Skip to content This page will be automatically closed in 6 seconds.

Hot News:

Spring World 2017

Conference & Exhibit

Attend The #1 BC/DR Event!

Bonus Journal

Volume 29, Issue 5

Full Contents Now Available!

Industry Hot News

Industry Hot News (6806)

For many years, the peace of mind that came with a robust business continuity and disaster recovery (BC/DR) strategy was reserved for only large enterprises that could afford to stand up and maintain a backup site.

Thanks to the cloud, that's no longer the case. By eliminating the need for a secondary data center, the cloud makes disaster recovery viable for small and medium-sized businesses (SMBs) and, as a result, disaster recovery as a service (DRaaS) becomes a viable business option for solution providers.

"The cloud makes BC/DR viable for customers who in the past couldn't afford it," said Jason Buffington, senior analyst, Enterprise Strategy Group. "SMBs have always understood that they depend on their data as much as enterprises do. The difference is they never thought the kinds of approaches for DR that enterprises use could ever be viable for them."


Over the last 2 years, on like-for-like data center deals with the same provider and renewals without growth, we’ve frequently seen price cuts of 8%-25% depending on location and buyer leverage.  Zahl Limbuwala, recently stirred the pot in his Open Letter to Data Center Investors. To sum it up very briefly, he sees deep structural problems for anyone looking to invest in the data center industry. Problems that he believes many owners and investors are complacent or in denial about. The concerns he highlights are myriad: facilities that are outdated long before depreciating; lower competitiveness with emerging cloud options; easier migration and reduced lock-in; and the unlikeliness of becoming a supplier to the cloud.

The reaction I got on polling the numerous visionaries within and outside of RampRate is mixed.


Monday, 16 November 2015 00:00

A Roadmap to Disruption

I discussed Uberization at length in a recent article. But this is just a model of disruption, among many others. To be complete, I should at least also speak about teslaization which I believe to be more dangerous for many companies, and their relation to by-the-book disruption. These are the three states of disruption that will shape the future of your company, whether you’ll be a disruptor, or a disruptee.

This quick and dirty roadmap to disruption is not intended to give with a full-fledged mapping of all disruption categories. Uberization and teslaization are interesting in the way they are polarizing risk taken by the disruptors. It’s about a low tech / higher market risk, or the opposite. Eventually, my goal here is only to share with you how to analyze risks, both as a threat and as an opportunity.


The survey is based on the responses of 364 senior-level executives working in ethics, compliance, audit, risk management or corporate governance, at companies with median annual revenue in the range between $1 billion and $5 billion.

With regard to the chief compliance officer’s (CCO) authority, defined in the survey as the ability to work with executives at the highest level of the organization, 57% of therespondents say their CCO reports directly to either the CEO or the board. This number has fluctuated over time (from as low as the mid-40s), but is now clearly rising. Fifty-one percent say the CCO has a seat on the executive management committee, and 59% say the CCO job is a stand-alone position. Fifty-five percent note the CCO regularly briefs the board on the company’s overall ethics and culture.

“Taken together, the statistics presented in the survey suggest that most CCOs, especially those at larger corporations, have an opportunity to participate in high-level discussions about corporate strategy, values and culture,” says Nicole Sandford, a Deloitte Advisory partner in Deloitte & Touche LLP, and national practice leader of enterprise compliance.


The market for cloud computing continues to defy all expectations. 

Even as the startup craze starts to cool in Silicon Valley, Amazon, Microsoft, and Google all reported bang-up earnings last quarter, not least because of their big bets on the cloud. 

What exactly are these companies selling? Who's buying it? And why is one company that wasn't even in enterprise technology a decade ago — Amazon — beating the pants off everyone else?


Legal and compliance issues keep today’s corporate executives up at night. Indeed, the concern that “regulatory changes and heightened regulatory scrutiny may affect the manner in which our products or services will be produced or delivered” was the No. 1 risk cited by a 2015 survey of 275 board members and executives by global consulting firm Proviti and the Poole College of Management at North Carolina State University.

Many of those evolving legal and compliance issues are swirling around the marketing space, where brands are blazing new paths, consumers and competitors alike are wielding new legal power, and regulators are working hard to keep pace with rapidly changing technologies and processes.

Here are six regulatory and legal risks that CMOs must understand and mitigate today.


IBM continued with its Datapalooza roadshow, Oracle released a new version of its BI software with enhanced visualization capabilities, and Informatica rolled out its Big Data Management platform. All that and more in our Big Data Roundup for the week of Nov. 15.

Big data is expected to make a big impact in healthcare and personalized medicine. But where are the real projects in this field and what progress is being made?

This week, InformationWeek took a deeper look at big data projects for personalized medicine. Plus, we have news on Google open sourcing its machine learning library, TensorFlow. And we've also got news from Informatica, IBM, Oracle, and more.

Let's start with our collection of big data personalized medicine projects. This week, InformationWeek pulled together some of the top personalized medicine projects utilizing big data. IT and big data are helping drug trials search for better treatments for conditions from arthritis to cancer. Take a look at these ground-breaking projects here.


As terror attacks put France into a national state of emergency on Friday, AirBnB, Facebook, Google, Skype, Twitter and Uber launched into disaster response mode.

AirBnB contacted all hosts in Paris asking if they could take in those stranded in the city. Facebook let users alert their friends they were safe. Google offered free calls to Paris via Hangouts, as did Skype, Verizon and Sprint. Uber turned off surge pricing in the city for the weekend, despite initial reports to the contrary. Twitter helped people find a place to stay with the hashtag #PorteOuverte and kept the rest of the world informed.

The tech companies did what many businesses did during a time of emergency: They lent a helping hand. But Friday’s events show how the industry is uniquely positioned to do so more quickly and adroitly due to the nature of their services.


Monday, 16 November 2015 00:00

Rochester Gets Help for Woeful Winter

(TNS) - The snow has yet to fly this season, but the federal government is sending a pre-winter gift to the City of Rochester.

The Federal Emergency Management Agency has approved emergency aid for the snowstorm that occurred Jan. 26-28, according to a press release from the city manager. Federal aid totals $140,666.

According to Rochester Fire Department's Chief Norm Sanborn Jr., the amount equals the full amount for what the city put in for reimbursement and includes some items he did not think the city could be reimbursed for, such as snow removal from rooftops of public buildings. Sanborn had originally estimated in April that the city spent $122,000 on snow removal for the January storm.

Sanborn said the biggest portion of the aid would go to Department of Public Works expenditures, including snow removal from roofs, snow plowing, sanding and salting and department labor costs and overtime hours. The city also had to maintain 65 miles of roads, municipal parking lots, schools and sidewalks, according to the press release.


Monday, 16 November 2015 00:00

VMware Survey: Mobilization a Hit

VMware polled almost 1,200 insiders and found that companies with mobile IT programs enjoyed a return on investment (ROI) of almost 150 percent, according to Datamation. The findings were good across the board: The respondents see mobilized employees as more effective, and mobility makes new revenue streams easier to find and heightens the ability to “connect with and satisfy customers.”

A downbeat finding was that only 20 percent of companies have moved a core business process to a mobile model. During the next year, however, 63 percent plan to do so. Part of the process will be upgrading infrastructure (77 percent said they plan to do so), adding customer-facing apps (70 percent), and rebuilding crucial apps for mobile employees (69 percent).

ARM Works to Secure the IoT

Good news and bad news from ARM, which is including its TrustZone security in the microcontrollers that are used on the Internet of Things (IoT).


Monday, 16 November 2015 00:00

Making the Most of DCIM

It seems something of a misnomer that Data Center Infrastructure Management (DCIM) platforms are gaining in stature while the vast majority of enterprises are supposed to be de-emphasizing local resources in favor of the cloud.

But the trend is clear: Run-of-the-mill enterprises are turning to every means necessary to reduce costs and improve efficiencies within their on-premises infrastructure while large cloud providers and hyperscale organizations have no choice but to balance workloads against resource consumption or watch their business models collapse under the weight and complexity of their own IT operations.

The challenge going forward is not to simply deploy DCIM, says International Data Corp. in a new report, but to weigh the various DCIM platforms against emerging goals and technology developments. Not all DCIM solutions are the same; in fact, few of them are. Some focus largely on asset management and connectivity while others gear toward critical infrastructure and facilities control. Some are software-only while others introduce a mix of hosted services. Weighing the pros and cons will require a clear assessment of the nature of current infrastructure (is it converged, distributed or both?), as well as internal skillsets, plus future requirements in terms of scale, integration and automation.


Monday, 16 November 2015 00:00

IoT and Insurers of Things

There’s a lot of buzz around the Internet of Things (IoT), not least with latest forecasts from Gartner suggesting that 20.8 billion connected things will be in use worldwide by 2020.

Already the estimated number of connected things in 2016—6.4 billion, according to Gartner—is a 30 percent increase on 2015. In fact 5.5 million new things will get connected every day in 2016, Gartner predicts.

A press release notes:

Aside from connected cars, consumer uses will continue to account for the greatest number of connected things, while enterprise will account for the largest spending.”


Monday, 16 November 2015 00:00

7 factors to be aware of when moving offices

One scenario that any office manager will inevitably dread is the logistical nightmare that is moving to new premises. Whether you’re a booming business that’s outgrowing its existing space, or you’re looking to move into more economical digs, making sure the big day goes smoothly is just as stressful for a business as it is in your personal life.

This is something I’m well aware of at the moment, as we at Kroll Ontrack are moving ourselves this weekend. And in between packing up boxes and sorting out issues such as moving our communications and utilities, it’s got me thinking about another critical – yet often overlooked – factor that needs to be considered when moving offices. Namely, how can you be sure your digital data is secure throughout the process?


Friday, 13 November 2015 00:00

Cybersecurity: A Millisecond Defense

When it comes to recent cybersecurity talks, the prevalent theme seemed to be, “We know we need to do something, but what?”

The recurring questions are: Where do we start, and how fast do we need to react to stop cyberattacks? What's become quite clear is that if we are to secure our digital world, we need to do it with technologies that run as fast as the networks and applications in which they operate — in milliseconds.

Repeated time and again in recent discussions is the need for proactive defensive measures in cybersecurity — and how quickly they must react to stop today's hacker. Even the language in the new cybersecurity bill seems to fall short of true cybersecurity protection, as it is more based on the sharing of information to assist in the detection and recovery of a cyberattack rather than a proactive cybersecurity solution that would stop the attack.

And this leads to a few important questions: Is there a big disconnect between the public and the private sectors when it comes to what cybersecurity is suppose to achieve? If so, what is that disconnect, and how can we move forward?


(TNS) - A violent rampage at UC Merced and threats of gunplay at Fresno State earlier this month are prompting universities to reassess the resources and policies in place to ensure safety and security on their campuses, and a school security training is being planned in Angels Camp.

Rural Domestic Preparedness Consortium will be delivering a Department of Homeland Security-certified course in crisis management for school-based incidents in an all-day training Dec. 21 at Bret Harte High School in Angels Camp. The course is free for first responders and school administrators with registration by Dec. 7.

At UC Merced, a student stabbed four people with a hunting knife Nov. 4 before being shot and killed by campus police. Two days earlier, a social media post attributed to a California State University, Fresno, student threatened that a shooting would take place that afternoon. Investigators made an arrest within hours.


Mark Armour and David Lindstedt recently proposed Continuity 2.0, a manifesto detailing how current approaches to business continuity planning might evolve. In this article Mark looks at how Continuity 2.0 might be applied in practice.

