who is the Assistant Coordinator for the Fairfax County Office of Emergency Management, led the team charged with identifying and implementing a technology that could facilitate communication within and between jurisdictions.

We recently sat down with Sulayman who took us through the selection and implementation process and then described the system usage, not only for Fairfax County but for NCR as a whole.  Sulayman detailed the challenges the team faced throughout the entirety of the project, as well as the lessons learned.

...

http://www.everbridge.com/video-qa-with-national-capital-region-everbridge-for-emergency-management/

Defining your data via data discovery and classification is the foundation for data security strategy. The idea that you must understand what data you have, where it is, and if it is sensitive data or not is one that makes sense at a conceptual level. The challenge, as usual, is with execution. Too often, data classification is reduced to an academic exercise rather than a practical implementation. The basics aren’t necessarily simple, and the existing tools and capabilities for data classification continue to evolve.* Still, there are several best practices that can help to put you on the road to success:

...

http://blogs.forrester.com/heidi_shey/16-01-11-how_do_you_set_your_company_up_for_success_with_data_classification

Time Warner Cable (TWC) has reported the email addresses and passwords of up to 320,000 of its customers may have been compromised.

And, as a result, TWC tops this week's list of IT security newsmakers to watch, followed by Uber, WhatsApp and the Internal Revenue Service (IRS).

What can managed service providers (MSPs) and their customers learn from these IT security newsmakers? Check out this week's edition of IT security stories to watch to find out:

...

http://mspmentor.net/managed-security-services/it-security-stories-watch-was-twc-customer-data-stolen

Andres Rodriguez is CEO of Nasuni.

Two seemingly incompatible forces have collided in the enterprise over the past few years. The standard approach to storing and protecting files has come into direct conflict with the employee’s demand for mobile access to data. Employees want their files no matter where they are or what device they happen to be using. And they have proven that they’ll do anything to get those files, even if it means circumventing IT departments and all their carefully constructed security and enterprise controls.

So, how should enterprises extend employees the mobile access they demand without sacrificing performance and access for control, security and compliance? Most providers have approached this problem from one of two directions – consumer file sharing or enterprise storage.

...

http://www.datacenterknowledge.com/archives/2016/01/11/struggle-extend-enterprise-grade-mobile-access-files/

The flooding  in the UK during Christmas of 2015 has been truly saddening. Many people losing homes, livelihoods and irreplaceable mementoes. While the political world points fingers at one another they seem to forget that people, like you and I are caught up in all of this. Worst of all storm Frank is moving in as I write this on the 29th of December 2015. This is expected to bring more heavy rain and with that, more flooding. With the water courses already at capacity it is a prediction that will most likely come true.

On the 29th I was finally able to catch up with a few of my friends from the affected areas to get their thoughts on how they were coping and if I could offer help. First and foremost I’m happy to say everyone is well and safe.

The overwhelming message I received was that no one knew what was going on. There was no communication to tell people to evacuate. Or areas that were given a risk level in the morning, were revised later in the day and the residents didn’t get the updated message. For example, an area deemed as low risk just outside of Blackburn unexpectedly flooded. This left a young man with health issues marooned in his home with no idea what to do. “We were told it was safe and nothing more, we did not know what to do when the river burst its banks”. This is a story that is repeating its self over and over again.

...

http://www.everbridge.com/how-community-engagement-can-help-in-a-flood/

Friday, 08 January 2016 00:00

Why Working Sets May Be Working Against You

Lack of visibility into how information is being used can be extremely problematic in any data center, resulting in poor application performance, excessive operational costs, and over-investment in infrastructure hardware and software.

One of the biggest mysteries in modern day data centers is the “working set,” which refers to the amount of data that a process or workflow uses in a given time period. Many administrators find it hard to define, let alone understand and measure how working sets impact data center operations.

Virtualization helps by providing an ideal control plane for visibility into working set behavior, but hypervisors tend to present data in ways that can be easily misinterpreted, which can actually create more problems than are solved.

...

http://www.datacenterknowledge.com/archives/2016/01/07/working-sets-may-working/

Friday, 08 January 2016 00:00

Data Security Needs To Improve

2015 was very much the year when the media woke up to the potential damage that data theft can bring for consumers and businesses.

The most covered hack was the Ashley Madison hack, where 32 million users had their details stolen. This was more than simply their credit card numbers and addresses, as it included extremely personal aspects such as fetishes and what they were looking for in a partner. When the hacker's demands were not met and the information was made public, the damage went far beyond financial loss - there have been reports of divorces, loss of reputations and at least two reports of suicides.

Ashley Madison may have been the most high profile leak, but the larger and potentially more serious hacks at Anthem saw 80 million people having their records stolen from the medical insurer. Although the number of people affected was astronomical, arguably the most serious was Carphone Warehouse, where 2.7 million customer had their personal details and credit card information leaked.

These kinds of hacks are not only happening at irresponsible companies. The Office Of Personnel Management had a significant breach, and according to Reuters - 'said data stolen from its computer networks included Social Security numbers and other sensitive information on 21.5 million people who have undergone background checks for security clearances.' This is perhaps some of the most personal and important data that can be stolen, potentially leaking the (remove) information of some of the most important and powerful people in the US.

...

https://channels.theinnovationenterprise.com/articles/data-security-needs-to-improve

In recent hearings on Capitol Hill, Congress pushed the Small Business Administration (SBA) for its cybersecurity failings. Lawmakers claim that SBA isn’t following recommendations made by the Government Accountability Office to put more emphasis on cybersecurity. As the House Small Business Committee reported:

Until SBA fully implements all of the required IT management initiatives, the agency cannot provide reasonable assurance that its IT investments are cost-effective, meet agency goals, or are effectively managed.

I understand the concern. After all, look at the fallout from the Office of Personnel Management (OPM) breach. Victims of that breach go well beyond government employees and contractors. (One of my holiday “gifts” was the formal letter from OPM telling me that my personal information was compromised, but I’m not a government employee or contractor. However, my personal information was required as part of someone else’s background check. You see how these breaches can spread well beyond the anticipated borders.) We also know that government agencies overall aren’t doing a good enough job with cybersecurity from multiple breaches over the past couple of years. So no, it doesn’t make sense that the SBA isn’t doing enough to meet standards set in September – unless there are budget issues, which seems to be the primary stumbling block for so many organizations.

...

http://www.itbusinessedge.com/blogs/data-security/small-business-administration-failing-at-cybersecurity-just-like-small-businesses.html

(TNS) -- Virginia Beach could soon be up in the air.

The city is considering buying drones to help find missing children, respond to disasters and locate distressed boaters.

