Spring World 2017

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 29, Issue 4

Full Contents Now Available!

Industry Hot News

Industry Hot News (6707)

Monday, 30 November 2015 00:00

Paris Now: How To Get Business Back On Track

You couldn’t really call it “business as usual” in Paris these days: the hectic pace has slowed; the city is nearly void of tourists – a big concern, as tourism (domestic and international) brought in a total of 149-Billion Euros in 2013, 7.3% of French GDP. There has been nary an American accent to be heard in the city’s tourist districts since the Nov 13 terrorist attacks. Today, some to weeks later, traffic is still lighter than usual, waiting lists at popular restaurants have shrunk, and many shops have begun holiday promotions early. Business leaders are steeling themselves for a tough fourth quarter; political leaders are working at allaying fears and working collectively with their cross-border colleagues to combat the terror threat that has now effectively moved beyond specific targets.

But this is not to say that long-term planning on both the business and political fronts has been put on hold or even on the back burner. To wit, the American Chamber of Commerce in France last week released its 16th annual Barometer gauging the mood of American investors in France. The Barometer this year surveyed 125 American companies with offices in France, representing 50,000 employees and more than $40-Billion dollars in revenues across a wide specter of activities from manufacturing to financial services to technology. The survey was conducted before the November 13 terrorist attacks.

...

http://www.forbes.com/sites/shelliekarabell/2015/11/28/paris-now-how-to-get-business-back-on-track/

A survey of businesses in Northern Ireland has revealed the majority of firms in the country regard data breaches as the biggest corporate crisis risk they face.

The study, by law firm Pinsent Masons, revealed 83 per cent of organisations named the loss of corporate or customer data as their biggest threat, ahead of issues such as health and safety accidents or becoming embroiled in a bribery or corruption investigation.

As well as the immediate costs associated with recovering from such an incident, the reputational damage a firm can experience in the event that sensitive information is compromised can be wide-reaching.

...

http://blog.krollontrack.co.uk/industry-news/data-breaches-named-as-biggest-corporate-crisis-threat/

(TNS) - The Atlantic hurricane season that marked the 10th anniversary of Hurricane Wilma flooding Florida Keys shores closes Monday without a serious local storm threat this year.

In fact, Wilma in October 2005 was the last hurricane to make landfall anywhere in Florida, extending a record streak of no state landfalls.

The six-month 2015 hurricane season that ends Monday saw three hurricanes, two of which blew into major storms.  Hurricane Joaquin almost reached Category 5 status as it raked the Bahamas but it curved out to sea before affecting Florida.

...

http://www.emergencymgmt.com/disaster/Another-quiet-hurricane-season-comes-to-an-end.html

(TNS) - The man soon to become Philadelphia's 99th mayor is not on board with one of the last initiatives of the 98th.

Mayor-elect Jim Kenney has asked the Nutter administration to delay plans to combine the city's 911 emergency dispatch systems and the 311 nonemergency call center under one roof in South Philadelphia.

The request comes as the administration is trying to finalize a 10-year lease agreement on space for a combined operation, dubbed the Unified Call Center, at 20th and Oregon Streets.

In a letter sent to Mayor Nutter on Nov. 20, Kenney said he had "significant concerns" about the cost of the new space and the availability of funds to pay for creating the center.

...

http://www.emergencymgmt.com/next-gen-911/Kenney-and-Nutter-not-unified-on-plan-for-unified-911-center.html

When the news broke in early October that Dell was planning on buying EMC for a whopping $67 billion, more than a few jaws dropped (including mine), but in the weeks since, reports have surfaced about multiple problems from tax issues to VMware’s plunging stock price and the post-deal creation of Virtustream.

It’s too soon to say the deal is in jeopardy, but there are enough issues that this has to be giving Michael Dell and EMC CEO Joe Tucci some cause to worry (and perhaps pop more than their usual supply of antacid), while giving lawyers, accountants and investment bankers lots of billable hours to sort it all out.

Where to begin.

First, a bit of background: EMC owns an 80 percent stake in VMware, but VMware is traded as a separate company and operates independently with its own stock and board of directors. In a blog post shortly after the deal was announced, Michael Dell sought to reassure customers and partners (and presumably shareholders) that he wasn’t going to mess with VMware when Dell takes over next year.

It’s not clear that the message got through to the shareholders.

...

http://techcrunch.com/2015/11/28/dell-emc-deal-facing-issues-on-multiple-fronts/

(TNS) - The earthquakes just keep coming. Four days after a 4.7 magnitude earthquake was recorded southwest of Cherokee, a 4.4 magnitude earthquake was recorded Monday near Hennessey and Tuesday a 3.0 magnitude quake sprang up about 40 miles southeast of Norman, capping off a run of 23 earthquakes of magnitude 3.0 or higher in a seven-day period.

In response to Thursday’s quake, the Oklahoma Corporation Commission released a plan calling for two disposal wells to stop operations and for many others to cut down in volume.

Oklahoma Geological Survey Director Jeremy Boak said it’s a smart move because he said there’s a clear link between disposal wells and seismic activity in Oklahoma and he would like to see a balanced approach that allows scientists and policy makers to gather more information.

...

http://www.emergencymgmt.com/disaster/Oklahoma-Corporation-Commissions-response-to-earthquakes-spurs-further-debate.html

The backbone of America – banks, oil and gas suppliers, the energy grid – is under constant attack by hackers.

But the biggest cyberattacks, the ones that can blow up chemical tanks and burst dams, are kept secret by a law that shields U.S. corporations. They're kept in the dark forever.

You could live near -- or work at -- a major facility that has been hacked repeatedly and investigated by the federal government. But you'd never know.

What's more, that secrecy could hurt efforts to defend against future attacks.

The murky information that is publicly available confirms that there is plenty to worry about.

...

http://money.cnn.com/2015/11/30/technology/secret-deals-hacked-companies/index.html

Big data technology vendors are helping to close the skills gap when it comes to training the next crop of data scientists. Here's what they are offering.

There is a bottleneck big data must eliminate on its journey from buzzword to mainstream acceptance, someone called the data scientist.

This person has a PhD in math or statistics and is trained to fish for insights in the data lake. This person crafts algorithms like fishing flies, casting queries out like a line, luring insights to the surface where they can be hooked like trout.

Sponsor video, mouseover for sound
 

To be a data scientist, one must combine domain experience, a deep background in statistics and math, and programming skills, noted Leon Kutsnelson, director and CTO for IBM Analytics emerging technologies. "We call them 'unicorns' because they don't exist," he said. If industry had to depend on PhDs to do big data, "we [would] continue to sit on mountains of data," he added.

...

http://www.informationweek.com/big-data/software-platforms/bridging-the-big-data-skills-gap-with-online-training/d/d-id/1323304

The world is experiencing a digital revolution that is rapidly changing your business landscape.  This revolution is not only connecting people with digital technology; but it has made this technology ubiquitous in all of our lives.  The result is tech-savvy employees and customers with new expectations how to interact with your business.

Meeting these expectations requires a transformation into a consumer technology company by utilizing digital technology to streamline operational processes and improve customer experiences.  Industry data indicates those organizations begin this transformation process experience increased profitability, market value and revenue.

Cisco’s private cloud automation facilitates the transformation of your business from manual to automated standardized service delivery.  Converting manual processes into automated workflows increases data center productivity which fuels faster time-to-market by business and application teams of new products or services.

...

http://blogs.cisco.com/datacenter/organizational-dexterity-with-private-cloud-automation

(TNS) - The US weather provided little to be grateful for this Thanksgiving, with rain, snow and freezing rain affecting many parts of the country.

At least 14 people have died as a result of the precarious conditions.

The heaviest snow fell across the mountain states and the Central Plains. Heavy snow and whiteout conditions were reported from the Dakotas to the Great Lakes.

Sioux Falls in South Dakota only recorded 4cm of snow, but as that mixed with freezing rain, widespread warnings were issued as conditions became treacherous.

...

http://www.emergencymgmt.com/disaster/Storms-Batter-Across-the-US-Kill-at-Least-14.html

Wednesday, 25 November 2015 00:00

Big Data and Information Security

Big data is becoming an increasingly important part of the business plan for companies in many different industries. Analyzing large customer datasets and other kinds of data with tools like Hadoop reporting lets companies save money as well as boost revenue by targeting their marketing better, designing products to better appeal to their customers, make better predictions, and so on. On the other hand, this rise in the use of big data has coincided with the rise of advanced persistent threats to data security. Big data is not just lucrative to the companies that collect it: it is also worth money to identity thieves and other bad actors. This has given rise to a cottage industry in hacking and cracking. Companies that use big data, especially if that data consists of personal information of customers, are at an elevated risk of drawing hacking attempts. Developing ways to protect that data will prove to be just as important as the data itself.


The last few years have seen hacking capture headlines on a regular basis. Large companies like Target have become victims, with hackers stealing credit card information of millions of customers at a time. Even the U.S. government has been affected. The Federal Office of Personnel Management was breached earlier this year and detailed personal information of several million American citizens was stolen by unknown hackers. These breaches are only the latest of a string of such attacks. Furthermore, just because the largest companies are the most likely to make the news does not mean that smaller companies are safe. Hackers know that while large companies tend to control more data, small companies have less robust cyber-defenses, leaving them more vulnerable to organized attack.

...

https://channels.theinnovationenterprise.com/articles/big-data-and-information-security

McGraw-Hill Education's chief digital officer has driven the company's effort to leverage small data to improve student outcomes, teacher insights, and curriculum improvements. Here's why small is better than big.

In any individual math classroom there may be an advanced student, a dyslexic student, and many other students with various levels of proficiency and confidence in the current module of math. How can you customize the educational experience of each of these students to enable the best outcome? McGraw-Hill Education says it believes that small data, which in this case is data generated by how students interact with the curriculum, is the answer.

Stephen Laster joined the company as chief digital officer a little over three years ago to drive its implementation of small data to improve educational outcomes. He's someone who is passionate about education, and someone whose own educational experience was mixed.

...

http://www.informationweek.com/strategic-cio/digital-business/mcgraw-hill-education-shows-how-small-data-trumps-big/d/d-id/1323288

For Tuscaloosa, Ala., there are lessons to be learned from the terror that gripped Paris just over a week ago.

After the Islamic State attacks, Democratic Mayor Walter Maddox took note of the Parisian security staff that prevented a suicide bomber from entering the French national soccer stadium. His thoughts turned to Bryant-Denny Stadium -- where more than 100,000 people gather for University of Alabama football games.

Maddox said he considered what could happen in his 95,000-person city. But he and some terrorism and security specialists say many chief executives and police departments in midsize U.S. cities may not realize that terrorism could put their people and infrastructure at just as much risk as high-profile targets like New York City and Washington, D.C.

...

http://www.emergencymgmt.com/safety/In-Wake-of-Paris-How-Prepared-Are-US-States-Cities.html

(TNS) - Plans are accelerating for construction of a new regional Emergency Management Center in McAlester built to withstand an F5 tornado, nearby blasts, or explosions and even earthquakes.

When completed, the McAlester office will serve as the hub for emergency management services for all of southeastern Oklahoma — basically everything south of Interstate 40 and east of Interstate 35.

The building would also serve as local headquarters for the McAlester/Pittsburg County Office of Emergency Management — allowing personnel with the agency to move out of their current headquarters in the oft-flooded basement of the Pittsburg County Justice Center. Plans call for the building to also include office space for the Oklahoma Office of Emergency Management and the Choctaw Nation Office of Emergency Management.

...

http://www.emergencymgmt.com/disaster/County-plans-new-Regional-Emergency-Management-Center.html

Wednesday, 25 November 2015 00:00

CDC: Give the Gift of Preparedness

As the holiday season quickly approaches and holiday shopping begins, find a gift that truly show those you love how much you care—the gift of preparedness

 

infographic illustrating an emergency kit.

While an emergency kit may not be on any of the top-ten big name gift lists this season, a starter kit could end up being the most important gift you give your friends and family this year.  Most of us would love to be a little more prepared, but have not made the time or don’t know where to start. Often, just taking the first step towards getting prepared is the hardest part. Give your friends and family the gift of being prepared for the unexpected.

Need creative ideas for your gifts of preparedness? We’ve got you covered with these gift ideas:

The Starter Kit

Help get your friends thinking emergency prep with a few key items to start their emergency kit. Pack the items in a small plastic storage container or water-proof bag that can be stored easily. Include the following items:

  • First aid kit (You can get a pre-made kit at most of your local drug stores or pharmacies)
  • Flashlight and extra batteries
  • Portable phone charger (also sometimes known as a portable battery. This charger should be rechargeable and have the ability to charge a phone without being plugged into a power source)
  • Manual can openers (and a reminder that every emergency kit should include a three-day supply of food and water)

Emergency Prep for Kids

Sometimes the best way to get families thinking about emergency preparedness is through teaching kids about the importance of having an emergency kit, an emergency communication plan, and a family emergency response plan for every disaster.

Get kids excited and interested in emergency preparedness with CDC’s Ready Wrigley activity books. You can print coloring books for disasters including, extreme heat, tornadoes, hurricanes, earthquakes, and winter weather.  Help kids check-off items on Ready Wrigley’s emergency kit list with some of the following items:

  • Flashlight and extra batteries
  • A battery-powered or crank weather radio
  • Small and portable games or activities that can entertain kids if they have to shelter in place or evacuate to a shelter. (Small board games, playing cards, books or stuffed animals are good items to consider).

Emergency Kits for the Road

Is you car ready for winter graphic with cartoon bird and car emergency kit supplies

For the car-lovers or new drivers on your list, consider putting together a kit of emergency supplies they can keep in their car. Plan your gift based on local hazards. If you live in an area that gets significant amounts of snow you may consider including a windshield scraper, extra hats, coats, mittens, and blankets. For any emergency, your car kit include these basic items:

– Basic tool kit with pliers, a wrench and screwdriver

– Jumper cables (you may consider purchasing a “roadside emergency kit” from your local auto shop that also includes reflective triangle markers, gloves, and a flashlight)

– First aid kit

– Cellphone charger (either or a car charger, or rechargeable portable charger)

Pets and Pet Lovers

young girl with shopping bags and a pug dog

Remember to include pets in your emergency planning. Whether you are thinking of gifts for your furry friends or a gift for the pet lovers in your life, put together a gift of the following pet emergency kit items:

  • Extra food and water for your pet, including an extra water and food bowl.
  • Sturdy leash, harness, and carrier to transport pet safely. A carrier should be large enough for the animal to stand comfortably, turn around, and lie down. Your pet may have to stay in the carrier for several hours.
  • Pet toy and a pet bed that can easily be stored and taken if you are forced to evacuate. (Remember to always check with your local emergency shelters before a disaster to find out which shelters take in pets).

All of these emergency packages are great gifts to help friends, family, or yourself start an emergency kit. Check out CDC’s Emergency Preparedness and You page for more tips on how to be prepared for any emergency.

Alphabet subsidiary Google has contracted for 61 MW of solar power with Duke Energy, the largest utility in the US, to power its North Carolina data centers.

While utility-scale renewable power purchase agreements are common for Google, this is the solar power contract that’s big enough for an entire data center. “This is the first time that we’re purchasing solar power in enough volume to power one of our data centers,” Gary Demasi, who oversees data center energy and location strategy at Google, wrote in a blog post.

The company has multiple data centers on its campus in Lenoir. The first data center there was constructed in 2007, and six years later the company announced an expansion project.

...

http://www.datacenterknowledge.com/archives/2015/11/24/google-buys-solar-power-for-north-carolina-data-center/

One of the great things about cloud storage is its collaborative capabilities. With some relatively simple software, enterprises can make data available to a wide range of users via multiple devices across large geographic areas.

The problem is, not all data is appropriate for the public cloud, which is why many organizations are working to implement the same collaborative tools across their on-premises storage infrastructure. Ideally, this works best in a private cloud setting, although it can also function within a traditional storage array, but perhaps not with the same degree of scale and flexibility.

Much of this development is coming from firms that are already steeped in public cloud collaboration. Egnyte, which builds both cloud and on-premises file management systems, recently teamed up with collaboration firm Jive to enable greater collaboration across the entire enterprise data environment. The idea is to give users greater choice over where and how they store, access and share data, with Egnyte bringing secure, application-based file access and orchestration to the Jive platform and Jive helping Egnyte tie into multiple productivity offerings from Microsoft, Google and others.

...

http://www.itbusinessedge.com/blogs/infrastructure/collaboration-improving-in-on-premises-infrastructure.html

With the aim of raising standards of governance and administration in defined contribution (DC) schemes, the UK Pensions Regulator has publishing a draft revised code of practice for consultation.

The new draft DC code is shorter and simpler, and sets out the standards of conduct and practice the regulator expects trustee boards to meet in complying with their legal duties, and to deliver better long term outcomes for retirement savers.

The new code will overhaul the existing DC code first published in 2013 to better support trustee boards and managers of schemes offering money purchase benefits as they adapt to major reforms introduced earlier this year.

The draft DC code includes a section which specifies what is required when it comes to business continuity. It reads as follows:

“We expect trustee boards to ensure that they have an adequate business continuity plan and that this is reviewed at least annually, and tested as appropriate. The complexity of this plan will dependon the size and complexity of the administration operation, but weexpect it to cover:

  • loss of key personnel
  • business disaster recovery
  • safeguarding of data
  • how to continue to process core financial transactions.

“Where a third party administrator is used, trustee boards will need to understand the business continuity arrangements that the service provider has in place, and be confident that it adequately mitigates any risks to member data and benefits.”

The consultation will run until the end of January 2016 before the DC code is laid in Parliament next May, and comes into force in July. The 2013 code remains in force until then.

More details.

Iron Mountain Incorporated has published the results of a recent research survey with IDG Research Services to understand the level of risk associated with Software-as-a-Service (SaaS) in the enterprise, the importance of contingency planning, and the consequences experienced when a SaaS vendor does not meet expectations for application support.

Often, small SaaS providers can’t answer the question “What if your servers go down?” much less the bigger question, “What if you close your doors, how do I continue operations and get my data?” SaaS providers need to earn the trust of their customers by ensuring that an application continuity plan is in place.

The survey targeted management-level employees at enterprises employing 1,000 or more people to gain their insight.

Key findings from the research include:

  • SaaS has risen to 25 percent of the average applications portfolio (as compared to 11 percent in 2008);
  • Half of respondents think that risks associated with SaaS are greater than those of traditional on-premises software;
  • 73 percent of enterprises surveyed say it’s ‘very important’ or ‘critical’ that a SaaS provider allow continued access to applications and data, even if the provider goes out of business.

The survey report recommends that users of SaaS applications ensure that they have a business continuity plan in place that can see them through any type of crisis – including ‘man-made disasters’ such as hacking or a server crash – that aren’t covered by typical disaster recovery (DR) plans.

Download ‘When the Cloud Evaporates’ at www.ironmountain.com/cloud-evaporates (registration required.)

Tuesday, 24 November 2015 00:00

Custom Data Center Builds Made Easy

Building a data center from the ground up can be an expensive, risky, and time consuming process that pulls needed resources away from core business objectives.

If you’re looking to build a new data center, contact the experienced team at CyrusOne to develop the best data center solution for your growing business.

Download the CyrusOne Solutions product bulletin for the one-stop shop for flexible and future-proof data center builds.

...

http://www.cyrusone.com/blog/custom-data-center-builds-made-easy/

Tuesday, 24 November 2015 00:00

BCM & DR: Mergers & Acquisitions (Part 2)

As noted in Part 1, if you’re going to be merging all areas of the two companies and the acquired will be engulfed or swallowed up by the acquiring company, then BCM/DR has a very large workload ahead of itself.  In some regards, it’ll be like starting over but you’ll know half the BCM need already.  If you work for the acquiring company you will have – or better have – your Business Impact Analysis (BIA) results, which would have been used to build the rest of your program; however, if you’re in need of the same information from the acquired company, you may not have that information available.  If you do – hurray! but if you don’t, well, now you’ve got to get that half of the acquisition on par with what you already have.

It’s not as easy as saying that you’d replace one system with another (e.g. one finance department changes to the other finance departments operations).  Your BIA needs to identify all the new applications, systems, people, processes and all the interdependencies – internal and external.  Then you have to compare the results of the two companies; identifying duplication and stand-alone items.  Not an easy thing because you may find that some processes can’t be merged easily with other processes due to system configuration, regulatory requirements (especially if the company you’re purchasing is a foreign business) and user application.

...

https://stoneroad.wordpress.com/2015/11/21/bcm-dr-mergers-acquisitions-part-2/

Tuesday, 24 November 2015 00:00

Vendor Risk Management: The Full Definition

Vendor risk management (VRM) is the practice of evaluating business partners, associates, or third-party vendors both before a business relationship is established and during the duration of your business contract. This is an important concept and practice to put in place during the evaluation of your vendors and the procurement process.

A key feature of VRM is understanding your vendor’s cybersecurity program. This allows you to understand how well they’re going to be able to secure your data, both from a physical and cyber perspective. VRM helps ensure that your vendors have a contractual obligation for specific requirements and standards, therefore mitigating your organization’s risk.

There are a number of risks vendors can bring to your enterprise, including:

...

http://www.riskmanagementmonitor.com/vendor-risk-management-the-full-definition/

Tuesday, 24 November 2015 00:00

Adding a Human Element to Cybersecurity

I read an article this morning that discussed how little most companies trust friendly hackers when they discover vulnerabilities. According to the San Francisco Chronicle article, while some larger tech companies are willing to listen to these outside sources, the majority are leery of them [registration required].

This might not be great news for information-sharing laws, but I do wonder if there is a role for friendly hackers in behavior analytics, which relies on human and attacker behaviors. A new report from Rapid 7 points out how important the role of behavior analytics is in today’s threat detection and prevention. As the report states:

Vulnerabilities and exploits grab headlines and the attention of the world’s security community . . . However, penetration testers and criminal intruders agree: Compromised credentials are what makes the job of hacking possible and profitable for intruders on a daily basis.

...

http://www.itbusinessedge.com/blogs/data-security/adding-a-human-element-to-cybersecurity.html

Gartner issued a series of interesting predictions this week. Upon looking at them, you might think they are overly aggressive. But over the last decade, technology decisions have moved back to being driven by line executives rather than IT executives. Gartner bases its predictions historically on conversations with IT.

 IT is a service organization and is generally brought in on a change after line has decided to make it. This means that in cases where technology is changing even more rapidly, IT can be six to 18 months out from when they believe a change is needed. This has become particularly pronounced when it comes to cloud services because, increasingly, line has chosen to move on cloud services and, at least initially, has bypassed IT.

The point of this is to suggest that you check with your line organizations on their thinking in regard to these tech trends and make sure your organization is prepared to assist in the related rollouts. Otherwise, you may find they are happening without you.

...

http://www.itbusinessedge.com/blogs/unfiltered-opinion/gartners-aggressive-predictions-may-be-overly-conservative.html

We talk a lot about the extreme partisanship in American politics. Seems Europe has at least some of the same phenomenon. We also talk about the “Digital mob” and the lack of civility in political discourse.

Economist has some insights (again!). This article called Extreme Tweeting shows how the right and left extremes in European politics far dominate use of social media. It’s clear that politicians on the far left and far right are both far better at using social media than those more down the middle and that their audiences are far larger and far more engaged. But why?

The article suggests several reasons. 1) they are more prolific users, 2) “Social media reward starkness, not subtlety” 3)  faster reaction because they don’t seem to sweat over delicacies (ala Trump I suppose) 4) they are more into organizing and activating.

...

http://ww2.crisisblogger.com/2015/11/partisan-extremes-show-up-big-time-in-social-media-in-europe/

We talk a lot about the extreme partisanship in American politics. Seems Europe has at least some of the same phenomenon. We also talk about the “Digital mob” and the lack of civility in political discourse.

Economist has some insights (again!). This article called Extreme Tweeting shows how the right and left extremes in European politics far dominate use of social media. It’s clear that politicians on the far left and far right are both far better at using social media than those more down the middle and that their audiences are far larger and far more engaged. But why?

The article suggests several reasons. 1) they are more prolific users, 2) “Social media reward starkness, not subtlety” 3)  faster reaction because they don’t seem to sweat over delicacies (ala Trump I suppose) 4) they are more into organizing and activating.

...

http://ww2.crisisblogger.com/2015/11/partisan-extremes-show-up-big-time-in-social-media-in-europe/

SACRAMENTO, Calif. – Many pets were left behind to fend for themselves during the wildfires in California’s Calaveras and Lake counties resulting in serious injuries, death or disappearance.

This occurred because the fire came so fast many survivors had no time to save the animals.

"Pets are members of the family. You wouldn't want to leave a family member behind during a disaster would you?" said Deputy State Coordinating Officer Charles Rabamad. "Having a plan and emergency kit for your pets is just as important as having them for your mother, father, sister or brother."

With predictions of more severe weather and flooding this winter due to El Niño now is a good time to develop both a family and pet emergency plan. Here are some tips on what to include in your pet plan:

  • If your pet doesn’t have a microchip, ask your veterinarian about the possibility. Make sure your pet’s tags are up-to-date and fastened to its collar. If possible, attach the address and/or phone number of your evacuation site. If your pet gets lost, its tag is its ticket home.
  • Make sure your pet’s immunizations are current and keep a copy of the veterinary records with you.
  • Take a photo of your pet and keep it with you for identification purposes.
  • Make a pet emergency kit. You should have enough pet food, bottled water and medications for three days. Also, pack cat litter and pan, manual can opener, food dishes, leash and collar, brush, blankets, a first aid kit and other supplies. A full list of items to include can be found online at www.Ready.Gov. Information also is available at www.Cal-cares,com and www.CDFA.ca.gov.
  • If you plan to shelter in place, identify a safe area of your home where you can all stay together. Put all emergency supplies in that room ahead of time, including your pet’s crate and supplies.

Include Your Pets in Emergency Planning

  • Consider checking with your local animal control agency or emergency management office now to determine if a pet-friendly shelter is available in your area. Make a list of boarding facilities and veterinary offices that might be able to shelter animals in disaster emergencies.
  • Make a buddy system with your friends or neighbors as a back-up emergency plan if you cannot care for your animals yourself. The buddy system will assure that someone is available to care for or evacuate your pets if you are unable to do so.

Those with larger animals such as horses, cattle, sheep, goats or pigs should also plan for these animals by:

  • Ensuring all animals have some form of identification.
  • Evacuating animals whenever possible. Map out primary and secondary routes in advance.
  • Making sure vehicles and trailers for transporting animals as well as experienced handlers and drivers are available.
  • Ensuring destinations have food, water, veterinary care and handling equipment.

Survivors can register for FEMA assistance online at DisasterAssistance.gov or by calling 800-621-3362; TTY 800-462-7585; 711 or Video Relay Service (VRS), call 800-621-3362. Registration continues through Nov. 23.