The following example is by no means definitive. Remember that the Continuity 2.0 principles are not about order of execution. The three steps suggested here provide just one example of how the principles could be applied in a fairly concise execution. So, without further ado: a practical approach to Continuity 2.0 in three easy steps.


The peak of our current El Niño is expected to occur in the next month or so… but what does that mean? We measure El Niño events by how much warmer the surface waters in a specific region of the equatorial Pacific are, compared to their long-term average. The difference from average is known as the “anomaly,” and we use the average anomaly in the Niño3.4 region as our primary index for El Niño. When the index in this region is at its highest, we have our peak El Niño.

SST anomalies Oct 2015

Average sea surface temperature departure from the 1981-2010 average over the four weeks ending on November 7. Graphic by, data from NCEP-NCAR reanalysis.

However, El Niño-related impacts have been occurring around the globe for months already, and will continue for several months after the warmest temperatures occur in the tropical Pacific Ocean. For example, during the 1997-98 El Niño, the Niño3.4 Index peaked at 2.33°C in November (using ERSSTv4 data, the official dataset for measuring El Niño), and the most substantial U.S. effects occurred through the early spring of 1998. A bit later in this post, we’ll take a look at what’s been going on so far this year.

First, a quick update on the recent El Niño indicators

The average anomaly in the Niño3.4 region during August-October of this year was 1.7°C, second to the same period in 1997 (1).

SST ranking 2015

Ranking of August-October average sea surface temperature departures from the mean for all El Niño episodes since 1950. This measurement, the Oceanic Niño Index, uses ERSSTv4 data. Figure by, data from CPC.

The atmospheric response to the warmer waters is going strong. The Walker Circulation (tropical near-surface winds blowing from east to west, and upper-level winds blowing from west to east) is substantially weakened, as we expect during a strong El Niño.

winds October 2015 tropical Pacific

Top: Recent departure from the 30-year average near-surface winds. Purple shading area indicates where the normally easterly (blowing from east to west) winds are weaker than normal. Bottom: Recent departure from the 30-year average upper-level winds in the tropical Pacific region. Purple shading area indicates where the normally westerly (blowing from west to east) winds are weaker than normal. Maps by, data from NCEP-NCAR reanalysis.

In case you’re unimpressed by a 2°C (3.6°F) change, let’s do a little math. The area covered by the Niño3.4 region is a little more than 6 million square kilometers (2.4 million square miles). One cubic meter of water weighs 1,000 kg. So the top two meters (6.6 feet) of the Niño3.4 region contains about 12 quadrillion kilograms (about 13.6 trillion tons) of water.

The energy required to raise one kilogram of water one degree Celsius (the “specific heat”) is 4.19 kilojoules. A 2°C increase in just the top two meters of the Niño3.4 region adds up to an extra 100 quadrillion kilojoules (95 quadrillion BTUs), about equal to the annual energy consumption of the U.S.!

Who’s feeling the effects?

In the U.S., the season of strongest El Niño impacts is December through March. While we’re waiting to see what the strong 2015-16 El Niño brings us, we’ll look around a few other corners of the world to see what’s happened so far.

El Niño has substantial impacts in two regions of Africa. I checked in with the Climate Prediction Center’s International Desk to see what’s been going on. In East Africa, including Ethiopia, Somalia, Kenya, Tanzania, Uganda, Burundi, and Rwanda, the primary impact season is October–December, when El Niño tends to enhance the ”short rains” rainy season (the “long rains” season, which is much less ENSO-sensitive, is March-May), leading to wetter conditions. Over the last month, rain has begun to increase across much of the area, and some flooding has been seen in Somalia. Short-term forecasts suggest the wetter conditions should continue through the next few weeks, at least.

October 2015 rainfall in Africa

Monthly precipitation departure from the long-term average during October 2015. Map by, data from the CPC ARC2

Southern Africa, including Zimbabwe, Botswana, Namibia, Angola, South Africa, Lesotho, Swaziland, and the southern half of Mozambique, tends to see a drier December–February during an El Niño. Areas of this region, especially South Africa, are very dry right now, after a failed monsoon last year. Another dry year would place more stress on water availability. You can check out recent rainfall conditions in Africa here, and see climate model forecasts for the continent here.

In a couple of short sentences, here are some huge impacts: El Niño-related dry conditions in Indonesia have set the stage for devastating fires, and the region is experiencing the greatest number of forest fires since 1997. Also, all the extra warm waters associated with this El Niño are placing heat stress on sea life, and an intense coral bleaching event is underway.

El Niños tend to enhance the hurricane season in the Pacific, and depress the Atlantic hurricane season. Phil Klotzbach of Colorado State University had this to say about the wild Pacific hurricane season: “So far this year, there have been a total of 21 Category 4 and 5 storms in the North Pacific, shattering the old record of 17, set in 1997.  The North Central Pacific region (140-180W) has shattered records for most named storms, hurricanes, and major hurricanes tracking through the 140-180W region.”

According to Lindsey Long of the Climate Prediction Center, the Atlantic season has been fairly quiet, although the number of named storms has been close to average, at 11 storms so far (including Kate, which formed on Monday). The average is about 12… but the overall activity of this storm season (the combined strength and duration of all storms, measured as the Accumulated Cyclone Energy (ACE) has been less than 60% of average, and we’ve had 3 hurricanes, half the average number of 6.

We won’t know until next spring what exact impact this El Niño will have on the U.S., but it is already making its presence felt around the world.

(1) Note that CPC subtracts past 30-year “normals” from the current sea surface value to obtain the Nino-3.4 anomaly values, and the “normals” are updated every five years. Therefore, the long-term trends are removed.  These monthly values are averaged together to obtain our Oceanic Niño Index [ONI].

A couple of recent studies show that companies continue to struggle with endpoint security. This has to be a serious concern as more employees are connecting to the corporate network through multiple devices.

Let’s look at these different studies. First, last week, MeriTalk and Palo Alto Networks released the Endpoint Epidemic report, which looks at endpoint security within federal government. Government agencies are failing badly when it comes to endpoint security: 44 percent of endpoints are either unknown or unprotected, and little is being done by up to half of the agencies to do anything about it, as SC Magazine pointed out:

Just over half of federal IT managers (54 percent) responded that their current policies and standards are very effective, practical or enforceable. Further, less than half said their agency's endpoint security policies and standards are very well integrated into their overall IT security strategy. And, half said their agency isn't taking key steps to validate users and apps.


Cutter Fellow Bob Charette has been blogging over at IEEE Risk Factor for the past decade, looking at the myriad ways software projects fail. To mark that 10-year milestone, he set out to analyze what’s changed — and what hasn’t — in the area of systems development- and operations-related failures.

Bob doesn’t claim to have compiled a comprehensive “database of debacles” in Lessons From a Decade of IT Failures. Instead, he’s endeavored to bring together the “most interesting and illustrative examples of big IT systems and projects gone awry.” Be sure to spend some time with his colleague Josh Romero’s five super cool interactive visualizations of the data where you’ll:


Friday, 13 November 2015 00:00

A Tale of Design Lessons Learned

Transforming an acquired technology into a fully integrated product.

In 2014, Citrix acquired a company called ScaleXtreme, as part of our expansion into the world of enterprise SaaS solutions. ScaleXtreme was a powerful tool for automating delivery and management of IT services, and my design team was asked to redesign it to fit in with our existing products.


At the same time, we had to find a way to integrate the new product into an entirely new platform – Citrix Workspace Cloud — that was still being developed.

This was a multi-dimensional challenge — one that many companies have to deal with. Success is far from guaranteed and there are many potential pitfalls. It helps to have a clear strategy, early customer input, and most importantly teams who all work together to find the right solution.


You probably have an image in mind when you think about Godzilla versus The Blob.

Better yet, you’re probably wondering what these iconic monsters have in common with winter weather. Well, we’re not talking about your typical 1950’s monster classics.

Two major climate anomalies are taking place at the same time this year: “Godzilla” and “The Blob”. Those are the names given to two Pacific Ocean surface temperature patterns that are expected to converge later this year and into 2016 (there's also a "Son of Blob, but we'll save that for the sequel). The showdown between the two is expected to result in a more prolonged El Niño season causing even more unpredictable, potentially severe weather for the United States.

 Some experts are predicting that the concurrent timing of Godzilla and The Blob could deliver the U.S. the harshest El Niño weather event in history. The last major El Niño event was in 1997, when it was, according to some experts, a contributor to severe weather that cost billions in damages and a number of deaths. This year’s El Niño is expected to be one of the strongest in over 60 years. The “battle” between the two weather monsters can cause major implications for every region of the United States.


Individuals or groups can be nominated until January 8, 2016

As part of President Obama's Climate Action Plan and the National Fish, Wildlife & Plants Climate Adaptation Strategy, an interagency group of federal, state, and tribal agencies today announced creation of a new Climate Adaptation Leadership Award for Natural Resources.

The Award will recognize the actions of individuals and organizations that are making a difference by increasing understanding of climate impacts, adapting to and reducing threats, increasing response capabilities, and providing other innovative approaches to reducing impacts and increasing resilience in a changing climate. It will help spotlight innovative tools and actions that are making a difference now, and serve as a source of inspiration for additional efforts that advance climate smart resource conservation and management.

"Our climate is changing, and these changes are already affecting the nation's valuable wildlife and natural resources," said Michael Bean, Principal Deputy Assistant Secretary of the Interior for Fish and Wildlife and Parks. "This new Award recognizes outstanding leadership by organizations and individuals that is critical to help advance the resilience of our natural resources and the people, communities, and economies that depend on them."

Volunteers help plant native salt marsh grass as part of a 30 acre restoration of Beaver Dam Creek on Great South Bay, Long Island, New York. (Credit NOAA).

Volunteers help plant native salt marsh grass as part of a 30 acre restoration of Beaver Dam Creek on Great South Bay, Long Island, New York. (Credit NOAA)

Establishment of the Climate Adaptation Leadership Award for Natural Resources was one of the commitments announced as part of the Administration's Priority Agenda for Enhancing the Climate Resilience of America's Natural Resources in 2014.The agenda calls for a commitment across the federal government to support resilience of America's vital natural resources.

The Award also directly addresses the goals of the National Fish, Wildlife, and Plants Climate Adaptation Strategy, which was developed by a coalition of federal, state, and tribal natural resource agencies. These include:

  • Goal 1: Conserve and connect species, habitats and ecosystems;
  • Goal 2: Manage species and habitats to protect ecosystem functions and provide sustainable use;
  • Goal 3: Enhance management capacity;
  • Goal 4: Support adaptive management;
  • Goal 5: Increase knowledge and information on natural resource impacts and responses to climate change;
  • Goal 6: Increase awareness and motivate action to safeguard natural resources; and
  • Goal 7: Reduce non-climate stressors to natural resources.

"State fish and wildlife agencies serve as stewards of the nation's fish and wildlife resources," said Dave Chanda, President of the Association of Fish and Wildlife Agencies, which is helping to lead implementation of the National Fish, Wildlife, and Plants Climate Adaptation Strategy. "Today's threats to fish, wildlife, and their habitats are exacerbated by climate change and underscore the need for incorporating climate adaptation in to conservation and science-based management." Nominations will be accepted until January 8, 2016. Individuals, groups, organizations and government agencies are eligible to apply. Three to five Awards are expected to be announced in 2016.

Fish, wildlife, and plant resources provide important benefits and services to Americans every day, including jobs, income, food, clean water and air, building materials, storm protection, tourism and recreation. For example, hunting, fishing and other wildlife-related recreation contribute an estimated $120 billion to our nation's economy every year, and marine ecosystems sustain a U.S. seafood industry that supports approximately 1.7 million jobs and $200 billion in economic activity annually.