The Police Department as well as others in the city would be able to use the devices, Deputy Chief Tony Zucaro said Tuesday during a presentation to council members .

Drones might be new technology for the area, Zucaro said, but many cities already use them.

By the end of 2013, the Federal Aviation Administration had approved 550 applications to fly drones, according to the agency’s website.

...

http://www.emergencymgmt.com/safety/Virginia-Beach-Drones.html

FEMA Releases Severe El Nino Disaster Response Plan For California, Arizona, Nevada
Combined Federal, State task force to meet today at Governor’s Office of Emergency Services

SACRAMENTO, Calif. --  The FEMA Region 9 office, in Oakland, CA has established an El Niño task force charged with preparing the regional office and its partners for the impacts of El Niño.  Today, the FEMA Region 9 Office released its Severe El Nino Disaster Response plan and will convene a regional interagency steering committee meeting in Northern California to exercise the plan.

The task force has evaluated the core capabilities needed to prepare for, respond to, recover from and mitigate against any El Niño related incident that occurs across the office’s area of responsibility. The task force has developed an Executive Decision Support Guide, or response plan, and an interactive flood decision support tool to enhance the regional office’s ability to respond to potential El Niño flood events during the winter of 2015-2016. The plan seeks to align actionable decision points that provide critical information that leaders need to make informed decisions by determining the hazard level potentially impacting lives, public health, safety, property, and critical infrastructure.

The objectives of the task force developed in the plan:

  • Establish actionable processes and procedures to identify the location, potential impacts, and probability of occurrence of natural hazards
  • Identify key at-risk populations, critical facilities and natural/cultural resources
  • Identify gaps in core capabilities needed to overcome the threat
  • Develop key messages to motivate partners to prepare and act

The task force consists of subject matter experts from the FEMA Region 9 office as well as other federal, state, local, tribal and community partners.

"California is at risk for many types of disasters,” said Mark Ghilarducci, Director of the Governor’s Office of Emergency Services.  “These joint exercises with our partners allow us to prepare for and respond to emergencies.”

“Utilizing a ‘whole community’ approach to emergency management reinforces the fact that FEMA is only one part of our nation’s emergency management team,” said Bob Fenton, FEMA Region 9 Administrator. “The exercise gives us an opportunity to learn from each other, and from the experts in the areas where solutions will come from.”

“There aren’t many types of disasters capable of impacting all Arizonans, but a strong El Niño could cause flooding, evacuations and power outages anywhere (and everywhere) in the state,” said Arizona Department of Emergency and Military Affairs Deputy Director Wendy Smith-Reeve. “It takes a team effort to plan for, respond to and recover from the kinds of widespread consequences being talked about, which is why we’re invested in the education and training of and outreach to the whole community.”

FEMA recognizes that a government-centric approach to emergency management is not adequate to meet the challenges posed by a catastrophic incident.  Utilizing a “whole community” approach to emergency management reinforces that FEMA is only one part of our nation’s emergency management team.

The El Nino task force has focused on interpreting data in areas of California, Arizona and Nevada that have proved historically vulnerable in order to develop risk projections of current El Niño events.  It is through this assessment the task force seeks to determine the critical decision points needed by senior leaders during all phases of an incident from pre-incident, incident onset, through response and recovery.

Today, the FEMA Region 9 Office will participate in a Rehearsal of Concept (ROC) exercise with its disaster response partners to exercise the response plan and its flood decision support tools.  During this exercise, participants will identify issues, gaps and shortfalls that will be incorporated to enhance the plan’s utility.  The task force will leverage best available data from predictive modeling and other analytical tools to keep senior decision makers informed throughout potential El Niño events.  The efforts undertaking by the task force during the ROC will enable the FEMA Region 9 Office, its partners and ultimately the disaster survivor to make intelligent decisions for any El Niño related event.

Friday, 08 January 2016 00:00

Big Data Is Now Key To Company Success

The manner in which businesses compete with one another and engage their customer bases has changed. While the global economy presents some unique opportunities for small to mid-sized businesses to thrive, the competition in most of these industries is at an exceptionally high level, meaning that businesses have to constantly work to maintain a competitive edge, while remaining focused on providing the optimal experience for their customers. Big data has taken on a major role in the process of equipping and preparing a business to compete, as well as providing the information that will ensure that they are able to effectively engage their customer base. Big data has become the new competitive advantage.

The Importance of Guarding Innate Vulnerabilities

The comprehensive nature of big data allows companies to guard themselves in areas of weakness. In the past, it was significantly more difficult for businesses to predict the movement and behavior of their competitors but through big data they can level the playing field by providing a wealth of data to project behavior. Large pools of data can be compiled to create a predictive system that can identify patterns allowing businesses to make better decisions.

...

https://channels.theinnovationenterprise.com/articles/eye-in-the-sky-how-data-can-protect-your-enterprise

As the first of this year’s El Niño storms hits California, the state’s biggest city has launched a map to keep citizens up to date and help guide them to resources they might need in case of flooding.

The City of Los Angeles Information Technology Agency’s “El Niño Watch” website shows users a map of the county, including a layer showing rainfall severity and pins that show where residents can find sandbags, shelter, hardware stores and other resources. The map also lets users know the status of power outages and shows traffic alerts.

According to The Los Angeles Times, Tuesday's storm is already causing some flooding around the city.

The application runs in Google Maps, allowing users to plug in directions to pins on the map into smartphones.

...

http://www.emergencymgmt.com/disaster/El-Nino-Map.html

The architecture of data centers and network infrastructure is undergoing a major transformation driven by mobility and accelerated by the Internet of Things. At a macro level, rather than seeing the need for 50 servers in one data center in the middle of nowhere, we are seeking out servers in 50 data centers very close to the edge.

The advancements in technology and platforms, as well as advancements in the broadband infrastructure, is also contributing to this transition. With more broadband networks being deployed and computing platforms advancing, pricepoints for outsourcing are decreasing. The fact that outsourcing eliminates the need to staff multiple environments makes it an even more attractive option.

The requirements in the smaller markets are similar to those in Tier-1 markets. For a third-party data center provider, it’s a very capital-intensive business. There has been so much demand, focus and investments in Tier-1 markets that Tier-2 or smaller markets are largely ignored. However, you’re going to start seeing a shift in focus into these smaller markets.

...

http://www.datacenterknowledge.com/archives/2016/01/06/small-data-center-markets-bracing-for-big-change/

Each week over 1 million people move into a city. Never before have the requirements for protecting citizens, property and infrastructure been more pressing. Sophisticated, applied technology can yield insights that shorten the cycle from incident to resolution. This infographic highlights several surprising statistics about topics ranging from weather forecasting to the average cost of crime.