For more information on California’s wildfire recovery, visit: caloes.ca.gov or fema.gov/disaster/4240 and follow us on Twitter @femaregion9 or @CAL_OES and facebook.com/CaliforniaOES and at Facebook.com/FEMA. For more information on preparing your pets for a disaster go to www.Ready.Gov.   The state program CARES also provides information on animal care and control in the event of a disaster or emergency. Find the agency online at www.cal-cares.com.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). If you have a speech disability or hearing loss and use a TTY, call 800-462-7585 directly; if you use 711 or Video Relay Service (VRS), call 800-621-3362.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who are referred to SBA for a disaster loan must apply to be eligible for additional FEMA assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

If you run or use the services of a data centre for your organisation, the quality and compliance of that data centre are likely to be dear to your heart. Your auditors may be breathing down your neck to make sure it has a clean slate financially. Your senior management may be pressuring you for assurances about data protection. Ideally, the data centre can show that it meets requirements. Suppose it offers to do so by demonstrating compliance with ISAE 3402, the standard developed by the International Auditing and Assurance Standards Board. One version of ISAE 3402 may satisfy your financial audit team, but won’t answer concerns about data protection, and vice versa. How will you know which is which?

ISAE 3402 exists in “flavours” of Service Organisation Control (SOC) reports. There are two types of SOC that are each aimed at a different audience, either the auditors or the managers mentioned above.

...

http://www.opscentre.com.au/blog/what-does-data-centre-compliance-really-tell-you/

No matter how big or small your business, it’s probably fair to say that you rely on IT to function. And all IT, whether it comes in the form of a mobile device, an email server or a cloud-based application, is susceptible to failure.

This is an increasingly big deal. According to a December study from EMC, data loss and downtime cost companies worldwide a massive $1.7 trillion (£1 trillion) in 2014. Moreover, a 2013 report from the Ponemon Institute and Emerson Network Power pegged the per-minute cost of data centre downtime at an astonishing $7,900 (£5,000). In today’s data-dependent world, the failure to bounce back from an IT outage could be enough to kill your business.

The practice of preparing for downtime, and of taking steps to ensure a speedy return to normality, is called disaster recovery (DR) planning. Unfortunately, it’s not always a walk in the park to create an effective DR plan, particularly when you’re only a small business. Doing it well requires time, knowledge and expertise, and measuring ROI can be difficult.

Luckily, help is available. A quick Google search should turn up a raft of free resources for organisations to use in the DR planning process, including DR plan templates that span a broad spectrum in terms of length and complexity. We’ve even created one of our own: the Kroll Ontrack small business DR plan template.

...

http://blog.krollontrack.co.uk/top-tips/writing-a-disaster-recovery-plan-for-your-small-business-free-template/

Board member views on strategy and risk oversight have shifted to a longer-term orientation with emphasis on evaluating macro-trends as part of their strategic review, according to PwC’s 2015 Annual Corporate Directors Survey. But the survey points to growing pressure among Board members to balance longer-term strategic planning and investment with the need to meet short-term investor expectations.

...

http://corporatecomplianceinsights.com/boards-taking-longer-term-view-of-risk-oversight/

There are many factors that can affect a company’s credit ratings and it appears that cyber risk is moving up a notch in importance in corporate credit analysis.

In a new report, ratings agency Moody’s Investors Service said it views material cyber threats in a similar vein as other extraordinary event risks, such as a natural disaster, with any subsequent credit impact depending on the duration and severity of the event.

Moody’s reports:

While we do not explicitly incorporate cyber risk as a principal credit factor today, our fundamental credit analysis incorporates numerous stress-testing scenarios, and a cyber event could be the trigger for one of those stress scenarios.”


...

http://www.iii.org/insuranceindustryblog/?p=4227

The British insurance company Lloyd’s estimates that cyber attacks cost businesses as much as $400 billion a year, which includes direct damage plus post-attack disruption to the normal course of business. Some vendor and media forecasts put the cybercrime figure as high as $500 billion and more.

The World Economic Forum (WEF) says a significant portion of cybercrime goes undetected, particularly industrial espionage where access to confidential documents and data is difficult to spot.

Then there’s the hacks and breaches which go unreported by privately held and unregulated companies who are fearful of how cyber incidents will damage their reputations — which can have a negative impact on revenues, company valuation when raising capital, customer acquisition and retention, and their ability to recruit top talent.

...

http://www.forbes.com/sites/stevemorgan/2015/11/24/ibms-ceo-on-hackers-cyber-crime-is-the-greatest-threat-to-every-company-in-the-world/

The general narrative of the evolution of the public cloud infrastructure services market over the last several years has been that the handful of giants have used their scale and engineering resources to add features and lower prices to a point where most smaller providers can no longer compete, forcing even the big but late to arrive players like Dell and HP to exit the market altogether.

New York-based Infrastructure-as-a-Service provider DigitalOcean has been one of the exceptions. Having built a reputation and a following as the cloud infrastructure service for developers, the company has been growing fast, raising funds and expanding scale. Adrian Cockcroft, a well-known cloud infrastructure technologist and more recently a venture capitalist, working as a technology fellow at Battery Ventures, pointed DigitalOcean out in his overview of the cloud market last week at the Structure conference in San Francisco as one of the leaders, saying the company had been in “hyper growth” until about one year ago, even though recently its growth was slowing.

Similar to the biggest players, the likes of Amazon and Microsoft, there is pressure on DigitalOcean to expand data center footprint, both to add capacity in existing locations and to add new ones. DigitalOcean started in 2012 with two data centers, in New York and Amsterdam, but operates 11 today. It added three locations last year and two this year and plans to launch more in 2016, Luca Salvatore, network engineering manager at DigitalOcean, said in an interview.

...

http://www.datacenterknowledge.com/archives/2015/11/24/digitalocean-from-two-data-centers-to-11-in-three-years/

Monday, 23 November 2015 00:00

NI Health Trust Denies Data Loss Claims

A health trust in Northern Ireland has denied claims from a whistleblower that it suffered a data loss that put patients at risk.

It was stated by a source that at least two weeks of sensitive information had been lost following a system failure at the Western Health and Social Care Trust’s Altnagelvin Hospital data centre, Derry Now reports.

According to the whistleblower, the trust has no back-ups and, as a result, information including appointments and referrals were lost.

However, the organisation has refuted these claims, explaining that the information affected by the problem was not lost, as it had already been processed or re-entered from manual records.

“The Trust has carried out an extensive data verification process where all parties who had been making referrals have been requested to verify that their data has been processed, this includes any external organisations such as GP practices,” it stated.

However, the claims illustrate the problems that can be caused if organisations are not prepared for data loss, and emphasise the importance of having solutions on hand to recover such information.

From:: http://www.krollontrack.co.uk/company/press-room/data-recovery-news/ni-health-trust-denies-data-loss-claims101.aspx

Monday, 23 November 2015 00:00

Global supply chain risks remain high

Global supply chain risk remained ‘stubbornly high’ in the Q3 2015 Chartered Institute of Procurement & Supply (CIPS) Risk Index, powered by Dun & Bradstreet, as interconnected geopolitical developments threaten to redraw the supply chain map. 

The cross-border presence of ISIS throughout the Middle East, the subsequent re-introduction of border controls within Europe's Schengen zone and the easing of US sanctions on Iran and Cuba are starting to shift the global flow of products and services into new, unknown territory.

Dun & Bradstreet analysed 132 countries against a number of criteria, including level of exports, to assess issues and challenges along the supply chain to produce a global risk score. Global supply chain risk stands at 79.1 in Q3 2015, only slightly down from the record high of 82.4 two years ago and considerably higher than the pre-financial crisis level of just 40.4 in Q4 2003. In Q3 the reliability of global supply chains has been undermined by the rise of radical Islam, a more assertive Russia, unstable commodity prices and the prolonged fallout from the 2008 economic crisis. At the same time, the growth of longer and more complex supply chains allow regional disruptions to cripple supply chains hundreds of miles away.

...

http://www.continuitycentral.com/index.php/news/erm-news/685-global-supply-chain-risks-remain-high

Monday, 23 November 2015 00:00

Handling de-resilient leadership

n his previous article Paul Kudray challenged readers to attempt to find out if their organization's leaders are resilient or de-resilient. In this article he addresses what to do if your organization and leaders aren’t as resilient as they would like to think they are! 

Since posing the challenging question about de-resilience in my previous article, we’ve sadly witnessed more tragic atrocities against society. Whatever the reasons are behind any acts of terrorism, and however they may change us, life carries on. To do anything less than continue, would be giving in; and that’s not in our DNA! 

It goes without saying that we feel sickened and saddened by what happened in Paris – and is still happening for many in areas such as Beirut and Syria. Words sound hollow, but we have every sympathy for those affected by disaster. It is one of our strongest motivators for continuing to build more resilient capabilities and societies for the future.

With greater resilience in mind - did you ask them? Did you have the audacity to face the challenge and ask your boss ‘the’ question?

...

http://www.continuitycentral.com/index.php/news/resilience-news/681-handling-de-resilient-leadership

Monday, 23 November 2015 00:00

Paris attacks: the immediate lessons

As organizations review their business continuity and crisis management plans following the Paris attacks, Peter Power highlights some useful advice for protecting employees caught up in future incidents.

As I write these words France has just concluded three days of national mourning for the 129 people killed (so far) in the recent Paris attacks. But for anyone now urgently reviewing their crisis and business continuity management plans (and in my case planning with others the next World Conference on Disaster Management (WCDM), we should be testing responses and looking for ways to improve. After all, it is a lot more beneficial in terms of people and communities to try and outmanoeuvre an attack, than it is to recover from one. 

Up until a few days ago many people had been saying that a fight against (so called) IS is not their fight, presumably to avoid yet another West v East battle in the Middle East and possible reprisals at home. But now it's different. If we didn't know before, it's clear that IS has now come to us. They have gone global with attacks that are not random or indiscriminate, but in pursuit of their three aims: to terrorise, mobilise and polarise. This in turn triggers widespread and, at times, irrational, fear in target populations, bearing in mind that compared to other forms of fatality, death by IS in the West is currently rare. But that really doesn't help us sleep at night.

...

http://www.continuitycentral.com/index.php/news/business-continuity-news/680-paris-attacks-the-immediate-lessons

If EMC has its way, the line between primary storage on premise and secondary and tertiary storage in the cloud is going to get a whole lot blurrier. This week, EMC unveiled a raft of updates to its storage portfolio that essentially turn EMC VMAX and VNX storage systems into hubs through which IT organizations can tier data across local systems and external cloud services.

Chris Ratcliffe, senior vice president of marketing for EMC Core Technologies, says that as storage management gets more sophisticated, IT organizations are asking vendors for ways to break down the walls that currently separate various storage systems, and the cloud services that they increasingly rely on to back up and archive data at much lower costs than storing it on premise.

With that goal in mind, EMC has enhanced its FAST.X tiering software and EMC VPLEX cloud-tiering software to add support for the EMC CloudArray software that’s used to connect to external clouds and third-party storage systems running inside or outside of the same data center.

...

http://www.itbusinessedge.com/blogs/it-unmasked/emc-looks-to-blur-data-storage-line-in-age-of-the-cloud.html

Monday, 23 November 2015 00:00

NI Health Trust Denies Data Loss Claims

A health trust in Northern Ireland has denied claims from a whistleblower that it suffered a data loss that put patients at risk.

It was stated by a source that at least two weeks of sensitive information had been lost following a system failure at the Western Health and Social Care Trust’s Altnagelvin Hospital data centre, Derry Now reports.

According to the whistleblower, the trust has no back-ups and, as a result, information including appointments and referrals were lost.

However, the organisation has refuted these claims, explaining that the information affected by the problem was not lost, as it had already been processed or re-entered from manual records.

“The Trust has carried out an extensive data verification process where all parties who had been making referrals have been requested to verify that their data has been processed, this includes any external organisations such as GP practices,” it stated.

However, the claims illustrate the problems that can be caused if organisations are not prepared for data loss, and emphasise the importance of having solutions on hand to recover such information.

From:: http://www.krollontrack.co.uk/company/press-room/data-recovery-news/ni-health-trust-denies-data-loss-claims101.aspx

The terror attack in Paris last week sparked a renewed debate over how to intercept terrorist networks communicating via protected social media platforms. 
 
In the aftermath of the coordinated attack that left at least 129 people dead, applications like Telegram are being criticized by some for providing an alleged venue for terrorist collaboration.
 
While others argue digital backdoors into these networks would not end — or even stall — the activities of terror groups, critics say the popular communication networks are an all too valuable tool for groups like the Islamic State (IS, ISIS, ISIL). 
 
In a September interview with TechCrunch, Pavel Durov, the creator of Telegram, acknowledged that the radicalized Islamic group was in fact using the service to communicate.
...
Monday, 23 November 2015 00:00

Terrorism – A Tectonic Shift?

What do you do when the unthinkable happens? It’s not like we haven’t seen these determined and increasingly emboldened acts of terrorism before. The World Trade Center; Mumbai, India; Nairobi, Africa — just to name a few.

Innocent lives are lost because of desperate acts committed by a growing number of groups globally. We mourn the lives lost in Paris and the victims of each these attacks; yet their numbers are growing. According to a new study reported by CNN, “deaths from terrorism increased by 80 percent in 2014, with 32,658 people killed.” The sharp rise is attributable to increased acts of terror from a relatively small base. Boko Haram and ISIS accounted for 51 percent of the claimed killings. But is this a “tectonic shift” or a spike in terror events due to an anomaly of success by two terror groups who are willing to attack non-combatants?

I have no special intelligence, nor do I possess the skills to quantitatively measure the likelihood or location of the next terrorist event. I don’t think you need either to consider how to respond to events in Paris. French authorities and, I suspect, other government security professionals are now sharing information and responding to evidence that may have been overlooked in previous surveillance. We must trust that every resource available is working overtime to deal with this new threat. Overreaction, while understandable, tends to lead to less well-informed actions that may not have been taken during times of more clarity. For perspective, consider that 34,017 people died in car accidents in the U.S. alone in 2010, according to NHTSA. That is less than 1.25 fatalities per 100 million miles. In order words, these are relatively rare events, notwithstanding the rising numbers.

...

http://corporatecomplianceinsights.com/terrorism-a-tectonic-shift/

Monday, 23 November 2015 00:00

Cyber Vigilantes Provide Intel to Feds

(TNS) -- A small band of cyber jihadi hunters — including former members of the hacktivist group Anonymous — has been quietly feeding the feds online intel that’s foiled more than 10 terror plots and identified scores of ISIS recruiters and websites, on a mission that’s acquired new urgency in the wake of the Paris attacks.

“We felt enough wasn’t being done, so we wanted to put our skills to good use,” said the executive director of Ghost Security Group, who only goes by the online hacker name DigitaShadow after numerous ISIS death threats. “We’re completely independent. We survive off donations alone.”

Ghost Security Group has provided valuable information since June, according to Michael S. Smith II, co-founder of defense contractor Kronos Advisory and a former adviser to a Congressional terrorism task force.

...

http://www.emergencymgmt.com/safety/Cyber-Vigilantes-Help.html

The role of enterprise architecture and the enterprise architect has steadily grown in scope and in importance over the last two decades. Although many EA teams operate as part of the IT department, others are taking a more active position as they help to inform and guide strategy planning, investment and transformation at the enterprise-level. We have reached a stage where EA, as a discipline, is well-established within many enterprises as a core capability. 

But increasingly the boundary of “enterprise” architecture is extending beyond organizational boundaries. The domain of the enterprise architect is changing, as more and more “enterprise” architecture components are sourced externally. Social and environmental architectures are as important to an enterprise architecture as the components that remain within the enterprise boundary and under the direct control of the EA team. 

Emerging technologies and digital disruption will transform the enterprise, but they will also transform the ways in which we architect.

...

http://blog.cutter.com/2015/11/20/disruption-and-emergence-what-does-it-mean-for-enterprise-architecture/

Monday, 23 November 2015 00:00

Supply Chain Business Continuity Plans

Expect the unexpected: It’s a mantra that should be adopted by every supply chain manager. Since globalization has altered the cycle of manufacturing and the majority of time the raw materials/supplies, manufacturing facility and customer all reside thousands of miles away from each other, our supply chains are extremely vulnerable to manmade and natural incidents that can halt normal business operations. The continuity of your business is dependent on your ability to keep supply chains open, manufacturing running and clients supplied. The best way to do this is to include your supply chain in your business continuity plans.

...

http://www.missionmode.com/blog/supply-chain-business-continuity-plans/

Often it is said that ‘partnering’ is part of the Cisco DNA and its true: Cisco’s Partner ecosystem for years has brought together an ecosystem of trusted partners which deliver solutions, software and services that provide needed business solutions and outcomes.

Cisco has a strong ‘bench’ of technology partners, too. These partners allow us to combine Cisco solutions with their technology platforms resulting in integrated architectures focused on specific industries or use cases. Frequently these are delivered in the form of a Cisco Validated Design (CVD) and are available freely on the Cisco Design Zone.

For Cisco Big Data and Analytics solutions, where our Cisco UCS Integrated Infrastructure for Big Data is the foundation, partners are key. We partner with industry leading Big Data firms to deliver flexible architectures and solutions which help to make your data the foundation of your digital business. Below, in alphabetical order, are new videos from some of our Big Data partners. Each is a Big Data leader in their own right and each has worked closely with Cisco to bring solution(s) to market. These are short and sweet videos – so carve out a few moments in your day and view a few:

...

http://blogs.cisco.com/datacenter/big-data-partner-commentary-speed-efficiency-and-disruption-through-insight

Dignitaries in military garb and suit-wearers alike can’t help but be drawn to the Rapiscan CounterBomber. A modernist bongo kit of a counterterrorism device, it’s spinning slowly on a platform at Parc Des Expositions, the biggest convention center in Paris. At six feet tall and more than three feet wide, the CounterBomber has three tomtom-sized radar panels connected to a sturdy tripod. The police point it at a crowd to detect the outlines of a suicide bomb strapped to any individual, at distances “outside of the blast danger zone”. An agent in a truck somewhere clicks on people onscreen and gets a readout.

Andy Lynch, program manager at Rapiscan, says the company hasn’t sold a unit to US law enforcement yet, but it’s not out of the question. There may be some issues with fourth amendment rights, though, such is the potential for invasive unwarranted searches carried out by an agent hiding in a booth. What Rapiscan will never say out loud is that the machines would have come in handy at the Stade de France, where three men blew themselves up on Friday. It’s just a 15 minute train ride from the convention center.

...

http://www.forbes.com/sites/thomasbrewster/2015/11/22/paris-hosts-milipol-homeland-defense-expo-after-isis-attacks/

Monday, 23 November 2015 00:00

THE ATTACKS IN PARIS AND AML COMPLIANCE

The attacks in Paris and subsequent events have horrified any right-minded person. The slaughter of innocent civilians sickened the world and the outpouring of support for the city of Paris; the country of France and the French people has been universal. One of the things that I thought about in the aftermath is the intersection of corruption and terrorism. The EU open border policy and its banks notoriously lax money laundering regimes and enforcement could certainly have contributed to some of the underlying factors leading to the attack. I am sure there will be aggressive and robust responses from governments across the globe involving new and beefed up anti-money laundering (AML) laws. This is something the anti-corruption compliance practitioner and all US companies need to prepare for in the days and weeks to come, largely in response to the attacks in Paris.

Most anti-corruption compliance practitioner and most US companies do not focus on AML compliance or corporate AML controls. However, the bad guys think about how to move money around from their ill-gotten gains quite a bit, using the most innocuous types of business. In an article Los Angeles Times (LAT), entitled “Cartels use legitimate trade to launder money, US and Mexico say”, reporters Tracy Wilkinson and Ken Ellingwood described a process whereby teams of money launderers working for cartels use dollars to purchase a commodity from the US and then export the commodity to Mexico or Colombia. A key is that “Paperwork is generated that gives a patina of propriety” which means that drug money is given the appearance of legitimate proceeds from a legitimate commercial transaction. An Immigration and Customs official interviewed said, “It’s such a great scheme. You could hide dirty money in so much legitimate business, and they do. You can audit their books all day long and all you see is goods being imported and exported.” Another scheme involved several executives of Angel Toy Company, who conspired with Mexican drug cartels to launder drug money through a scheme to purchase Teddy Bears (of all things), for shipment back to and for resale in Mexico. The plan was straightforward, just under $10K of cash for each shipment of Teddy Bears, which were then resold in Mexico.

...

http://fcpacompliancereport.com/2015/11/the-attacks-in-paris-and-aml-compliance/

Monday, 23 November 2015 00:00

How Secure is Your HR Data?

When you think about an HR Department, you think about potential applicants, the interview process, an information repository for all employees or your own engagement with the company. Of course during the first week of November you consider HR to be the keeper of all things benefits — open enrollment and all of the paperwork that entails. The HR Department must keep all of this information confidential while also handling the external client roster, circulation of company policies and a wide array of interoffice communications. This poses a unique security challenge for any organization, regardless of size, which needs to prevent unauthorized internal users from accessing employee information, including PII (personally identifiable information), but needs to share employee information with external benefits providers and accounting. The environment calls for a solution with the flexibility to protect against insider threats and destroy files automatically, while enabling secure sharing.

Where to start? 

Most if not all of the information going in and out of the HR department needs some level of security, and so the first task is to inventory and classify the types of data the department handles. Two tiers work best, with tier 1 being the highest and warranting automatic security policy and encryption on creation. Tier 1 data includes intellectual property, executive compensation, Board of Director files, customer lists, financial data and employee personnel files. Tier 2 includes policy manuals, interoffice correspondence and pre-release public files. 

...

http://corporatecomplianceinsights.com/how-secure-is-your-hr-data/

 

Monday, 23 November 2015 00:00

Automate Netscaler Security with Octoblu

Are you responsible for securing your company’s datacenters, networks, and data?

There is no doubt that cyber attacks and cyber espionage incidents are on the rise. PewResearch reports that most security professionals believe the following:

“By 2025, a major cyber attack will have caused widespread harm to a nation’s security and capacity to defend itself and its people (By “widespread harm,” we mean significant loss of life or property losses/damage/theft at the levels of tens of billions of dollars.)”

Here are a couple of additional security facts:

...

https://www.citrix.com/blogs/2015/11/23/automate-netscaler-security-with-octoblu/

AccuWeather Enterprise Solutions' new D3 analytics business unit is predicting more than just the weather. It's capitalizing on what has become one of the company's fastest-growing businesses, predictive analytics-as-a-service, to help clients make business decisions. AccuWeather's chief commercial officer shared the details. 

"Everybody talks about the weather, but nobody does anything about it," is a quote often attributed to Mark Twain. While we can't change the weather itself, many companies are using weather data combined with other data streams to make better strategic and tactical business decisions.

AccuWeather, a company best known for its consumer weather prediction and media business, has been informally consulting with organizations for two decades on how to use weather data and other data to make better business decisions. The company formally launched a predictive analytics-as-a-service business about three years ago and last month moved even deeper into the space with D3 Analytics, a division that specializes in this service of aggregating and analyzing hundreds of weather factors, together with consumer and sales data. The division provides insights to companies in the retail, healthcare, financial services, and other industry verticals.

...

http://www.informationweek.com/big-data/big-data-analytics/accuweather-storms-into-enterprise-with-predictive-analytics/d/d-id/1323256

Starwood Hotels & Resorts Worldwide (HOT) last week said some of its North American locations were infected with malware that enabled unauthorized users to access customer payment card information.

And as a result, Starwood tops this week's list of IT security newsmakers to watch, followed by the Georgia Secretary of State's office, PandaLabs and Clearswift.

What can managed service providers (MSPs) and their customers learn from these IT security newsmakers? Check out this week's edition of IT security stories to watch to find out:

...

http://mspmentor.net/managed-security-services/it-security-stories-watch-was-starwood-breached

Monday, 23 November 2015 00:00

2016: The Year of The Data Center

With 2016 quickly approaching, executives are starting to hash out their plans and budgets for the coming year. While all aspects of a business are important, no other division is more critical to supporting business growth than the IT department. After all, most businesses today have data they need to keep secure and functioning in order to keep things running smoothly.

That’s why it’s so pivotal that IT executives keep their data center operations top of mind for the coming year as these choices will impact their business growth not only for the 2016, but for years to come.

Keeping this in mind, I spoke with 15 data center site managers and with the office of the CTO to determine what the top trends for data centers in 2016 will be.

 ...

http://www.datacenterknowledge.com/archives/2015/11/23/2016-year-data-center/

Just 11 days left to participate in BC Management's 1st Annual Program Maturity Study - Measuring the Effectiveness of the Business Continuity/ Resiliency Program.  Be sure to Participate by December 1, 2015 to Qualify to Receive a Complimentary Report of the Study Findings!

Sunday, 22 November 2015 06:00

BCI World 2015

I started to write this post as my train left London following two packed days at this year’s BCI World event. I figured that this was as good a time as any to capture my experience and thoughts whilst it’s fresh in my mind! However, I decided that I could do with a couple of weeks reflection because these conferences tend to get you quite pumped and excited and then you go back to normal. I did have a go last year at trying to describe what goes on at the event but in fairness I did only attend the exhibition and the gala dinner and this year I attended the full programme so hopefully I can more observations this time.

The first thing I should say is that the opening and closing speakers, while not topic-related, were superb and everybody appreciated them. The conference set up and organisation was well received by everyone I that spoke to and so a big thank you to the BCI for organising such a worthwhile event.

...

http://blueyedbc.blogspot.com/2015/11/bci-world-2015.html

This article provides an overview of Professional Practice 4 (PP4) – Design, which is the professional practice that “identifies and selects appropriate strategies and tactics to determine how continuity and recovery from disruption will be achieved”. Strategy design activities are essential to translate outputs gathered during the analysis phase into actionable strategies that the organization can implement and refine over time to improve the ability to respond and recover from a disruption.

PP4 OVERVIEW

PP4 outlines three primary areas that should be considered in the strategy design process, including the design of continuity and recovery strategies and tactics, threat mitigation measures, and an incident response structure. Let’s take a closer look at each.

...

http://perspectives.avalution.com/2015/business-continuity-strategy-design-an-overview-of-bci-professional-practice-4/

Companies with operations around the world face the reality of having to deal with an often complicated web of interconnected third-party entities and organizations and will usually create third-party risk models to produce an objective risk score for each one. These models consider many factors, such as the third party’s location, the nature and closeness of the relationship with the third party, the level of control over the third party, how much business it generates and the extent of the third party’s interactions with government officials. However, not all third parties are the same, and after creating a risk-rating model, companies typically face three due diligence options:

For low-risk parties, companies can simply execute an internal review and check publicly available databases such as government watch lists, sanctions and embargo lists.

For moderate-risk parties, companies can perform open-source investigations (OSI), collecting and analyzing all publicly available online information for a third party and its principals after searching in English and native languages.

The due diligence scope required for the riskiest parties exceeds what is typically covered in an OSI alone, especially in developing nations where online information may be limited or where bad actors can easily manipulate local media. In these situations, companies should resort to Enhanced Due Diligence investigations (EDD).

...

http://corporatecomplianceinsights.com/know-your-risks-3-scenarios-where-enhanced-due-diligence-was-the-right-choice/

Friday, 20 November 2015 00:00

Why SMBs Should Consider Hybrid Cloud Backup

If you’re looking to build a backup solution that is scalable, cost-efficient and allows multiple disaster recovery scenarios, then switching to a hybrid cloud backup strategy is for you.

Hybrid solutions work in conjunction with your existing backup applications and policies. Local on-premise data can remain local if required and still have the flexibility of expanding onto cloud storage should you require additional capacity. Utilizing this cost-effective storage means you can store a full copy of all your backups on the cloud in the event of a site disaster.