Award sponsors include the U.S. Department of the Interior, U.S. Fish & Wildlife Service, the Commerce Department's National Oceanic and Atmospheric Administration, the Natural Resources Conservation Service and the U.S. Forest Service. They will sponsor the award in collaboration with the National Fish, Wildlife, and Plants Climate Adaptation Strategy's Joint Implementation Working Group, which is composed of representatives from 21 federal, state and tribal natural resource agencies.

For more information about the Award or how to apply, please visit the Climate Adaptation Leadership Award main page.

Logo banner.

NOAA’s mission is to understand and predict changes in the Earth's environment, from the depths of the ocean to the surface of the sun, and to conserve and manage our coastal and marine resources. Join us on FacebookTwitter, Instagram and our other social media channels.

Friday, 13 November 2015 00:00

The Big Role of Physical Backup Appliances

By Jim Whelan and Christine Taylor, The Taneja Group

Virtual backup appliances (VBAs) are an instance of backup software running in a virtual machine on a general purpose server. VBAs are flexible and effective, and they are usually simple to deploy. Having said that, physical backup appliances (PBAs) have distinct advantages in several areas.

PBAs consist of a self-contained, tuned hardware platform which has everything you need to perform backups and recovery already installed on it, including compute, storage and software, making it a plug-and play-solution. Capacities generally range from under 10 TB to larger appliances offering more than 200 TB, making them attractive to customers ranging from SMBs all of the way up to the enterprise.


(TNS) - Communication broke down at all levels during a Halloween storm that flooded one MAX train and took more than a dozen trains out of commission, an internal Tri-County Metropolitan Transportation (TriMet) review concluded.

Managers and train controllers didn't know enough about the condition train operators were seeing in the field, and their orders on the day of the storm conflicted with the agencies own policies.

"It's not just the rules and procedures," said Bob Nelson, TriMet's deputy general manager. "It's how they're communicated during changing conditions."


(TNS) - The S.C. Department of Health and Environmental Control wants to bolster its beleaguered dam safety program with more money and more staff following floods last month that reignited concerns about the program’s effectiveness.

In its budget request for next year, DHEC is asking to roughly double the size of its dam safety staff as part of an overall program increase of $595,000.

If approved, the dam safety program would be as large, if not larger, than it has been during the past 20 years. The proposal includes hiring six full-time engineers and an environmental health manager, spokeswoman Jennifer Read said in an email. She said the agency now has 6.75 dam safety employees.


(TNS) - The Federal Emergency Management Agency is urging South Carolina residents affected by the flooding in October to apply for federal disaster aid before the Dec. 4 deadline.

“At this point, we want to focus on making sure people are registered and making sure people get the funds they are eligible for,” said Carl Henderson, a FEMA spokesman.

More than 82,000 people have registered with FEMA, and the agency has dispersed about $59.3 million in individual housing assistance, Henderson said.

Henderson said FEMA has made decisions on about 96 percent of the more than 65,000 housing inspections conducted so far. He said residents should not be discouraged by letters denying FEMA aid.


(TNS) - In the wake of an inmate escape, Armstrong County officials plan to give residents a first look and listen at its new public emergency alert system on Monday.

County officials and representatives from the Armstrong County 911 Center plan to demonstrate how the $28,000 system will work.

In order to receive an alert, residents must register with the county.

The notifications can come on their cellular and landline telephones, and through email and social media blasts.


Security, cloud services and systems consolidation took the top three spots in the annual National Association of State Chief Information Officers (NASCIO) survey of state CIOs’ key priorities for the coming year.

According to NASCIO officials, the yearly nationwide survey didn’t offer any major surprises, but it did highlight some of the larger trends and concerns for technology leaders in the public sector.

Darryl Ackley, NASCIO president and CIO of New Mexico, told Government Technology that the outcomes of the State CIO Priorities for 2016survey followed fairly closely with industry trends and the common issues facing government IT professionals.


In this article David Meyer examines the significant benefits but increasing risk of a shadow IT culture. He explains what an organization as a whole can do to gain control over this trend…

Shadow IT is a very real issue facing businesses of all sizes today; it encompasses every aspect of a business.  This includes day-to-day processes that employees use to complete tasks, right through to the management of IT systems. Gartner expects that by 2016, 35 percent of enterprise IT expenditure will go on shadow IT resources. While organizations are aware of the trend, they often don’t appreciate the scale of it.

With the vast volume and variety of applications that are working their way into the IT ecosystem, businesses and their IT departments are overwhelmed. Cloud applications have become so easily accessible (all workers need is a credit card) that the IT department is often ignorant of their existence. In fact, as little as 8 percent of both small and large IT companies can say they have a good understanding of the number of unmanaged cloud apps used internally by their organization. More apps expose more data, and the IT department struggles to remain compliant. Although the desire to control applications is not going to disappear any time soon, it shouldn’t restrict the innovation that shadow IT presents to organizations willing to embrace it.


Researchers from the University of North Carolina at Chapel Hill have discovered a new bat SARS-like virus that can jump directly from its bat hosts to humans without mutation. However, researchers point out that if the SARS-like virus did jump, it is still unclear whether it could spread from human to human.

The discovery, reported in the Nov. 9 issue of Nature Medicine, is notable not only because there is no treatment for this newly discovered virus, but also because it highlights an ongoing debate over the US government's decision to suspend all gain of function experiments on a variety of select agents earlier this year. The move has put a substantial standstill on the development of vaccines or treatments for these pathogens should there be an outbreak.


When an IT server goes down because its hard disk crashes, the effect is noticeable immediately. People go to their “panic stations” (or rather, their designated disaster recovery roles!) to contain and repair the damage, so that there is no lasting, significant impact on the organisation. This kind of event is sudden and unpredictable, even if it can be taken into account in disaster recovery planning. Good DR management, however, also looks at longer-term measures to reduce probabilities and impacts over time, as well as tackling day-to-day requirements.


Big Data and the Internet of Things are the two major disruptors in enterprise circles these days. Organizations need to ramp up infrastructure quickly in order to leverage the value that is locked away in massive data stores, but it needs to be done in a way that supports rapid, even real-time, results without crushing the IT budget.

This is why many enterprises are turning to the cloud: The infrastructure is already there, it’s cheap, and it is usually more state-of-the art than what is available in the on-premises data center. But with data points, cloud providers, local infrastructure and other elements distributed across wide geographic areas, how realistic is it to expect actionable data in time to take advantage of rapidly changing circumstances on the ground?

Real-time performance, of course, requires careful coordination up and down the stack, and this is a particular problem in the cloud given the variety of platforms that exist within most deployments. This is why vendors as diverse as Intel and SAP are working together on end-to-end solutions that deliver near-real-time performance at the least. The companies have integrated the Intel IoT Gateway with SAP SQL Anywhere to enable seamless data ingestion and transfer across SAP HANA deployments residing on distributed architectures. In this way, the enterprise gains a pre-integrated hardware/software solution that provides scale for security, connectivity and other functions, as well as data sync and unified management across SaaS, remote and mobile environments.


Thursday, 12 November 2015 00:00

Dell Refreshes Entry-Level Server Lineup

Dell today refreshed its line of 1u servers with an eye toward making it simpler for small organizations to preserve investments in servers as they shift from relatively simple tower servers to investing in a rack.

Based on the latest Intel Xeon E3-1200 v5 processors, Dell has added four offerings to its line of entry-level PowerEdge servers that can all be configured with DDR4 memory, which Brian Payne, executive director for Dell Server Solutions, notes is now available in enough volume to include in entry-level servers.

Also included in those Dell PowerEdge 13G Wave 4 Server offerings is a Dell PowerEdge T330 rackable tower server that comes with four DDR4 memory slots and up to eight 3.5-inch hard drives. Payne says IT organizations have the option to deploy the Dell PowerEdge T330 as a tower that can then be turned on its side to be installed later on in a rack.


(TNS) - Wisconsin lawmakers have introduced new rail safety legislation after a weekend during which two trains derailed about 200 miles apart in the state, spilling oil and chemicals.

Rep. Jill Billings, D-La Crosse, announced Tuesday that she is circulating a bill that would fund more state rail inspectors and training for first responders while requiring railroads to submit emergency prevention and response plans detailing how they would handle incidents like the derailment of a BNSF freight train Saturday morning that spilled up to 20,000 gallons of ethanol in Mississippi River backwaters near Alma.

“Derailments are becoming all too common,” Billings said while standing with about two dozen local rail safety advocates in front of BNSF tracks that were recently upgraded through the city of La Crosse to eliminate a bottleneck in the railroad’s network.


(TNS) - Glynn County Finance Committee members were all business Tuesday at the Harold Pate Building in dismissing a plan to privatize the county’s emergency medical services as a cost-saving measure.

But the proceedings were a little more dramatic for James Owenby, a Glynn County paramedic who witnessed the proceedings while bottle-feeding his toddler daughter Isabella. Owenby has been nervous about his future since May, when the Glynn County Commission first instructed county manager Alan Ours to study the prospects of contracting EMS service to a private company.

In the end, Ours determined that any potential cost savings the measure might attain would be offset by the drop in the level of both fire and EMS service to the county.


When the developed world’s economies ground to a halt during the Great Recession of 2009, large, Western-based multinational companies turned their growth-hungry eyes toward developing markets. The slow recovery that followed the recession in the U.S. and Europe did little to change this trend. In fact, according to the United Nations Conference on Trade and Development (UNCTAD), foreign direct investment in emerging markets reached a new high in 2013 of $759 billion (the most recent year for which data is available). This represented more than half the world’s estimated $1.46 trillion total outward investment flows for that year. Given this intense interest in doing business in emerging markets, FTI Consulting, a global professional services firm, conducted a survey in November and December 2014 on the character of the risks businesses face in these markets and how they attempt to mitigate them.

FTI surveyed 150 companies with revenues of more than $1 billion and business interests in developing economies, as well as interviews with 32 executives focused on compliance and risk management from those companies. Our results indicated an enormous difference between leaders (defined as companies whose self-reported losses as a percentage of revenues was in the lowest quartile, averaging 0.2%) and laggards (those in the highest quartile, with a loss rate averaging 2.2% of revenues), not only in the ways they managed overseas risk, but how they thought about it.


A new Carbonite (CARB) survey of 500 consumers revealed roughly 50 percent of respondents do not understand the difference between data storage and backup.

The survey also showed the majority of respondents leave their personal data unprotected, despite the fact that they place a "significant value" on this information.


A growing number of businesses are looking to protect themselves against the risk of data breaches and other security problems by purchasing specialist insurance, a new study has shown.

Research conducted by Veracode and the New York Stock Exchange revealed that the majority of public companies in the US have some form of cyber security insurance, Dark Reading reports.

Of these, 91 per cent of policies include protection for business interruption and data recovery expenses. Meanwhile, 54 per cent have coverage that can reimburse them for fees such as PCI fines, breach notifications and extortion, while 35 per cent of respondents say they want protection against software coding and human errors that lead to data loss.

Chris Wysopal, co-founder and chief technology officer at Veracode, said such precautions are becoming the norm in an environment where costs for rebuilding after an incident are growing. He noted that as interest in this area grows, it will be up to the cyber insurance industry to define standards and best practices for what firms can expect to be covered.

“I was surprised that 35 per cent already are [seeking] insurance for coding and human errors,” he said. “That number will increase when there’s standardisation around what that means.”