Key Data Points

  • $9.6 billion in lost sales, jobs and investment in Mexico, due to urban crime and violence
  • 38% of security leaders, worldwide, believe a cyber attack will soon damage national infrastructure
  • $3257.20 The average cost of crime per US taxpayer
  • $300 billion in annual average global economic loss from natural disasters
  • $10 billion in estimated costs from cyclone Haiyan in the Phillippines
  • 9 of 10 public emergency calls in Nairobi go unanswered

...

http://www.emergencymgmt.com/safety/Using-Analytics-to-Keep-the-World-Safer-Infographic.html

Thursday, 07 January 2016 00:00

CyberSecurity Trends for 2016

Cyber-security continued to be a key area of concern and struggle among organizations of all sizes in 2015, and, to no one’s surprise, cyber security related activities are going to most definitely affect many in 2016.
From its presence in the board room to political campaigns, cybersecurity related activities will continue to dominate tech news and trends in 2016. Organization leaders and the IT teams they oversee should continue to dedicate time to better understanding cybersecurity risks and solutions in the year ahead.
With the cybersecurity landscape constantly evolving, security and preparedness requirements and protection solutions must remain constantly vigilant and ready to match, if not anticipate, the cyber-attacker’s next moves.

 

By Ben J. Carnevale, Managing Editor

An emergency management plan is a course of action developed to mitigate the damage of potential events that could endanger an organization’s ability to function.

And, if your organization’s disaster preparedness team has had a difficult time getting the attention of upper management to support and fund your recommended initiation, evaluation and implementation of that plan …. then you might well have encountered a normalcy bias behavior from upper management.

For example, if that upper management team in the situation expressed above does not really believe that disasters may not be as much of a threat to the organization than your team does, then management may well be assuming that its current state of preparedness is just fine.

More Californians Preparing For Severe El Nino Flood Risk:  Residents Purchase 28,000 New Flood Insurance Policies in California
28,084 New National Flood Insurance Program Policies Purchased in California since August

OAKLAND, Calif. – The Federal Emergency Management Agency (FEMA) today released new data on

National Flood Insurance Program (NFIP) Policies, showing an increase of more than 20,000 new NFIP Policies written in California during the month of November 2015.

There is a 30 – 90 day waiting period for new policies to be reported to FEMA and the latest available data, released today, shows an increase of 28,084 new flood insurance policies purchased in California from August 31 – November 30, 2015.

“Flooding is the most costly and devastating disaster we face as a nation,” said FEMA Region 9 Administrator Robert Fenton.  “The major increase in flood policies show Californians are taking the threat seriously and taking powerful steps to protect their families and property.  Those who may need and not have a flood policy should act today, as policies generally take 30 days to go into effect.”  

The 12% increase is the first of its kind in recent history.  The previous reporting period showed that policies increased 3% from August 31 to October 31.  During that timeframe, 7,181 new federal flood insurance policies were written in California.   

“We are encouraged by the number of Californians that are becoming financially prepared for the flooding that is expected from El Nino,” said Janet Ruiz, California Representative for the Insurance Information Institute.   “It is crucial to protect our families and homes by preparing for catastrophes ahead of time.”

FEMA administers the National Flood Insurance Program (NFIP) and works closely with more than 80 private insurance companies to offer flood insurance to homeowners, renters, and business owners.  In order to qualify for flood insurance, the home or business must be in a community that has joined the NFIP and agreed to enforce sound floodplain management standards.

Flooding can happen anywhere, but certain areas are especially prone to serious flooding.   Many areas in California are at increased flood risk from El Niño, as a direct result of wildfires and drought.

  • Residents should be aware of a couple things:
    • You can’t get flood insurance at the last minute. In most cases, it takes 30 days for a new flood insurance policy to go into effect. So get your policy now.
    • Only Flood Insurance Covers Flood Damage. Most standard homeowner’s policies do not cover flood damage.
    • Get all the coverage you need.  Your agent can walk you through the policy.
  • Know your flood risk.  Visit FloodSmart.gov (or call 1-800-427-2419) to learn more about individual flood risk, explore coverage options and to find an agent in your area.
  • Flood insurance covers flood, but there are other affects from flooding that may apply to you.   Damage from mudflows is covered by flood insurance; damage from landslides and other earth movements is not.   Speak to your agent.

NFIP is a federal program and offers flood insurance which can be purchased through private property and casualty insurance agents.  Rates are set nationally and do not differ from company to company or agent to agent.  These rates depend on many factors, which include the date and type of construction of your home, along with your building's level of risk.

FEMA’s Region 9 office in Oakland, CA has established an El Niño Task Force and is working with the California Office of Emergency Services with the mission of preparing the Region and its partners for the impact of El Niño.  The task force is evaluating the core capabilities needed to protect against, mitigate, respond to, and recover from any flooding that occurs across the region this winter.  Last month, the FEMA Region 9 Office released its Draft Severe El Nino Disaster Response plan and convened a regional interagency steering committee meeting in Northern California to exercise the plan.

FEMA recognizes that a government-centric approach to emergency management is not adequate to meet the challenges posed by a catastrophic incident.  Utilizing a “whole community” approach to emergency management reinforces that FEMA is only one part of our nation’s emergency management team.

Visit Ready.gov for more preparedness tips and information and follow FEMARegion9 on Twitter.

Corporate policies on anything from safety to ethical sourcing are all about rules. Do this; don’t do that! Often created from the experience of everything that went wrong in the past, policies can soon turn into large, unwieldy documents. IT security also has its rules, some of them born of common sense, others of past problems. These rules for checking attribution of user access rights, encrypting data volumes and similar precautions, can easily mount into the hundreds. Some cloud services vendors now make rules-based management services part of their offering to customers, but with a key advantage that sets them apart from those other chunky policy documents that managers must cope with.

...

http://www.opscentre.com.au/blog/the-rise-of-rule-based-security-in-cloud-computing/

A broad ensemble of very rare, but extremely high impact, events have the potential to cause wide-area devastation. However, they are normally ignored in contingency plans, being written off as too unlikely, or too difficult to prepare for. This attitude, while understandable, adds to the risk as, although rare, these events will occur at some point: and it is as likely to be this year or this decade as it is to be hundreds of years into the future.

A report published last year looked in detail at the risks of such extreme events and made proposals for preparations that could be made to increase the chance of community and organizational survival.