Almost any size of business can take advantage of a hybrid backup solution, from the smallest of start-ups to huge conglomerates. How it’s implemented may differ between them, but both ends of the scale can achieve an efficient, secure, highly available and scalable solution. Consider an appropriate-sized solution for your business; this could be as simple as storing one data set on a local NAS drive with a resilient copy stored in the cloud, or as complex as implementing a VM appliance installed within your data center acting as a gateway between your private network and the cloud.

...

http://www.datacenterknowledge.com/archives/2015/11/19/smbs-consider-hybrid-cloud-backup/

Shadow IT is nothing new as employees and lines of business bypass IT departments to get the cloud services they need to complete their jobs.   Rogue IT has resulted in a conversation around the unintended and potentially dangerous consequences of increased security risks, compliance concerns and hidden costs.

We all know that private and public clouds are here to stay, but in a recent study it was proven that the average enterprise organization is unaware of just how much shadow IT exists.

Cisco recently completed a study with large enterprise customers across the United States, Europe, Canada and Australia.   This study was conducted from January 2014 through July of this year.  Actual usage data was collected from customer’s networks representing millions of users.

...

http://blogs.cisco.com/datacenter/shadow-it-you-cant-manage-what-you-cant-see

(TNS) - Florida received a failing grade on its long-term preparations for coastal flooding, in a study released Wednesday that assessed how well the 50 states were gearing up for the impact of climate change.

The study, called States at Risk, says Florida lacks a long-term plan for dealing with rising sea levels, despite being the nation's most vulnerable state as oceans inch higher. The report gave Florida a C- overall, with B+ grades on preparing for drought and wildfires – for which the report says the state faces average or below-average risk – a D on preparing for extreme heat and a D- grade on preparing for inland flooding.

"Florida has a lot of work to do," stated the report, prepared by the environmental group Climate Central, which publishes peer-reviewed articles on climate change, and ICF International, a 5,000-employee consulting firm with 70 offices worldwide. "Even though the state has plans in place to face today's threats, Florida has not taken sufficient steps to prepare for the serious threats posed by future climate change, particularly coastal flooding."

...

http://www.emergencymgmt.com/disaster/Florida-flood-preparations-slammed-in-national-report.html

Friday, 20 November 2015 00:00

County Web Presence, Smart911 Updated

(TNS) - Officials with Limestone County announced this week upgrades to the county's website and the Smart911 system as part of a new branding initiative.

County Commission Chairman Mark Yarbrough said the website upgrade was necessary as a means to continue recruiting new industries, businesses, students and citizens. He added that the new look of the website would help give “the right impression” to those groups looking to locate to Limestone County.

“Limestone County is proud of our place in North Alabama, and we needed to upgrade our look and messaging to better tell our story,” Yarbrough said.

The county's new website is also more mobile-friendly as a growing number of Internet users continue to use their smartphones as much or more than traditional computers.

...

http://www.emergencymgmt.com/next-gen-911/County-web-presence-Smart911-updated.html

Amazon Web Services, the e-commerce giant’s cloud services arm, has contracted with a wind farm developer for energy from a future 100 MW wind project in Paulding County, Ohio, to offset grid energy consumption of its cloud data centers, the company announced Thursday.

Utility-scale renewable power purchase agreements are becoming increasingly common among hyperscale data center operators like Amazon, its cloud services rivals Google and Microsoft, as well as Facebook, which does not provide cloud services but has multiple massive data centers in the US and Europe to support its user base. This year Equinix also started contracting for utility-scale renewables – something commercial data center service providers, whose customer base includes the aforementioned cloud giants, have traditionally been reluctant to do.

About one year ago, AWS made a commitment to power its operations entirely by renewable energy. The cloud provider said earlier this year that about one quarter of energy it consumed was renewable, and that its goal was to get to 40 percent renewable by the end of 2016.

...

http://www.datacenterknowledge.com/archives/2015/11/19/amazon-buys-more-wind-power-for-cloud-data-centers/

Switch, the Las Vegas-based company that builds mega-scale data centers, is pushing officials in the State of Michigan to quickly pass a series of data center tax incentives, so it can proceed with plans to build a data center campus that will include a pyramid-shaped building that used to house offices of the large office furniture supplier Steelcase.

At full build-out, which may take up to 10 years, Switch’s plans call for two million square feet of building space across multiple data center buildings around the Steelcase pyramid. “It could be as many as six buildings,” company spokesman Adam Kramer said.

The pyramid’s basement would be turned into a data center, and additional buildings would be constructed around it.

...

http://www.datacenterknowledge.com/archives/2015/11/20/switch-may-turn-michigan-pyramid-data-center/

Thursday, 19 November 2015 00:00

Resilience and Performance - the Missing Link

 

Over the last decade the term Resilience has permeated the world of business and management.  Of course, different professions have talked about Resilience for much longer, for example Personal Resilience in the field of psychology and Resilience in computer systems or networks.  Over the last decade Business Resilience has emerged, promoted by Business Continuity professionals like me as the next evolutionary step forwards for the Business Continuity profession.  
 
Like many new ideas, different groups have got hold of Resilience, not least the business development functions of management consultancy firms.  As a result Resilience has been hyped just like other new ideas, like Cloud and Big Data.  The problem is, nobody has really nailed what Resilience means in the world of business and management.  No one person has the answer and, like scientific research, as a collective our understanding creeps forwards as those pioneering in the field try to figure it out and communicate it to the rest of us. 
...

 

Focus on Value

In my last blog post, I described how business resilience is most compelling when it links performance improvement with risk management.  Focus on the upside contribution to achieving future strategic objectives and the challenge becomes, 'why wouldn't you do business resilience?'
In this blog post I will start to explain how to make business resilience deliver on this promise, focusing first on how to unlock the power of Purpose & Values.

...

http://risky-thinking.blogspot.com/2015/11/people-untouched-lever-of-business.html

Thursday, 19 November 2015 00:00

10 Reasons Tape Makes a Lousy Archive

One of the most frequent misuses of backup tape is as an archive. Data center managers don’t typically design tape as their archive, however, it inadvertently becomes one when old backup tapes are sent to offsite storage after cycling out of their disaster recovery usefulness.

Using legacy tape as a file and email archive is causing pain and unnecessary expense for many organizations. Here’s the top 10 reasons tape isn’t a good archive:

...

http://www.datacenterjournal.com/10-reasons-tape-lousy-archive/

Thursday, 19 November 2015 00:00

Big Data Top Trends In 2016

As we are coming towards the end of 2015 we have seen a considerable amount of change in big data and its perception. We believe that 2016 is going to throw even more up for the industry, so we are taking a look at what we think are going to be the top trends in the next 12 months.

Quantum Computing To Grow

The concept of quantum computing has been around for a long time, but has always been seen as something that we are going to see become a real possibility in some undefined future. However, 2016 may be when its use becomes more commonplace.

After recent work by Australian researchers at the University of NSW it has become possible to code the machines in a more cohesive and understandable way. They have managed to entangle a pair of qubits for the first time, allowing for more complex coding to be created and therefore the use of quantum computers to potentially become more widespread.

...

https://channels.theinnovationenterprise.com/articles/big-data-trends-2016

Thursday, 19 November 2015 00:00

The top 10 worst data disasters from 2015

Our engineering team loves a good story about data disasters, especially when we can recover our customers’ information for them in extreme circumstances.

For the last 13 years, we have collected and published a list of the toughest physical and logical data losses from our offices around the globe. 

We are proud to say that no matter how dire the situation appears to be, whether a device has been crushed, set on fire, plunged into water, thrown at a wall or simply dropped on the floor, there is always hope that the data you think is missing can still be retrieved.

Read on for the 2015 Top Ten List of Data Disasters compiled by Kroll Ontrack.

...

http://blog.krollontrack.co.uk/pieces-of-interest/the-top-10-worst-data-disasters-from-2015/

Looking to address what Microsoft CEO Satya Nadella describes as the most pressing issue of our time, Microsoft this week launched a flurry of security offerings intended to turn security into a set of continuously delivered services.

Speaking at a Microsoft Government Cloud Forum, Nadella says that in much the same way that Microsoft now manages Windows 10 as a service, everything from behavioral analytics of attacks to remediation will soon become a set of common services spanning the desktop, server and Microsoft cloud offerings.

To that end, Microsoft announced the formation of a Microsoft Enterprise Cybersecurity Group made up of security professionals that will work with a new Cyber Defense Operations Center that Microsoft is setting up to detect threats in real time using what Nadella describes as an intelligent fabric that Microsoft will continue to expand and invest in over time.

...

http://www.itbusinessedge.com/blogs/it-unmasked/microsoft-looks-to-transform-security-into-a-service.html

The popular conception at the moment is that in order to take advantage of Big Data, an organization has to recruit data scientists, who are hard to retain. But Salesforce, with the launch of updates to the Salesforce Marketing Cloud at a Salesforce World Tour event, is making the case for embedding machine learning algorithms inside a cloud application in a way that promises to eliminate the need for many marketing organizations to hire their own dedicated data scientist.

Meghann York, director of product marketing for Salesforce Marketing Cloud, says that Salesforce Marketing Cloud Predictive Journeys, with Predictive Scores and Predictive Audiences, now makes it possible to essentially predict how customers will respond to, for example, an email marketing campaign. In addition, York says organizations can leverage Predictive Audiences to segment customers based on the predictive scores created by Salesforce Marketing Cloud.

...

http://www.itbusinessedge.com/blogs/it-unmasked/salesforce-infuses-big-data-science-within-marketing-cloud.html

Thursday, 19 November 2015 00:00

Marijuana’s Cost to Employers

With the adoption of more state laws to legalize marijuana, employers will face challenges to protect their employees from injury and to comply with federal requirements to maintain a drug-free workplace.

Employers also face potentially costly litigation as case law surrounding legal marijuana develops, according to the Quest Diagnostics whitepaper “What Will ‘Legal’ Marijuana Cost Employers?”

...

http://www.riskmanagementmonitor.com/marijuanas-cost-to-employers/

Two consequent power outages at one of TelecityGroup’s data centers in London Tuesday afternoon local time disrupted operations for many customers, including the London Internet Exchange and AWS Direct Connect, the service that connects companies to Amazon’s cloud through private network links.

The provider’s Sovereign House data center in the London Docklands lost utility power and appears to have failed to switch to backup generators around 2pm. Power was restored but went down again, according to an incident report by EX Networks, one of the customers in the data center.

London-based Telecity has not yet said what the root cause of the data center outage was.

The facility is one of the data centers housing infrastructure of the London Internet Exchange, or LINX. Telecity told EXN it would have to shut down power to two suites that house LINX to fix the electrical infrastructure.

...

http://www.datacenterknowledge.com/archives/2015/11/18/telecity-data-center-outage-in-london-dings-cloud-internet-exchange/

Mike Baker is the Founder and Principal at Mosaic451.

Magic is awesome at carnivals, and it most certainly got young wizard Harry Potter out of a few jams, but when magic is used with the hope that it will suddenly make your firm more secure – it simply does not work.

Magic is that intoxicating lure to a quick technological fix with blindside thinking that technology alone will keep the hackers at bay. Data centers are under constant pressure to safeguard assets, however, too many firms focus on security for the purpose of being in compliance. For example, the energy industry has secrets to protect, and there are huge regulatory burdens from the NERC (North American Electric Reliability Corporation), which maintains a set of cybersecurity standards for Critical Infrastructure Protection (CIP).

...

http://www.datacenterknowledge.com/archives/2015/11/18/stop-buying-magic-data-protection-strategy-doesnt-work/

Thursday, 19 November 2015 00:00

Will You Stop and Plan This Holiday Season?

It is officially budget season, for most businesses anyway. In just about every industry you can name, organizations of all size are in the throes of defining goals and resource requirements for a new year. This includes many tech companies—but not nearly enough.

How good are MSPs when it comes to creating meaningful annual budgets and participating in effective strategic planning sessions to grow their businesses? The number will likely surprise you.

Working with Clarity Channel Advisors clients, I have gained a deep perspective on the MSP industry at large. While there are a minority of service providers who diligently work at strategic planning, a majority of MSPs don’t. Take establishing sales targets.

...

http://mspmentor.net/cloud-computing/will-you-stop-and-plan-holiday-season

SACRAMENTO, Calif. – Wildfire survivors in Calaveras and Lake counties who lost important documents can use this guide to help obtain replacements.

All of the organizations listed below offer online resources. If personal computers aren’t available, public libraries and other agencies may have computers available to the general public.

Document

Who to Contact for Replacement

EBT Card

California’s CalFresh is part of the federal program known as the Supplemental Nutrition Assistance Program (SNAP – formerly known as Food Stamps). Lost EBT card replacements – Call

877-328-9677 right away, or contact your local county social services worker.

Birth and Death Certificates

Birth and Death Certificates-California Department of Public Health or online at www.cdph.ca.gov or by calling 916-445-2684. $25 fee for replacement.

Lost Green Card

Go to www.uscis.gov and complete the Form I-90, application to replace a permanent resident card, and file it online or by mail. Call 800-375-5283 to check the status of your application.

California Driver License

Visit a California DMV office to complete an application. Replacement license forms must be delivered in person. For more information, call 800-777-0133.

Bank Checks, ATM/Debit Cards, or Safe Deposit Boxes

Contact your financial institution or get contact information from the FDIC by calling 877-275-3342 or going to www.fdic.gov.

Credit Cards

Contact the issuing institution:

American Express 800-992-3404 or www.home.americanexpress.com

Discover 800-347-2683 or

www.discover.com/credit-cards/help-center/

Master Card 800-622-7747 or
www.mastercard.com/cgi-bin/emergserv.cgi

Visa 800-847-2911 or www.usa.visa.com

NOTE: If you don't remember all the credit cards you had, obtain a credit report from any of the three major credit bureaus.

Credit Report

Equifax, Experian or TransUnion 877-322-8228 or www.annualcreditreport.com

Social Security Card

Social Security 800-772-1213 or
www.ssa.gov

Fraud Alerts or a Credit Freeze

Fraud Alerts: Call the identity theft helpline at 877-438-4338; contact the FTC at:

Medicare Cards

Social Security Administration 800 772-1213 or  www.socialsecurity.gov/medicarecard/

Passport

U.S. Department of State, Passport Services, Consular Lost/Stolen Passport Section 202-955-0430 or 877-487-2778 or www.travel.state.gov/content/passports/english/passports/lost-stolen.html

U.S. Savings Bonds

U.S. Department of Treasury 800-722-2678 or www.treasurydirect.gov

Tax Returns

Internal Revenue Service 800-829-1040 or download the Request for Copy of Tax Return at www.irs.gov/pub/irs-pdf/f4506.pdf

Military Records

National Archives and Records Administration

866-272-6272 or www.archives.gov/contact/

The deadline to register with FEMA for disaster assistance is Monday Nov. 23. Survivors can register online at DisasterAssistance.gov or by calling 800-621-3362; TTY 800-462-7585; 711 or Video Relay Service (VRS), call 800-621-3362.

For more information on California’s wildfire recovery, visit: caloes.ca.gov and follow us on Twitter @cal_OES, and on Facebook.com/CaliforniaOES. For FEMA, go to fema.gov/disaster/4240 and follow us on Twitter @femaregion9 and at Facebook.com/FEMA.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). If you have a speech disability or hearing loss and use a TTY, call 800-462-7585 directly; if you use 711 or Video Relay Service (VRS), call 800-621-3362.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who are referred to SBA for a disaster loan must apply to be eligible for additional FEMA assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

SACRAMENTO, Calif. – Wildfire survivors, don’t miss out on additional grants and loans that can help you recover – submit an application to the U.S. Small Business Administration today.

This notice applies to disaster survivors in Calaveras and Lake counties, California, who applied for assistance with the Federal Emergency Management Agency and were referred to the SBA. You must complete a disaster loan application in order to keep your options open and to maintain eligibility for additional FEMA dollars.

The deadline for submitting the application is Monday, Nov. 23 for wildfire losses that occurred between Sept. 9 and Oct. 30, 2015 in the two California counties. As long as the initial loan application is submitted by the deadline, survivors can finalize their preliminary SBA application and loan at a later date.

While SBA’s low-interest disaster loans represent the major source of federal funding for recovery, the application itself may open the door to other FEMA grant programs. People who do not qualify for an SBA loan may be eligible for other FEMA grants.

Here are some key points to consider:

  • Completing and returning a loan application can be done in one of three ways: in person at a Disaster Recovery Center, online at https://disasterloan.sba.gov/ela or by mail.
  • Filing the loan application does not obligate people to accept the loan and there is no cost to apply for an SBA loan. Homeowners and renters who are declined for an SBA disaster loan may be considered for certain FEMA grants and programs.
  • Next to insurance, an SBA loan is the primary funding source for real estate property repairs and replacing lost contents following a disaster like the recent wildfires. Homeowners may be eligible for low-interest loans up to $200,000 for repair or replacement of their primary residents. In some instances, SBA can refinance all or part of an existing mortgage.

Keep Your Options Open – Submit an SBA Application Now

  • The SBA can help homeowners and renters replace their essential items. Homeowners and renters may be eligible to borrow up to $40,000 to repair or replace personal property, including automobiles damaged or destroyed in a disaster.
  • Loans are available for businesses of all sizes and private non-profit organizations. Loans are available for up to $2 million to repair or replace disaster damaged real estate and other business assets. Eligible small businesses and non-profits also can apply for Economic Injury Disaster Loans (EIDL) to help meet working capital needs caused by a disaster.
  • Do not wait for an insurance settlement before applying. Insurance may not pay for all of the damage. Survivors can begin their recovery immediately with an SBA disaster loan. The eligible loan amount will be reduced by any insurance settlements.

For more information about SBA low-interest disaster loans, contact the SBA’s Customer Service Center at 800-659-2955, TTY 800-877-8339, emailing disastercustomerservice@sba.gov or at sba.gov/disaster. SBA customer service representatives are available at all disaster recovery centers. Centers can be found online at FEMA.gov/DRClocator.

Survivors can apply for FEMA assistance online at DisasterAssistance.gov or by calling 800-621-3362; TTY 800-462-7585; 711 or Video Relay Service (VRS), call 800-621-3362. Registration continues through Nov. 23.

For more information on California’s wildfire recovery, visit: caloes.ca.gov or fema.gov/disaster/4240 and follow us on Twitter @femaregion9 or on Facebook.com/FEMA, Twitter @Cal_OES and Facebook.com/CaliforniaOES.

The SBA is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. SBA helps businesses of all sizes, private non-profit organizations, homeowners and renters fund repairs or rebuilding efforts and cover the cost of replacing lost or disaster-damaged personal property. These disaster loans cover losses not fully compensated by insurance or other recoveries and do not duplicate benefits of other agencies or organizations. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing disastercustomerservice@sba.gov, or visiting SBA’s website at www.sba.gov/disaster. Deaf and hard-of-hearing individuals may call 800-877-8339.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

SACRAMENTO, Calif. – Fumbling through files for important papers can be frustrating. But when an emergency strikes, trying to gather up all those documents can be downright frightening.

There is a way around all the late-minute hassle, but it will take some time and a way to organize and contain them so that you can grab and go when a disaster strikes. And, with predictions of more severe weather and flooding this winter due to El Nino, now is a good time to organize your papers.

Container options can range from a fireproof lock box or safe, a safety deposit box or something as simple as a three-ring binder with plastic sleeves into which you can insert the documents.

The list of documents and records you will want to have is long, but will be invaluable after you have evacuated your home. You will need access to some of these items sooner than others, but all are important enough to include in your "must have" list:

  • Vital Records: Driver's licenses, birth certificates, adoption papers, Social Security cards, passports, citizenship papers (such as a "green card" or naturalization documents), marriage license, divorce decrees, child custody papers, current military ID, military discharge (DD Form 214), medical and vaccination records for pets along with current photos and ID chip numbers in case you are separated.
  • Insurance Policies: Homeowners, renters, flood, earthquake, auto, life, health, disability, long-term care; have at least the policy number and insurance company contact information for each type of coverage.

Keep Your Important Documents Safe from a Disaster

  • Property Records: Real estate deeds of trust and mortgage documents (at least the two-page settlement statement provided by the title company showing the actual cost of the house and purchase expenses); rental agreement or lease; auto/boat/RV registration and titles; video, photos or a list of household inventory.
  • Medical Information: Immunization and other medical records, prescription information (drug name and dosage), health insurance identification cards, physician names and phone numbers, powers-of-attorney for health care, and living wills.
  • Estate planning documents: Wills, trusts, funeral instructions, powers-of-attorney, attorney names and phone numbers.
  • Financial records: First two pages of your previous year's federal and state tax returns, stock and bond certificates, investment records, brokerage and retirement account information, credit card, checking and savings account numbers, contact information for credit unions, banks, financial institutions, credit card companies and financial advisers.
  • Other: Personal address book, a letter with instructions for family or friends (for use in a situation where you're not present), backups of important computer files, a list of usernames and passwords for online accounts, a key to your safe deposit box, a recent photograph, fingerprints and dental records for each member of the household (some police stations and nonprofits fingerprint children free);, account and contact information for utilities and other services (you may have to provide a new billing address or cancel certain services), a list of important documents and where originals and copies are located.

Those who don’t have the time or ability to gather all of these documents should focus on the most important and most difficult to replace.

In addition, take time now to think about the priceless personal items you would want to protect from danger or take with you if you had to suddenly evacuate your home.

The first step is to take an inventory of your household valuables. Those who wish more complete checklists or guidance on collecting and safeguarding this important information, go to www.ready.gov/financialpreparedness.

If you have lost documents in the Butte or Valley fires, go to www.fema.gov/disaster/4240 to learn how to replace them.

Survivors can register for FEMA assistance online at DisasterAssistance.gov or by calling 800-621-3362; TTY 800-462-7585; 711 or Video Relay Service (VRS), call 800-621-3362. Registration ends Nov. 23.

Keep Your Important Documents Safe from a Disaster

For more information on California’s wildfire recovery, visit: caloes.ca.gov or fema.gov/disaster/4240 and follow us on Twitter @Cal_OES and @femaregion9 and at Facebook.com/California OES and Facebook.com/FEMA.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). If you have a speech disability or hearing loss and use a TTY, call 800-462-7585 directly; if you use 711 or Video Relay Service (VRS), call 800-621-3362.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who are referred to SBA for a disaster loan must apply to be eligible for additional FEMA assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

R.I.S.K. is the next-generation chief risk/audit/compliance/IT security officer who is capable of processing billions of bits of data, analyzing behavioral patterns, assessing changes in internal controls and tackling cyber risks within seconds of an attack. R.I.S.K. does not command a salary, go on vacation, require a pension or health care benefits, nor complain about not having enough budget or resources to get their job done.

What is R.I.S.K.? Risk Intelligent Systems Knowledgeware is a concept that I created to describe a collection of informatics applications that are in development today designed to tackle the challenge of tomorrow’s complex risk problems. If you think this is some far-fetched science fiction story about risk management, you simply have not done your homework. Let me explain why risk management as you know it today will never be the same and is going through a major transformation never before seen.

...

http://corporatecomplianceinsights.com/meet-r-i-s-k-why-your-next-chief-risk-officer-will-be-a-smart-robot/

Here at Citrix, we think a lot about how we can deliver a better experience for our customers.

We want to help you meet your challenges through new and creative uses of our technologies. Period.

With new technologies, educating users about how this all fits into their environment is always a challenge. New things are great, but as my friend Christian Reilly, CTO for Citrix Workspace Services, said in a recent post, “If the customer doesn’t win, we all die anyway.”
Really, that’s the end goal — for the customer to win. So, with all the great, new technology that’s being built, we’ve been looking for new ways to effectively communicate out the best ways that customers can take advantage of these innovations.
 
During the month of October, the teams at Citrix that build Data Center Infrastructure products competed in a contest–our very first Blog-a-thon!–to see who could write the best, most informative, most creative blogs.
...
Wednesday, 18 November 2015 00:00

Oracle Database Disaster Recovery on Public Cloud

Oracle Databases are run in most, if not all, of the Fortune 500 and form the backbone of critical applications and business operations. Oracle Database High Availability was always a high priority for Oracle, as we understand that keeping business online 24/7, 365 Days a Year is vital. In any other case, the productivity would be interrupted, data could potentially be lost, but most importantly corporate image would be tarnished with unpredictable devaluation of share price.

Oracle Public Cloud is available for quite a while now, offering an extensive set of cloud services tailored to specific requirements:

    • Platform as a Service (PaaS), 
    • Infrastructure as a Service (IaaS), and 
    • Software as a Service (SaaS).

...

https://blogs.oracle.com/imc/entry/oracle_public_cloud_for_dr

Last month the Cybersecurity Information Sharing Act (CISA) passed the US Senate, and a reconciled bill with the House is expected to land on the president’s desk by the end of the year. As Congress debates making data sharing law, one company, the Arlington, VA-based TruStar, is already providing an anonymous, industry-based incident sharing solution. On Monday the company announced $2 million in additional seed funding led by Resolute Ventures with participation from other Silicon Valley investors.

“What slows down people from sharing in large part is concern over market reputational risk,” said Paul Kurtz, co-founder and CEO of TruStar. “Also there’s concern over whether they are sharing too much with government.” Kurtz, who has worked in and around Washington D.C. for years, said the feeling among the companies he’s talked to is that if you share with government, it will only try to regulate you more. Or the information will come out later as a FOIA.

Instead, Kurtz said these companies want to let the private sector work it on its own, and work out problems much faster. Currently there are 10-12 companies participating in the TruStar beta program. Key industries participating include finance, IT, education, heavy manufacturing, and cloud providers.

...

http://www.forbes.com/sites/robertvamosi/2015/11/17/making-incident-sharing-anonymous-and-across-industries/

Wednesday, 18 November 2015 00:00

Terrorist Attacks, Strategy and Impact

Suicide-armed assaults and bomb attacks may become an even more attractive tactic for terrorist groups to replicate following the November 13, 2015 attack in Paris, France, according to catastrophe modeling firm RMS.

In a blog post, RMS writes that the Paris attacks—which killed more than 125 people and left 350 injured—are the deadliest in Europe since the 2004 train bombings in Madrid, Spain, where 191 people were killed and over 1,800 injured.

The attacks have exposed France’s vulnerability to political armed violence and alerted the rest of Europe to the threat of salafi-jihadists within their domain, according to RMS.

...

http://www.iii.org/insuranceindustryblog/?p=4222

Most IT organizations today have a plethora of IT management tools at their disposal that wind up creating their own silos of data that ultimately need to be managed. With the rise of Big Data, however, the time has come to eliminate all those silos of data using a common backend that any IT management tool can access.

With that goal in mind, OpsDataStore today unveiled a namesake backend Big Data platform that comes complete with a data model to keep track of the relationship between objects right from the moment those objects are ingested into a backend system based on the Cassandra database, Apache Spark in-memory compute engine and the Kafka message bus.

Rather than compete with other providers of IT management tools, OpsDataStore CEO Bernd Harzog says OpsDataStore is trying to make it simpler for IT organizations to correlate information from different IT sources to resolve problems faster.

...

http://www.itbusinessedge.com/blogs/it-unmasked/opsdatastore-brings-common-big-data-backend-to-it-management-apps.html

Most network connections in Azerbaijan went dark for several hours Monday, following what the country’s communications officials attributed to a fire in the data center of the country’s main service provider Delta Telecom.