The research also found that nine out of ten executives agree that regulators should hold companies responsible for breaches if they have failed to secure their data adequately.

However, many respondents also agreed that third parties should also bear their share of responsibility in the event of a security incident. Some 90 per cent of companies say software vendors should be held liable for vulnerabilities found in their software, and 65 per cent have either already or are planning to include liability clauses in their contracts with their software suppliers.

More than half of executives at public companies expect their shareholders will demand more transparency surrounding cyber security in the coming years, with Mr Wysopal noting that boards are increasingly concerned about the brand damage that can result from a breach.

When looking for data recovery services, look for one with a track record of success. Ontrack Data Recovery services has 40,000 data recovery stories to tell every year.


I recently saw a T-shirt that said, “Data is the new bacon.” And it certainly seems that way — everyone is hungry to find, acquire and consume data, and the market is answering the call.

In the past few months, we have seen the White House launch a new Smart Cities Initiative and host a forum on citizen science and crowdsourcing. General Electric started rebranding itself as a digital company helping cities become more intelligent. My own organization, Johns Hopkins University’s Center for Government Excellence, through our partnership with Bloomberg Philanthropies’ What Works Cities program, is helping 100 mid-size cities accelerate their use of data and evidence to improve people’s lives.


(TNS) - EDITOR'S NOTE: Subway riders stranded underground. Workers trapped between floors in elevators. Streets packed with honking cars and pedestrians, some panicked, some exhilarated. And illuminating it all, only the light of the November moon.

The Great Northeastern Blackout came at the height of the evening rush hour on Nov. 9, 1965, and plunged tens of millions into darkness across the northeastern U.S. and southern Canada for hours, including New York, Boston and Toronto.

The nation had never seen a power failure of such scope before, and Cold War tensions instantly stoked fears of sabotage. In New York, the nation's communications capital, news organizations including The Associated Press were stymied in finding out what happened and in getting the word out to the public.

It was soon established that problems with the electrical grid caused the blackout, the first large-scale realization of infrastructure worries that would resurface in major blackouts in 1977 and again in 2003.


The return on investment of business continuity

What is the value of business continuity? Sure if you have a crisis and the world starts collapsing around you then there could be some benefit – having a plan is place would help you work through the worst of the disruption and continue to operate in as normal a way as possible. But what if you don’t have a crisis, what if your business is ticking along just fine, is there any value to business continuity then? Is there a return on investment?

That is the theme for Business Continuity Awareness Week 2016, as selected by those working in the profession when asked for their ideas following BCAW2015.

Perhaps your insurance premiums have been reduced? Maybe you’ve been getting more business coming your way because you’re seen as a reliable customer? Or possibly through all your BC planning you have discovered some inefficiencies within your organisation that could be removed and therefore save you money?

There are many ways that investing in BC can prove to be a good investment, so if you have other suggestions then please do get in touch by emailing This email address is being protected from spambots. You need JavaScript enabled to view it. at the Business Continuity Institute Central Office. If you would like to write a blog, host a webinar, publish a paper or support BCAW in any other way then also get in touch. The more resources we have, the more we are able to raise awareness of the importance of BC.

BCAW2016 takes place between the 16th and 20th May 2016.

Wednesday, 11 November 2015 00:00

Supply Chain Resilience Report published

Nearly one in ten organizations are not aware of who their key suppliers are, leaving them open to severe disruption as they are unable to manage their supply chain effectively. That is according to a new report published by the Business Continuity Institute and supported by Zurich Insurance Group.

The Supply Chain Resilience Report highlighted that seven in ten organizations admit to not having visibility over their full supply chain, and as the survey also revealed that half of disruptions occur below the preliminary tier 1 supplier of goods, this makes it extremely difficult to establish where an organization lies within its suppliers’ priorities.

This could have major consequences when it comes to managing the supply chain and ensuring that disruptions are minimised, which is particularly important given that the report also found that 74 percent of organizations had suffered at least one disruption during the previous twelve months and that 14 percent had suffered cumulative losses of at least €1 million as a result.

Other findings of the report include:

  • Unplanned IT and telecommunications outage (64 percent), cyber attack and data breach (54 percent) and adverse weather (50 percent) are the top three causes of supply chain disruption. New entries to the top ten are: product quality incident (8th), business ethics incident (9th) and lack of credit (10th).
  • The top five impacts of disruption are loss of productivity (58 percent), customer complaints (40 percent), increased cost of working (39 percent), loss of revenue (38 percent) and impaired service outcomes (36 percent).
  • One third (33 percent) of respondents report high top management commitment to supply chain resilience, increasing from 29 percent last year.
  • 68 percent of respondents report having business continuity arrangements in place to deal with supply chain disruptions.

Obtain the report after registration here.

Wednesday, 11 November 2015 00:00

The BCI presents its annual Global Awards

The Business Continuity Institute’s Global Awards were presented at a Gala Dinner in London on the 10th November 2015. The Awards recognise the outstanding achievements of business continuity and resilience professionals. 

This year’s winners were:

Continuity and Resilience Consultant 
Chris Needham-Bennett MBCI

Continuity and Resilience Professional (Private Sector) 2015 
Abdulrahman Alonaizan MBCI

Continuity and Resilience Professional (Public Sector) 2015
David Porter AMBCI

Continuity and Resilience Team 
ETS Enterprise Resiliency Department, Educational Testing Service

Continuity and Resilience Provider ( Service/product) 2015
Linus Information Security Solutions – Linus Revive

Continuity and Resilience Innovation
Send Word Now

Most Effective Recovery

Continuity and Resilience Newcomer 
Jacqueline Howard AMBCI

Industry Personality
Louise Theunissen FBCI.

More details.


SACRAMENTO, Calif. – If Lake and Calaveras County residents receive a letter from the Federal Emergency Management Agency saying they are not eligible for disaster assistance, it is important that they read the letter carefully and then contact FEMA if they have questions or need assistance making an appeal.

The appeal must be postmarked within 60 days of the date on the FEMA letter, not the date received. FEMA will help survivors make an appeal.

Survivors can call 800-621-FEMA (3362) or TTY 800-462-7585. For 711 or video relay service, call 800-621-3362. They can also visit a Disaster Recovery Center (DRC). To locate the nearest center, call FEMA or go online to

A direct telephone hotline is operational to process any requests from survivors who may need additional assistance: 916-381-0330; for TTY, call 711.

The FEMA letter will explain the reason an applicant was determined to be ineligible and what additional information he or she needs to provide or how FEMA’s decision can be appealed.

Some of the reasons for an initial turn down can be easily remedied with more information such as:

  • Calling or writing to FEMA when a final insurance settlement is agreed upon.
  • Providing proof of ownership or residence, especially documents showing the damaged property was the primary residence at the time of the disaster.
  • Returning a completed U.S. Small Business Administration disaster loan application.
  • Signing essential documents.

Survivors can ask for a review of the amount or type of help provided or any other decision about federal disaster assistance if they appeal the agency’s decision within 60 days of the date on the FEMA letter. Many issues can be resolved if applicants follow up with updated information or documentation.

When appealing a decision, applicants should explain in writing why they disagree with a decision along with any new or additional documents supporting the appeal.

Appeal letters should include:

  • Federal disaster declaration number ‘DR-4240-CA’ on all pages of documents.
  • Applicant information, including:
    • Nine-digit FEMA application number on all pages of documents
    • Name
    • Date and place of birth
    • Address of the damaged dwelling
  • Copies of verifiable documentation supporting the appeal. All receipts, bills and estimates must include contact information for the service provider. Applicants should keep all originals for their records.
  • Copy of a driver license or state-issued identification card showing the residence address is the same as the damaged property.
  • If a driver’s license or state-issued identification card is not available, an alternative is to have the appeal letter notarized with the following statement included: “I hereby declare under penalty of perjury that the foregoing is true and correct.”
  • The applicant’s signature.

Mail the appeal letter to:

National Processing Service Center
P.O. Box 10055
Hyattsville, MD  20782-7055

Applicants may fax the appeal letter to: 800-827-8112, Attention: FEMA

It is important to have appeal letters postmarked within 60 days of the date on the decision letter. 

Call 800-621-FEMA (3362) or TTY 800-462-7585. For 711 or video relay service, call 800-621-3362. For more information go to Even easier is visiting one of the three FEMA disaster recovery centers (DRC).

All three Disaster Recovery Centers will be open on Veterans Day, Wednesday, Nov. 11, with normal business hours, 8 a.m. to 5 p.m. To locate the nearest DRC, go to

Survivors can apply for FEMA assistance online at or by calling 800-621-3362; TTY 800-462-7585711 or Video Relay Service (VRS), call 800-621-3362. Registration continues through Monday, Nov. 23.

For more information on California’s wildfire recovery, visit: or and follow us on Twitter @femaregion9 and at

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). If you have a speech disability or hearing loss and use a TTY, call 800-462-7585 directly; if you use 711 or Video Relay Service (VRS), call 800-621-3362.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who are referred to SBA for a disaster loan must apply to be eligible for additional FEMA assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

Enterprise data loads have been growing more diverse for some time. These days, organizations are routinely juggling traditional workflows, mobile and cloud-facing applications, high-speed transactional data, and even a smattering of Big Data-style analytics.

It’s no surprise, then, that the x86 architecture’s hold on enterprise data infrastructure is starting to crack. But while new technologies like the ARM architecture are normally cited as the main challenger to the traditional CPU, the fact is that diverse data requirements are leading to equally diverse chip technologies, ushering in the rather unpleasant specter of multi-processor hardware environment in the not-too-distant future.

A case in point is the graphics processing unit (GPU), which is not only showing prowess outside of its traditional video game and image processing fields but is in fact taking on some of the toughest assignments that the enterprise has to offer. Google recently open sourced its TensorFlow artificial intelligence engine that relies on GPUs for both the learning aspects of the system and for service delivery, says Wired’s Cade Metz. This is significant in that GPUs would naturally lend themselves to the image-related tasks of AI, such as facial recognition, but Google is aiming at greater efficiency on the execution side as well, which is likely to become more complex as data points and client devices become increasingly diverse and distributed.


In today’s fast-paced world of news aggregators, abstracts and weekly email digests, many of us rarely take the time to read past the headlines. We’ll see the entry, “Cloud IT Infrastructure Will Skyrocket to $54.6 Billion in 2019,” but we miss all of the details that actually create the story and that can make a real impact on our businesses.

I recently moderated a panel discussion at VMworld U.S. with some of the top industry experts in the cloud space as panelists. The insights they shared can be true game-changers for cloud service provider partners. They looked beyond the headlines--and discussed key details including how increasing percentages of enterprise IT spend are being directed at cloud, according to a recent IDC survey on worldwide cloud adoption. They analyzed the evolution of IT roles within an organization and shared the importance of consumers doing their homework.


Wednesday, 11 November 2015 00:00

FEMA to Evaluate Readiness of Pennsylvania

PHILADELPHIA – The Federal Emergency Management Agency (FEMA) will evaluate a Biennial Emergency Preparedness Exercise at the Limerick Generating Station. The exercise will occur during the week of November 16th, 2015 to assess the ability of the Commonwealth of Pennsylvania to respond to an emergency at the nuclear facility.

“These drills are held every other year to evaluate government’s ability to protect public health and safety,” said MaryAnn Tierney, Regional Administrator for FEMA Region III. “We will assess state and local emergency response capabilities within the 10-mile Emergency Planning Zone as well as the adjacent support jurisdictions within the Commonwealth of Pennsylvania.”