Extreme Geohazards: Reducing the Disaster Risk and Increasing Resilience’ was a joint initiative by the European Science Foundation (ESF), the Group on Earth Observations (GEO) and the Geohazard Community of Practice (GHCP). It addresses several types of geohazards, but puts special emphasis on the impending risk of catastrophic effects on populations and infrastructures should our growing and increasingly interconnected modern society be exposed to a very large volcanic eruption. The paper highlights the urgency of establishing an effective dialogue with a large community of stakeholders in order to develop robust risk management, disaster risk reduction, resilience, and sustainability plans in the coming years and decades.

...

http://www.continuitycentral.com/index.php/news/resilience-news/789-a-new-year-s-resolution-stop-ignoring-rare-high-impact-events

Wednesday, 06 January 2016 00:00

Cabling solutions for tomorrow’s data center

As they become increasingly vital to the functioning of global societies and economies, the way in which data centers and networks are designed and used is changing rapidly.  The role of data centers has changed significantly in recent years. The data center is no longer a repository of huge volumes of information, but helps make all kinds of services possible. This has been triggered by a wide range of developments: the rise of ‘Big Data’, the Internet of Things, new ways of (remote) working and the rise of portable computing devices like tablets and smartphones.

Computing devices are increasingly equipped with communication capabilities. According to research firm Gartner, the Internet of Things will encompass 26 billion interconnected devices by 2020. By that time, Smart Buildings and Smart Cities will also be generating vast amounts of data. All this will lead to further changes and demands placed on data center networks and structured cabling.

...

http://www.datacenterjournal.com/cabling-for-tomorrows-dc-technology/

Wednesday, 06 January 2016 00:00

The Next Energy Challenge of Computing

Computing always seems to be facing an energy crisis.

In the 1940s, mainframes were powered by power-hungry (and fragile) vacuum tubes. If you tried to make a Google data center out of early supercomputers like the ENIAC, it would consume as much energy as all of Manhattan.

Back in the ’90s and early 2000s, chip designers warned that chips could begin to emit the same amount of heat—for their size—as rocket nozzles or nuclear power plants, a trend that was stemmed with the advent of multithreaded and multicore devices.

...

http://www.datacenterknowledge.com/archives/2016/01/05/the-next-energy-challenge-of-computing/

Just two months ago I wrote about how the Internet of Things will fundamentally reshape the future of cyber warfare, evolving the cyber threat from simple website defacements, denial of service attacks, and data breaches, to affecting the physical world. Two weeks ago an hours-long power outage in Ukraine may have offered a preview of this new world as hackers were claimed to have disabled a portion of the nation’s power grid.

On the evening of December 23rd, power was lost across multiple cities in Ivano-Frankivs’ka oblast in Western Ukraine, leaving nearly half the region in the dark for almost six hours. While it has not yet been proven that a cyber attack was responsible for the outage, key related malware was found on the computer systems of the affected power company. More troubling, the malware in question not only had the capability to create a remote backdoor that would have allowed power to be cut off, but also included tools designed to permanently delete files and disable the hard drives of the industrial control computer systems.

Just last year was the first confirmed case of physical damage to a non-military target being caused by a cyber attack, when a German steel mill was “massively” damaged. The US Government is among many racing to develop offensive “lethal” cyber weapons designed to “trigger a nuclear plant meltdown; open a dam above a populated area, causing destruction; or disable air traffic control services, resulting in airplane crashes.”

...

http://www.forbes.com/sites/kalevleetaru/2016/01/05/the-first-cyber-battle-of-the-internet-of-things-era-may-have-just-happened/

(TNS) - On the evening of April 25, 1994, Ellen Clark looked out the window of her Lancaster office and saw the sky had turned to a strange hue of green and gold.

“Somebody’s going to get a tornado tonight,” she said.

She was right. Eighteen minutes after she left her office, the building, along with the rest of Lancaster’s historic town square, was flattened by a tornado that left three dead and damaged about 700 homes and buildings.

It was one of the deadliest tornado outbreaks in recent North Texas history, before the storms last month that swept across Garland and Rowlett, killing 11 and causing an estimated $1.2 billion in damage.

...

http://www.emergencymgmt.com/disaster/Texas-city-knows-what-takes-to-rebuild-after-a-tornado.html

(TNS) - Monett and the railroad have a long history together.

Founded in 1887, the town was named after Henry Monett, a passenger agent for the New York Central and Hudson River Railroad Co.

It was laid out at the junction of what was then the St. Louis-San Francisco Railway Co. and a southbound branch, but apparently without much concern about Kelly Creek, which flows just north of the present railroad tracks.

That creek has been an ongoing source of trouble for Monett.

...

http://www.emergencymgmt.com/disaster/Historic-Monett-downtown-has-grappled-with-flooding-for-more-than-a-century.html

The rise of digital has revolutionized how business work and serve their customers, but it has also added new dimensions of risk for financial services firms.  Five out of every six large companies – those with more than 2,500 employees – were attacked in 2014, a 40% increase over the previous year.  The costs of digital attacks are also increasing; the average annual cost per company of successful cyber-attacks increased to $20.8 million in financial services last year.  And many incidents go undetected for long periods of time, so the true scale of the problem is even greater.

Faced with these growing threats, banks, insurers and capital markets firms are strengthening their defenses.  But the attackers are nimble and adapt quickly to new countermeasures.  Some criminals are already inside the walls of the organization and cannot be stopped by traditional means.

Financial services firms need not only to bolster their defenses, but make themselves more resilient.  That means being better able to detect and contain cyber security breaches, to recover from them more quickly, and to maintain business continuity while suffering less operational, reputational and financial damage.

...

http://www.forbes.com/sites/steveculp/2016/01/05/cyber-defenses-should-emphasize-resilience-as-well-as-protection/

Wednesday, 06 January 2016 00:00

Big Data Is Needed For Our New Urban Landscape

The concept of smart cities has been around for a while. The basis of it is simple - through using technology and data you can create a better, more sustainable urban environment.

According to the World Health Organisation, 54% of the global population live in urban areas, with the biggest growth shown in developing countries. The rate of growth is profound given that in 1960 only 34% of the global population lived in urban areas. These increases are unlikely to abate any time soon as they are predicted to be 1.84% per year between 2015 and 2020, 1.63% per year between 2020 and 2025, and 1.44% per year between 2025 and 2030.

With this kind of growth in urban areas, the pressure on almost every aspect of urban infrastructure will be significantly increased; however, through the development of so-called ’smart cities', dealing with this pressure will be much easier. The success of this transformation will generally fall to innovative data initiatives - below we have outlined some of the key areas where it will have the biggest impact.