The former Soviet republic’s internet went down around 4 pm local time, according to reports by the Azeri news agency Trend and BBC Russian Service. The incident disrupted nearly all internet connectivity in the country.

Renesys, a company that tracks global internet connectivity, said 78 percent of Azerbaijan’s networks were affected. All of the 600-plus networks that went dark reached the internet through the same connection: a link between Delta Telecom and Telecom Italia Sparkle.

...

http://www.datacenterknowledge.com/archives/2015/11/17/azerbaijans-internet-goes-dark-after-data-center-fire/

Identity lifecycle management is one of the most critical parts of a security and identity and access management program.  Identifying the assets and setting a baseline for acceptable risk needs to be considered before starting any security lifecycle project and must involve the proper stakeholders.  Let's refer back to our original blog post where we discussed the Ashley Madison breach.  When the company began, they had advertised their service with a commitment to delete customer info upon their request, but as the headline breach revealed, that was not the case.  The hackers were able to expose data related to tens of millions of accounts which suggests some part of the identity lifecycle management process was not properly followed.   The fact that so much data was compromised from the Database could imply that the attack originated there.  Soon after the attack, it was reported that a former contractor for the company may have been one of the responsible parties.

To some degree, we had a perfect storm brewing.  We had a company that was offering a service that some felt was morally unethical.  We had large amounts of sensitive data stored un-encrypted in a Database.  And we appear to have privileged account access given to a contractor, which may not have been revoked upon separation from the organization.   There have also been some additional discoveries made on the end-user accounts as well – such as the fact that many of the customer accounts utilized very basic passwords – one password cracking group has claimed that they were able to crack 11 million users’ passwords.  This latter topic is beyond the scope of this blog, but suffice it to say that it is important for organizations to enforce strong password policies.

...

https://blogs.oracle.com/OracleIDM/entry/the_lifecyle_management_opportunities_of

Wednesday, 18 November 2015 00:00

In Search of a More Enterprise-Friendly Container

Applications are quickly surpassing infrastructure as the key driver of data productivity. Where once the differentiators between cutting-edge and also-ran were measured in processor speed, storage capacity and networking throughput, it now rests largely on orchestration, availability and scalability.

Containers are whizzes at producing the latter, which is why developers adore them so. But the enterprise must still deal with the former as it seeks to implement container architectures across legacy infrastructure, and this is proving to be a major stumbling block to widespread deployment.

While companies like Docker are ramping up container capabilities themselves and scale-out management stacks take hold in Google-class hyperscale operations, traditional infrastructure providers are working to bridge the divide between physical, virtual and container-level constructs. HP, for one, is working closely with Docker to incorporate containers within the Helion private cloud platform, as well as emerging PaaS products aimed at hybrid infrastructure. In addition, systems like the StormRunner deployment and testing solution and the AppPulse mobile performance monitoring tool are gaining integrated Docker support.

...

http://www.itbusinessedge.com/blogs/infrastructure/in-search-of-a-more-enterprise-friendly-container.html

Wednesday, 18 November 2015 00:00

FEMA Funding 55 Storm Shelters

(TNS) - After two years of exhaustive efforts, Mayes County Emergency Management said they have secured FEMA funding for 55 storm safe room reimbursements.

“We applied for 192 safe room reimbursement grants from FEMA. After two years of work we got an offer from FEMA,” said MCEM Director Johnny Janzen. “They gave us two options, we could take the 55 they can afford the reimbursements for, or we can hold off on all of them until FEMA can afford them all.”

Janzen said he’s seen counties end up with nothing and figured some reimbursements were better than none.

FEMA never said the other applicants on the list would never get funding, just that they couldn’t cover the entire list this round.

Janzen said FEMA allocated $110,000 for 55 safe room reimbursements as they reimburse 75 % of the safe room cost, up to $2,000.

...

http://www.emergencymgmt.com/disaster/FEMA-funding-55-storm-shelters.html

(TNS) – NYPD Commissioner William Bratton appealed to Silicon Valley Monday, urging the manufacturers of encryption software to help law enforcement agencies monitor terrorist activity by allowing them intercept capabilities.

Speaking on MSNBC's "Morning Joe" the dark technology that law enforcement suspects was used to plan the attacks on Paris, Bratton said tracking terrorists with technology is becoming more and more difficult because of end-to-end encryption.

Bratton said groups like the Islamic State are adept at going dark -- or communicating plans via encrypted messages that cannot be monitored.

"They need to work with us right now," Bratton said of the manufacturers of such software. "In many respects, they are working against us."

...

http://www.emergencymgmt.com/safety/NYPD-Commissioner-Calls-for-Assistance.html

Tuesday, 17 November 2015 00:00

No Cure for the Hurricane

LAS VEGAS — As keynote speaker at the International Association of Emergency Managers conference, Rick Knabb, director of the National Hurricane Center, compared the uncertainty of medical science to the science of predicting hurricanes.

In his keynote, Nov. 16 at the Paris Hotel in Las Vegas, Knabb relayed a story of trying to find out the sex of his unborn child. Knabb and his wife had visited a technician who went through all the necessary steps and announced that the couple was going to have a girl. Three months later and very close to the end of the pregnancy, the same technician said, “Congratulations on your baby boy.”

Knabb compared that kind of medical science with hurricane prediction, even as the hurricane is upon us.

...

http://www.emergencymgmt.com/disaster/No-Cure-for-the-Hurricane.html

Amazon subsidiary Vadata has successfully negotiated a $2.7 million tax-break deal with local officials for a data center the company plans to build at the Warrenton Training Center in Virginia, a classified US federal government communications complex that serves the likes of CIA, NSA, and the Department of Defense. Local news outlet Fauquier Now reported on the tax deal.

Vadata does data center projects on the online retail and cloud infrastructure services giant’s behalf. It’s common for web-scale data center operators like Amazon to use subsidiaries to build data centers for them in attempts to obscure their connection to the projects, which sometimes represent hundreds of millions of dollars in investment.

An Amazon spokesperson confirmed to us earlier that Vadata was a wholly owned Amazon subsidiary.

The US federal government is a major customer of cloud services, and its use of these services will only grow as agencies continue to outsource more and more of their IT infrastructure needs in efforts to cut cost.

...

http://www.datacenterknowledge.com/archives/2015/11/16/amazon-plans-virginia-data-center-to-serve-federal-clients/

Last week, Comcast (CMCSA) reset passwords for 200,000 accounts after a list of 590,000 accounts was offered for sale on the Dark Web.

As a result, Comcast tops this week's list of IT security newsmakers to watch, along with TalkTalk, the North Carolina Department of Health and Human Services (DHHS) and the Cherry Picker point-of-sale (POS) malware.

What can managed service providers (MSPs) and their customers learn from these IT security newsmakers? Check out this week's edition of IT security stories to watch to find out:

...

http://mspmentor.net/managed-security-services/it-security-stories-watch-comcast-passwords-leaked

Tuesday, 17 November 2015 00:00

Private Cloud Increases Business Velocity

The world is experiencing a digital transformation as everything – customers and technology alike – are becoming connected; which has made technology pervasive in all of our lives.   The tools we use have been on a fast innovative pace which has made us all tech-savvy individuals.  If you doubt this, just watch a 6 year-old with an iPad.

We have all become accustomed to a user experience that empowers us to receive information, products or services immediately.   The problem is, once we enter the business world, the user experience changes dramatically.

Does business need to transform?   Yes!  It needs to change the pace at which it delivers services both within and externally as well as address customer expectations for a self-service order experience.   From what I am hearing during customer conversations, the good news is that businesses are acknowledging that changes are required.

...

http://blogs.cisco.com/datacenter/private-cloud-increases-business-velocity

(TNS) — The Paris attacks are proof of the need for strong law enforcement surveillance, said NYPD Commissioner William Bratton and Rep. Peter King Sunday as New Yorkers of all stripes continued to grapple with the terrorist strikes.

At St. Patrick's Cathedral in Manhattan, the Rev. Monsignor Robert Ritchie mourned the "apocalyptic" attacks. At area sports venues, fans saw a stepped up law enforcement presence. And in Nassau and Suffolk counties, police said they have received no threats but will monitor events closely.

In separate television interviews Sunday morning, Bratton and King each said the Friday night attacks are a reminder of the importance of monitoring potential terror suspects.

...

http://www.emergencymgmt.com/safety/Paris-Attacks-Spur-Calls-for-Heightened-Security.html

Tuesday, 17 November 2015 00:00

5 Ways Big Data Is Changing Shipping

When we think about shipping, it is normally big, rusty shipping containers, dockyards and stormy seas. It is not considered to be a high tech industry by most, but the reality is that much like many other industries at the moment, it is having a data revolution.

There are several ways that it is doing this, we have taken a look at the top 5.

Structural Integrity And Predictive Repairs

Cargo ships spend the majority of the year at sea and this means that they take a beating on a daily basis. Despite being huge industrial machines, they still require considerable maintenance.

...

https://channels.theinnovationenterprise.com/articles/5-ways-big-data-is-changing-shipping

Massachusetts is tackling a major campaign in civic tech. It’s what the state’s IT department, MassIT, calls GovNext — a program that opens the door for civic innovation projects, and institutionalizes entrepreneurial prototyping and experimentation. The initiative works to deliver high-quality, modern technology to the public.

Massachusetts Deputy CIO Karthik Viswanathan said GovNext was envisioned to be a proving ground for a number of apps and citizen-centric inventions in the coming months. The move is prompted by a realization that constituents require simple, quick and efficient public services.

GovNext will not only affect Massachusetts state agencies, but also municipalities and their citizens. To accomplish this ambitious feat, the program has structured itself into three types of projects:

...

http://www.govtech.com/state/GovNext-Massachusetts-Tests-Statewide-Innovations-Through-Short-Term-Projects.html

WASHINGTON — The U.S. Department of Homeland Security’s Federal Emergency Management Agency (FEMA), in cooperation with state, local, and tribal emergency managers and state broadcasters’ associations, will conduct a test of the Emergency Alert System (EAS) on Tuesday, November 17, 2015 in six states at 1:20 p.m. PST. 

FEMA will send the voluntary EAS test message signal through its Integrated Public Alert and Warning System (IPAWS) from the exhibit floor of the International Association of Emergency Managers (IAEM) meeting in Las Vegas, Nevada.  Broadcasters are voluntarily participating in the test from Arizona, New Mexico, Utah, Nevada, Wisconsin, and Minnesota.  The EAS test is scheduled to last approximately one minute.

The message will be the same as typical EAS test messages, with the word “national” added to the message: “This is a national test of the Emergency Alert System. This is only a test.” The test is designed to have limited impact on the public. There is no Federal Commissions Commission regulatory liability for stations that choose not to participate. The EAS test might also be seen and heard in bordering states participating in the test, including California, Oregon, Idaho, Texas, Wyoming, Colorado, Oklahoma, North Dakota, South Dakota, Iowa, Illinois, and Michigan.

The test will assess the operational readiness of FEMA’s IPAWS infrastructure that will distribute a national-level EAS test message to radio, television and cable operations from origination to reception by the public. In 2007, FEMA began modernizing the nation’s public alert and warning system by integrating new technologies into existing alert systems.  IPAWS connects public safety officials, such as emergency managers, police and fire departments to multiple communications channels to send alerts to the public when a disaster or other imminent danger occurs. 

More information on the Public Alert and Warning System and Wireless Emergency Alerts (WEA) is available at www.fema.gov/ipaws or www.ready.gov/alerts.

###

FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Follow FEMA online at www.fema.gov/blog, www.twitter.com/fema, www.facebook.com/fema and www.youtube.com/fema.  Also, follow Administrator Craig Fugate's activities at www.twitter.com/craigatfema.

The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.

Tuesday, 17 November 2015 00:00

State Governments Failing in Cybersecurity

Cybersecurity has been a challenge for the federal government. There have been serious breaches in multiple government agencies, and Congress has struggled to address cybersecurity on legal terms. Even what it has been able to pass has been wrought with criticism and contention.

But what about states? Are governors and state legislators doing any better about addressing cybersecurity?

According to a new study released by the Pell Center for International Relations and Public Policy at Salve Regina University, the answer is no. States lack strong cybersecurity, leaving them vulnerable to attacks and unable to address potential threats. The report explained:

...

http://www.itbusinessedge.com/blogs/data-security/state-governments-failing-in-cybersecurity.html

Tuesday, 17 November 2015 00:00

Research Accelerates on Fast Battery Charging

Battery charging is perhaps the most annoying fact of mobile life. Various approaches to wireless charging, which will somewhat alleviate the problem, are available. They haven’t exploded in popularity. Perhaps habits, even unpleasant ones, die hard.

Another area of research is speeding recharging. Huawei, according to InformationWeek, demonstrated technology at the Battery Symposium in Japan that can charge batteries 10 times faster than today’s approaches. The explanation is a bit complicated:

Specifically, Huawei claims it "bonded heteroatoms to the molecule of graphite in anode, which could be a catalyst for the capture and transmission of lithium through carbon bonds. The heteroatoms increase the charging speed of batteries without decreasing energy density or battery life."

...

http://www.itbusinessedge.com/blogs/data-and-telecom/research-accelerates-on-fast-battery-charging.html

Two recently published ISO standards will help organizations responsible for public warning at the local, national or international level to put in place a structured emergency response informing a targeted risk population.

ISO 22322:2015, Societal security – Emergency management – Guidelines for public warning, provides guidelines for developing, managing and implementing public warning before, during and after incidents occur.

The purpose of an alert is to attract the attention of people in a developing emergency situation by stimulating the auditory, visual and tactile senses so that they will take appropriate safety actions and seek additional information.

The warning dissemination function should ensure that the alert gains maximum attention, taking into consideration the characteristics and conditions of the people at risk, including the requirements of vulnerable groups. ISO 22322 gives advice on aspects of public warnings, for example helping to select a warning channel such as TV, radio, telephone, newspapers or loudspeakers to disseminate the information.

ISO 22324:2015, Societal security – Emergency management – Guidelines for colour-coded alerts, provides guidelines for the use of colour codes to inform people at risk, as well as first-response personnel, about danger and to express the severity of a situation.

Colour-coded alerts are used to notify people of status changes on a safety or danger continuum and help them take appropriate actions. ISO 22324 will lead to a better understanding of colour-coded alerts by reducing confusion and prompting more appropriate responses in an emergency situation.

ISO 22324 describes various colours and how they should be used. For example:

  • Red is associated with danger and should be used to notify people at risk to take appropriate safety actions immediately
  • Yellow is associated with caution and should be used to notify people at risk to prepare to take appropriate safety actions
  • Green is associated with a safe status and should be used to notify people at risk that no action is required.

In addition, black, purple, blue and grey may be used to provide additional messages, such as fatal danger, supplementary information, or when no information is available. For example, meteorological services use coloured maps as early warning systems when announcing a storm and apprizing the population of the level of danger.

The standards can be bought from your national ISO member or through the ISO Store.

Tuesday, 17 November 2015 00:00

Many UK businesses are unprepared for downtime

According to new research only 34 percent of UK businesses could recover in a few minutes if a disaster was to occur. With three quarters (75 percent) of UK IT professionals surveyed predicting threats to their business downtime will increase in 2016, it is worrying that two thirds (66 percent) of businesses are not able to recover more quickly, says Quorum, the company that conducted the research. Business downtime is costly and can also impact an organization’s reputation especially for customer facing organizations such as those in the retail and legal sector.

With respondents citing cyber attacks and human error as the two biggest threats to business as usual, it is clear that organizations are well aware of the risks. Yet over a third (37 percent) of all UK businesses do not test their disaster recovery plans.

Overall the research, which was conducted during October 2015 and had 117 respondents, highlighted that businesses are aware of the risks but they are still not prepared in the event of a disaster.

www.quorum.net

FINRA, the US Financial Industry Regulatory Authority, has filed a rule with the Securities and Exchange Commission to enable it to require firms to participate in FINRA’s business continuity and disaster recovery testing.

The requirement is contained in FINRA’s Rule 4380, which has been recently adopted in response to the demands of Regulation SCI (Regulation Systems Compliance and Integrity). FINRA’s Regulation SCI business continuity and disaster recovery testing will be conducted once per year. Under Rule 4380, FINRA will designate member firms for mandatory participation.

Regulation SCI requires SCI entities, including FINRA, to test the operation of backup plans, at least once every 12 months and to coordinate the testing of backup plans on an industry- or sector-wide basis with other SCI entities. FINRA believes, based on preliminary discussions among SCI entities, that the yearly business continuity and disaster recovery testing will probably take the place of the current industry test facilitated by the Securities Industry and Financial Markets Association (SIFMA) each October.

More details (PDF).

Tuesday, 17 November 2015 00:00

Data Science Skills To Boost Your Salary

Data scientist may be the hottest job title in the IT and overall technology space right now. The number of data scientists has doubled in the last four years, according to a recent study of LinkedIn profiles performed by cloud analytics firm RJMetrics. Career site Glassdoor recently ranked data scientist as No. 1 on a list of top jobs that offer the best work-life balance. (You can see the rest of the list here.)  

Sponsor video, mouseover for sound
 

On Oct. 20, Glassdoor reported that it had 1,315 listings for data scientist job openings. According to Glassdoor, data scientists can expect a salary of about $115,000.

So, if you are considering adding data science or analytics skills to your resume, you may find your value in the IT jobs market increase. If you are thinking about making a full career switch, you will be joining a small but fast-growing profession.

...

http://www.informationweek.com/big-data/big-data-analytics/data-science-skills-to-boost-your-salary/d/d-id/1323116

Monday, 16 November 2015 00:00

7 factors to be aware of when moving offices

One scenario that any office manager will inevitably dread is the logistical nightmare that is moving to new premises. Whether you’re a booming business that’s outgrowing its existing space, or you’re looking to move into more economical digs, making sure the big day goes smoothly is just as stressful for a business as it is in your personal life.

This is something I’m well aware of at the moment, as we at Kroll Ontrack are moving ourselves this weekend. And in between packing up boxes and sorting out issues such as moving our communications and utilities, it’s got me thinking about another critical – yet often overlooked – factor that needs to be considered when moving offices. Namely, how can you be sure your digital data is secure throughout the process?

...

http://blog.krollontrack.co.uk/top-tips/7-factors-to-be-aware-of-when-moving-offices/

Monday, 16 November 2015 00:00

IoT and Insurers of Things

There’s a lot of buzz around the Internet of Things (IoT), not least with latest forecasts from Gartner suggesting that 20.8 billion connected things will be in use worldwide by 2020.

Already the estimated number of connected things in 2016—6.4 billion, according to Gartner—is a 30 percent increase on 2015. In fact 5.5 million new things will get connected every day in 2016, Gartner predicts.

A press release notes:

Aside from connected cars, consumer uses will continue to account for the greatest number of connected things, while enterprise will account for the largest spending.”


...

http://www.iii.org/insuranceindustryblog/?p=4220

Monday, 16 November 2015 00:00

Making the Most of DCIM

It seems something of a misnomer that Data Center Infrastructure Management (DCIM) platforms are gaining in stature while the vast majority of enterprises are supposed to be de-emphasizing local resources in favor of the cloud.

But the trend is clear: Run-of-the-mill enterprises are turning to every means necessary to reduce costs and improve efficiencies within their on-premises infrastructure while large cloud providers and hyperscale organizations have no choice but to balance workloads against resource consumption or watch their business models collapse under the weight and complexity of their own IT operations.

The challenge going forward is not to simply deploy DCIM, says International Data Corp. in a new report, but to weigh the various DCIM platforms against emerging goals and technology developments. Not all DCIM solutions are the same; in fact, few of them are. Some focus largely on asset management and connectivity while others gear toward critical infrastructure and facilities control. Some are software-only while others introduce a mix of hosted services. Weighing the pros and cons will require a clear assessment of the nature of current infrastructure (is it converged, distributed or both?), as well as internal skillsets, plus future requirements in terms of scale, integration and automation.

...

http://www.itbusinessedge.com/blogs/infrastructure/making-the-most-of-dcim.html

Monday, 16 November 2015 00:00

VMware Survey: Mobilization a Hit

VMware polled almost 1,200 insiders and found that companies with mobile IT programs enjoyed a return on investment (ROI) of almost 150 percent, according to Datamation. The findings were good across the board: The respondents see mobilized employees as more effective, and mobility makes new revenue streams easier to find and heightens the ability to “connect with and satisfy customers.”

A downbeat finding was that only 20 percent of companies have moved a core business process to a mobile model. During the next year, however, 63 percent plan to do so. Part of the process will be upgrading infrastructure (77 percent said they plan to do so), adding customer-facing apps (70 percent), and rebuilding crucial apps for mobile employees (69 percent).

ARM Works to Secure the IoT

Good news and bad news from ARM, which is including its TrustZone security in the microcontrollers that are used on the Internet of Things (IoT).

...

http://www.itbusinessedge.com/blogs/data-and-telecom/vmware-survey-mobilization-a-hit.html

Monday, 16 November 2015 00:00

Rochester Gets Help for Woeful Winter

(TNS) - The snow has yet to fly this season, but the federal government is sending a pre-winter gift to the City of Rochester.

The Federal Emergency Management Agency has approved emergency aid for the snowstorm that occurred Jan. 26-28, according to a press release from the city manager. Federal aid totals $140,666.

According to Rochester Fire Department's Chief Norm Sanborn Jr., the amount equals the full amount for what the city put in for reimbursement and includes some items he did not think the city could be reimbursed for, such as snow removal from rooftops of public buildings. Sanborn had originally estimated in April that the city spent $122,000 on snow removal for the January storm.

Sanborn said the biggest portion of the aid would go to Department of Public Works expenditures, including snow removal from roofs, snow plowing, sanding and salting and department labor costs and overtime hours. The city also had to maintain 65 miles of roads, municipal parking lots, schools and sidewalks, according to the press release.

...

http://www.emergencymgmt.com/disaster/City-gets-help-for-woeful-winter.html

As terror attacks put France into a national state of emergency on Friday, AirBnB, Facebook, Google, Skype, Twitter and Uber launched into disaster response mode.

AirBnB contacted all hosts in Paris asking if they could take in those stranded in the city. Facebook let users alert their friends they were safe. Google offered free calls to Paris via Hangouts, as did Skype, Verizon and Sprint. Uber turned off surge pricing in the city for the weekend, despite initial reports to the contrary. Twitter helped people find a place to stay with the hashtag #PorteOuverte and kept the rest of the world informed.

The tech companies did what many businesses did during a time of emergency: They lent a helping hand. But Friday’s events show how the industry is uniquely positioned to do so more quickly and adroitly due to the nature of their services.

...

http://techcrunch.com/2015/11/15/paris-attacks-highlight-techs-elevated-role-in-disaster-relief/

IBM continued with its Datapalooza roadshow, Oracle released a new version of its BI software with enhanced visualization capabilities, and Informatica rolled out its Big Data Management platform. All that and more in our Big Data Roundup for the week of Nov. 15.

Big data is expected to make a big impact in healthcare and personalized medicine. But where are the real projects in this field and what progress is being made?

This week, InformationWeek took a deeper look at big data projects for personalized medicine. Plus, we have news on Google open sourcing its machine learning library, TensorFlow. And we've also got news from Informatica, IBM, Oracle, and more.

Let's start with our collection of big data personalized medicine projects. This week, InformationWeek pulled together some of the top personalized medicine projects utilizing big data. IT and big data are helping drug trials search for better treatments for conditions from arthritis to cancer. Take a look at these ground-breaking projects here.

...

http://www.informationweek.com/big-data/big-data-analytics/ibm-datapalooza-oracle-updates-bi-platform-big-data-roundup-/d/d-id/1323150

Legal and compliance issues keep today’s corporate executives up at night. Indeed, the concern that “regulatory changes and heightened regulatory scrutiny may affect the manner in which our products or services will be produced or delivered” was the No. 1 risk cited by a 2015 survey of 275 board members and executives by global consulting firm Proviti and the Poole College of Management at North Carolina State University.

Many of those evolving legal and compliance issues are swirling around the marketing space, where brands are blazing new paths, consumers and competitors alike are wielding new legal power, and regulators are working hard to keep pace with rapidly changing technologies and processes.

Here are six regulatory and legal risks that CMOs must understand and mitigate today.

...

http://www.cmo.com/articles/2015/10/12/six-legal-and-regulatory-risks-cmos-cant-afford-to-ignore.html

The market for cloud computing continues to defy all expectations. 

Even as the startup craze starts to cool in Silicon Valley, Amazon, Microsoft, and Google all reported bang-up earnings last quarter, not least because of their big bets on the cloud. 

What exactly are these companies selling? Who's buying it? And why is one company that wasn't even in enterprise technology a decade ago — Amazon — beating the pants off everyone else?

...

http://www.businessinsider.com/why-amazon-is-so-hard-to-topple-in-the-cloud-and-where-everybody-else-falls-2015-10

The survey is based on the responses of 364 senior-level executives working in ethics, compliance, audit, risk management or corporate governance, at companies with median annual revenue in the range between $1 billion and $5 billion.

With regard to the chief compliance officer’s (CCO) authority, defined in the survey as the ability to work with executives at the highest level of the organization, 57% of therespondents say their CCO reports directly to either the CEO or the board. This number has fluctuated over time (from as low as the mid-40s), but is now clearly rising. Fifty-one percent say the CCO has a seat on the executive management committee, and 59% say the CCO job is a stand-alone position. Fifty-five percent note the CCO regularly briefs the board on the company’s overall ethics and culture.

“Taken together, the statistics presented in the survey suggest that most CCOs, especially those at larger corporations, have an opportunity to participate in high-level discussions about corporate strategy, values and culture,” says Nicole Sandford, a Deloitte Advisory partner in Deloitte & Touche LLP, and national practice leader of enterprise compliance.

...

http://www.topdrawer.co.za/recruitment-blog/2015/11/13/ccos-concerned-about-compliance-it-systems-survey

Monday, 16 November 2015 00:00

A Roadmap to Disruption

I discussed Uberization at length in a recent article. But this is just a model of disruption, among many others. To be complete, I should at least also speak about teslaization which I believe to be more dangerous for many companies, and their relation to by-the-book disruption. These are the three states of disruption that will shape the future of your company, whether you’ll be a disruptor, or a disruptee.

This quick and dirty roadmap to disruption is not intended to give with a full-fledged mapping of all disruption categories. Uberization and teslaization are interesting in the way they are polarizing risk taken by the disruptors. It’s about a low tech / higher market risk, or the opposite. Eventually, my goal here is only to share with you how to analyze risks, both as a threat and as an opportunity.

...

http://www.merkapt.com/entrepreneuriat/a-roadmap-to-disruption-11658

Over the last 2 years, on like-for-like data center deals with the same provider and renewals without growth, we’ve frequently seen price cuts of 8%-25% depending on location and buyer leverage.  Zahl Limbuwala, recently stirred the pot in his Open Letter to Data Center Investors. To sum it up very briefly, he sees deep structural problems for anyone looking to invest in the data center industry. Problems that he believes many owners and investors are complacent or in denial about. The concerns he highlights are myriad: facilities that are outdated long before depreciating; lower competitiveness with emerging cloud options; easier migration and reduced lock-in; and the unlikeliness of becoming a supplier to the cloud.