Within 90 days, FEMA will send its evaluation to the Nuclear Regulatory Commission (NRC) for use in licensing decisions. The final report will be available to the public approximately 120 days after the exercise.

FEMA will present preliminary findings of the exercise in a Public Briefing at 11:00 a.m. on November 20th at Courtyard Valley Forge/Collegeville, 600 Campus Drive, Collegeville, PA 19426.  Scheduled speakers include representatives from FEMA, NRC, and the Commonwealth of Pennsylvania.

At the public meeting, FEMA may request that questions or comments be submitted in writing for review and response. Written comments may also be submitted after the meeting by emailing This email address is being protected from spambots. You need JavaScript enabled to view it. or by mail to:

MaryAnn Tierney

Regional Administrator


615 Chestnut Street, 6th Floor

Philadelphia, PA 19106

FEMA created the Radiological Emergency Preparedness (REP) Program to (1) ensure the health and safety of citizens living around commercial nuclear power plants would be adequately protected in the event of a nuclear power plant accident, and (2) inform and educate the public about radiological emergency preparedness.

REP Program responsibilities cover only “offsite” activities, that is, state and local government emergency planning and preparedness activities that take place beyond the nuclear power plant boundaries. Onsite activities continue to be the responsibility of the NRC.

Additional information on FEMA’s REP Program is available online at

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards. FEMA Region III’s jurisdiction includes Delaware, the District of Columbia, Maryland, Pennsylvania, Virginia and West Virginia. Stay informed of FEMA’s activities online: videos and podcasts are available at and Follow us on Twitter at


Thanks for tuning in to this week’s analyst spotlight podcast with researcher Kelley Mak! Kelley’s research concentrates on threat and vulnerability management, web content security, email security and overall trends in security architecture and operations. Kelley is currently working side by side with Rick Holland on a Forrester Wave on advanced malware analysis solutions. Prior to his role as a researcher, Kelley was a senior research associate on Forrester's Security & Risk team. In that role, he conducted research on network and data security adoption trends, benchmarks, and organizational models. Prior to Forrester, Kelley worked in the Boston College Department of Physics lab studying the electromagnetic properties of metamaterials.

Kelley Mak Image

Kelley earned a B.S. in Physics and Philosophy from Boston College. You can catch him at numerous industry events such as the RSA Conference and Black Hat. Check out the link below to listen to Kelley discuss trends he’s seeing in vulnerability management and some interesting moves by legacy and startup players in the space.


Wednesday, 11 November 2015 00:00

FEMA: Severe Weather Mid-Week: Get Ready Now

CHICAGO – With an ominous Wednesday forecast for most of the central U.S. that includes severe storms, heavy rains, strong winds and the possibility of tornadoes, the U.S. Department of Homeland Security’s Federal Emergency Management Agency (FEMA) Region V encourages everyone to get prepared.

“Even though temperatures are dropping as we approach the winter months, severe storms are still a risk,” said FEMA Region V Administrator Andrew Velasquez III. “Now is the time to make sure your family knows what to do to stay safe, and verify your mobile phone is enabled to receive Wireless Emergency Alerts to warn you of extreme weather and other emergencies in your area.”

Individuals living throughout Illinois and Indiana, southern Wisconsin and western Ohio should follow the instructions of state and local officials and listen to local radio or TV stations for updated emergency information related to this storm system. Purchasing a weather radio for your home is another way to ensure that you receive critical warning information. If a warning is issued, get indoors, and move to the center of an interior room on the lowest level (closet, interior hallway) away from corners, windows, doors, and outside walls.

Find valuable tips to help you prepare for severe storms at and download the free FEMA app, available for your Android, Apple or Blackberry device. Visit the site or download the app today so you have the information you need to prepare for severe weather.

FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Follow FEMA online at,, and  Also, follow Administrator Craig Fugate's activities at The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.

(TNS) - As rain and snow fell near Shingletown, in Northern California, dozens of hardy souls bundled up in warm clothing Monday morning for a field tour with fire prevention and fire management on their minds.

Nearly 40 people, including Shasta County Supervisor Les Baugh, gathered for the tour showcasing the importance of constructing and maintaining fuel breaks.

“You’re really not getting anywhere if they are not maintained,” said John Dobson, a landscape specialist for the state Department of Transportation. “That’s the key.”


(TNS) - South Carolina’s tourism industry lost roughly $35 million because of last month’s historic flooding, the head of the state’s tourism agency told a panel of state senators Monday.

That will result in a loss of roughly $4 million in state and local tax revenue, S.C. Parks Recreation and Tourism director Duane Parrish told senators, tasked with determining how to pay for flood damage.

The tourism loss was due to hotel cancellations along the coast, Parrish said. Hotels in West Columbia and Lexington fared well during the flooding as out-of-town officials, responding to the flooding, stayed at hotels in those areas.


(TNS) - The Federal Emergency Management Agency is encouraging Californians to buy flood insurance before El Niño hits, even if they live in low- to moderate-risk areas where it’s not required by lenders.

“If there was ever a time to buy flood insurance, this is the time,” Roy Wright, FEMA’s deputy associate administrator for insurance and mitigation, said at a press conference last month.

FEMA is hardly unbiased, since it runs the National Flood Insurance Program, which sells to property owners and renters through insurance agents. “If more people buy flood insurance, it gets cheaper for people in the high-risk areas,” said Matthew Nielsen, a senior director with risk modeling firm RMS.

National flood insurance takes effect 30 days after it is purchased, with only a few exceptions.


Wednesday, 11 November 2015 00:00

BCI: Driving blindfold into disaster

Driving blindfold into disaster

Nearly one in ten organizations are not aware of who their key suppliers are, leaving them open to severe disruption as they are unable to manage their supply chain effectively. That is according to a report published today by the Business Continuity Institute and supported by Zurich Insurance Group.

The Supply Chain Resilience Report highlighted that seven in ten organizations admit to not having visibility over their full supply chain, and as the survey also revealed that half of disruptions occur below the preliminary tier 1 supplier of goods, this makes it extremely difficult to establish where an organization lies within its suppliers’ priorities.

This could have major consequences when it comes to managing the supply chain and ensuring that disruptions are minimised, which is particularly important given that the report also found that 74% of organizations had suffered at least one disruption during the previous twelve months and that 14% had suffered cumulative losses of at least €1 million as a result.

Other findings of the report include:

  • Unplanned IT and telecommunications outage (64%), cyber attack and data breach (54%) and adverse weather (50%) are the top three causes of supply chain disruption. New entries to the top ten are: product quality incident (8th), business ethics incident (9th) and lack of credit (10th).
  • The top five consequences of disruption are loss of productivity (58%), customer complaints (40%), increased cost of working (39%), loss of revenue (38%) and impaired service outcomes (36%).
  • One third (33%) of respondents report high top management commitment to supply chain resilience, increasing from 29% last year.
  • About 7 out of 10 respondents (68%) report having business continuity arrangements in place to deal with supply chain disruptions.

Patrick Alcantara DBCI, Senior Research Associate at the BCI and author of the report, commented: “Recent incidents have shown us how supply chain disruptions can negatively impact an organization’s bottom line, reputation and resilience. This year’s Supply Chain Resilience Report demonstrates how good practice can mitigate the worst effects of these disruptions. With findings consistently showing top management commitment as a key enabler of supply chain resilience, we encourage business leaders to take a closer look at their supply chains and champion good practice across their organizations.

Nick Wildgoose, Global Supply Chain Product Leader at Zurich Insurance Group, commented: “Through our work with customers in this area, we have found that increasing visibility along supply chains and resilience are major sources of competitive advantage. Top management leadership is the key to overcoming silo thinking about supply chains within an organisation.

Now into its seventh year, the annual Supply Chain Resilience Report represents a long-standing working partnership between the BCI, Zurich Insurance Group and CIPS (Chartered Institute of Purchasing and Supply). It is now an influential and go-to industry resource that tracks the origins, causes and consequences of supply chain disruption across industry sectors and regions worldwide, as well as the overall evolution of risk. For example, the report has highlighted the greater risk of multi-tier exposure as well as simple direct supply chain exposure.

Likewise, Zurich’s involvement has helped reinforce the emergence of threats beyond just the physical to the less tangible risks, such as cyber risk. The report continues to benchmark business continuity arrangements in one place - including the uptake of insurance - in different organizations and is one of the most comprehensive, practitioner-led studies in the field. The BCI, Zurich Insurance Group, and CIPS involvement in previous surveys has and will continue to provide organisations with the much-needed critical insights and valuable information to support the development of appropriate strategic responses and approaches to mitigate the impact and consequences of disruptions within their supply chains.

A new study published today identifies a set of features common to all ocean ecosystems that provide a visual diagnosis of the health of the underwater environment coastal communities rely on. Together, the features detail cumulative effects of threats — such as overfishing, pollution, and invasive species — so responders can act quickly to increase ocean resilience and sustainability.

“Until now, we’ve had to look at the condition of different species and habitats individually. Having an easy-to-adopt approach that gives us a good idea of what is happening to the ecosystem as a whole — not just a piece of it — and anywhere on the planet, is a giant leap forward in managing marine ecosystems,” said Richard Merrick, Ph.D., NOAA Fisheries director of scientific programs and chief science advisor. “It’s similar to giving a doctor the ability to look at a person’s whole body and treat an illness, not just its symptoms.”

Scientists incorporate satellite imagery, fishery surveys, and landings data — among other things — to produce a visual image of the patterns in the food chain of the ecosystem. These patterns show when there is a problem. Scientists can also use the data in reverse to see how an ecosystem is recovering after a threat is reduced.

“For example, this discovery gives us an easier way to understand how an ecosystem is recovering after an oil spill,” said Jason Link, lead author of the study and NOAA Fisheries senior scientist for ecosystem management. “The information will be especially useful as climate change and ocean acidification continue to alter our environment in unpredictable ways.”

The study is published in Trends in Ecology and Evolution. Although a NOAA Fisheries scientist is the lead author, this study is a collaborative effort by a team of researchers representing institutions in six different countries. For more on ecosystem-based fisheries management, please visit the NOAA Fisheries website on this topic

NOAA’s mission is to understand and predict changes in the Earth's environment, from the depths of the ocean to the surface of the sun, and to conserve and manage our coastal and marine resources. Join us on FacebookTwitterInstagram and our other social media channels.

SACRAMENTO, Calif. – The deadline is Nov. 23, 2015, to register with the Federal Emergency Management Agency for disaster assistance and to apply to the U.S. Small Business Administration for low-interest, long term disaster loans.

FEMA’s Disaster Recovery Centers in Calaveras and Lake counties will maintain normal operating hours on Veterans Day, Wednesday, Nov. 11. At the centers, disaster survivors can register for FEMA disaster assistance, apply for an SBA loan, and discuss recovery issues with representatives of various organizations and agencies. DRC hours are 8 a.m. to 6 p.m. weekdays and 9 a.m. to 4 p.m. Saturdays. DRC locations can be found at

Even if you think you were fully insured against the devastating wildfires, it is important to register with FEMA and also submit an initial SBA online loan application by the Nov. 23 deadline just in case your insurance later turns out to be inadequate.

Once registered with FEMA, an application for assistance can remain open for up to a year from the declaration date – until Sept. 23, 2016 – pending final resolution of insurance coverage.

Survivors also can finalize a preliminary SBA loan application after the Nov. 23 deadline, as long as the initial application has been submitted by that date.

So far, 3,598 individuals and households have contacted FEMA for assistance and information: 1,092 in Calaveras County and 2,506 in Lake County.