...

https://channels.theinnovationenterprise.com/articles/big-data-is-needed-for-our-new-urban-landscape

HIPAA Secure Messaging Not Widely Adopted at Healthcare Institutions

It is a widely known fact in the healthcare industry that communication about protected health information (PHI) is not to be transmitted via unsecured devices. However, a recent study conducted by Infinite Convergence Solutions, Inc. found that 92 percent of healthcare institutions are not using HIPAA secure messaging.

“We are seeing a rapid adoption of mobile messaging in healthcare as the industry looks to work faster, improve patient care and reduce wasteful spending,” said Anurag Lal, CEO of Infinite Convergence Solutions. “The problem is that many healthcare institutions are not aware that the messaging apps and services are popular for daily personal use do not follow the administrative, physical and technical safeguards that HIPAA requires.”

...

http://www.everbridge.com/report-hipaa-secure-messaging-not-used-in-92-of-healthcare-institutions/

Wednesday, 06 January 2016 00:00

Web-Scale Storage: It’s Not All About Size

Bigger and faster. Those two words will be the running theme for storage infrastructure in the coming years as the enterprise steps up to the demands of Big Data, collaboration and other advancing initiatives.

But even though these two goals are relatively clear-cut, determining exactly how they are to be accomplished is still in limbo, with the biggest question remaining: Where should the bulk of storage infrastructure reside, at home or in the public cloud?

The ramifications of these decisions are already playing out in the vendor community in the form of continued consolidation. Following the much publicized merger between Dell and EMC late last year, NetApp announced an $870 million purchase of Flash developer SolidFire. Not only does this bring a scale-out, all-Flash array into NetApp’s portfolio, it also provides advanced data management and software-defined storage capabilities that will allow the company to compete more firmly for the highly dynamic data architectures that are taking hold in the enterprise and in the cloud. NetApp is already targeting web-scale applications like Hadoop and the rising tide of Dev/Ops functions that are poised to remake IT architecture.

...

http://www.itbusinessedge.com/blogs/infrastructure/web-scale-storage-its-not-all-about-size.html

Wednesday, 06 January 2016 00:00

Oil, Gas, Big Data and Big Changes

As gas prices have been falling steadily, many might begin to wonder if it's just the season, or if there's more going on with the man behind the curtain. And in fact, there is. As we see gas and oil prices plummet it's not just because the summer and fall traveling seasons are over. Instead, it's because gas and oil companies are beginning to turn to big data to help save on costs and get the most efficiency out of the oil infrastructure.

The term 'big data,' when applied to the oil and gas industry, describes large quantities of data coupled with increasing diversity and rate. Collecting and analyzing huge quantities of data rely on VSAT services to store and scrutinize the result. VSAT (Very Small Aperture Terminal) is an acronym for a satellite based communications system that is utilized for business. Because the large oil and gas corporations must determine where to drill new wells and avoid environmental concerns simultaneously, they are beginning to rely more on massive amounts of data to avoid risk and increase profits.

...

https://channels.theinnovationenterprise.com/articles/oil-gas-big-data-and-big-changes

Switch, operator of the massive SuperNap data center campus in Las Vegas, has signed its second solar power purchase agreement, which will ensure all of its Nevada data centers are fully powered by renewable energy.

The company announced last year an agreement to buy energy generated by a 100 MW solar farm in southern Nevada and made a commitment to powering its data centers 100 percent with renewable energy, as it became one of the first two data center providers to join the White House-driven climate pledge for the private sector. Switch signed the second PPA, for energy from an 80 MW solar project that’s also being built in southern Nevada, in December.

The company doesn’t disclose how much power its data centers consume. However, according to Adam Kramer, executive VP at Switch, the 180 MW in capacity it has contracted for will be enough to offset consumption of its existing Las Vegas campus as well as the new one it is building near Reno, Nevada, where the anchor tenant will be eBay.

...

http://www.datacenterknowledge.com/archives/2016/01/05/switch-contracts-for-solar-power-for-its-entire-data-center-footprint/

Apple has filed for approval to build another massive data center campus adjacent to the existing Apple data center site in Reno, Nevada, local officials told the Reno Gazette Journal.

Codenamed “Project Huckleberry,” the plans call for a new shell with multiple data center clusters and a support building. Its design is similar to the company’s existing campus at Reno Technology Park, called Project Mills.

Mills isn’t fully built out yet, and when it is, it will consist of 14 buildings, totaling more than 400,000 square feet.

Apple applied for a permit to build a new 50 MW electrical substation at the site last year to support its growth in Reno. The campus is currently being served by a 15 MW feed from the utility NV Energy, according to the Gazette Journal.

...

http://www.datacenterknowledge.com/archives/2016/01/05/apple-doubling-down-on-data-center-construction-in-reno/

By: Kathryn Landis

Don’t get caught winging it! Follow these tips for a safe and healthy winter.

As the temperatures get colder, make sure you know how to stay warm. Wear warm winter clothes and plenty of extra layers, and listen for radio or television reports of travel advisories issued by the National Weather Service.

Play it Safe Outdoors  

Penguin sliding on ice

Unfortunately, we don’t have downy penguin coats to keep warm. When going outside, do not leave areas of the skin exposed to the cold. Learn to recognize the symptoms of hypothermia and frostbite.

When exposed to cold temperatures, your body begins to lose heat faster than it can be produced. Prolonged exposure to cold will eventually use up your body’s stored energy. The result is hypothermia, or abnormally low body temperature. Body temperature that is too low affects the brain, making the victim unable to think clearly or move well. This makes hypothermia particularly dangerous because a person may not know it is happening and won’t be able to do anything about it. Victims of hypothermia are often elderly people with inadequate food, clothing, or heating, babies sleeping in cold bedrooms, and people who remain outdoors for long period.

Warnings signs of hypothermia include shivering, exhaustion, confusion, fumbling hands, memory loss, slurred speech, and drowsiness. If you notice any of these signs, take the person’s temperature. If it is below 95°, the situation is an emergency—get medical attention immediately.

Visit CDC’s Outdoor Safety page for more information

Driving in a Winter Wonderland

Driving in severe winter weather can be dangerous and lead to accidents. Be sure to prepare a winter emergency kit for your car.  Include blankets, a flashlight, a shovel, an ice scraper, water and snacks, and a first aid kit. Make sure your car is serviced and has a full gas tank before a storm. Consider signing up for an all-weather driving course in your area to practice winter driving skills, and know what to do if you ever become stranded in your car.

penguin huddle

Stay Warm and Save $$$

Huddling is great, but may not be enough to keep you warm when winter weather hits. Learn how to prepare your home for winter weather and save on your electricity and heating bills. Insulating walls and attics, and putting weather-strips on doors and windows keeps heat inside and maximizes warmth.