The reaction I got on polling the numerous visionaries within and outside of RampRate is mixed.

...

http://ramprate.com/data-center-industry-crisis-now/

For many years, the peace of mind that came with a robust business continuity and disaster recovery (BC/DR) strategy was reserved for only large enterprises that could afford to stand up and maintain a backup site.

Thanks to the cloud, that's no longer the case. By eliminating the need for a secondary data center, the cloud makes disaster recovery viable for small and medium-sized businesses (SMBs) and, as a result, disaster recovery as a service (DRaaS) becomes a viable business option for solution providers.

"The cloud makes BC/DR viable for customers who in the past couldn't afford it," said Jason Buffington, senior analyst, Enterprise Strategy Group. "SMBs have always understood that they depend on their data as much as enterprises do. The difference is they never thought the kinds of approaches for DR that enterprises use could ever be viable for them."

...

http://searchcloudprovider.techtarget.com/feature/DR-as-a-service-an-emerging-SMB-market-for-the-channel

Datacenter operators have adopted a range of novel approaches to reducing energy consumption while boosting a key industry metric: power usage effectiveness, or PUE. These approaches range from building datacenters above the Arctic Circle to eliminating the need for cooling through the use of water misters for evaporative cooling.

As datacenter PUE ratings hit a wall, more radical designs are being consider and, significantly, attracting venture funding. The latest design approach from a startup called Nautilus Data Technologies is a floating datacenter. Google (NASDAQ: GOOG) initially proposed the concept, which it tried to patent in 2007. Nautilus, Pleasanton, Calif., said this week it is building the first commercial “data barge” based on a prototype moored off the Mare Island Naval Complex north of San Francisco.

The first commercial “waterborne” datacenter is currently under construction at the naval shipyard and deployment at a “secure port” is scheduled for next year. (Nautilus CEO Arnold Magcale is a former member of the U.S. Navy Special Forces.)

...

http://www.enterprisetech.com/2015/11/13/startup-floats-first-commercial-data-barge/

Monday, 16 November 2015 00:00

Why Do You Need A Data-Driven Culture?

A report released last year by the Aberdeen Group, ‘The Executive’s Guide to Effective Analytics,’ revealed that data-driven organizations experience a 27% year-on-year increase in revenue, compared to 7% for other organizations. Furthermore, 83% saw their process cycle times improve, whereas just 39% of organizations that weren’t classified as data driven bettered their's, and 12% cut their operating expenses from the prior year, compared to 1% of other organizations.

We are in an age in which all processes are driven by technology, and companies are consuming and generating data at accelerating rates and exponentially increasing quantities. If they are not leveraging this data for actionable insights, they are losing their competitive edge to a firm that is using it. In order to truly see the benefits though, it is not simply a case of buying a bit of software that will churn out insights, or even hiring in people with the requisite skills to make sense of it, it takes a whole shift in company culture. It needs the whole organization - every team and every individual - to be taking it into consideration at all times, for everybody to be collecting it, looking for insights, and using it in their decision making processes.

By focusing on fact-based insights, the number of arguments within teams and among different C-suite executives are decreased, and there is less of a reliance on ‘gut instinct’ - the fairly nebulous concept that traditionally drove both decisions and disagreements. A study by MIT Sloan Management Review and SAS ‘The Analytics Mandate’ concluded that an ‘analytics culture’ is the driving factor in achieving competitive advantage from data. David Kiron, executive editor for MIT Sloan Management Review, noted of the study’s discoveries that: ’We found that in companies with a strong analytics culture, decision-making norms include the use of analytics, even if the results challenge views held by senior management. This differentiates those companies from others, where often management experience overrides insights from data.’

...

https://channels.theinnovationenterprise.com/articles/why-do-you-need-a-data-driven-culture

Monday, 16 November 2015 00:00

Managing risks when publishing open data

A question that I frequently encounter when talking to organisations about publishing open data is: “what if someone misuses or misunderstands our data?“.

These concerns stem from several different sources:

  • that the data might be analysed incorrectly, drawing incorrect conclusions that might be attributed to the publisher
  • that the data has known limitations and this might reflect on the publisher’s abilities, e.g. exposing issues with their operations
  • that the data might be used against the publisher in some way, e.g. to paint them in a bad light
  • that the data might be used for causes with which the publisher does not want to be aligned
  • that the data might harm the business activities of the publisher, e.g. by allowing someone to replicate a service or product

All of these are understandable and reasonable concerns. And the truth is that when publishing open data you are giving up a great deal of control over your data.

...

http://blog.ldodds.com/2015/11/15/managing-risks-when-publishing-open-data/

The downside of having a thriving cloud services business is the enormous amount of money a company needs to spend on data center infrastructure to support it. And the faster it grows, the more money it needs to spend.

Every quarter, cloud giants Amazon, Microsoft, IBM, and Google collectively spend billions of dollars on servers and other hardware for their cloud services and data centers around the world to house all that gear, and the quarter that ended September 30 was no different.

It’s difficult to distill the exact amounts companies spend on data centers. They are not required to disclose those numbers and usually lump them in with other capital expenditures. Cloud service providers do, however, consistently say that data center spend represents the biggest portion of their capital expenditures.

...

http://www.datacenterknowledge.com/archives/2015/10/23/billions-data-center-spending-behind-cloud-revenue-growth/

Big data is providing supplier networks with greater data accuracy, clarity, and insights, leading to more contextual intelligence shared across supply chains.

Forward-thinking manufacturers are orchestrating 80% or more of their supplier network activity outside their four walls, using big data and cloud-based technologies to get beyond the constraints of legacy enterprise resource planning (ERP) and supply chain management (SCM) systems. For manufacturers whose business models are based on rapid product lifecycles and speed, legacy ERP systems are a bottleneck.  Designed for delivering order, shipment and transactional data, these systems aren’t capable of scaling to meet the challenges supply chains face today.

Choosing to compete on accuracy, speed and quality forces supplier networks to get to a level of contextual intelligence not possible with legacy ERP and SCM systems. While many companies today haven’t yet adopted big data into their supply chain operations, these ten factors taken together will be the catalyst that get many moving on their journey.

...

http://www.cloudcomputing-news.net/news/2015/sep/07/10-ways-big-data-is-revolutionizing-supply-chain-management/

A few websites catering to analytics and data science professionals have experienced tremendous growth recently. Organizations such as INFORMS or AMSTAT have seen their traffic explode, targeting high school students to join the ranks of data scientists. Niche publishers providing high quality, actionable content - and run by true data scientists rather than journalists - have also seen spectacular growth.

Figure 1: Number of monthly visitors for one of our channels

By data science, I mean all disciplines focused on optimizing value through data analysis. It includes operations research, machine learning, data engineering, biostatistics, data mining, business analytics, predictive modeling, data plumbing, statistics and many more. For a full list, check the following articles

...

http://www.datasciencecentral.com/profiles/blogs/the-growth-of-data-science-in-the-last-two-years

Monday, 16 November 2015 00:00

Calling All CIOs: Time to Rethink Branch IT

Branch offices, remote sites, retail locations and manufacturing sites may have fewer employees and a smaller physical footprint than corporate headquarters, but from an IT perspective, they are no less complex to manage; not to mention they are the revenue-generating front lines of business today. The ubiquity of cloud computing and SaaS-based services and applications has not—and will not—eliminate the need to keep certain critical business systems and information on premises.

As companies increasingly embrace this hybrid enterprise model, branches end up subsisting on decentralized, ad hoc and rigid infrastructure. These legacy approaches to enterprise infrastructure are costly and complex to manage, limit IT’s ability to actively and expeditiously respond to the business’s ever-changing needs, increase exposure to security breaches and data loss, and make it difficult to recover from unplanned outages. The solution may seem radically counterintuitive: Eliminate traditional server, storage and backup systems at each branch office. Instead rethink branch IT and create a “zero-branch IT” model comprising a hyperconverged infrastructure that dynamically projects apps and data from the central data center, dramatically reducing corporate risk without compromising performance at remote locations—regardless of distance from the data center.

CIOs are under increasing pressure to support business objectives that are all too often presented with little consideration for the IT challenges involved. In fact, they also usually face the all-too-standard order to “do more with less” and “get it done by Monday,” which means they must find ways to keep costs down while supporting increasingly complex and far-flung IT systems and applications.

...

http://www.datacenterjournal.com/calling-cios-time-rethink-branch/

Hewlett Packard Enterprise (HPE) is launching a slew of updates and new products related to containers at Docker’s developer conference in Barcelona today. Together, all of these amount to a big bet on containers on HPE’s part.

“We view containers as a disruptive technology,” HPE’s acting VP in charge of the company’s incubator partners and strategic alliances Tana Rosenblatt told me. “Not that containers are a new technology, but it’s relevant as enterprises look to a hybrid environment. We view the partnership with Docker — which we are formalizing — as a very important one because we like their approach, we like what they have to offer. Our strategy is: embrace and extend. We have a lot of IP that we have developed around dev and ops and the bridging of the two. And we believe that combined with Docker, this makes it even more of a value proposition for our enterprise customers.”

In practice, this means the new HP Helion Development Platform 2.0, HPE’s Platform-as-a-Service offering for hybrid clouds which is also launching today, now supports Docker out of the box. Developers and IT operators will now be able to use the service to deploy microservices packed as Docker containers, for example.

...

http://techcrunch.com/2015/11/16/hewlett-packard-enterprise-places-a-big-bet-on-containers/

Security, cloud services and systems consolidation took the top three spots in the annual National Association of State Chief Information Officers (NASCIO) survey of state CIOs’ key priorities for the coming year.

According to NASCIO officials, the yearly nationwide survey didn’t offer any major surprises, but it did highlight some of the larger trends and concerns for technology leaders in the public sector.

Darryl Ackley, NASCIO president and CIO of New Mexico, told Government Technology that the outcomes of the State CIO Priorities for 2016survey followed fairly closely with industry trends and the common issues facing government IT professionals.

...

http://www.govtech.com/state/Security-Cloud-Top-State-CIO-Priorities-in-2016.html

(TNS) - In the wake of an inmate escape, Armstrong County officials plan to give residents a first look and listen at its new public emergency alert system on Monday.

County officials and representatives from the Armstrong County 911 Center plan to demonstrate how the $28,000 system will work.

In order to receive an alert, residents must register with the county.

The notifications can come on their cellular and landline telephones, and through email and social media blasts.

...

http://www.emergencymgmt.com/safety/Emergency-Alert-System-to-Debut-in-Armstrong.html

(TNS) - The Federal Emergency Management Agency is urging South Carolina residents affected by the flooding in October to apply for federal disaster aid before the Dec. 4 deadline.

“At this point, we want to focus on making sure people are registered and making sure people get the funds they are eligible for,” said Carl Henderson, a FEMA spokesman.

More than 82,000 people have registered with FEMA, and the agency has dispersed about $59.3 million in individual housing assistance, Henderson said.

Henderson said FEMA has made decisions on about 96 percent of the more than 65,000 housing inspections conducted so far. He said residents should not be discouraged by letters denying FEMA aid.

...

http://www.emergencymgmt.com/disaster/-FEMA-Urging-Flood-Survivors-to-Apply-for-Disaster-Aid-Before-Deadline.html

(TNS) - The S.C. Department of Health and Environmental Control wants to bolster its beleaguered dam safety program with more money and more staff following floods last month that reignited concerns about the program’s effectiveness.

In its budget request for next year, DHEC is asking to roughly double the size of its dam safety staff as part of an overall program increase of $595,000.

If approved, the dam safety program would be as large, if not larger, than it has been during the past 20 years. The proposal includes hiring six full-time engineers and an environmental health manager, spokeswoman Jennifer Read said in an email. She said the agency now has 6.75 dam safety employees.

...

http://www.emergencymgmt.com/safety/DHEC-wants-to-beef-up-dam-safety-program-in-wake-of-October-floods.html

(TNS) - Communication broke down at all levels during a Halloween storm that flooded one MAX train and took more than a dozen trains out of commission, an internal Tri-County Metropolitan Transportation (TriMet) review concluded.

Managers and train controllers didn't know enough about the condition train operators were seeing in the field, and their orders on the day of the storm conflicted with the agencies own policies.

"It's not just the rules and procedures," said Bob Nelson, TriMet's deputy general manager. "It's how they're communicated during changing conditions."

...

http://www.emergencymgmt.com/disaster/Flooded-MAX-trains-the-result-of-communication-breakdown-TriMet-says.html

Friday, 13 November 2015 00:00

The Big Role of Physical Backup Appliances

By Jim Whelan and Christine Taylor, The Taneja Group

Virtual backup appliances (VBAs) are an instance of backup software running in a virtual machine on a general purpose server. VBAs are flexible and effective, and they are usually simple to deploy. Having said that, physical backup appliances (PBAs) have distinct advantages in several areas.

PBAs consist of a self-contained, tuned hardware platform which has everything you need to perform backups and recovery already installed on it, including compute, storage and software, making it a plug-and play-solution. Capacities generally range from under 10 TB to larger appliances offering more than 200 TB, making them attractive to customers ranging from SMBs all of the way up to the enterprise.

...

http://www.enterprisestorageforum.com/backup-recovery/the-big-role-of-physical-backup-appliances-1.html

Individuals or groups can be nominated until January 8, 2016


As part of President Obama's Climate Action Plan and the National Fish, Wildlife & Plants Climate Adaptation Strategy, an interagency group of federal, state, and tribal agencies today announced creation of a new Climate Adaptation Leadership Award for Natural Resources.

The Award will recognize the actions of individuals and organizations that are making a difference by increasing understanding of climate impacts, adapting to and reducing threats, increasing response capabilities, and providing other innovative approaches to reducing impacts and increasing resilience in a changing climate. It will help spotlight innovative tools and actions that are making a difference now, and serve as a source of inspiration for additional efforts that advance climate smart resource conservation and management.

"Our climate is changing, and these changes are already affecting the nation's valuable wildlife and natural resources," said Michael Bean, Principal Deputy Assistant Secretary of the Interior for Fish and Wildlife and Parks. "This new Award recognizes outstanding leadership by organizations and individuals that is critical to help advance the resilience of our natural resources and the people, communities, and economies that depend on them."

Volunteers help plant native salt marsh grass as part of a 30 acre restoration of Beaver Dam Creek on Great South Bay, Long Island, New York. (Credit NOAA).

Volunteers help plant native salt marsh grass as part of a 30 acre restoration of Beaver Dam Creek on Great South Bay, Long Island, New York. (Credit NOAA)

Establishment of the Climate Adaptation Leadership Award for Natural Resources was one of the commitments announced as part of the Administration's Priority Agenda for Enhancing the Climate Resilience of America's Natural Resources in 2014.The agenda calls for a commitment across the federal government to support resilience of America's vital natural resources.

The Award also directly addresses the goals of the National Fish, Wildlife, and Plants Climate Adaptation Strategy, which was developed by a coalition of federal, state, and tribal natural resource agencies. These include:

  • Goal 1: Conserve and connect species, habitats and ecosystems;
  • Goal 2: Manage species and habitats to protect ecosystem functions and provide sustainable use;
  • Goal 3: Enhance management capacity;
  • Goal 4: Support adaptive management;
  • Goal 5: Increase knowledge and information on natural resource impacts and responses to climate change;
  • Goal 6: Increase awareness and motivate action to safeguard natural resources; and
  • Goal 7: Reduce non-climate stressors to natural resources.

"State fish and wildlife agencies serve as stewards of the nation's fish and wildlife resources," said Dave Chanda, President of the Association of Fish and Wildlife Agencies, which is helping to lead implementation of the National Fish, Wildlife, and Plants Climate Adaptation Strategy. "Today's threats to fish, wildlife, and their habitats are exacerbated by climate change and underscore the need for incorporating climate adaptation in to conservation and science-based management." Nominations will be accepted until January 8, 2016. Individuals, groups, organizations and government agencies are eligible to apply. Three to five Awards are expected to be announced in 2016.

Fish, wildlife, and plant resources provide important benefits and services to Americans every day, including jobs, income, food, clean water and air, building materials, storm protection, tourism and recreation. For example, hunting, fishing and other wildlife-related recreation contribute an estimated $120 billion to our nation's economy every year, and marine ecosystems sustain a U.S. seafood industry that supports approximately 1.7 million jobs and $200 billion in economic activity annually.

Award sponsors include the U.S. Department of the Interior, U.S. Fish & Wildlife Service, the Commerce Department's National Oceanic and Atmospheric Administration, the Natural Resources Conservation Service and the U.S. Forest Service. They will sponsor the award in collaboration with the National Fish, Wildlife, and Plants Climate Adaptation Strategy's Joint Implementation Working Group, which is composed of representatives from 21 federal, state and tribal natural resource agencies.

For more information about the Award or how to apply, please visit the Climate Adaptation Leadership Award main page.

Logo banner.

NOAA’s mission is to understand and predict changes in the Earth's environment, from the depths of the ocean to the surface of the sun, and to conserve and manage our coastal and marine resources. Join us on FacebookTwitter, Instagram and our other social media channels.

You probably have an image in mind when you think about Godzilla versus The Blob.

Better yet, you’re probably wondering what these iconic monsters have in common with winter weather. Well, we’re not talking about your typical 1950’s monster classics.

Two major climate anomalies are taking place at the same time this year: “Godzilla” and “The Blob”. Those are the names given to two Pacific Ocean surface temperature patterns that are expected to converge later this year and into 2016 (there's also a "Son of Blob, but we'll save that for the sequel). The showdown between the two is expected to result in a more prolonged El Niño season causing even more unpredictable, potentially severe weather for the United States.

 Some experts are predicting that the concurrent timing of Godzilla and The Blob could deliver the U.S. the harshest El Niño weather event in history. The last major El Niño event was in 1997, when it was, according to some experts, a contributor to severe weather that cost billions in damages and a number of deaths. This year’s El Niño is expected to be one of the strongest in over 60 years. The “battle” between the two weather monsters can cause major implications for every region of the United States.

...

http://blog.sendwordnow.com/godzilla-versus-the-blob-how-this-dynamic-duo-will-impact-winter-weather-in-2016

Friday, 13 November 2015 00:00

A Tale of Design Lessons Learned

Transforming an acquired technology into a fully integrated product.

In 2014, Citrix acquired a company called ScaleXtreme, as part of our expansion into the world of enterprise SaaS solutions. ScaleXtreme was a powerful tool for automating delivery and management of IT services, and my design team was asked to redesign it to fit in with our existing products.

CLM

At the same time, we had to find a way to integrate the new product into an entirely new platform – Citrix Workspace Cloud — that was still being developed.

This was a multi-dimensional challenge — one that many companies have to deal with. Success is far from guaranteed and there are many potential pitfalls. It helps to have a clear strategy, early customer input, and most importantly teams who all work together to find the right solution.

...

https://www.citrix.com/blogs/2015/11/12/a-tale-of-design-lessons-learned/

Cutter Fellow Bob Charette has been blogging over at IEEE Risk Factor for the past decade, looking at the myriad ways software projects fail. To mark that 10-year milestone, he set out to analyze what’s changed — and what hasn’t — in the area of systems development- and operations-related failures.

Bob doesn’t claim to have compiled a comprehensive “database of debacles” in Lessons From a Decade of IT Failures. Instead, he’s endeavored to bring together the “most interesting and illustrative examples of big IT systems and projects gone awry.” Be sure to spend some time with his colleague Josh Romero’s five super cool interactive visualizations of the data where you’ll:

...

http://blog.cutter.com/2015/11/12/charette-a-decade-of-it-failures/

A couple of recent studies show that companies continue to struggle with endpoint security. This has to be a serious concern as more employees are connecting to the corporate network through multiple devices.

Let’s look at these different studies. First, last week, MeriTalk and Palo Alto Networks released the Endpoint Epidemic report, which looks at endpoint security within federal government. Government agencies are failing badly when it comes to endpoint security: 44 percent of endpoints are either unknown or unprotected, and little is being done by up to half of the agencies to do anything about it, as SC Magazine pointed out:

Just over half of federal IT managers (54 percent) responded that their current policies and standards are very effective, practical or enforceable. Further, less than half said their agency's endpoint security policies and standards are very well integrated into their overall IT security strategy. And, half said their agency isn't taking key steps to validate users and apps.

...

http://www.itbusinessedge.com/blogs/data-security/it-knows-endpoint-security-a-problem-little-being-done.html

The peak of our current El Niño is expected to occur in the next month or so… but what does that mean? We measure El Niño events by how much warmer the surface waters in a specific region of the equatorial Pacific are, compared to their long-term average. The difference from average is known as the “anomaly,” and we use the average anomaly in the Niño3.4 region as our primary index for El Niño. When the index in this region is at its highest, we have our peak El Niño.

SST anomalies Oct 2015

Average sea surface temperature departure from the 1981-2010 average over the four weeks ending on November 7. Graphic by climate.gov, data from NCEP-NCAR reanalysis.

However, El Niño-related impacts have been occurring around the globe for months already, and will continue for several months after the warmest temperatures occur in the tropical Pacific Ocean. For example, during the 1997-98 El Niño, the Niño3.4 Index peaked at 2.33°C in November (using ERSSTv4 data, the official dataset for measuring El Niño), and the most substantial U.S. effects occurred through the early spring of 1998. A bit later in this post, we’ll take a look at what’s been going on so far this year.

First, a quick update on the recent El Niño indicators

The average anomaly in the Niño3.4 region during August-October of this year was 1.7°C, second to the same period in 1997 (1).

SST ranking 2015

Ranking of August-October average sea surface temperature departures from the mean for all El Niño episodes since 1950. This measurement, the Oceanic Niño Index, uses ERSSTv4 data. Figure by climate.gov, data from CPC.

The atmospheric response to the warmer waters is going strong. The Walker Circulation (tropical near-surface winds blowing from east to west, and upper-level winds blowing from west to east) is substantially weakened, as we expect during a strong El Niño.

winds October 2015 tropical Pacific

Top: Recent departure from the 30-year average near-surface winds. Purple shading area indicates where the normally easterly (blowing from east to west) winds are weaker than normal. Bottom: Recent departure from the 30-year average upper-level winds in the tropical Pacific region. Purple shading area indicates where the normally westerly (blowing from west to east) winds are weaker than normal. Maps by climate.gov, data from NCEP-NCAR reanalysis.

In case you’re unimpressed by a 2°C (3.6°F) change, let’s do a little math. The area covered by the Niño3.4 region is a little more than 6 million square kilometers (2.4 million square miles). One cubic meter of water weighs 1,000 kg. So the top two meters (6.6 feet) of the Niño3.4 region contains about 12 quadrillion kilograms (about 13.6 trillion tons) of water.

The energy required to raise one kilogram of water one degree Celsius (the “specific heat”) is 4.19 kilojoules. A 2°C increase in just the top two meters of the Niño3.4 region adds up to an extra 100 quadrillion kilojoules (95 quadrillion BTUs), about equal to the annual energy consumption of the U.S.!

Who’s feeling the effects?

In the U.S., the season of strongest El Niño impacts is December through March. While we’re waiting to see what the strong 2015-16 El Niño brings us, we’ll look around a few other corners of the world to see what’s happened so far.

El Niño has substantial impacts in two regions of Africa. I checked in with the Climate Prediction Center’s International Desk to see what’s been going on. In East Africa, including Ethiopia, Somalia, Kenya, Tanzania, Uganda, Burundi, and Rwanda, the primary impact season is October–December, when El Niño tends to enhance the ”short rains” rainy season (the “long rains” season, which is much less ENSO-sensitive, is March-May), leading to wetter conditions. Over the last month, rain has begun to increase across much of the area, and some flooding has been seen in Somalia. Short-term forecasts suggest the wetter conditions should continue through the next few weeks, at least.

October 2015 rainfall in Africa

Monthly precipitation departure from the long-term average during October 2015. Map by climate.gov, data from the CPC ARC2

Southern Africa, including Zimbabwe, Botswana, Namibia, Angola, South Africa, Lesotho, Swaziland, and the southern half of Mozambique, tends to see a drier December–February during an El Niño. Areas of this region, especially South Africa, are very dry right now, after a failed monsoon last year. Another dry year would place more stress on water availability. You can check out recent rainfall conditions in Africa here, and see climate model forecasts for the continent here.

In a couple of short sentences, here are some huge impacts: El Niño-related dry conditions in Indonesia have set the stage for devastating fires, and the region is experiencing the greatest number of forest fires since 1997. Also, all the extra warm waters associated with this El Niño are placing heat stress on sea life, and an intense coral bleaching event is underway.

El Niños tend to enhance the hurricane season in the Pacific, and depress the Atlantic hurricane season. Phil Klotzbach of Colorado State University had this to say about the wild Pacific hurricane season: “So far this year, there have been a total of 21 Category 4 and 5 storms in the North Pacific, shattering the old record of 17, set in 1997.  The North Central Pacific region (140-180W) has shattered records for most named storms, hurricanes, and major hurricanes tracking through the 140-180W region.”

According to Lindsey Long of the Climate Prediction Center, the Atlantic season has been fairly quiet, although the number of named storms has been close to average, at 11 storms so far (including Kate, which formed on Monday). The average is about 12… but the overall activity of this storm season (the combined strength and duration of all storms, measured as the Accumulated Cyclone Energy (ACE) has been less than 60% of average, and we’ve had 3 hurricanes, half the average number of 6.

We won’t know until next spring what exact impact this El Niño will have on the U.S., but it is already making its presence felt around the world.


(1) Note that CPC subtracts past 30-year “normals” from the current sea surface value to obtain the Nino-3.4 anomaly values, and the “normals” are updated every five years. Therefore, the long-term trends are removed.  These monthly values are averaged together to obtain our Oceanic Niño Index [ONI].

Mark Armour and David Lindstedt recently proposed Continuity 2.0, a manifesto detailing how current approaches to business continuity planning might evolve. In this article Mark looks at how Continuity 2.0 might be applied in practice.

The following example is by no means definitive. Remember that the Continuity 2.0 principles are not about order of execution. The three steps suggested here provide just one example of how the principles could be applied in a fairly concise execution. So, without further ado: a practical approach to Continuity 2.0 in three easy steps.

...

http://www.continuitycentral.com/index.php/news/business-continuity-news/666-executing-continuity-2-0-in-three-easy-steps

(TNS) - A violent rampage at UC Merced and threats of gunplay at Fresno State earlier this month are prompting universities to reassess the resources and policies in place to ensure safety and security on their campuses, and a school security training is being planned in Angels Camp.

Rural Domestic Preparedness Consortium will be delivering a Department of Homeland Security-certified course in crisis management for school-based incidents in an all-day training Dec. 21 at Bret Harte High School in Angels Camp. The course is free for first responders and school administrators with registration by Dec. 7.

At UC Merced, a student stabbed four people with a hunting knife Nov. 4 before being shot and killed by campus police. Two days earlier, a social media post attributed to a California State University, Fresno, student threatened that a shooting would take place that afternoon. Investigators made an arrest within hours.

...

http://www.emergencymgmt.com/safety/Merced-Fresno-Calif-incidents-shine-light-on-campus-violence-security.html

Friday, 13 November 2015 00:00

Cybersecurity: A Millisecond Defense

When it comes to recent cybersecurity talks, the prevalent theme seemed to be, “We know we need to do something, but what?”