More than $10.4 million has been authorized to date by FEMA for individuals and households. That amount includes nearly $6.9 million for Housing Assistance and more than $3.5 million for Other Needs Assistance, such as replacement of damaged or destroyed medical equipment, clothing, essential furnishings, appliances and even an automobile.

To date, 2,763 damaged or destroyed homes, 99 percent of the total, have been examined by FEMA’s inspection services.

The SBA has approved more than $12.8 million in disaster loans to businesses, private nonprofits, homeowners and renters. That includes $11.5 million to homeowners and renters and $1.3 million to businesses and private nonprofits for both physical damages and Economic Injury Disaster Loans.

Small businesses and most private nonprofit organizations have until June 22, 2016, to apply for Economic Injury Disaster Loans only.

FEMA refers most survivors to the SBA for long term disaster recovery loans. Those applicants should complete an SBA loan application, even if they feel they cannot afford or do not want a loan. SBA disaster loans are part of the federal assistance process. Accepting an SBA loan is not required, but submitting that application may trigger additional grant assistance through FEMA’s Other Needs Assistance program, which is administered by the state of California.

Survivors can apply for FEMA assistance online at or by calling 800-621-3362; TTY 800-462-7585711 or Video Relay Service (VRS), call 800-621-3362. Registration continues through Saturday, Nov. 23.

A direct telephone hotline is operational to process any requests from survivors who may need additional assistance: 916-381-0330, for TTY, call 711.

For more information on California’s wildfire recovery, visit: or and follow us on Twitter @femaregion9 and at

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). If you have a speech disability or hearing loss and use a TTY, call 800-462-7585 directly; if you use 711 or Video Relay Service (VRS), call 800-621-3362.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who are referred to SBA for a disaster loan must apply to be eligible for additional FEMA assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

The SBA is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. SBA helps businesses of all sizes, private non-profit organizations, homeowners and renters fund repairs or rebuilding efforts and cover the cost of replacing lost or disaster-damaged personal property. These disaster loans cover losses not fully compensated by insurance or other recoveries and do not duplicate benefits of other agencies or organizations. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing This email address is being protected from spambots. You need JavaScript enabled to view it., or visiting SBA’s website at Deaf and hard-of-hearing individuals may call 800-877-8339.

I made the investment of time and money to come to London this week for the BCI World Conference. I have to admit that I surprised myself with this as my 2013 visit was not truely valuable.

However today has almost made the whole trip worthwhile – and there is still the Gala Dinner and tomorrow to go!

The day started with a great keynote by Baroness Eliza Manningham-Buller, former head of Britain’s MI5 from 2002-2007. Her presentation offered useful insights into leading in difficult circumstances. Some great ideas about honesty when you don’t know something, praising and thanking people and not taking everything too seriously. What a great idea if we could make BC fun at times!


Tuesday, 10 November 2015 00:00

BCI: Driving blindfold into disaster

Driving blindfold into disaster
Ineffective management of supply chains is leaving organizations open to severe disruptions and the high financial costs incurred as a result

CAVERSHAM, UK – Nearly one in ten organizations are not aware of who their key suppliers are, leaving them open to severe disruption as they are unable to manage their supply chain effectively. That is according to a report published today by the Business Continuity Institute and supported by Zurich Insurance Group.

The Supply Chain Resilience Report highlighted that seven in ten organizations admit to not having visibility over their full supply chain, and as the survey also revealed that half of disruptions occur below the preliminary tier 1 supplier of goods, this makes it extremely difficult to establish where an organization lies within its suppliers’ priorities.

This could have major consequences when it comes to managing the supply chain and ensuring that disruptions are minimised, which is particularly important given that the report also found that 74% of organizations had suffered at least one disruption during the previous twelve months and that 14% had suffered cumulative losses of at least €1 million as a result.

Other findings of the report include:

  • Unplanned IT and telecommunications outage (64%), cyber attack and data breach (54%) and adverse weather (50%) are the top three causes of supply chain disruption. New entries to the top ten are: product quality incident (8th), business ethics incident (9th) and lack of credit (10th).
  • The top five consequences of disruption are loss of productivity (58%), customer complaints (40%), increased cost of working (39%), loss of revenue (38%) and impaired service outcomes (36%).
  • One third (33%) of respondents report high top management commitment to supply chain resilience, increasing from 29% last year.
  • About 7 out of 10 respondents (68%) report having business continuity arrangements in place to deal with supply chain disruptions.

Patrick Alcantara DBCI, Senior Research Associate at the BCI and author of the report, commented: “Recent incidents have shown us how supply chain disruptions can negatively impact an organization’s bottom line, reputation and resilience. This year’s Supply Chain Resilience Report demonstrates how good practice can mitigate the worst effects of these disruptions. With findings consistently showing top management commitment as a key enabler of supply chain resilience, we encourage business leaders to take a closer look at their supply chains and champion good practice across their organizations.

Nick Wildgoose, Global Supply Chain Product Leader at Zurich Insurance Group, commented: “Through our work with customers in this area, we have found that increasing visibility along supply chains and resilience are major sources of competitive advantage. Top management leadership is the key to overcoming silo thinking about supply chains within an organisation.

Now into its seventh year, the annual Supply Chain Resilience Report represents a long-standing working partnership between the BCI, Zurich Insurance Group and CIPS (Chartered Institute of Purchasing and Supply). It is now an influential and go-to industry resource that tracks the origins, causes and consequences of supply chain disruption across industry sectors and regions worldwide, as well as the overall evolution of risk. For example, the report has highlighted the greater risk of multi-tier exposure as well as simple direct supply chain exposure.

Likewise, Zurich’s involvement has helped reinforce the emergence of threats beyond just the physical to the less tangible risks, such as cyber risk. The report continues to benchmark business continuity arrangements in one place - including the uptake of insurance - in different organizations and is one of the most comprehensive, practitioner-led studies in the field. The BCI, Zurich Insurance Group, and CIPS involvement in previous surveys has and will continue to provide organisations with the much-needed critical insights and valuable information to support the development of appropriate strategic responses and approaches to mitigate the impact and consequences of disruptions within their supply chains.


  • Download a full copy of the report by clicking here.
  • Note to the online survey: 537 respondents were from 67 countries working in 14 SIC industry sectors. Approximately a third were from Europe and a third from North America.

About the Business Continuity Institute

Founded in 1994 with the aim of promoting a more resilient world, the Business Continuity Institute (BCI) has established itself as the world’s leading Institute for business continuity and resilience. The BCI has become the membership and certifying organization of choice for business continuity and resilience professionals globally with over 8,000 members in more than 100 countries, working in an estimated 3,000 organizations in the private, public and third sectors.

The vast experience of the Institute’s broad membership and partner network is built into its world class education, continuing professional development and networking activities. Every year, more than 1,500 people choose BCI training, with options ranging from short awareness raising tools to a full academic qualification, available online and in a classroom. The Institute stands for excellence in the resilience profession and its globally recognised Certified grades provide assurance of technical and professional competency. The BCI offers a wide range of resources for professionals seeking to raise their organization’s level of resilience, and its extensive thought leadership and research programme helps drive the industry forward. With approximately 120 Partners worldwide, the BCI Partnership offers organizations the opportunity to work with the BCI in promoting best practice in business continuity and resilience.

The BCI welcomes everyone with an interest in building resilient organizations from newcomers, experienced professionals and organizations. Further information about the BCI is available at

About Zurich Insurance Group

Zurich Insurance Group (Zurich) is a leading multi-line insurer that serves its customers in global and local markets. With more than 55,000 employees, it provides a wide range of general insurance and life insurance products and services. Zurich’s customers include individuals, small businesses, and mid-sized and large companies, including multinational corporations, in more than 170 countries. The group is headquartered in Zurich, Switzerland, where it was founded in 1872. The holding company, Zurich Insurance Group Ltd (ZURN), is listed on the six Swiss exchange and has a Level I American Depositary Receipt (ZURVY) program, which is traded over-the-counter on OTCQX. Further information about Zurich is available at

Tuesday, 10 November 2015 00:00

Is It Time to Ditch the Storage Array?

With all the changes taking place in and around data infrastructure, IT executives are in a quandary as to how to allocate their budgets. Do you lower capital costs by investing more heavily in the cloud? Do you shore up your own data center? And if so, where?

A major conundrum is storage. Bulky disk-based arrays have long been the mainstay of the data center. Indeed, much of the surrounding network and service architectures are designed to take advantage of a discrete, centralized storage pool. But with cloud storage, advanced memory architectures and the movement toward integrated, modular compute/storage appliances, many enterprises are caught between the desire to implement better, faster storage and the need to leverage expensive but still perfectly functional storage systems.

Disk storage in particular is becoming increasingly difficult to justify, says Enterprise Storage Forum’s Drew Robb, since it no longer provides the performance required of modern production environments but isn’t as effective at long-term storage and archiving as tape. Disk shipments, in fact, have been dropping since 2011, and Flash is already starting to eclipse 15k SAS and Fibre Channel solutions. With trends like mobile computing, hyperscale infrastructure and the de-emphasis of the local data center as a primary resource gaining momentum, it seems less likely that disk will contribute to overall data productivity in any significant way in the coming decades.


As companies increasingly rely on the public cloud as a mainstay of their IT infrastructures, it’s essential not to lose sight of the realities surrounding public cloud adoption. A great deal of work must be done before organizations will have the clarity they need around efficiently managing and maintaining control of those public cloud environments, a new survey has found.

The survey of 1,600 IT professionals worldwide, released last week, was commissioned by ScienceLogic, a hybrid IT monitoring software provider in Reston, Va. While public cloud adoption is expected to continue to grow at a rapid pace, it’s clear that many organizations still aren’t on board. The survey found that:


A majority of firms in Latin America (66%) have developed a risk management policy and, of those, 70% make sure that the policy is known throughout the organization. From these numbers, it is clear that risk management and enterprise risk management practices have made significant progress in Latin America, according to a joint survey by Marsh Risk Consulting and RIMS of businesses from 15 countries in the region.

But while risk management programs are in place at a majority of organizations in Latin America, much more can be done. Only 42% of respondents reported that their organization’s boards are involved with risk management. What’s more, just 21% of respondents said their risk management programs are integrated with strategic planning.


When evaluating the top 10 critical success factors that will determine who wins and loses in the Age of the Customer in 2016, it comes as no surprise that privacy is one of them. In fact, privacy considerations and strategy augments all of the 10 critical factors to drive business success in the next 12 months.


So, what does this mean for businesses moving forward?


In 2016, privacy strategy can no longer merely focus on aligning with compliance requirements. Forward-thinking organizations will take their privacy strategy a step further: they will seize the opportunity to champion privacy to build trusted customer relationships and drive business growth.


(TNS) - There’s no telling if the newest CASA radar would have helped see the tornado that formed Thursday in north Fort Worth — but the extra set of eyes certainly couldn’t have hurt.

If it had been operational last Thursday, North Texas’ sixth CASA, short for Collaborative Adaptive Sensing of the Atmosphere, would have been the closest radar to where the tornado touched down.

“We don’t know if it would have helped, but theoretically it might have allowed us to see something sooner,” said Tom Bradshaw, meteorologist in charge at the National Weather Service Forecast Office in Fort Worth.


Monday, 09 November 2015 00:00

BCI: Lack of resilience in the retail sector

Lack of resilience in the retail sector

Many retailers are leaving themselves open to the high financial and reputational cost of disruption by not investing in business continuity

CAVERSHAM, UK – More than one in five retail organizations do not have a formal business continuity policy in place. That is according to report published today by the Business Continuity Institute and supported by the Retail Business Continuity Association.