Handle Heating Equipment Safely

When you need to warm up, take proper precautions and review instructions before handling heating equipment and fires. Have your heating system serviced by a qualified technician every year. Make sure fireplaces, wood stoves, and other combustion heaters are properly vented to the outside. Never leave children unattended near a space heater. Learn more by reading CDC’s Indoor Safety Guide.

Don’t Forget Your (Other) Furry Friends

walk like a penguin

If you have pets, make sure to bring them indoors. If you cannot bring them inside, provide adequate shelter to keep them warm and make sure they have access to unfrozen water.

Stay Chill around Ice

Walking on ice is dangerous and can cause serious falls on driveways, steps, and porches. Use rock salt or sand to melt the ice on driveways and sidewalks.If walking on ice can’t be avoided, walk like a penguin! Bend your back slightly and point your feet out – this increases your center of gravity. Stay flat-footed and take small steps or even shuffle for more stability. Keep your arms out to your sides to help balance.

Support Each Other

Holding Hands Penguins

Although it’s best to not leave the nest when severe winter weather hits, maintain your support network by checking in with family, friends and neighbors. Your neighbors might need extra help before and after a winter storm, so check in to make sure everyone is okay and has adequate heat. Use CDC’s PSAs and Podcasts to help spread winter preparedness messages. We’re all in this together!

Know how to prepare your ‘nest’ for upcoming winter weather using CDC’s Winter Weather Checklists.

Communities weighing choices for capital improvement projects intended to improve their resilience to severe weather, wildfires, earthquakes, or other types of hazards now have a new guide to help them sort through the costs and benefits of each when deciding which investment is best for their particular circumstances.

Prepared by US National Institute of Standards and Technology (NIST) economists, the ‘Community Resilience Economic Decision Guide for Buildings and Infrastructure Systems’ details steps for evaluating the economic ramifications of contemplated resilience investments as well as the option of maintaining the status quo.

NIST's Community Resilience Planning Guide for Buildings and Infrastructure Systems lays out a six-step process to help communities improve their resilience by setting priorities and allocating resources to manage risks for their prevailing hazards. The new economic guide focuses on step four, plan development.

To download the Community Resilience Economic Decision Guide for Buildings and Infrastructure Systems, go to: http://dx.doi.org/10.6028/NIST.SP.1197

Wednesday, 06 January 2016 00:00

The top issues for cyber security in 2016

Imperva has made five predictions for what the main 2016 information security trends will be. The predictions come from an analysis of the data collected by its products in installations around the world, as well as from working closely with over 3,500 customers from across many verticals. 

The 2016 predictions are:

...

http://www.continuitycentral.com/index.php/news/technology/788-2016-cyber-security-predictions-2

The data loss

An American producer of construction materials received a big surprise when he opened a virtual tape library and noticed that the Commvault Media Agent database file was corrupted and all of the content was gone. The virtual tapes and the files stored in the Media Server were still intact, but they were not accessible via the Commvault Media Agent. The data storage solution of the client consisted of the Commvault Server and the Media Agent under the Commcell management system. Commvault Simpana 9 was the tool of choice for backup and archiving.

Initial attempts proved futile

Specialists from the Commvault support tried to retrieve the missing files from the volume of the Media Agent, which was located on a Dell MD 1200 storage system, using the Commvault Explorer Tools. But their effort to get the data this way proved to be unsuccessful. More than 3,500 virtual tapes and 25 tape sets were initially lost and because of that more than 230 million data were no longer accessible. In this situation, the Commvault specialists turned on Kroll Ontrack for help.

...

http://blog.krollontrack.co.uk/survival-stories/commvault-database/

Wednesday, 06 January 2016 00:00

Data Center Design: Which Standards to Follow?

The data center is a dedicated space were your firm houses it’s most important information and relies on it being safe and accessible. Best practices ensure that you are doing everything possible to keep it that way.

Best practices mean different things to different people and organizations. This series of articles will focus on the major best practices applicable across all types of data centers, including enterprise, colocation, and internet facilities. We will review codes, design standards, and operational standards. We will discuss best practices with respect to facility conceptual design, space planning, building construction, and physical security, as well as mechanical, electrical, plumbing, and fire protection. Facility operations, maintenance, and procedures will be the final topics for the series.

Following appropriate codes and standards would seem to be an obvious direction when designing new or upgrading an existing data center. Data center design and infrastructure standards can range from national codes (required), like those of the NFPA, local codes (required), like the New York State Energy Conservation Construction Code, and performance standards like the Uptime Institute’s Tier Standard (optional). Green certifications, such as LEED, Green Globes, and Energy Star are also considered optional.

...

http://www.datacenterknowledge.com/archives/2016/01/06/data-center-design-which-standards-to-follow/

What do chief information officers (CIOs) and IT managers expect from a managed service provider after a sale is completed?

A new survey from JDL Technologies, a Fort Lauderdale, Florida-based MSP, highlighted customer expectations for MSPs after the sale. 

JDL Technologies found 52 percent of CIOs and IT managers cited responsiveness as their top expectation after a sale is completed, and 49 percent named the ability to resolve issues quickly as a major priority.

...

http://mspmentor.net/managed-services/what-do-cios-it-managers-expect-msp-after-sale

Two texts. That’s all it takes to avoid potential stomach pains in Evanston, Ill.

Or at least, that was the goal behind an endeavor that pairs the city’s restaurant inspection scores on Yelp with text message alerts for diners. When the SMS program launched early in 2015 it was a quiet release. In fact, Erika Storlie, Evanston’s deputy manager, described the undertaking as more of a four-month side project than anything else.

The city had just completed a project with Yelp to feed restaurant inspection scores to the review site and wanted to investigate joining the scores with its 311 non-emergency texting app. The problem was, Evanston’s 311 app required a person on the other end to retrieve or record data and submit replies.

...

http://www.govtech.com/health/Texting-Helps-in-Fight-Against-Foodborne-Illnesses-in-Evanston-Ill.html

Tuesday, 05 January 2016 00:00

Manufacturing Vs. IT: Mind The Gap

If businesses have been automating factories since the Carter administration, why is manufacturing the last acceptable data silo in so many companies? And when will that change?

Until recently, absorbing the factory floor into the enterprise has been too expensive and complex for all but the biggest companies.

Assuming the hardware (primarily sensors) and software needed to gather, disseminate and analyze manufacturing data continues to evolve at the current pace -- a safe assessment -- the mainstreaming of manufacturing integration should occur in less than a decade.