The recurring questions are: Where do we start, and how fast do we need to react to stop cyberattacks? What's become quite clear is that if we are to secure our digital world, we need to do it with technologies that run as fast as the networks and applications in which they operate — in milliseconds.

Repeated time and again in recent discussions is the need for proactive defensive measures in cybersecurity — and how quickly they must react to stop today's hacker. Even the language in the new cybersecurity bill seems to fall short of true cybersecurity protection, as it is more based on the sharing of information to assist in the detection and recovery of a cyberattack rather than a proactive cybersecurity solution that would stop the attack.

And this leads to a few important questions: Is there a big disconnect between the public and the private sectors when it comes to what cybersecurity is suppose to achieve? If so, what is that disconnect, and how can we move forward?

...

http://www.emergencymgmt.com/safety/A-Milisecond-Defense.html

I recently saw a T-shirt that said, “Data is the new bacon.” And it certainly seems that way — everyone is hungry to find, acquire and consume data, and the market is answering the call.

In the past few months, we have seen the White House launch a new Smart Cities Initiative and host a forum on citizen science and crowdsourcing. General Electric started rebranding itself as a digital company helping cities become more intelligent. My own organization, Johns Hopkins University’s Center for Government Excellence, through our partnership with Bloomberg Philanthropies’ What Works Cities program, is helping 100 mid-size cities accelerate their use of data and evidence to improve people’s lives.

...

http://www.govtech.com/opinion/4-Simple-Steps-to-Get-Government-Leaders-on-the-Data-Diet.html

A growing number of businesses are looking to protect themselves against the risk of data breaches and other security problems by purchasing specialist insurance, a new study has shown.

Research conducted by Veracode and the New York Stock Exchange revealed that the majority of public companies in the US have some form of cyber security insurance, Dark Reading reports.

Of these, 91 per cent of policies include protection for business interruption and data recovery expenses. Meanwhile, 54 per cent have coverage that can reimburse them for fees such as PCI fines, breach notifications and extortion, while 35 per cent of respondents say they want protection against software coding and human errors that lead to data loss.

Chris Wysopal, co-founder and chief technology officer at Veracode, said such precautions are becoming the norm in an environment where costs for rebuilding after an incident are growing. He noted that as interest in this area grows, it will be up to the cyber insurance industry to define standards and best practices for what firms can expect to be covered.

“I was surprised that 35 per cent already are [seeking] insurance for coding and human errors,” he said. “That number will increase when there’s standardisation around what that means.”

The research also found that nine out of ten executives agree that regulators should hold companies responsible for breaches if they have failed to secure their data adequately.

However, many respondents also agreed that third parties should also bear their share of responsibility in the event of a security incident. Some 90 per cent of companies say software vendors should be held liable for vulnerabilities found in their software, and 65 per cent have either already or are planning to include liability clauses in their contracts with their software suppliers.

More than half of executives at public companies expect their shareholders will demand more transparency surrounding cyber security in the coming years, with Mr Wysopal noting that boards are increasingly concerned about the brand damage that can result from a breach.

When looking for data recovery services, look for one with a track record of success. Ontrack Data Recovery services has 40,000 data recovery stories to tell every year.

From:: http://www.krollontrack.co.uk/company/press-room/data-recovery-news/more-firms-looking-to-insure-against-data-loss,-survey-finds377.aspx

A new Carbonite (CARB) survey of 500 consumers revealed roughly 50 percent of respondents do not understand the difference between data storage and backup.

The survey also showed the majority of respondents leave their personal data unprotected, despite the fact that they place a "significant value" on this information.

...

http://mspmentor.net/backup-and-disaster-recovery/are-consumers-confused-about-data-storage-and-backup

When the developed world’s economies ground to a halt during the Great Recession of 2009, large, Western-based multinational companies turned their growth-hungry eyes toward developing markets. The slow recovery that followed the recession in the U.S. and Europe did little to change this trend. In fact, according to the United Nations Conference on Trade and Development (UNCTAD), foreign direct investment in emerging markets reached a new high in 2013 of $759 billion (the most recent year for which data is available). This represented more than half the world’s estimated $1.46 trillion total outward investment flows for that year. Given this intense interest in doing business in emerging markets, FTI Consulting, a global professional services firm, conducted a survey in November and December 2014 on the character of the risks businesses face in these markets and how they attempt to mitigate them.

FTI surveyed 150 companies with revenues of more than $1 billion and business interests in developing economies, as well as interviews with 32 executives focused on compliance and risk management from those companies. Our results indicated an enormous difference between leaders (defined as companies whose self-reported losses as a percentage of revenues was in the lowest quartile, averaging 0.2%) and laggards (those in the highest quartile, with a loss rate averaging 2.2% of revenues), not only in the ways they managed overseas risk, but how they thought about it.

...

http://www.riskmanagementmonitor.com/emerging-market-risk-leaders-laggards-and-rules-for-avoiding-loss/

(TNS) - Glynn County Finance Committee members were all business Tuesday at the Harold Pate Building in dismissing a plan to privatize the county’s emergency medical services as a cost-saving measure.

But the proceedings were a little more dramatic for James Owenby, a Glynn County paramedic who witnessed the proceedings while bottle-feeding his toddler daughter Isabella. Owenby has been nervous about his future since May, when the Glynn County Commission first instructed county manager Alan Ours to study the prospects of contracting EMS service to a private company.

In the end, Ours determined that any potential cost savings the measure might attain would be offset by the drop in the level of both fire and EMS service to the county.

...

http://www.emergencymgmt.com/disaster/County-paramedics-breathe-sigh-of-relief-as-privatization-plan-fizzles.html

(TNS) - Wisconsin lawmakers have introduced new rail safety legislation after a weekend during which two trains derailed about 200 miles apart in the state, spilling oil and chemicals.

Rep. Jill Billings, D-La Crosse, announced Tuesday that she is circulating a bill that would fund more state rail inspectors and training for first responders while requiring railroads to submit emergency prevention and response plans detailing how they would handle incidents like the derailment of a BNSF freight train Saturday morning that spilled up to 20,000 gallons of ethanol in Mississippi River backwaters near Alma.

“Derailments are becoming all too common,” Billings said while standing with about two dozen local rail safety advocates in front of BNSF tracks that were recently upgraded through the city of La Crosse to eliminate a bottleneck in the railroad’s network.

...

http://www.emergencymgmt.com/safety/Wisconsin-lawmakers-introduce-rail-safety-bill-in-wake-of-two-derailments.html

Thursday, 12 November 2015 00:00

Dell Refreshes Entry-Level Server Lineup

Dell today refreshed its line of 1u servers with an eye toward making it simpler for small organizations to preserve investments in servers as they shift from relatively simple tower servers to investing in a rack.

Based on the latest Intel Xeon E3-1200 v5 processors, Dell has added four offerings to its line of entry-level PowerEdge servers that can all be configured with DDR4 memory, which Brian Payne, executive director for Dell Server Solutions, notes is now available in enough volume to include in entry-level servers.

Also included in those Dell PowerEdge 13G Wave 4 Server offerings is a Dell PowerEdge T330 rackable tower server that comes with four DDR4 memory slots and up to eight 3.5-inch hard drives. Payne says IT organizations have the option to deploy the Dell PowerEdge T330 as a tower that can then be turned on its side to be installed later on in a rack.

...

http://www.itbusinessedge.com/blogs/it-unmasked/dell-refreshes-entry-level-server-lineup.html

Big Data and the Internet of Things are the two major disruptors in enterprise circles these days. Organizations need to ramp up infrastructure quickly in order to leverage the value that is locked away in massive data stores, but it needs to be done in a way that supports rapid, even real-time, results without crushing the IT budget.

This is why many enterprises are turning to the cloud: The infrastructure is already there, it’s cheap, and it is usually more state-of-the art than what is available in the on-premises data center. But with data points, cloud providers, local infrastructure and other elements distributed across wide geographic areas, how realistic is it to expect actionable data in time to take advantage of rapidly changing circumstances on the ground?

Real-time performance, of course, requires careful coordination up and down the stack, and this is a particular problem in the cloud given the variety of platforms that exist within most deployments. This is why vendors as diverse as Intel and SAP are working together on end-to-end solutions that deliver near-real-time performance at the least. The companies have integrated the Intel IoT Gateway with SAP SQL Anywhere to enable seamless data ingestion and transfer across SAP HANA deployments residing on distributed architectures. In this way, the enterprise gains a pre-integrated hardware/software solution that provides scale for security, connectivity and other functions, as well as data sync and unified management across SaaS, remote and mobile environments.

...

http://www.itbusinessedge.com/blogs/infrastructure/fostering-real-time-performance-across-cloud-big-data-and-mobile-infrastructure.html

When an IT server goes down because its hard disk crashes, the effect is noticeable immediately. People go to their “panic stations” (or rather, their designated disaster recovery roles!) to contain and repair the damage, so that there is no lasting, significant impact on the organisation. This kind of event is sudden and unpredictable, even if it can be taken into account in disaster recovery planning. Good DR management, however, also looks at longer-term measures to reduce probabilities and impacts over time, as well as tackling day-to-day requirements.

...

http://www.opscentre.com.au/blog/extending-to-long-range-disaster-recovery-planning/

Researchers from the University of North Carolina at Chapel Hill have discovered a new bat SARS-like virus that can jump directly from its bat hosts to humans without mutation. However, researchers point out that if the SARS-like virus did jump, it is still unclear whether it could spread from human to human.

The discovery, reported in the Nov. 9 issue of Nature Medicine, is notable not only because there is no treatment for this newly discovered virus, but also because it highlights an ongoing debate over the US government's decision to suspend all gain of function experiments on a variety of select agents earlier this year. The move has put a substantial standstill on the development of vaccines or treatments for these pathogens should there be an outbreak.

...

http://www.continuitycentral.com/index.php/news/business-continuity-news/662-new-sars-like-virus-being-studied-for-pandemic-potential

In this article David Meyer examines the significant benefits but increasing risk of a shadow IT culture. He explains what an organization as a whole can do to gain control over this trend…

Shadow IT is a very real issue facing businesses of all sizes today; it encompasses every aspect of a business.  This includes day-to-day processes that employees use to complete tasks, right through to the management of IT systems. Gartner expects that by 2016, 35 percent of enterprise IT expenditure will go on shadow IT resources. While organizations are aware of the trend, they often don’t appreciate the scale of it.

With the vast volume and variety of applications that are working their way into the IT ecosystem, businesses and their IT departments are overwhelmed. Cloud applications have become so easily accessible (all workers need is a credit card) that the IT department is often ignorant of their existence. In fact, as little as 8 percent of both small and large IT companies can say they have a good understanding of the number of unmanaged cloud apps used internally by their organization. More apps expose more data, and the IT department struggles to remain compliant. Although the desire to control applications is not going to disappear any time soon, it shouldn’t restrict the innovation that shadow IT presents to organizations willing to embrace it.

...

http://www.continuitycentral.com/index.php/news/technology/658-how-do-organizations-manage-shadow-it-risks-without-stifling-innovation

I made the investment of time and money to come to London this week for the BCI World Conference. I have to admit that I surprised myself with this as my 2013 visit was not truely valuable.

However today has almost made the whole trip worthwhile – and there is still the Gala Dinner and tomorrow to go!

The day started with a great keynote by Baroness Eliza Manningham-Buller, former head of Britain’s MI5 from 2002-2007. Her presentation offered useful insights into leading in difficult circumstances. Some great ideas about honesty when you don’t know something, praising and thanking people and not taking everything too seriously. What a great idea if we could make BC fun at times!

...

http://blog.vrg.net.au/conferences/a-great-day-of-ideas-and-engagement/

SACRAMENTO, Calif. – The deadline is Nov. 23, 2015, to register with the Federal Emergency Management Agency for disaster assistance and to apply to the U.S. Small Business Administration for low-interest, long term disaster loans.

FEMA’s Disaster Recovery Centers in Calaveras and Lake counties will maintain normal operating hours on Veterans Day, Wednesday, Nov. 11. At the centers, disaster survivors can register for FEMA disaster assistance, apply for an SBA loan, and discuss recovery issues with representatives of various organizations and agencies. DRC hours are 8 a.m. to 6 p.m. weekdays and 9 a.m. to 4 p.m. Saturdays. DRC locations can be found at FEMA.gov/DRC.

Even if you think you were fully insured against the devastating wildfires, it is important to register with FEMA and also submit an initial SBA online loan application by the Nov. 23 deadline just in case your insurance later turns out to be inadequate.

Once registered with FEMA, an application for assistance can remain open for up to a year from the declaration date – until Sept. 23, 2016 – pending final resolution of insurance coverage.

Survivors also can finalize a preliminary SBA loan application after the Nov. 23 deadline, as long as the initial application has been submitted by that date.

So far, 3,598 individuals and households have contacted FEMA for assistance and information: 1,092 in Calaveras County and 2,506 in Lake County.

More than $10.4 million has been authorized to date by FEMA for individuals and households. That amount includes nearly $6.9 million for Housing Assistance and more than $3.5 million for Other Needs Assistance, such as replacement of damaged or destroyed medical equipment, clothing, essential furnishings, appliances and even an automobile.

To date, 2,763 damaged or destroyed homes, 99 percent of the total, have been examined by FEMA’s inspection services.

The SBA has approved more than $12.8 million in disaster loans to businesses, private nonprofits, homeowners and renters. That includes $11.5 million to homeowners and renters and $1.3 million to businesses and private nonprofits for both physical damages and Economic Injury Disaster Loans.

Small businesses and most private nonprofit organizations have until June 22, 2016, to apply for Economic Injury Disaster Loans only.

FEMA refers most survivors to the SBA for long term disaster recovery loans. Those applicants should complete an SBA loan application, even if they feel they cannot afford or do not want a loan. SBA disaster loans are part of the federal assistance process. Accepting an SBA loan is not required, but submitting that application may trigger additional grant assistance through FEMA’s Other Needs Assistance program, which is administered by the state of California.

Survivors can apply for FEMA assistance online at DisasterAssistance.gov or by calling 800-621-3362; TTY 800-462-7585711 or Video Relay Service (VRS), call 800-621-3362. Registration continues through Saturday, Nov. 23.

A direct telephone hotline is operational to process any requests from survivors who may need additional assistance: 916-381-0330, for TTY, call 711.

For more information on California’s wildfire recovery, visit: caloes.ca.gov or fema.gov/disaster/4240 and follow us on Twitter @femaregion9 and at facebook.com/FEMA.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). If you have a speech disability or hearing loss and use a TTY, call 800-462-7585 directly; if you use 711 or Video Relay Service (VRS), call 800-621-3362.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who are referred to SBA for a disaster loan must apply to be eligible for additional FEMA assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

The SBA is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. SBA helps businesses of all sizes, private non-profit organizations, homeowners and renters fund repairs or rebuilding efforts and cover the cost of replacing lost or disaster-damaged personal property. These disaster loans cover losses not fully compensated by insurance or other recoveries and do not duplicate benefits of other agencies or organizations. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing disastercustomerservice@sba.gov, or visiting SBA’s website at www.sba.gov/disaster. Deaf and hard-of-hearing individuals may call 800-877-8339.

A new study published today identifies a set of features common to all ocean ecosystems that provide a visual diagnosis of the health of the underwater environment coastal communities rely on. Together, the features detail cumulative effects of threats — such as overfishing, pollution, and invasive species — so responders can act quickly to increase ocean resilience and sustainability.

“Until now, we’ve had to look at the condition of different species and habitats individually. Having an easy-to-adopt approach that gives us a good idea of what is happening to the ecosystem as a whole — not just a piece of it — and anywhere on the planet, is a giant leap forward in managing marine ecosystems,” said Richard Merrick, Ph.D., NOAA Fisheries director of scientific programs and chief science advisor. “It’s similar to giving a doctor the ability to look at a person’s whole body and treat an illness, not just its symptoms.”

Scientists incorporate satellite imagery, fishery surveys, and landings data — among other things — to produce a visual image of the patterns in the food chain of the ecosystem. These patterns show when there is a problem. Scientists can also use the data in reverse to see how an ecosystem is recovering after a threat is reduced.

“For example, this discovery gives us an easier way to understand how an ecosystem is recovering after an oil spill,” said Jason Link, lead author of the study and NOAA Fisheries senior scientist for ecosystem management. “The information will be especially useful as climate change and ocean acidification continue to alter our environment in unpredictable ways.”

The study is published in Trends in Ecology and Evolution. Although a NOAA Fisheries scientist is the lead author, this study is a collaborative effort by a team of researchers representing institutions in six different countries. For more on ecosystem-based fisheries management, please visit the NOAA Fisheries website on this topic

NOAA’s mission is to understand and predict changes in the Earth's environment, from the depths of the ocean to the surface of the sun, and to conserve and manage our coastal and marine resources. Join us on FacebookTwitterInstagram and our other social media channels.

Wednesday, 11 November 2015 00:00

BCI: Driving blindfold into disaster

Driving blindfold into disaster

Nearly one in ten organizations are not aware of who their key suppliers are, leaving them open to severe disruption as they are unable to manage their supply chain effectively. That is according to a report published today by the Business Continuity Institute and supported by Zurich Insurance Group.

The Supply Chain Resilience Report highlighted that seven in ten organizations admit to not having visibility over their full supply chain, and as the survey also revealed that half of disruptions occur below the preliminary tier 1 supplier of goods, this makes it extremely difficult to establish where an organization lies within its suppliers’ priorities.

This could have major consequences when it comes to managing the supply chain and ensuring that disruptions are minimised, which is particularly important given that the report also found that 74% of organizations had suffered at least one disruption during the previous twelve months and that 14% had suffered cumulative losses of at least €1 million as a result.

Other findings of the report include:

  • Unplanned IT and telecommunications outage (64%), cyber attack and data breach (54%) and adverse weather (50%) are the top three causes of supply chain disruption. New entries to the top ten are: product quality incident (8th), business ethics incident (9th) and lack of credit (10th).
  • The top five consequences of disruption are loss of productivity (58%), customer complaints (40%), increased cost of working (39%), loss of revenue (38%) and impaired service outcomes (36%).
  • One third (33%) of respondents report high top management commitment to supply chain resilience, increasing from 29% last year.
  • About 7 out of 10 respondents (68%) report having business continuity arrangements in place to deal with supply chain disruptions.

Patrick Alcantara DBCI, Senior Research Associate at the BCI and author of the report, commented: “Recent incidents have shown us how supply chain disruptions can negatively impact an organization’s bottom line, reputation and resilience. This year’s Supply Chain Resilience Report demonstrates how good practice can mitigate the worst effects of these disruptions. With findings consistently showing top management commitment as a key enabler of supply chain resilience, we encourage business leaders to take a closer look at their supply chains and champion good practice across their organizations.

Nick Wildgoose, Global Supply Chain Product Leader at Zurich Insurance Group, commented: “Through our work with customers in this area, we have found that increasing visibility along supply chains and resilience are major sources of competitive advantage. Top management leadership is the key to overcoming silo thinking about supply chains within an organisation.

Now into its seventh year, the annual Supply Chain Resilience Report represents a long-standing working partnership between the BCI, Zurich Insurance Group and CIPS (Chartered Institute of Purchasing and Supply). It is now an influential and go-to industry resource that tracks the origins, causes and consequences of supply chain disruption across industry sectors and regions worldwide, as well as the overall evolution of risk. For example, the report has highlighted the greater risk of multi-tier exposure as well as simple direct supply chain exposure.

Likewise, Zurich’s involvement has helped reinforce the emergence of threats beyond just the physical to the less tangible risks, such as cyber risk. The report continues to benchmark business continuity arrangements in one place - including the uptake of insurance - in different organizations and is one of the most comprehensive, practitioner-led studies in the field. The BCI, Zurich Insurance Group, and CIPS involvement in previous surveys has and will continue to provide organisations with the much-needed critical insights and valuable information to support the development of appropriate strategic responses and approaches to mitigate the impact and consequences of disruptions within their supply chains.

(TNS) - The Federal Emergency Management Agency is encouraging Californians to buy flood insurance before El Niño hits, even if they live in low- to moderate-risk areas where it’s not required by lenders.

“If there was ever a time to buy flood insurance, this is the time,” Roy Wright, FEMA’s deputy associate administrator for insurance and mitigation, said at a press conference last month.

FEMA is hardly unbiased, since it runs the National Flood Insurance Program, which sells to property owners and renters through insurance agents. “If more people buy flood insurance, it gets cheaper for people in the high-risk areas,” said Matthew Nielsen, a senior director with risk modeling firm RMS.

National flood insurance takes effect 30 days after it is purchased, with only a few exceptions.

...

http://www.emergencymgmt.com/disaster/If-you-dont-have-to-buy-flood-insurance-should-you.html

(TNS) - South Carolina’s tourism industry lost roughly $35 million because of last month’s historic flooding, the head of the state’s tourism agency told a panel of state senators Monday.

That will result in a loss of roughly $4 million in state and local tax revenue, S.C. Parks Recreation and Tourism director Duane Parrish told senators, tasked with determining how to pay for flood damage.

The tourism loss was due to hotel cancellations along the coast, Parrish said. Hotels in West Columbia and Lexington fared well during the flooding as out-of-town officials, responding to the flooding, stayed at hotels in those areas.

...

http://www.emergencymgmt.com/disaster/Tourism-industry-lost-roughly-35-million-to-flood.html

(TNS) - As rain and snow fell near Shingletown, in Northern California, dozens of hardy souls bundled up in warm clothing Monday morning for a field tour with fire prevention and fire management on their minds.

Nearly 40 people, including Shasta County Supervisor Les Baugh, gathered for the tour showcasing the importance of constructing and maintaining fuel breaks.

“You’re really not getting anywhere if they are not maintained,” said John Dobson, a landscape specialist for the state Department of Transportation. “That’s the key.”

...

http://www.emergencymgmt.com/disaster/Rain-snow-dont-abate-importance-of-fire-fuel-breaks.html

Wednesday, 11 November 2015 00:00

FEMA: Severe Weather Mid-Week: Get Ready Now

CHICAGO – With an ominous Wednesday forecast for most of the central U.S. that includes severe storms, heavy rains, strong winds and the possibility of tornadoes, the U.S. Department of Homeland Security’s Federal Emergency Management Agency (FEMA) Region V encourages everyone to get prepared.

“Even though temperatures are dropping as we approach the winter months, severe storms are still a risk,” said FEMA Region V Administrator Andrew Velasquez III. “Now is the time to make sure your family knows what to do to stay safe, and verify your mobile phone is enabled to receive Wireless Emergency Alerts to warn you of extreme weather and other emergencies in your area.”

Individuals living throughout Illinois and Indiana, southern Wisconsin and western Ohio should follow the instructions of state and local officials and listen to local radio or TV stations for updated emergency information related to this storm system. Purchasing a weather radio for your home is another way to ensure that you receive critical warning information. If a warning is issued, get indoors, and move to the center of an interior room on the lowest level (closet, interior hallway) away from corners, windows, doors, and outside walls.

Find valuable tips to help you prepare for severe storms at http://www.ready.gov/severe-weather and download the free FEMA app, available for your Android, Apple or Blackberry device. Visit the site or download the app today so you have the information you need to prepare for severe weather.

FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Follow FEMA online at twitter.com/femaregion5, www.facebook.com/fema, and www.youtube.com/fema.  Also, follow Administrator Craig Fugate's activities at twitter.com/craigatfema. The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.

Thanks for tuning in to this week’s analyst spotlight podcast with researcher Kelley Mak! Kelley’s research concentrates on threat and vulnerability management, web content security, email security and overall trends in security architecture and operations. Kelley is currently working side by side with Rick Holland on a Forrester Wave on advanced malware analysis solutions. Prior to his role as a researcher, Kelley was a senior research associate on Forrester's Security & Risk team. In that role, he conducted research on network and data security adoption trends, benchmarks, and organizational models. Prior to Forrester, Kelley worked in the Boston College Department of Physics lab studying the electromagnetic properties of metamaterials.

Kelley Mak Image

Kelley earned a B.S. in Physics and Philosophy from Boston College. You can catch him at numerous industry events such as the RSA Conference and Black Hat. Check out the link below to listen to Kelley discuss trends he’s seeing in vulnerability management and some interesting moves by legacy and startup players in the space.

...

http://blogs.forrester.com/stephanie_balaouras/15-11-10-forresters_security_risk_spotlight_kelley_mak_1

Wednesday, 11 November 2015 00:00

FEMA to Evaluate Readiness of Pennsylvania

PHILADELPHIA – The Federal Emergency Management Agency (FEMA) will evaluate a Biennial Emergency Preparedness Exercise at the Limerick Generating Station. The exercise will occur during the week of November 16th, 2015 to assess the ability of the Commonwealth of Pennsylvania to respond to an emergency at the nuclear facility.

“These drills are held every other year to evaluate government’s ability to protect public health and safety,” said MaryAnn Tierney, Regional Administrator for FEMA Region III. “We will assess state and local emergency response capabilities within the 10-mile Emergency Planning Zone as well as the adjacent support jurisdictions within the Commonwealth of Pennsylvania.”

Within 90 days, FEMA will send its evaluation to the Nuclear Regulatory Commission (NRC) for use in licensing decisions. The final report will be available to the public approximately 120 days after the exercise.

FEMA will present preliminary findings of the exercise in a Public Briefing at 11:00 a.m. on November 20th at Courtyard Valley Forge/Collegeville, 600 Campus Drive, Collegeville, PA 19426.  Scheduled speakers include representatives from FEMA, NRC, and the Commonwealth of Pennsylvania.

At the public meeting, FEMA may request that questions or comments be submitted in writing for review and response. Written comments may also be submitted after the meeting by emailing FEMAR3NewsDesk@fema.dhs.gov or by mail to:

MaryAnn Tierney

Regional Administrator

FEMA Region III

615 Chestnut Street, 6th Floor

Philadelphia, PA 19106

FEMA created the Radiological Emergency Preparedness (REP) Program to (1) ensure the health and safety of citizens living around commercial nuclear power plants would be adequately protected in the event of a nuclear power plant accident, and (2) inform and educate the public about radiological emergency preparedness.

REP Program responsibilities cover only “offsite” activities, that is, state and local government emergency planning and preparedness activities that take place beyond the nuclear power plant boundaries. Onsite activities continue to be the responsibility of the NRC.

Additional information on FEMA’s REP Program is available online at FEMA.gov/Radiological-Emergency-Preparedness-Program.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards. FEMA Region III’s jurisdiction includes Delaware, the District of Columbia, Maryland, Pennsylvania, Virginia and West Virginia. Stay informed of FEMA’s activities online: videos and podcasts are available at fema.gov/medialibrary and youtube.com/fema. Follow us on Twitter at twitter.com/femaregion3.

 

In today’s fast-paced world of news aggregators, abstracts and weekly email digests, many of us rarely take the time to read past the headlines. We’ll see the entry, “Cloud IT Infrastructure Will Skyrocket to $54.6 Billion in 2019,” but we miss all of the details that actually create the story and that can make a real impact on our businesses.

I recently moderated a panel discussion at VMworld U.S. with some of the top industry experts in the cloud space as panelists. The insights they shared can be true game-changers for cloud service provider partners. They looked beyond the headlines--and discussed key details including how increasing percentages of enterprise IT spend are being directed at cloud, according to a recent IDC survey on worldwide cloud adoption. They analyzed the evolution of IT roles within an organization and shared the importance of consumers doing their homework.