The Retail Resilience Report also highlighted that, of those that do have a policy in place, less than half have Key Performance Indicators attached, making it difficult to assess whether the policy is effective. With retailers being at the frontline of modern society where sales can be made or lost in an instant, it is perhaps more important for retailers to have plans in place to manage disruption.

Some of the other findings in the report include:

  • Less than one in ten respondents (9%) claimed their organization was certified to ISO22301, the international standard for business continuity management, although 43% claimed to align to it.
  • Nearly a quarter of respondents (22%) stated they had not conducted a formal Business Impact Analysis, a fundamental part of business continuity management as it provides the data from which appropriate continuity strategies can be developed.
  • Nearly one in ten respondents (9%) admitted that their organization did not have a formal IT Disaster Recovery Plan, while 12% claimed it was still in development.
  • Fires are the number one concern for organizations (63%), closely followed by human illness (62%), cyber attacks (51%) and physical security (51%). 16%, 9%, 12% and 9% of respondents claim to have invoked their business continuity plans due to these threats materialising.

The report underscores the need to get continuity and resilience at the heart of the agenda for retailers, yet there are existing challenges in communicating the value proposition of resilience. There is a need to promote metrics that allow top management to sense the urgency of driving resilience within their organizations.

Patrick Alcantara DBCI, Senior Research Associate at the Business Continuity Institute and author of the report, commented: “The BCI acknowledges the RBCA’s efforts in building resilience across the retail industry through this pioneering study. We believe that it is important for BC and resilience practitioners across different sectors to obtain relevant, industry-specific data that benchmarks their performance and adds value to their practice. This report is an excellent contribution to the retail industry and we encourage other sectors to follow suit.

John Frost MBCI, Head of Business Continuity at Marks and Spencer and Chairman of the RBCA, commented: “The RBCA have been overwhelmed by the number of retailers from across the world that chose to take part in this survey. The results have given Retail Business Continuity and Resilience professionals the ability to benchmark their activities against their peer group for the first time. This visibility will assist with those all-important conversations with Top Management by offering credible evidence and industry comparisons. We would like to thank the BCI for providing their expertise and support for this first survey of its kind, and of course all those who took part. We look forward to developing and improving the survey in the future with the BCI, and supporting our fellow professionals from around the world in developing their retail resilience capability.

Retail organizations depend heavily on technology in building resilience. This may introduce considerable risks and points of failure. Retail business continuity professionals must be aware of this in implementing an agile, holistic and responsive programme lifecycle. Developing relevant competencies within the team is imperative given an evolving retail industry landscape. Retail professionals understand how agility is a competitive advantage in an industry considerably influenced by market trends, rapidly changing tastes and fickle consumer behaviour. Building resilience therefore requires building skills sets among professionals in the ‘protective disciplines’ such as BC that enable them to respond to this context.

For more information please contact the Senior Communications Manager at the Business Continuity Institute – Andrew Scott CBCI – by emailing This email address is being protected from spambots. You need JavaScript enabled to view it. or by phoning 0118-947-8241.


  • Download a full copy of the report by clicking here.
  • Note to the online survey: 104 respondents were from 26 countries.

About the Business Continuity Institute

Founded in 1994 with the aim of promoting a more resilient world, the Business Continuity Institute (BCI) has established itself as the world’s leading Institute for business continuity and resilience. The BCI has become the membership and certifying organization of choice for business continuity and resilience professionals globally with over 8,000 members in more than 100 countries, working in an estimated 3,000 organizations in the private, public and third sectors.

The vast experience of the Institute’s broad membership and partner network is built into its world class education, continuing professional development and networking activities. Every year, more than 1,500 people choose BCI training, with options ranging from short awareness raising tools to a full academic qualification, available online and in a classroom. The Institute stands for excellence in the resilience profession and its globally recognised Certified grades provide assurance of technical and professional competency. The BCI offers a wide range of resources for professionals seeking to raise their organization’s level of resilience, and its extensive thought leadership and research programme helps drive the industry forward. With approximately 120 Partners worldwide, the BCI Partnership offers organizations the opportunity to work with the BCI in promoting best practice in business continuity and resilience.

The BCI welcomes everyone with an interest in building resilient organizations from newcomers, experienced professionals and organizations. Further information about the BCI is available at

About the Retail Business Continuity Association

The RBCA was established to assist all business continuity personnel in the retail industry to share views, experiences, and information to the benefit of the sector. The aim of the RBCA is to create a community within which competition issues are set aside for the good of the retail industry at large with a vision to become a resource centre representing all retailers large or small across all sectors and multi government agencies. The core objectives are to: identify and assess the threats and risks to business as usual in retail; promote effective retail business continuity to manage and mitigate the most serious threats and risks; share intelligence and retail business continuity data, information, experience and best practice; recognise and respond to significant changes in threats and risks to retail; and embrace major developments and technologies to aid effective business continuity management. Further information about the RBCA is available at

In my last threat intelligence blog I discussed my new research on threat intelligence providers. I included a graphic which carved four functional threat intelligence areas: 1) Providers 2) Platforms 3) Enrichment 4) Integration. In December, I will start the next piece of research in the series focusing on Threat Intelligence Platforms (TIPs). This will likely be two reports one focusing on people, process and use cases and the other focusing on the vendor landscape. My presentation at the 2016 SANS Cyber Threat Intelligence Summit will include some perspective on the state of threat intelligence platforms. 


Monday, 09 November 2015 00:00

When to Use a Bare-Metal Cloud

We’re hearing a lot about the “bare-metal cloud” these days. The idea is that you can have cloud services not on a virtualized infrastructure but running directly on local infrastructure or leased hardware in a remote data center.

Naturally, this has a lot of people puzzled as to the difference between a bare-metal cloud, a hosted private cloud, and a standard colocation agreement that just happens to be used for dedicated cloud services. And the truth is, there isn’t really much difference at all, save for various vendors’ ability to differentiate on price, flexibility, scale and integration support.

Some of the latest examples of bare-metal clouds target long-term infrastructure needs like VDI and backup and recovery. Hive-IO’s new software-defined compute solution, for example, provides IaaS support on bare-metal infrastructure, which the company says eliminates vendor-layer complexity and reduces hardware consumption by 30 percent. Hive-IO can be deployed on-premises or in a hosted environment, enabling lightweight infrastructure support for virtual desktops without the usual agents, service line-ups and physical footprints that hamper many VDI deployments. The platform also provides local and/or remote management.


Monday, 09 November 2015 00:00

Is Disk Storage in Trouble?

On the surface, the future of hard disk drives (HDDs) seems secure. They account for the bulk of all storage capacity shipped and have had a strong growth curve for years. It’s a $32 billion-per-year industry, and HDDs are found in just about every office and home.

But that rosy picture hides some underlying problems. At the high end, 15k SAS and Fibre Channel disk is being squeezed out of the picture by much faster flash for systems that require near-instant response.

“A greater amount of flash was shipped last year than 15k disk, and that trend is not going to stop,” said Chris Powers, vice president of the data center development unit at HP.


Where are the big city emergency managers of tomorrow to come from?

That’s a question that Target and Big City Emergency Managers (BCEM) a nonprofit group of emergency managers in the 15 largest U.S. cities are helping to answer. Since 2010, Target and BCEM have hosted the annual “Emerging Leaders” training program at the retailer’s Minneapolis headquarters.

It is a multi-month training process that helps 15 early-and-middle management employees nominated by their BCEM member cities to significantly enhance and expand their emergency management skills.

“Supporting this program is a unique way for Target to give back to the communities we serve,” said Target spokesperson Molly Snyder. “By helping to train these emergency managers on leadership essentials, we are empowering and uniting them with their peers so that they can be effective leaders and support their communities when they need it most.”


Over time, the role of corporate legal departments has expanded to address the increasing risks in corporations—from increasing involvement in implementing corporate policies to leading employee training on procedures for managing electronic communications, social media, and bring your own device (BYOD) policies. This shift, however, is not enough to meet the challenges posed by an increasing range of risks proliferating within global organizations. Legal and compliance groups must also take the lead in finding new ways to leverage the power inherent in their data and address the challenges posed by massive data stores, information and network security challenges, as well as regulatory compliance requirements.

Failings of Traditional Strategies

In the past, organizations used straightforward, people-intensive methods to search for and remediate risk. For example, organizations instituted policies training, hoping that it would be sufficient to corral employee use of electronic communications, BYOD, and social media. Some may have formed working groups or intradepartmental committees designed to consider the implications of data privacy or information security for their businesses. Others rely on basic technology, such as keyword searches, that trigger electronic alerts when they find a hit in a document.


(TNS) - The public is law enforcement’s best weapon in dealing with the possibility and the reality of an active shooter situation a Union Public Safety officer told a group of University of South Carolina Union students and faculty Wednesday afternoon.

How to respond to an active shooter situation at the USC Union campus was the subject of an “Active Shooter Training” session held Wednesday afternoon in the Truluck Activity Center. Organized by USC Union Health, Safety and Security Director Tony Gregory, the session was designed to provide students and staff with information on how to respond to an active shooter situation on campus.

The session drew a number of students and faculty members who listened as, first, Gregory outlined USC Union’s active shooter protocol. Gregory said the protocol counsels students and faculty who find themselves in an active shooter situation to, first, flee to safety if at all possible. If flight is not possible, Gregory said the protocol directs students and faculty to then seek a safe place to hide until law enforcement arrives on the scene. If hiding is not an option, Gregory said the next step is to try and fight the shooter, but Gregory said this is the last resort given the danger involved.


Lack of senior management support a challenge to crisis preparedness

Chief Executives, Managing Directors and other senior business leaders are failing to take crisis preparedness seriously and risk undermining their organization’s ability to manage crises, according to a survey conducted by Regester Larkin and Steelhenge.

The survey also revealed that while big business appears to understand the need to prepare for a crisis, too often senior leaders do not participate in training or crisis exercises. Of the companies that had run crisis exercises in the past year, almost half (45%) had not involved their Chief Executive. This was seen as part of a wider problem, with 46% of respondents identifying ‘lack of senior management buy-in and support’ as the biggest challenge of effectively preparing their organisation for crises.

Dominic Cockram, Steelhenge Managing Director and Regester Larkin Director said: “If leaders are not fully brought into crisis preparedness, any good work put into crisis structure, process and capability building will be critically undermined. There is little point attempting to be ‘crisis ready’ when the core individuals responsible for managing a crisis will not know what to do."

There may be many reasons why Chief Executives aren’t able to attend crisis exercises but if you ask any business leader who has had to manage the response to a real crisis, major incident or issue, they will tell you it was time well spent.

The survey also found that organizations are not involving their key partners in crisis preparedness programmes with only 27% involving them in crisis exercises despite over a third (34%) saying that working with partners in a crisis was likely to be a big challenge.

Dominic Cockram continued: “Crises do not occur in a vacuum. We know from experience that one of the most challenging aspects of managing a crisis is to work harmoniously with partners or suppliers, especially when the media and others are looking for a clear ‘villain’. Without involving partners in crisis preparedness programmes, companies are leaving themselves vulnerable and unprepared.

For many years, one of the most common backup practices for businesses has been the use of tape archives. As a tried and tested storage solution, it’s still a familiar sight in many firms, even if it looks a little outdated when compared with more modern alternatives such as cloud backups.

There is a range of reasons why businesses persist with this storage method. Magnetic tape storage is an inexpensive way to store large amounts of data and it theoretically can last for many years.