...

http://www.informationweek.com/iot/manufacturing-vs-it-mind-the-gap/d/d-id/1323744

Tuesday, 05 January 2016 00:00

Cloud Services are Eating the World

Shlomo Kramer is the Co-Founder and CEO of Cato Networks.

The cloud revolution is impacting the technology sector. You can clearly see it in the business results of companies like HP and IBM. For sure, legacy technology providers are embracing the cloud. They are transforming their businesses from building and running on-premise infrastructures to delivering cloud-based services. The harsh reality is that this is a destructive transformation. For every dollar that exits legacy environments, only a fraction comes back through cloud services. This is the great promise of the cloud – maximizing economies of scale, efficient resource utilization and smart sharing of scarce capabilities.

It is just the latest phase of the destructive force that technology applies to all parts of our economy. Traditionally, technology vendors touted benefits such as personnel efficiencies and operational savings as part of the justification for purchasing new technologies – a politically correct way to refer to fewer people, offices and the support systems around them. This has now inevitably impacted the technology vendors themselves. Early indicators were abundant: Salesforce.com has displaced Siebel systems, reducing the need for costly and customized implementations; and Amazon AWS is increasingly displacing physical servers, reducing the need for processors, cabinets, cabling, power and cooling.

...

http://www.datacenterknowledge.com/archives/2016/01/04/cloud-services-eating-world/

Toyota, the world’s largest automaker, is planning to build a data center specifically to collect and analyze data from cars equipped with a new type of Data Communication Module, an upcoming feature that will enable the company’s next-generation connected-vehicle framework, which will transmit data over cellular networks.

“To build the IT infrastructure needed to support this significant expansion of vehicle data processing, the company will create a Toyota Big Data Center (TBDC) in the Toyota Smart Center,” the company said in a statement. “TBDC will analyze and process data collected by DCM, and use it to deploy services under high-level information security and privacy controls.”

Connected cars are one of the new quickly growing sources of data expected to drive growth in demand for data transmission, storage, and processing capacity, collectively referred to as the Internet of Things.

...

http://www.datacenterknowledge.com/archives/2016/01/04/toyota-to-build-data-center-for-connected-car-data/

Emergency response, information technology, and healthcare communications are three scenarios in which notification systems play a critical role. Recent disasters have demonstrated the benefits of crowdsourcing during response efforts, so notification systems are leveraging this responsiveness through two-way communication technology that can both disseminate and receive information.

The critical communications world continues to evolve, resulting in users taking a closer look at their existing notification systems to determine whether they remain effective tools for communicating crucial information. However, before these systems can be assessed, it is important to first understand a few of the ways these tools are being utilized, the challenges faced within each use case, and how, as we look forward to 2016, these hurdles can be overcome.

...

http://www.everbridge.com/overcoming-emergency-notification-challenges-in-2016/

Barrels of apples can go bad, both literally and figuratively, because of just one rotten apple. The rot spreads from one apple to another until the whole barrel is infected. Not so long ago (in 2014), experts from security company ESET discovered 25,000 servers infected with malware, some of these servers being grouped together in a network and infected together. The common factor was the installation of the Linux/Ebury malware, allowing login information to be harvested and communicated to the attackers that installed the malware. According to the experts, attackers needed to compromise just one server to then gain easy access to others in the same network. But was this one bad apple – or the whole lot?

...

http://www.opscentre.com.au/blog/it-security-one-rotten-apple-and-a-whole-bad-barrel/

The Business Continuity Institute’s North America business continuity and resilience awards will take place on March 15, 2016, at DRJ Spring World 2016 in Orlando, Fla.

Entries are now open and this year’s categories include:

  • Continuity and Resilience Consultant 2016
  • Continuity and Resilience Professional (Private Sector) 2016
  • Continuity and Resilience Professional (Public Sector) 2016
  • Most Effective Recovery 2016
  • Continuity and Resilience Newcomer 2016
  • Continuity and Resilience Team 2016
  • Continuity and Resilience Provider (Service/Product) 2016
  • Continuity and Resilience Innovation 2016
  • Industry Personality 2016

The deadline for entries is February 14th 2016.

To enter, click here.

Tuesday, 05 January 2016 00:00

A new approach to business continuity…

Mel Gosling explains why he believes that business continuity needs a new way forward, and why the traditional business continuity plan no longer works for today’s organizations.

There is a growing body of business continuity practitioners that believe that a new approach to the discipline is both required and overdue. An example of this is the recent debate opened up by the publication of ‘The Continuity 2.0 Manifesto’ by David Lindstedt and Mark Armour.

I have recently added to that debate with a presentation to the November 2015 Business Continuity Institute’s BCI World conference entitled ‘The BC Plan is Dead!’, and in researching examples of companies that have stopped using traditional document based business continuity plans I have identified a set of key practices that I believe will drive the new approach. One of those companies, Marks and Spencer, gave an excellent practical demonstration at the end of my presentation of what they have managed to achieve with a new approach, ensuring that the audience understood that this is already happening and is not just a nice theory.

...

http://www.continuitycentral.com/index.php/news/business-continuity-news/781-a-new-approach-to-business-continuity

If you come across the name Booz Allen Hamilton, it’s usually in connection with defense-agency IT services contracts worth tens of millions of dollars. The tech consulting and engineering giant, more than 100 years old, is primarily in the business of solving big technology problems for government agencies, although it does also work in the private sector.

What you don’t see is Booz Allen mentioned in the context of open source technology. But that’s something that may soon change, as the company’s recently formed group charged with driving the giant’s participation in the open source community picks up speed. Most of this group’s work is focused on data centers and cloud, Jarid Cottrell, a Booz Allen senior associate who leads its cloud computing and open source practice, said.

The reason Booz Allen now has an open source practice is the same reason companies like GE, John Deere, Walmart, and Target dedicate resources to open source. Like the manufacturing and retail giants, Booz Allen’s customers in government and in the private sector want to build and run software the same way internet giants like Google, Facebook, or Amazon do, and they want the kind of data center infrastructure – often referred to as hyper-scale infrastructure – those internet giants have devised to deliver their services. Market research firm Gartner calls this way of doing things “Mode 2.”

...

http://www.datacenterknowledge.com/archives/2016/01/05/helping-government-run-data-centers-like-google/

Tuesday, 05 January 2016 00:00

Close of 2015 Sees More Rate Reductions

Insurers’ competition and ongoing fight for market share resulted in a composite rate down 4% in December for the U.S. property and casualty market. But while market cycles are here to stay, the current cycles are tame compared to some previous years. In 2002, there was a mean average rate increase of 30% and, in 2007, a mean average decrease of 13%, according to MarketScout.