...

http://mspmentor.net/blog/7-must-read-insights-increasing-your-business-cloud

Enterprise data loads have been growing more diverse for some time. These days, organizations are routinely juggling traditional workflows, mobile and cloud-facing applications, high-speed transactional data, and even a smattering of Big Data-style analytics.

It’s no surprise, then, that the x86 architecture’s hold on enterprise data infrastructure is starting to crack. But while new technologies like the ARM architecture are normally cited as the main challenger to the traditional CPU, the fact is that diverse data requirements are leading to equally diverse chip technologies, ushering in the rather unpleasant specter of multi-processor hardware environment in the not-too-distant future.

A case in point is the graphics processing unit (GPU), which is not only showing prowess outside of its traditional video game and image processing fields but is in fact taking on some of the toughest assignments that the enterprise has to offer. Google recently open sourced its TensorFlow artificial intelligence engine that relies on GPUs for both the learning aspects of the system and for service delivery, says Wired’s Cade Metz. This is significant in that GPUs would naturally lend themselves to the image-related tasks of AI, such as facial recognition, but Google is aiming at greater efficiency on the execution side as well, which is likely to become more complex as data points and client devices become increasingly diverse and distributed.

...

http://www.itbusinessedge.com/blogs/infrastructure/arms-gpus-cpus-the-growing-diversity-of-data-center-chip-architectures.html

SACRAMENTO, Calif. – If Lake and Calaveras County residents receive a letter from the Federal Emergency Management Agency saying they are not eligible for disaster assistance, it is important that they read the letter carefully and then contact FEMA if they have questions or need assistance making an appeal.

The appeal must be postmarked within 60 days of the date on the FEMA letter, not the date received. FEMA will help survivors make an appeal.

Survivors can call 800-621-FEMA (3362) or TTY 800-462-7585. For 711 or video relay service, call 800-621-3362. They can also visit a Disaster Recovery Center (DRC). To locate the nearest center, call FEMA or go online to FEMA.gov/DRC.

A direct telephone hotline is operational to process any requests from survivors who may need additional assistance: 916-381-0330; for TTY, call 711.

The FEMA letter will explain the reason an applicant was determined to be ineligible and what additional information he or she needs to provide or how FEMA’s decision can be appealed.

Some of the reasons for an initial turn down can be easily remedied with more information such as:

  • Calling or writing to FEMA when a final insurance settlement is agreed upon.
  • Providing proof of ownership or residence, especially documents showing the damaged property was the primary residence at the time of the disaster.
  • Returning a completed U.S. Small Business Administration disaster loan application.
  • Signing essential documents.

Survivors can ask for a review of the amount or type of help provided or any other decision about federal disaster assistance if they appeal the agency’s decision within 60 days of the date on the FEMA letter. Many issues can be resolved if applicants follow up with updated information or documentation.

When appealing a decision, applicants should explain in writing why they disagree with a decision along with any new or additional documents supporting the appeal.

Appeal letters should include:

  • Federal disaster declaration number ‘DR-4240-CA’ on all pages of documents.
  • Applicant information, including:
    • Nine-digit FEMA application number on all pages of documents
    • Name
    • Date and place of birth
    • Address of the damaged dwelling
  • Copies of verifiable documentation supporting the appeal. All receipts, bills and estimates must include contact information for the service provider. Applicants should keep all originals for their records.
  • Copy of a driver license or state-issued identification card showing the residence address is the same as the damaged property.
  • If a driver’s license or state-issued identification card is not available, an alternative is to have the appeal letter notarized with the following statement included: “I hereby declare under penalty of perjury that the foregoing is true and correct.”
  • The applicant’s signature.

Mail the appeal letter to:

FEMA
National Processing Service Center
P.O. Box 10055
Hyattsville, MD  20782-7055

Applicants may fax the appeal letter to: 800-827-8112, Attention: FEMA

It is important to have appeal letters postmarked within 60 days of the date on the decision letter. 

Call 800-621-FEMA (3362) or TTY 800-462-7585. For 711 or video relay service, call 800-621-3362. For more information go to FEMA.gov/Help-After-Disaster. Even easier is visiting one of the three FEMA disaster recovery centers (DRC).

All three Disaster Recovery Centers will be open on Veterans Day, Wednesday, Nov. 11, with normal business hours, 8 a.m. to 5 p.m. To locate the nearest DRC, go to FEMA.gov/DRC.

Survivors can apply for FEMA assistance online at DisasterAssistance.gov or by calling 800-621-3362; TTY 800-462-7585711 or Video Relay Service (VRS), call 800-621-3362. Registration continues through Monday, Nov. 23.

For more information on California’s wildfire recovery, visit: caloes.ca.gov or fema.gov/disaster/4240 and follow us on Twitter @femaregion9 and at Facebook.com/FEMA.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). If you have a speech disability or hearing loss and use a TTY, call 800-462-7585 directly; if you use 711 or Video Relay Service (VRS), call 800-621-3362.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who are referred to SBA for a disaster loan must apply to be eligible for additional FEMA assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

Wednesday, 11 November 2015 00:00

The BCI presents its annual Global Awards

The Business Continuity Institute’s Global Awards were presented at a Gala Dinner in London on the 10th November 2015. The Awards recognise the outstanding achievements of business continuity and resilience professionals. 

This year’s winners were:

Continuity and Resilience Consultant 
Chris Needham-Bennett MBCI

Continuity and Resilience Professional (Private Sector) 2015 
Abdulrahman Alonaizan MBCI

Continuity and Resilience Professional (Public Sector) 2015
David Porter AMBCI

Continuity and Resilience Team 
ETS Enterprise Resiliency Department, Educational Testing Service

Continuity and Resilience Provider ( Service/product) 2015
Linus Information Security Solutions – Linus Revive

Continuity and Resilience Innovation
Send Word Now

Most Effective Recovery
AllLife

Continuity and Resilience Newcomer 
Jacqueline Howard AMBCI

Industry Personality
Louise Theunissen FBCI.

More details.

 
Wednesday, 11 November 2015 00:00

Supply Chain Resilience Report published

Nearly one in ten organizations are not aware of who their key suppliers are, leaving them open to severe disruption as they are unable to manage their supply chain effectively. That is according to a new report published by the Business Continuity Institute and supported by Zurich Insurance Group.

The Supply Chain Resilience Report highlighted that seven in ten organizations admit to not having visibility over their full supply chain, and as the survey also revealed that half of disruptions occur below the preliminary tier 1 supplier of goods, this makes it extremely difficult to establish where an organization lies within its suppliers’ priorities.

This could have major consequences when it comes to managing the supply chain and ensuring that disruptions are minimised, which is particularly important given that the report also found that 74 percent of organizations had suffered at least one disruption during the previous twelve months and that 14 percent had suffered cumulative losses of at least €1 million as a result.

Other findings of the report include:

  • Unplanned IT and telecommunications outage (64 percent), cyber attack and data breach (54 percent) and adverse weather (50 percent) are the top three causes of supply chain disruption. New entries to the top ten are: product quality incident (8th), business ethics incident (9th) and lack of credit (10th).
  • The top five impacts of disruption are loss of productivity (58 percent), customer complaints (40 percent), increased cost of working (39 percent), loss of revenue (38 percent) and impaired service outcomes (36 percent).
  • One third (33 percent) of respondents report high top management commitment to supply chain resilience, increasing from 29 percent last year.
  • 68 percent of respondents report having business continuity arrangements in place to deal with supply chain disruptions.

Obtain the report after registration here.

 
The return on investment of business continuity

What is the value of business continuity? Sure if you have a crisis and the world starts collapsing around you then there could be some benefit – having a plan is place would help you work through the worst of the disruption and continue to operate in as normal a way as possible. But what if you don’t have a crisis, what if your business is ticking along just fine, is there any value to business continuity then? Is there a return on investment?

That is the theme for Business Continuity Awareness Week 2016, as selected by those working in the profession when asked for their ideas following BCAW2015.

Perhaps your insurance premiums have been reduced? Maybe you’ve been getting more business coming your way because you’re seen as a reliable customer? Or possibly through all your BC planning you have discovered some inefficiencies within your organisation that could be removed and therefore save you money?

There are many ways that investing in BC can prove to be a good investment, so if you have other suggestions then please do get in touch by emailing Andrew Scott at the Business Continuity Institute Central Office. If you would like to write a blog, host a webinar, publish a paper or support BCAW in any other way then also get in touch. The more resources we have, the more we are able to raise awareness of the importance of BC.

BCAW2016 takes place between the 16th and 20th May 2016.

(TNS) - EDITOR'S NOTE: Subway riders stranded underground. Workers trapped between floors in elevators. Streets packed with honking cars and pedestrians, some panicked, some exhilarated. And illuminating it all, only the light of the November moon.

The Great Northeastern Blackout came at the height of the evening rush hour on Nov. 9, 1965, and plunged tens of millions into darkness across the northeastern U.S. and southern Canada for hours, including New York, Boston and Toronto.

The nation had never seen a power failure of such scope before, and Cold War tensions instantly stoked fears of sabotage. In New York, the nation's communications capital, news organizations including The Associated Press were stymied in finding out what happened and in getting the word out to the public.

It was soon established that problems with the electrical grid caused the blackout, the first large-scale realization of infrastructure worries that would resurface in major blackouts in 1977 and again in 2003.

...

http://www.emergencymgmt.com/disaster/AP-WAS-THERE-50-Years-Ago-Power-Failed-Across-Northeast-United-States.html

(TNS) - There’s no telling if the newest CASA radar would have helped see the tornado that formed Thursday in north Fort Worth — but the extra set of eyes certainly couldn’t have hurt.

If it had been operational last Thursday, North Texas’ sixth CASA, short for Collaborative Adaptive Sensing of the Atmosphere, would have been the closest radar to where the tornado touched down.

“We don’t know if it would have helped, but theoretically it might have allowed us to see something sooner,” said Tom Bradshaw, meteorologist in charge at the National Weather Service Forecast Office in Fort Worth.

...

http://www.emergencymgmt.com/disaster/CASA-radars-provide-a-new-set-of-eyes-on-DFWs-severe-storms.html

When evaluating the top 10 critical success factors that will determine who wins and loses in the Age of the Customer in 2016, it comes as no surprise that privacy is one of them. In fact, privacy considerations and strategy augments all of the 10 critical factors to drive business success in the next 12 months.

 

So, what does this mean for businesses moving forward?

 

In 2016, privacy strategy can no longer merely focus on aligning with compliance requirements. Forward-thinking organizations will take their privacy strategy a step further: they will seize the opportunity to champion privacy to build trusted customer relationships and drive business growth.

...

 

http://blogs.forrester.com/heidi_shey/15-11-09-forrester_predictions_whats_in_store_for_privacy_in_2016

A majority of firms in Latin America (66%) have developed a risk management policy and, of those, 70% make sure that the policy is known throughout the organization. From these numbers, it is clear that risk management and enterprise risk management practices have made significant progress in Latin America, according to a joint survey by Marsh Risk Consulting and RIMS of businesses from 15 countries in the region.

But while risk management programs are in place at a majority of organizations in Latin America, much more can be done. Only 42% of respondents reported that their organization’s boards are involved with risk management. What’s more, just 21% of respondents said their risk management programs are integrated with strategic planning.

...

http://www.riskmanagementmonitor.com/two-thirds-of-latin-american-companies-have-a-risk-management-policy/

As companies increasingly rely on the public cloud as a mainstay of their IT infrastructures, it’s essential not to lose sight of the realities surrounding public cloud adoption. A great deal of work must be done before organizations will have the clarity they need around efficiently managing and maintaining control of those public cloud environments, a new survey has found.

The survey of 1,600 IT professionals worldwide, released last week, was commissioned by ScienceLogic, a hybrid IT monitoring software provider in Reston, Va. While public cloud adoption is expected to continue to grow at a rapid pace, it’s clear that many organizations still aren’t on board. The survey found that:

...

http://www.itbusinessedge.com/blogs/from-under-the-rug/public-cloud-adoption-isnt-all-rainbows-global-survey-finds.html

Tuesday, 10 November 2015 00:00

Is It Time to Ditch the Storage Array?

With all the changes taking place in and around data infrastructure, IT executives are in a quandary as to how to allocate their budgets. Do you lower capital costs by investing more heavily in the cloud? Do you shore up your own data center? And if so, where?

A major conundrum is storage. Bulky disk-based arrays have long been the mainstay of the data center. Indeed, much of the surrounding network and service architectures are designed to take advantage of a discrete, centralized storage pool. But with cloud storage, advanced memory architectures and the movement toward integrated, modular compute/storage appliances, many enterprises are caught between the desire to implement better, faster storage and the need to leverage expensive but still perfectly functional storage systems.

Disk storage in particular is becoming increasingly difficult to justify, says Enterprise Storage Forum’s Drew Robb, since it no longer provides the performance required of modern production environments but isn’t as effective at long-term storage and archiving as tape. Disk shipments, in fact, have been dropping since 2011, and Flash is already starting to eclipse 15k SAS and Fibre Channel solutions. With trends like mobile computing, hyperscale infrastructure and the de-emphasis of the local data center as a primary resource gaining momentum, it seems less likely that disk will contribute to overall data productivity in any significant way in the coming decades.

...

http://www.itbusinessedge.com/blogs/infrastructure/is-it-time-to-ditch-the-storage-array.html

Tuesday, 10 November 2015 00:00

BCI: Driving blindfold into disaster

Driving blindfold into disaster
Ineffective management of supply chains is leaving organizations open to severe disruptions and the high financial costs incurred as a result

CAVERSHAM, UK – Nearly one in ten organizations are not aware of who their key suppliers are, leaving them open to severe disruption as they are unable to manage their supply chain effectively. That is according to a report published today by the Business Continuity Institute and supported by Zurich Insurance Group.

The Supply Chain Resilience Report highlighted that seven in ten organizations admit to not having visibility over their full supply chain, and as the survey also revealed that half of disruptions occur below the preliminary tier 1 supplier of goods, this makes it extremely difficult to establish where an organization lies within its suppliers’ priorities.

This could have major consequences when it comes to managing the supply chain and ensuring that disruptions are minimised, which is particularly important given that the report also found that 74% of organizations had suffered at least one disruption during the previous twelve months and that 14% had suffered cumulative losses of at least €1 million as a result.

Other findings of the report include:

  • Unplanned IT and telecommunications outage (64%), cyber attack and data breach (54%) and adverse weather (50%) are the top three causes of supply chain disruption. New entries to the top ten are: product quality incident (8th), business ethics incident (9th) and lack of credit (10th).
  • The top five consequences of disruption are loss of productivity (58%), customer complaints (40%), increased cost of working (39%), loss of revenue (38%) and impaired service outcomes (36%).
  • One third (33%) of respondents report high top management commitment to supply chain resilience, increasing from 29% last year.
  • About 7 out of 10 respondents (68%) report having business continuity arrangements in place to deal with supply chain disruptions.

Patrick Alcantara DBCI, Senior Research Associate at the BCI and author of the report, commented: “Recent incidents have shown us how supply chain disruptions can negatively impact an organization’s bottom line, reputation and resilience. This year’s Supply Chain Resilience Report demonstrates how good practice can mitigate the worst effects of these disruptions. With findings consistently showing top management commitment as a key enabler of supply chain resilience, we encourage business leaders to take a closer look at their supply chains and champion good practice across their organizations.

Nick Wildgoose, Global Supply Chain Product Leader at Zurich Insurance Group, commented: “Through our work with customers in this area, we have found that increasing visibility along supply chains and resilience are major sources of competitive advantage. Top management leadership is the key to overcoming silo thinking about supply chains within an organisation.

Now into its seventh year, the annual Supply Chain Resilience Report represents a long-standing working partnership between the BCI, Zurich Insurance Group and CIPS (Chartered Institute of Purchasing and Supply). It is now an influential and go-to industry resource that tracks the origins, causes and consequences of supply chain disruption across industry sectors and regions worldwide, as well as the overall evolution of risk. For example, the report has highlighted the greater risk of multi-tier exposure as well as simple direct supply chain exposure.

Likewise, Zurich’s involvement has helped reinforce the emergence of threats beyond just the physical to the less tangible risks, such as cyber risk. The report continues to benchmark business continuity arrangements in one place - including the uptake of insurance - in different organizations and is one of the most comprehensive, practitioner-led studies in the field. The BCI, Zurich Insurance Group, and CIPS involvement in previous surveys has and will continue to provide organisations with the much-needed critical insights and valuable information to support the development of appropriate strategic responses and approaches to mitigate the impact and consequences of disruptions within their supply chains.

Notes:

  • Download a full copy of the report by clicking here.
  • Note to the online survey: 537 respondents were from 67 countries working in 14 SIC industry sectors. Approximately a third were from Europe and a third from North America.

About the Business Continuity Institute

Founded in 1994 with the aim of promoting a more resilient world, the Business Continuity Institute (BCI) has established itself as the world’s leading Institute for business continuity and resilience. The BCI has become the membership and certifying organization of choice for business continuity and resilience professionals globally with over 8,000 members in more than 100 countries, working in an estimated 3,000 organizations in the private, public and third sectors.

The vast experience of the Institute’s broad membership and partner network is built into its world class education, continuing professional development and networking activities. Every year, more than 1,500 people choose BCI training, with options ranging from short awareness raising tools to a full academic qualification, available online and in a classroom. The Institute stands for excellence in the resilience profession and its globally recognised Certified grades provide assurance of technical and professional competency. The BCI offers a wide range of resources for professionals seeking to raise their organization’s level of resilience, and its extensive thought leadership and research programme helps drive the industry forward. With approximately 120 Partners worldwide, the BCI Partnership offers organizations the opportunity to work with the BCI in promoting best practice in business continuity and resilience.

The BCI welcomes everyone with an interest in building resilient organizations from newcomers, experienced professionals and organizations. Further information about the BCI is available at www.thebci.org.

About Zurich Insurance Group

Zurich Insurance Group (Zurich) is a leading multi-line insurer that serves its customers in global and local markets. With more than 55,000 employees, it provides a wide range of general insurance and life insurance products and services. Zurich’s customers include individuals, small businesses, and mid-sized and large companies, including multinational corporations, in more than 170 countries. The group is headquartered in Zurich, Switzerland, where it was founded in 1872. The holding company, Zurich Insurance Group Ltd (ZURN), is listed on the six Swiss exchange and has a Level I American Depositary Receipt (ZURVY) program, which is traded over-the-counter on OTCQX. Further information about Zurich is available at www.zurich.com.

For many years, one of the most common backup practices for businesses has been the use of tape archives. As a tried and tested storage solution, it’s still a familiar sight in many firms, even if it looks a little outdated when compared with more modern alternatives such as cloud backups.

There is a range of reasons why businesses persist with this storage method. Magnetic tape storage is an inexpensive way to store large amounts of data and it theoretically can last for many years.

However, there is tendency to assume that once records have been committed to tape and filed away in either an on-site or off-site storage facility, they can just be forgotten about until they are needed. In fact, there are a number of risks associated with tape storage that businesses will have to be aware of, which may make them rethink whether this is always the most appropriate solution for long-term data storage.

...

http://blog.krollontrack.co.uk/concepts-explained/archiving-risk-security-risks-associated-with-tape-storage/

Lack of senior management support a challenge to crisis preparedness

Chief Executives, Managing Directors and other senior business leaders are failing to take crisis preparedness seriously and risk undermining their organization’s ability to manage crises, according to a survey conducted by Regester Larkin and Steelhenge.

The survey also revealed that while big business appears to understand the need to prepare for a crisis, too often senior leaders do not participate in training or crisis exercises. Of the companies that had run crisis exercises in the past year, almost half (45%) had not involved their Chief Executive. This was seen as part of a wider problem, with 46% of respondents identifying ‘lack of senior management buy-in and support’ as the biggest challenge of effectively preparing their organisation for crises.

Dominic Cockram, Steelhenge Managing Director and Regester Larkin Director said: “If leaders are not fully brought into crisis preparedness, any good work put into crisis structure, process and capability building will be critically undermined. There is little point attempting to be ‘crisis ready’ when the core individuals responsible for managing a crisis will not know what to do."

There may be many reasons why Chief Executives aren’t able to attend crisis exercises but if you ask any business leader who has had to manage the response to a real crisis, major incident or issue, they will tell you it was time well spent.

The survey also found that organizations are not involving their key partners in crisis preparedness programmes with only 27% involving them in crisis exercises despite over a third (34%) saying that working with partners in a crisis was likely to be a big challenge.

Dominic Cockram continued: “Crises do not occur in a vacuum. We know from experience that one of the most challenging aspects of managing a crisis is to work harmoniously with partners or suppliers, especially when the media and others are looking for a clear ‘villain’. Without involving partners in crisis preparedness programmes, companies are leaving themselves vulnerable and unprepared.

(TNS) - The public is law enforcement’s best weapon in dealing with the possibility and the reality of an active shooter situation a Union Public Safety officer told a group of University of South Carolina Union students and faculty Wednesday afternoon.

How to respond to an active shooter situation at the USC Union campus was the subject of an “Active Shooter Training” session held Wednesday afternoon in the Truluck Activity Center. Organized by USC Union Health, Safety and Security Director Tony Gregory, the session was designed to provide students and staff with information on how to respond to an active shooter situation on campus.

The session drew a number of students and faculty members who listened as, first, Gregory outlined USC Union’s active shooter protocol. Gregory said the protocol counsels students and faculty who find themselves in an active shooter situation to, first, flee to safety if at all possible. If flight is not possible, Gregory said the protocol directs students and faculty to then seek a safe place to hide until law enforcement arrives on the scene. If hiding is not an option, Gregory said the next step is to try and fight the shooter, but Gregory said this is the last resort given the danger involved.

...

http://www.emergencymgmt.com/safety/Law-Enforcements-Best-Weapon.html

Over time, the role of corporate legal departments has expanded to address the increasing risks in corporations—from increasing involvement in implementing corporate policies to leading employee training on procedures for managing electronic communications, social media, and bring your own device (BYOD) policies. This shift, however, is not enough to meet the challenges posed by an increasing range of risks proliferating within global organizations. Legal and compliance groups must also take the lead in finding new ways to leverage the power inherent in their data and address the challenges posed by massive data stores, information and network security challenges, as well as regulatory compliance requirements.

Failings of Traditional Strategies

In the past, organizations used straightforward, people-intensive methods to search for and remediate risk. For example, organizations instituted policies training, hoping that it would be sufficient to corral employee use of electronic communications, BYOD, and social media. Some may have formed working groups or intradepartmental committees designed to consider the implications of data privacy or information security for their businesses. Others rely on basic technology, such as keyword searches, that trigger electronic alerts when they find a hit in a document.

...

http://www.riskmanagementmonitor.com/new-approaches-needed-for-effective-data-risk-management/

Where are the big city emergency managers of tomorrow to come from?

That’s a question that Target and Big City Emergency Managers (BCEM) a nonprofit group of emergency managers in the 15 largest U.S. cities are helping to answer. Since 2010, Target and BCEM have hosted the annual “Emerging Leaders” training program at the retailer’s Minneapolis headquarters.

It is a multi-month training process that helps 15 early-and-middle management employees nominated by their BCEM member cities to significantly enhance and expand their emergency management skills.

“Supporting this program is a unique way for Target to give back to the communities we serve,” said Target spokesperson Molly Snyder. “By helping to train these emergency managers on leadership essentials, we are empowering and uniting them with their peers so that they can be effective leaders and support their communities when they need it most.”

...

http://www.emergencymgmt.com/disaster/Target-Helps-Train-Tomorrows-Emergency-Managers-Today.html

Monday, 09 November 2015 00:00

Is Disk Storage in Trouble?

On the surface, the future of hard disk drives (HDDs) seems secure. They account for the bulk of all storage capacity shipped and have had a strong growth curve for years. It’s a $32 billion-per-year industry, and HDDs are found in just about every office and home.

But that rosy picture hides some underlying problems. At the high end, 15k SAS and Fibre Channel disk is being squeezed out of the picture by much faster flash for systems that require near-instant response.

“A greater amount of flash was shipped last year than 15k disk, and that trend is not going to stop,” said Chris Powers, vice president of the data center development unit at HP.

...

http://www.enterprisestorageforum.com/storage-hardware/is-disk-storage-in-trouble.html

Monday, 09 November 2015 00:00

When to Use a Bare-Metal Cloud

We’re hearing a lot about the “bare-metal cloud” these days. The idea is that you can have cloud services not on a virtualized infrastructure but running directly on local infrastructure or leased hardware in a remote data center.

Naturally, this has a lot of people puzzled as to the difference between a bare-metal cloud, a hosted private cloud, and a standard colocation agreement that just happens to be used for dedicated cloud services. And the truth is, there isn’t really much difference at all, save for various vendors’ ability to differentiate on price, flexibility, scale and integration support.

Some of the latest examples of bare-metal clouds target long-term infrastructure needs like VDI and backup and recovery. Hive-IO’s new software-defined compute solution, for example, provides IaaS support on bare-metal infrastructure, which the company says eliminates vendor-layer complexity and reduces hardware consumption by 30 percent. Hive-IO can be deployed on-premises or in a hosted environment, enabling lightweight infrastructure support for virtual desktops without the usual agents, service line-ups and physical footprints that hamper many VDI deployments. The platform also provides local and/or remote management.

...

http://www.itbusinessedge.com/blogs/infrastructure/when-to-use-a-bare-metal-cloud.html

In my last threat intelligence blog I discussed my new research on threat intelligence providers. I included a graphic which carved four functional threat intelligence areas: 1) Providers 2) Platforms 3) Enrichment 4) Integration. In December, I will start the next piece of research in the series focusing on Threat Intelligence Platforms (TIPs). This will likely be two reports one focusing on people, process and use cases and the other focusing on the vendor landscape. My presentation at the 2016 SANS Cyber Threat Intelligence Summit will include some perspective on the state of threat intelligence platforms. 

...

http://blogs.forrester.com/rick_holland/15-11-07-starting_soon_threat_intelligence_platforms_research_0

Monday, 09 November 2015 00:00

BCI: Lack of resilience in the retail sector

Lack of resilience in the retail sector

Many retailers are leaving themselves open to the high financial and reputational cost of disruption by not investing in business continuity

CAVERSHAM, UK – More than one in five retail organizations do not have a formal business continuity policy in place. That is according to report published today by the Business Continuity Institute and supported by the Retail Business Continuity Association.

The Retail Resilience Report also highlighted that, of those that do have a policy in place, less than half have Key Performance Indicators attached, making it difficult to assess whether the policy is effective. With retailers being at the frontline of modern society where sales can be made or lost in an instant, it is perhaps more important for retailers to have plans in place to manage disruption.

Some of the other findings in the report include:

  • Less than one in ten respondents (9%) claimed their organization was certified to ISO22301, the international standard for business continuity management, although 43% claimed to align to it.
  • Nearly a quarter of respondents (22%) stated they had not conducted a formal Business Impact Analysis, a fundamental part of business continuity management as it provides the data from which appropriate continuity strategies can be developed.
  • Nearly one in ten respondents (9%) admitted that their organization did not have a formal IT Disaster Recovery Plan, while 12% claimed it was still in development.
  • Fires are the number one concern for organizations (63%), closely followed by human illness (62%), cyber attacks (51%) and physical security (51%). 16%, 9%, 12% and 9% of respondents claim to have invoked their business continuity plans due to these threats materialising.