“Market cycles are part of our life, be it insurance, real estate, interest rates or the price of oil. Market cycles are going to occur without question. The only questions are when, how much and how long.” MarketScout CEORichard Kerr said in a statement. “While it may seem the insurance industry has already been in a prolonged soft market cycle, we are only four months in. The market certainly feels like it has been soft for much longer, because rates bumped along at flat or plus 1% to 1½% from July 2014 to September 2015.” He pointed out that the technical trigger of a soft market occurs when the composite rate drops below par for three consecutive months.

...

http://www.riskmanagementmonitor.com/close-of-2015-sees-more-rate-reductions/

Valve, the company behind gaming platform Steam, said a recent caching issue allowed Steam users to see pages that included other users' account information.

And as a result, Valve tops this week's list of IT security newsmakers to watch, followed by Hyatt Hotels (H), Livestream and the Digital Citizens Alliance (DCA).

What can managed service providers (MSPs) and their customers learn from these IT security newsmakers? Check out this week's edition of IT security stories to watch to find out:

...

http://mspmentor.net/managed-security-services/it-security-stories-watch-was-steam-user-data-leaked

It’s that time of year when the industry pauses and reflects on what trends have emerged, what new technologies have arrived on the scene, and how business models have evolved. In the spirit of the season, here are three areas that I see continuing to positively impact the IT channel in 2016:

...

http://mspmentor.net/blog/trends-managed-services-three-predictions-2016

Enterprise infrastructure is at a weird inflection point as 2016 rolls around. In some cases, it is getting larger, as with the hyperscale cloud providers, but elsewhere it is getting smaller, as with the new hyperconverged platforms hitting enterprise channels.

Both of these trends are the product of similar demands from providers of data services for increased modularity, density and energy efficiency. A hyperscaler seeks to leverage these features to produce maximum scale, while a hyperconverger wants to enable reasonable scale on the smallest possible footprint. At the same time, they require increasingly sophisticated management, automation and optimization to provide customized service to an ever-expanding application environment.

But while most of the headlines surrounding hyper-infrastructure highlight commodity, OEM hardware, the fact is that traditional vendors stand to gain as well, although perhaps not as much as in rack servers and storage arrays. Dell recently combined its two hyperscale businesses into a single entity, dubbed the Extreme Scale Infrastructure, which will address what the company calls hyperscale and sub-hyperscale markets. Both of these segments are looking for fast, scalable infrastructure, although they may have differing levels of in-house expertise in advanced architectures.

...

http://www.itbusinessedge.com/blogs/infrastructure/big-or-small-theres-a-hyper-solution-for-every-need.html

As retailers know, the closing weeks of the year can represent nearly half of annual profits.  From Black Friday through New Year’s, retail sales increase exponentially, and employees and IT systems feel the strain.  In order to mitigate the effects of this added pressure and to prepare for any catastrophic event this holiday season, the experts at MissionMode have some business continuity tips to share to help you maximize holiday sales.

Safeguard Retail Sales with a Strong IT DR Plan

Whether your holiday rush happens online or in-store, system downtime can have extremely adverse effects on your holiday sales.   With all the hustle and bustle of the holidays, shoppers can be both harried and impatient. When faced with system-related delays at a retailer, they are very likely to go elsewhere to complete their purchases.  In order to ensure as close to 100% uptime as possible, it’s critical to have a strong IT disaster recovery plan in place. Key components of the plan should include:

...

http://www.missionmode.com/blog/maximize-holiday-sales-with-good-business-continuity-plan/

The Identity Theft Resource Center has been tracking security breaches since 2005, and it’s abundantly clear with the release of the organization’s latest report that the threat continues to grow each year. Although there were widely publicized breaches such as the U.S. government’s Office of Personnel Management, VTech Learning Lodge and Anthem in 2015, there are many more records that have been compromised to some extent, but that don’t get the press coverage or qualify as an official IT incident within the definition of the study.

For purposes of their report, the Identity Theft Resource Center defines a  breach as “an event in which an individual’s name plus Social Security Number (SSN), driver’s license number, medical record, or a financial record/credit/debit card is potentially put at risk – either in electronic or paper format.” According to the report, as of December 22, 2015, there had been 766 breaches that exposed 177,840,420 records so far in 2015.

...

http://www.missionmode.com/blog/prioritize-security-reduce/

WASHINGTON, D.C. – The U.S. Department of Homeland Security's Federal Emergency Management Agency announced that federal disaster aid has been made available to the State of Oklahoma to supplement state, tribal, and local recovery efforts in the areas affected by severe winter storms and flooding during the period of November 27-29, 2015.

The President's action makes federal funding available to state, tribal and eligible local governments and certain private nonprofit organizations on a cost-sharing basis for emergency work and the repair or replacement of facilities damaged by the severe winter storms and flooding in Alfalfa, Beckham, Blaine, Caddo, Canadian, Custer, Dewey, Ellis, Grady, Grant, Kingfisher, Kiowa, Logan, Major, Oklahoma, Roger Mills, Washita, and Woods counties.

Federal funding is available on a cost-sharing basis for hazard mitigation measures statewide.

William J. Doran III has been named as the Federal Coordinating Officer for federal recovery operations in the affected area.  Doran III said additional designations may be made at a later date if requested by the state and warranted by the results of further damage assessments.

Follow FEMA online at blog.fema.gov, www.twitter.com/fema, www.facebook.com/fema, and www.youtube.com/fema.  Also, follow Administrator Craig Fugate's activities at www.twitter.com/craigatfema.  The social media links provided are for reference only. 

FEMA does not endorse any non-government websites, companies or applications.  FEMA does not endorse any non-government websites, companies or applications.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

If the cloud didn’t exist, disaster recovery experts would want to invent it. The two fit together that well.

One of the key elements of a disaster recovery/business continuity (DR/BC) plan is geographical diversity. Simply, if the equipment in one location goes down – and carries the data with it – it is a reasonable idea to have a duplicate of both elsewhere. That idea predates the cloud (or, at least, the latest version of it). But it is exactly what the cloud provides.

At Datamation, Christine Taylor offers insight into the use of the cloud for DR. It is important to remember that though the cloud is a tremendous tool for DR, it must be proactively managed to realize the full benefits. A very important point is that there are limitations to the cloud’s DR capabilities – unless the enterprise takes the appropriate steps.

...

http://www.itbusinessedge.com/blogs/data-and-telecom/the-serendipity-of-cloud-based-disaster-recovery.html