The report underscores the need to get continuity and resilience at the heart of the agenda for retailers, yet there are existing challenges in communicating the value proposition of resilience. There is a need to promote metrics that allow top management to sense the urgency of driving resilience within their organizations.

Patrick Alcantara DBCI, Senior Research Associate at the Business Continuity Institute and author of the report, commented: “The BCI acknowledges the RBCA’s efforts in building resilience across the retail industry through this pioneering study. We believe that it is important for BC and resilience practitioners across different sectors to obtain relevant, industry-specific data that benchmarks their performance and adds value to their practice. This report is an excellent contribution to the retail industry and we encourage other sectors to follow suit.

John Frost MBCI, Head of Business Continuity at Marks and Spencer and Chairman of the RBCA, commented: “The RBCA have been overwhelmed by the number of retailers from across the world that chose to take part in this survey. The results have given Retail Business Continuity and Resilience professionals the ability to benchmark their activities against their peer group for the first time. This visibility will assist with those all-important conversations with Top Management by offering credible evidence and industry comparisons. We would like to thank the BCI for providing their expertise and support for this first survey of its kind, and of course all those who took part. We look forward to developing and improving the survey in the future with the BCI, and supporting our fellow professionals from around the world in developing their retail resilience capability.

Retail organizations depend heavily on technology in building resilience. This may introduce considerable risks and points of failure. Retail business continuity professionals must be aware of this in implementing an agile, holistic and responsive programme lifecycle. Developing relevant competencies within the team is imperative given an evolving retail industry landscape. Retail professionals understand how agility is a competitive advantage in an industry considerably influenced by market trends, rapidly changing tastes and fickle consumer behaviour. Building resilience therefore requires building skills sets among professionals in the ‘protective disciplines’ such as BC that enable them to respond to this context.

For more information please contact the Senior Communications Manager at the Business Continuity Institute – Andrew Scott CBCI – by emailing andrew.scott@thebci.org or by phoning 0118-947-8241.

Notes:

  • Download a full copy of the report by clicking here.
  • Note to the online survey: 104 respondents were from 26 countries.

About the Business Continuity Institute

Founded in 1994 with the aim of promoting a more resilient world, the Business Continuity Institute (BCI) has established itself as the world’s leading Institute for business continuity and resilience. The BCI has become the membership and certifying organization of choice for business continuity and resilience professionals globally with over 8,000 members in more than 100 countries, working in an estimated 3,000 organizations in the private, public and third sectors.

The vast experience of the Institute’s broad membership and partner network is built into its world class education, continuing professional development and networking activities. Every year, more than 1,500 people choose BCI training, with options ranging from short awareness raising tools to a full academic qualification, available online and in a classroom. The Institute stands for excellence in the resilience profession and its globally recognised Certified grades provide assurance of technical and professional competency. The BCI offers a wide range of resources for professionals seeking to raise their organization’s level of resilience, and its extensive thought leadership and research programme helps drive the industry forward. With approximately 120 Partners worldwide, the BCI Partnership offers organizations the opportunity to work with the BCI in promoting best practice in business continuity and resilience.

The BCI welcomes everyone with an interest in building resilient organizations from newcomers, experienced professionals and organizations. Further information about the BCI is available at www.thebci.org.

About the Retail Business Continuity Association

The RBCA was established to assist all business continuity personnel in the retail industry to share views, experiences, and information to the benefit of the sector. The aim of the RBCA is to create a community within which competition issues are set aside for the good of the retail industry at large with a vision to become a resource centre representing all retailers large or small across all sectors and multi government agencies. The core objectives are to: identify and assess the threats and risks to business as usual in retail; promote effective retail business continuity to manage and mitigate the most serious threats and risks; share intelligence and retail business continuity data, information, experience and best practice; recognise and respond to significant changes in threats and risks to retail; and embrace major developments and technologies to aid effective business continuity management. Further information about the RBCA is available at www.therbca.co.uk

Friday, 06 November 2015 00:00

Legal vs. IT: The Data Archiving Disconnect

In the past, the main drivers for data archiving centered on legal and compliance initiatives and business continuity, including eDiscovery, records retention, audits and disaster recovery. But as more companies are looking to take advantage of information in an effort to gain competitive advantage in their markets, data archiving has taken on a new role. However, there are major organizational disconnects related to archive accountability and lines of authority, particularly between IT and the legal and compliance departments that are holding enterprises back from maximizing the full value of their archives.

According to a recent IDC survey, the underlying reason for the data archiving disconnect very likely stems from a fundamental difference in roles and objectives between IT and legal. Whereas responsibilities for things like troubleshooting computer and technology issues or approving vendor contracts are clearly defined and don’t have overlap between the two groups, the management and usability of an enterprise’s data archives can pit them against each other. The research showed that although 70 percent of IT respondents see data archives as enhancing revenue, only 38 percent of legal and compliance teams agree, which makes sense in light of how each group utilizes the archive.

...

http://corporatecomplianceinsights.com/legal-vs-it-the-data-archiving-disconnect/

SANTA CLARA, Calif. — When it comes to cybersecurity, there are two strategies. The first is reactive and is put into motion once security protocols have failed. The second, the proactive approach, can take you down the proverbial rabbit hole and into a world of intelligence gathering that puts you across the virtual table from those who might be coming for your secured data.

At least this is how Alert Logic’s Stephen Coty described the strategy options to attendees of the 17th Cloud Expo this week.

The longtime cybersecurity expert warned that system breaches are not the only threats posed by those with access to sensitive information.

...

http://www.govtech.com/security/Aggressive-Strategy-Offers-Greater-Protection.html

Why Service Providers need to consider provisioning platforms like CloudPortal Services Manager

In a recent Survey conducted by the Citrix Service Provider Center of Excellence, we asked providers what cross-tenant provisioning tools they used.  For those who answered “none”, we followed up to understand why.

The answers to this specific survey question varied, but the most common responses were along the lines of the following:

...

https://www.citrix.com/blogs/2015/11/05/if-youre-not-automating-service-provider-provisioning-think-again/

Friday, 06 November 2015 00:00

Companies Behaving Badly

Whether it’s the VW emissions scandal or rebuilding a company’s reputation after a cyber attack, we’re reading a lot about the challenges of managing reputation risk in the business world.

How important—and valuable—a positive reputation and ethical C-suite leadership is for an organization to attract talent is highlighted by recent findings of a survey of 1,012 U.S. adults by Corporate Responsibility Magazine and Cielo Healthcare.

(Hat tip to the WSJ’s Risk & Compliance Journal for flagging this survey.)

...

http://www.iii.org/insuranceindustryblog/?p=4212

When protesters filled Baltimore streets during the civil unrest this spring after Freddie Gray died in police custody, downtown businesses had many questions and decisions to make, including: Was their business in the path of the demonstrations? Should they send their employees home early? What were other area companies doing?

When the businesses began calling the Maryland Emergency Management Agency (MEMA) for information, the agency answered with its virtual business operations center (VBOC), part of the Private Sector Integration Program (PSIP) that Maryland developed to help businesses respond to and prepare for emergencies.

The VBOC is an online collaboration portal MEMA uses to let private-sector members sign in, interact with one another and view information — such as images, documents and live streams — posted by emergency managers and other businesses.

...

http://www.emergencymgmt.com/disaster/Focus-on-Business.html

Friday, 06 November 2015 00:00

CDC’s Emergency Management Specialists

CDC's Emergency Operation Center

Meet Mark Hall, an emergency management specialist in CDC’s Division of Emergency Operations in the Office of Public Health Preparedness and Response. As part of the Plans, Training, Exercise, and Evaluation Team — Mark and his team make sure CDC is prepared for emergencies and assesses how the agency performs during a response.

Being ready to respond to national and international emergencies takes practice. Large-scale exercises are held across CDC, with federal partners, and at the state and local level.  Mark and his colleagues are part of the team that evaluates the exercises that CDC administers. They ensure that exercise mimics real-world events and after the exercise, evaluate what worked and what needs to be improved. In an emergency response, the team also monitors the way in which CDC is conducting the response to see if any activities need to be tweaked.  As part of the monitoring and review processes,  the team looks at everything from the processes for deploying people and supplies, to the logistics and operations of CDC’s emergency operation center. This job requires strong analytical and communication skills and the flexibility to switch from exercise to emergency response mode when the need arises.

Mark Hall sits down with the Director of CDC's Office of Public Health Preparedness and Response to talk about his job as an emergency management specalist

Mark Hall sits down with the Director of CDC’s Office of Public Health Preparedness and Response to talk about his job as an emergency management specalist

Public Health Matters sat down with Mark to learn a little more about his job in emergency management and what has best prepared him for his important role at CDC.

How does your work help improve CDC’s ability to respond to emergencies?

Mark say, his job is to evaluate CDC exercises and response efforts to ensure that the agency continues to improve. The evaluations conducted by Mark and his team after each exercise, whether a CDC-wide exercise or for a specific group, help to identify issues and areas for improvement.  Mark emphasizes the importance of not only finding ways to improve CDC’s emergency response work, but also recognizing the good work is being done. “During these after-action reviews we also want to focus on the successes, not just what we did wrong, and communicate what worked best to the rest of CDC,” says Mark.

What has best prepared you for this job?

For Mark, his 20 years in the military and a background in operations, planning, and training helped prepare him to work in CDC’s Division of Emergency Operations. “I enjoyed the idea of going from operations, plans, exercises, and training focused on military and combat to a focus on public health.  As an emergency management specialist I still get to focus on doing good work for my country, my nation, and even for the world,” says Mark.

During his military career, Mark had the opportunity to travel to many different countries including Kazakhstan, Kuwait, Qatar, Iraq, Saudi Arabia, and Egypt. Going overseas, meeting different people, and experiencing different cultures has helped with working on emergency responses, including deploying oversees as part of CDC’s response to the West Africa Ebola epidemic.

CDC's emergency operation planning team meets to review and incorporate feedback from CDC exercises and after action reports

CDC’s emergency operation planning team meets to review and incorporate feedback from CDC exercises and after action reports

What are important skills needed for your job?

“You have to be flexible. We know that there’s a hurricane season every year that’s recurring.  However the majority of the events that require a CDC response occur without prior notice, and we have to be ready to respond,” says Mark. Having the ability to adapt to different emergency responses quickly is a crucial component of CDC’s ability to react to public health threats and emergency as soon as they arise.

What do you like most about your job?

“When programs make changes based on recommendations after exercises or a real-life event, it really shows that the work has had an effect. It is also rewarding to hear news stories or friends and family talking about the domestic and global work that CDC is doing and knowing you’re a part of that work.”

PHPR: Health Security in Action

This post is part of a series designed to profile programs from CDC’s Office of Public Health Preparedness and Response.

CDC’s Emergency Management Specialists are part of the CDC’s Public Health Preparedness and Response’s (PHPR) Division of Emergency Operations.

Earlier this week, I wrote about the disconnect that many IT professionals have between the poor performance of their security detection systems and the likelihood of being the target of an attack.

A new study released yesterday may force them to rethink their attitude about cyberattacks. According to the IID and Ponemon Institute survey, 47 percent of organizations, both in the private and public sector, were breached in the past two years. That’s up from 43 percent in a similar study conducted last fall.

And these numbers are low, depending on the type of industry you are in, or the size of the company. Health care, for instance, is a prime target for attackers, with 81 percent of companies within the industry suffering a breach. And the bigger the company, the greater the risk, as SC Magazine pointed out:

...

http://www.itbusinessedge.com/blogs/data-security/odds-grow-that-your-company-will-suffer-a-breach.html

On Thursday November 19th, Continuity Central’s regular online BIA Special Interest Group (SIG) will take place. It will explore the following questions:

  • What should the relationship be between the BIA and risk assessment?
  • How can we apply the BIA to cyber threats and incidents?
  • How to organize your BIA: when is a process not a process?
  • How to conduct a BIA within your supply chain.
  • Ways to sense-check and verify your BIA information and dependencies.

SIG chairman John Robinson, FBCI, will spend the first section of the SIG presenting his thoughts on the above questions. After this the SIG will discuss a variety of other questions relating to BIAs which have been raised by attendees of the SIG.
The SIGs are open to all and are free to attend. They are organized by Continuity Central in partnership with Total Business Metrics.

Joining details:

Please note that due to the conversational focus of the Special Interest Groups, recordings are not made available afterwards, so please only signup if you can actually attend.

The minimum business continuity objective (MBCO) is a neglected tool in the business continuity toolbox. Charlie Maclean-Bristol, FBCI, explains what it is and how to use it.

The minimum business continuity objective (MBCO) is, in my opinion, an extremely important component of the business impact analysis (BIA). I have always thought that it is the poor cousin to the MTPD (maximum tolerable period of disruption): not used very often and not really understood by many people.

MBCO is defined in the Business Continuity Institute’s ‘Good Practice Guidelines 2013’ (GPG) as the “minimum level of services and/or products that is acceptable to the organisation, to achieve its business objectives during a disruption”. The MBCO sits alongside the recovery time objective (RTO). The RTO defines how quickly we want an activity to be recovered but equally as important the MBCO defines the level at which that activity should be recovered.

An example is if we have a call centre / center which has 1000 people operating from a single site. During the BIA the RTO of the call centre is set at 24 hours. Setting the MBCO is now key. If the MBCO is set at 1 percent of normal activity we have to recover 10 call centre agents, which in terms of devising a strategy for their recovery is not too difficult. Alternatively, if the MBCO is set at 80 percent, we have to develop a strategy to recover 800 agents within 24 hours, which is much more complex and probably a lot more expensive. So it is often the level at which the MBCO is set which will define the strategy for recovery rather than the RTO.

...

http://www.continuitycentral.com/index.php/news/business-continuity-news/640-the-minimum-business-continuity-objective

The face of modern corporations is changing. No longer are we confined to offices. Instead, it’s possible to work from trains, airports, cafes, and even the beach. A recent survey of employers indicated that up to 95% of employees use mobile devices for work, with 61% of the employees using their own personal devices*. It is undeniable that these devices can maximize employee productivity in the modern corporate setting, but managing and securing them continues to present unique challenges for IT administrators.

In light of the recent Apple iPhone account hack and other high-profile breaches, it’s no surprise that businesses and end users alike are more concerned than ever about the security of their mobile devices. Moreover, while analyzing threat trends over the past year, our team of threat researchers found that trustworthy apps fell from 52% in 2013 to just 28% in 2014. Nearly 50% of apps were found to be moderate or suspicious, and over 22% were unwanted or malicious.

...

http://mspmentor.net/blog/let-end-users-bring-their-own-device-not-their-own-malware

Is the United States dangerously complacent about possible biological and chemical weapon attacks, leaving open the possibility of mass deaths or a huge disruption in the economy or both? Or has the country in fact come a long way in its preparations to protect itself against this type of attack?

The answer may be both.

Tom Ridge, former Homeland Security secretary, and Joe Lieberman, former senator, are co-chairing a Blue Ribbon Study Panel on Biodefense hosted by Hudson Institute and the Inter-University Center for Terrorism Studies. They wrote in Roll Call that “our nation is dangerously unprepared to prevent or respond to” attacks with biological and chemical weapons, citing recent cuts in funding for readiness efforts.

...

http://www.emergencymgmt.com/safety/Are-We-Ready-for-Biological-and-Chemical-Attacks.html

As everyone who does not live under a rock knows by now, Dell and EMC have signed a definitive agreement for Dell to acquire EMC. The deal is multi-billions of dollars ($67 billion to be exact). Privately owned Dell is rich but not that rich, so Michael Dell partnered with MSD Partners and Silver Lake to get the necessary cash.

This article will concentrate on the storage aspect and how this particular merger looks to affect the enterprise storage market and most critically, mid-market storage. All told there will be a lot of customer angst and subsequent hair pulling over suddenly unsupported storage products. The expense of migrating data onto new storage lines will also be a customer irritation, especially if they feel compelled to migrate years earlier than they expected to.

...

http://www.enterprisestorageforum.com/storage-management/is-the-dellemc-merger-good-or-bad-for-storage-try-both.html

Author: Shellye Archambeau, Chief Executive Officer, MetricStream and a Board Member at Verizon

Shellye Archambeau

Building and running a successful startup in America’s fiercely competitive tech industry is never easy. There’s no one-size-fits-all solution or manual for how to go about it. But as they say, experience is the best teacher. So it’s my pleasure to share with you some of my own experiences and observations in building and managing tech companies.

I began my journey in the tech industry over 25 years ago, working my way up to senior management roles in IT companies such as LoudCloud (renamed Opsware), NorthPoint Communications (which was later sold to AT&T), and IBM. For the last 10 years, I’ve served as the CEO of MetricStream, a Silicon Valley-based governance, risk, and compliance (GRC) company which I helped build from the ground up.

I’ve learned several important lessons—not only from my personal career journey, but also from the challenges and successes of my clients and peers in the industry. Here are a few key lessons which have stood me in good stead:

...

http://blog.metricstream.com/2015/ceo-blog-what-ive-learned-from-25-years-in-the-tech-industry/

Thursday, 05 November 2015 00:00

The Riskiest States for Employee Lawsuits

In 2014, U.S. companies had at least an 11.7% chance of having an employment charge filed against them, according to the new 2015 Hiscox Guide to Employee Lawsuits. The firm’s review of data from the Equal Employment Opportunity Commission and its state counterparts found that the risk also varied notably by state, as local laws creating additional obligations—and risks—for employers led to charge rates up to 66% above average.

...

http://www.riskmanagementmonitor.com/the-riskiest-states-for-employee-lawsuits/

Moving to expand the scope and reach of its software-defined approach to storage, IBM today unveiled a series of updates to the IBM Spectrum Storage portfolio that make it simpler for IT organizations to encrypt data regardless of where it is stored in addition to being able to more aggressively compress data.

IBM also announced a new Hadoop File System interface to integrate its storage systems with Hadoop implementations that are rapidly emerging as the “data lake” from which all data in the enterprise is derived.

Finally, IBM announced that its IBM Spectrum Control management and analytics software has been extended to IBM FlashSystem and IBM Spectrum Scale file and object storage systems. Last month, IBM unveiled a hybrid array based on Power processors, called the DS 8880 series, which scales to 3PB of storage at price points that start at $50,000.

...

http://www.itbusinessedge.com/blogs/it-unmasked/ibm-extends-scope-of-software-defined-storage-reach.html

Thursday, 05 November 2015 00:00

Get Resilient

December 2015 sees the launch of a new Cyber Resilience Centre in the South East of England . Part of Bucks New University’s new Aylesbury Vale Campus , this Centre provides a home for a range of short and professional courses in Resilience and Cyber Security, and in 2016 will provide a base for the university’s new Foundation Degree in Cyber Resilience.

Housed in purpose-built facilities in the heart of Aylesbury, the campus is designed with professional education in mind. Three dedicated classrooms will enable delegates to focus on the most pressing security issues of the day, using the latest in computing technology and supported by teaching staff from the university’s highly regarded undergraduate and post-graduate programmes in Security and Resilience, as well as experts from the field of Cyber Resilience.

Throughout the year the Cyber Resilience Centre will offer a range of courses, including both university short programmes focussed on resilience, as well as practical accredited programmes such as the Certified Information Systems Security Professional and Cyber Security Overview for Industrial Control Systems.

...

https://buckssecurity.wordpress.com/2015/11/04/get-resilient/

Unless you’re on a board of directors or in a C-suite, you probably never thought about it, but the communication and collaboration needs of individuals in that rarefied air are different from those of the folks in the trenches. Similarly, you likely never thought about there being a company that caters to that clientele, for that purpose. That’s where Joe Ruck comes in.

Ruck is CEO of Boardvantage, a Menlo Park, Calif.-based provider of a communication platform for boards and leadership teams. I recently had the opportunity to speak with Ruck, and I opened the conversation by asking him a chicken-or-the-egg question: Was Boardvantage created to provide something that boards and C-level executives were clamoring for, or was it an idea for something they felt they could convince boards and C-level executives that they needed? He said the origin of the company was probably the latter, but it has now evolved into the former:

...

http://www.itbusinessedge.com/blogs/from-under-the-rug/why-boards-c-suites-need-a-purpose-built-communication-platform.html

SACRAMENTO, Calif. – It is time to buy flood insurance, if you don’t already have it. Available to everyone, businesses, homeowners and renters alike, it is the only insurance that will help you recover from flooding and mudflows.

Citing a strong El Niño and other factors, the National Oceanic and Atmospheric Administration predicts wetter than average conditions for central and southern California, along with warmer than normal temperatures from December through February. There is a 30-day waiting period between purchasing flood insurance and the time the insurance goes into effect.

Residents living in the vicinity of the recent wildfires are especially vulnerable to runoff flooding this rainy season because wildfires dramatically alter the terrain and ground conditions.

Normally, vegetation absorbs rainfall, reducing runoff. But wildfires leave the ground charred, barren, and unable to absorb water. That enhances the chances of flash flooding and mudflows. Flood insurance covers mudflows, but not mudslides.

Just because your property is outside a high flood risk zone doesn’t mean there is no risk. But it does mean you can buy flood insurance at a lower price, because the risk is lower.

Information about flood insurance is available at the Disaster Recovery Centers in Lake and Calaveras counties: 891 Mountain Ranch Rd., San Andreas; Middletown Senior Center, 21256 Washington St., Middletown, and 14860 Olympic Dr., Clear Lake.

Flood insurance is for everyone, not just survivors of the wildfires. It is easy to find out how much flood insurance will cost by going to FloodSmart.gov. Fill in the blanks in the red box on the right side of the screen, “How Can I Get Covered”. You will be taken to a table of flood insurance options and costs for your address. Contact information for local agents is available on the website.

Survivors can apply for FEMA assistance online at DisasterAssistance.gov or by calling  800-621-3362; TTY 800-462-7585; 711 or Video Relay Service (VRS), call 800-621-3362. The deadline to register is Nov. 23, 2015.

For more information on California’s wildfire recovery, visit: caloes.ca.gov, Twitter@Cal-OES or FEMA.gov/disaster/4240 and follow us on Twitter@femaregion9 and at Facebook.com/FEMA.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). If you have a speech disability or hearing loss and use a TTY, call 800-462-7585 directly; if you use 711 or Video Relay Service (VRS), call 800-621-3362.

Hyperconvergence is all the rage at the moment, promising big things in small packages and the ability to support Big Data and other applications at low cost and with none of the complexity that accompanies traditional data infrastructure.

But as with most emerging technologies, the truth is both more and less than it seems.

To be sure, the siren call of hyperconvergence is being heard across the IT landscape. Whether it is web-scale entities like Google and Facebook building their own platforms out of commodity hardware and home-grown software architectures or traditional vendors looking to leverage their platforms for enterprise and cloud deployments, a hyperconverged architecture will likely be the preferred solution going forward.

...

http://www.itbusinessedge.com/blogs/infrastructure/it-turns-to-hyperconvergence-but-is-it-right-for-all-occasions.html

Unsuspecting and easy to attack – users of public Wi-Fi spots are a hacker’s dream target. Cybercriminals don’t wear cat-burglar masks and striped t-shirts, so it may not be easy to see them. On the other hand, the smart user of a free Wi-Fi hotspot knows that he or she should assume that hackers are lying virtually in wait. The terrain can vary: coffee shops, airports, restaurants, libraries, bookstores, fast food outlets and even schools can all be dangerous. Unfortunately, statistics show that users in general, consumer or business, have a lot to learn if they want to bring their risk back down to reasonable levels.

...

http://www.opscentre.com.au/blog/free-wi-fi-spots-are-security-risks-for-the-unwary/

On October 6, Europe’s highest court, the Court of Justice of the European Union, struck down the “Safe Harbor Framework,” which existed between the United States and the EU for 15 years. This has an impact on companies collecting or processing personal data in EU nations for use in the United States. The Framework provided a method for over 4,000 U.S. companies to transfer personal information outside the European Union consistent with the EU’s strict Data Protection Directive. The Directive establishes the rules for protecting Europeans’ privacy rights. To take advantage of the Framework, U.S. companies have self-certified compliance with EU standards to the Department of Commerce.

The European court struck down this longstanding business arrangement after Austrian privacy activist Max Schrems alleged his personal information transmitted via Facebook or stored on Facebook’s servers in the U.S. was not, in fact, safe from intrusion from the prying eyes of the U.S. government. Schrems’ lawsuit arose after Edward J. Snowden, former contractor for the National Security Agency, divulged that American intelligence agencies were freely accessing data held by Facebook or transferred by emails and other means between the EU and the U.S. The European high court agreed, holding that U.S. government actions invalidated the “Safe Harbor” provisions.

...

http://corporatecomplianceinsights.com/noncompliance-with-new-eu-data-privacy-rules-can-be-costly/

Thursday, 05 November 2015 00:00

Why You Should Sell Cloud Backup Now

Nowadays, technology vendors make it pretty easy to set up and offer a cloud backup service to end user customers. But, for most service providers, that is where the hard part begins: Why sell cloud backup? To start, the conversation should begin by discussing the importance of backup solutions to businesses today, the reasons that they back up, and how this provides opportunities for service providers to package up a differentiated cloud backup service offering.

Customers that turn to MSPs for data protection tend to face a variety of business challenges that drive them to consider cloud backup and recovery solutions.

The first challenge is cost. Cloud backup and recovery solutions are treated as operating expenses versus on-premises solutions, which are capital expenditures. In today’s economy, it is often easier to get approval for less expensive and more flexible OPEX models versus CAPEX spending.

...

http://mspmentor.net/blog/why-you-should-sell-cloud-backup-now

Growing populations around the globe have created larger cities, as well as greater concentrations of risk. It is projected that a rise in sea levels and increased intensity of events will amplify the impact of hurricanes, tornadoes, heat waves, floods and droughts. Because of this, climate change is seen as one of the biggest threats to cities and businesses and could account for an estimated 20% of the global GDP by the end of this century, according to “Business Unusual: Why the climate is changing the rules for our cities and SMEs” by AXA.

While some cities have worked to put resilience plans in place to reduce the impact of flooding and other disasters, there is much to be done and businesses are vulnerable, especially small- to medium-sized enterprises (SMEs). Only 26% of SMEs have taken action to protect themselves, yet 54% are worried about the impact climate change could have on their business, and the number rises to 75% in emerging markets, the study found.

...

http://www.riskmanagementmonitor.com/climate-changes-impact-on-business/

Moving to gain access to a platform through which IT organizations can manage heterogeneous environments in the age of the cloud, IBM today announced it has acquired Gravitant.

Richard Patterson, general manager for infrastructure services for IBM Global Technology Services, says IBM will make Gravitant available as a software-as-a-service (SaaS) application, while moving to create a managed service through which IBM will manage IT environments on behalf of its customers. At the same time, IBM will continue to make an instance of Gravitant available as an appliance that can be installed locally on premise.

In effect, IBM is looking to make it simpler for IT organizations to broker multiple cloud services via a common management plane. Gravitant is designed to tap into the application programming interfaces (APIs) that various cloud services expose in a way that provides IT organizations with a single console through which they can all be managed.

...

http://www.itbusinessedge.com/blogs/it-unmasked/ibm-acquires-gravitant-to-advance-hybrid-cloud-management.html