However, there is tendency to assume that once records have been committed to tape and filed away in either an on-site or off-site storage facility, they can just be forgotten about until they are needed. In fact, there are a number of risks associated with tape storage that businesses will have to be aware of, which may make them rethink whether this is always the most appropriate solution for long-term data storage.


The face of modern corporations is changing. No longer are we confined to offices. Instead, it’s possible to work from trains, airports, cafes, and even the beach. A recent survey of employers indicated that up to 95% of employees use mobile devices for work, with 61% of the employees using their own personal devices*. It is undeniable that these devices can maximize employee productivity in the modern corporate setting, but managing and securing them continues to present unique challenges for IT administrators.

In light of the recent Apple iPhone account hack and other high-profile breaches, it’s no surprise that businesses and end users alike are more concerned than ever about the security of their mobile devices. Moreover, while analyzing threat trends over the past year, our team of threat researchers found that trustworthy apps fell from 52% in 2013 to just 28% in 2014. Nearly 50% of apps were found to be moderate or suspicious, and over 22% were unwanted or malicious.


The minimum business continuity objective (MBCO) is a neglected tool in the business continuity toolbox. Charlie Maclean-Bristol, FBCI, explains what it is and how to use it.

The minimum business continuity objective (MBCO) is, in my opinion, an extremely important component of the business impact analysis (BIA). I have always thought that it is the poor cousin to the MTPD (maximum tolerable period of disruption): not used very often and not really understood by many people.

MBCO is defined in the Business Continuity Institute’s ‘Good Practice Guidelines 2013’ (GPG) as the “minimum level of services and/or products that is acceptable to the organisation, to achieve its business objectives during a disruption”. The MBCO sits alongside the recovery time objective (RTO). The RTO defines how quickly we want an activity to be recovered but equally as important the MBCO defines the level at which that activity should be recovered.

An example is if we have a call centre / center which has 1000 people operating from a single site. During the BIA the RTO of the call centre is set at 24 hours. Setting the MBCO is now key. If the MBCO is set at 1 percent of normal activity we have to recover 10 call centre agents, which in terms of devising a strategy for their recovery is not too difficult. Alternatively, if the MBCO is set at 80 percent, we have to develop a strategy to recover 800 agents within 24 hours, which is much more complex and probably a lot more expensive. So it is often the level at which the MBCO is set which will define the strategy for recovery rather than the RTO.


On Thursday November 19th, Continuity Central’s regular online BIA Special Interest Group (SIG) will take place. It will explore the following questions:

  • What should the relationship be between the BIA and risk assessment?
  • How can we apply the BIA to cyber threats and incidents?
  • How to organize your BIA: when is a process not a process?
  • How to conduct a BIA within your supply chain.
  • Ways to sense-check and verify your BIA information and dependencies.

SIG chairman John Robinson, FBCI, will spend the first section of the SIG presenting his thoughts on the above questions. After this the SIG will discuss a variety of other questions relating to BIAs which have been raised by attendees of the SIG.
The SIGs are open to all and are free to attend. They are organized by Continuity Central in partnership with Total Business Metrics.

Joining details:

Please note that due to the conversational focus of the Special Interest Groups, recordings are not made available afterwards, so please only signup if you can actually attend.

Earlier this week, I wrote about the disconnect that many IT professionals have between the poor performance of their security detection systems and the likelihood of being the target of an attack.

A new study released yesterday may force them to rethink their attitude about cyberattacks. According to the IID and Ponemon Institute survey, 47 percent of organizations, both in the private and public sector, were breached in the past two years. That’s up from 43 percent in a similar study conducted last fall.

And these numbers are low, depending on the type of industry you are in, or the size of the company. Health care, for instance, is a prime target for attackers, with 81 percent of companies within the industry suffering a breach. And the bigger the company, the greater the risk, as SC Magazine pointed out:


Friday, 06 November 2015 00:00

CDC’s Emergency Management Specialists

CDC's Emergency Operation Center

Meet Mark Hall, an emergency management specialist in CDC’s Division of Emergency Operations in the Office of Public Health Preparedness and Response. As part of the Plans, Training, Exercise, and Evaluation Team — Mark and his team make sure CDC is prepared for emergencies and assesses how the agency performs during a response.

Being ready to respond to national and international emergencies takes practice. Large-scale exercises are held across CDC, with federal partners, and at the state and local level.  Mark and his colleagues are part of the team that evaluates the exercises that CDC administers. They ensure that exercise mimics real-world events and after the exercise, evaluate what worked and what needs to be improved. In an emergency response, the team also monitors the way in which CDC is conducting the response to see if any activities need to be tweaked.  As part of the monitoring and review processes,  the team looks at everything from the processes for deploying people and supplies, to the logistics and operations of CDC’s emergency operation center. This job requires strong analytical and communication skills and the flexibility to switch from exercise to emergency response mode when the need arises.

Mark Hall sits down with the Director of CDC's Office of Public Health Preparedness and Response to talk about his job as an emergency management specalist

Mark Hall sits down with the Director of CDC’s Office of Public Health Preparedness and Response to talk about his job as an emergency management specalist

Public Health Matters sat down with Mark to learn a little more about his job in emergency management and what has best prepared him for his important role at CDC.

How does your work help improve CDC’s ability to respond to emergencies?

Mark say, his job is to evaluate CDC exercises and response efforts to ensure that the agency continues to improve. The evaluations conducted by Mark and his team after each exercise, whether a CDC-wide exercise or for a specific group, help to identify issues and areas for improvement.  Mark emphasizes the importance of not only finding ways to improve CDC’s emergency response work, but also recognizing the good work is being done. “During these after-action reviews we also want to focus on the successes, not just what we did wrong, and communicate what worked best to the rest of CDC,” says Mark.

What has best prepared you for this job?

For Mark, his 20 years in the military and a background in operations, planning, and training helped prepare him to work in CDC’s Division of Emergency Operations. “I enjoyed the idea of going from operations, plans, exercises, and training focused on military and combat to a focus on public health.  As an emergency management specialist I still get to focus on doing good work for my country, my nation, and even for the world,” says Mark.

During his military career, Mark had the opportunity to travel to many different countries including Kazakhstan, Kuwait, Qatar, Iraq, Saudi Arabia, and Egypt. Going overseas, meeting different people, and experiencing different cultures has helped with working on emergency responses, including deploying oversees as part of CDC’s response to the West Africa Ebola epidemic.

CDC's emergency operation planning team meets to review and incorporate feedback from CDC exercises and after action reports

CDC’s emergency operation planning team meets to review and incorporate feedback from CDC exercises and after action reports

What are important skills needed for your job?

“You have to be flexible. We know that there’s a hurricane season every year that’s recurring.  However the majority of the events that require a CDC response occur without prior notice, and we have to be ready to respond,” says Mark. Having the ability to adapt to different emergency responses quickly is a crucial component of CDC’s ability to react to public health threats and emergency as soon as they arise.

What do you like most about your job?

“When programs make changes based on recommendations after exercises or a real-life event, it really shows that the work has had an effect. It is also rewarding to hear news stories or friends and family talking about the domestic and global work that CDC is doing and knowing you’re a part of that work.”

PHPR: Health Security in Action

This post is part of a series designed to profile programs from CDC’s Office of Public Health Preparedness and Response.

CDC’s Emergency Management Specialists are part of the CDC’s Public Health Preparedness and Response’s (PHPR) Division of Emergency Operations.

When protesters filled Baltimore streets during the civil unrest this spring after Freddie Gray died in police custody, downtown businesses had many questions and decisions to make, including: Was their business in the path of the demonstrations? Should they send their employees home early? What were other area companies doing?

When the businesses began calling the Maryland Emergency Management Agency (MEMA) for information, the agency answered with its virtual business operations center (VBOC), part of the Private Sector Integration Program (PSIP) that Maryland developed to help businesses respond to and prepare for emergencies.

The VBOC is an online collaboration portal MEMA uses to let private-sector members sign in, interact with one another and view information — such as images, documents and live streams — posted by emergency managers and other businesses.


Friday, 06 November 2015 00:00

Companies Behaving Badly

Whether it’s the VW emissions scandal or rebuilding a company’s reputation after a cyber attack, we’re reading a lot about the challenges of managing reputation risk in the business world.

How important—and valuable—a positive reputation and ethical C-suite leadership is for an organization to attract talent is highlighted by recent findings of a survey of 1,012 U.S. adults by Corporate Responsibility Magazine and Cielo Healthcare.

(Hat tip to the WSJ’s Risk & Compliance Journal for flagging this survey.)


Why Service Providers need to consider provisioning platforms like CloudPortal Services Manager

In a recent Survey conducted by the Citrix Service Provider Center of Excellence, we asked providers what cross-tenant provisioning tools they used.  For those who answered “none”, we followed up to understand why.

The answers to this specific survey question varied, but the most common responses were along the lines of the following:


SANTA CLARA, Calif. — When it comes to cybersecurity, there are two strategies. The first is reactive and is put into motion once security protocols have failed. The second, the proactive approach, can take you down the proverbial rabbit hole and into a world of intelligence gathering that puts you across the virtual table from those who might be coming for your secured data.

At least this is how Alert Logic’s Stephen Coty described the strategy options to attendees of the 17th Cloud Expo this week.

The longtime cybersecurity expert warned that system breaches are not the only threats posed by those with access to sensitive information.


Friday, 06 November 2015 00:00

Legal vs. IT: The Data Archiving Disconnect

In the past, the main drivers for data archiving centered on legal and compliance initiatives and business continuity, including eDiscovery, records retention, audits and disaster recovery. But as more companies are looking to take advantage of information in an effort to gain competitive advantage in their markets, data archiving has taken on a new role. However, there are major organizational disconnects related to archive accountability and lines of authority, particularly between IT and the legal and compliance departments that are holding enterprises back from maximizing the full value of their archives.

According to a recent IDC survey, the underlying reason for the data archiving disconnect very likely stems from a fundamental difference in roles and objectives between IT and legal. Whereas responsibilities for things like troubleshooting computer and technology issues or approving vendor contracts are clearly defined and don’t have overlap between the two groups, the management and usability of an enterprise’s data archives can pit them against each other. The research showed that although 70 percent of IT respondents see data archives as enhancing revenue, only 38 percent of legal and compliance teams agree, which makes sense in light of how each group utilizes the archive.


Thursday, 05 November 2015 00:00

Why You Should Sell Cloud Backup Now

Nowadays, technology vendors make it pretty easy to set up and offer a cloud backup service to end user customers. But, for most service providers, that is where the hard part begins: Why sell cloud backup? To start, the conversation should begin by discussing the importance of backup solutions to businesses today, the reasons that they back up, and how this provides opportunities for service providers to package up a differentiated cloud backup service offering.

Customers that turn to MSPs for data protection tend to face a variety of business challenges that drive them to consider cloud backup and recovery solutions.

The first challenge is cost. Cloud backup and recovery solutions are treated as operating expenses versus on-premises solutions, which are capital expenditures. In today’s economy, it is often easier to get approval for less expensive and more flexible OPEX models versus CAPEX spending.


On October 6, Europe’s highest court, the Court of Justice of the European Union, struck down the “Safe Harbor Framework,” which existed between the United States and the EU for 15 years. This has an impact on companies collecting or processing personal data in EU nations for use in the United States. The Framework provided a method for over 4,000 U.S. companies to transfer personal information outside the European Union consistent with the EU’s strict Data Protection Directive. The Directive establishes the rules for protecting Europeans’ privacy rights. To take advantage of the Framework, U.S. companies have self-certified compliance with EU standards to the Department of Commerce.

The European court struck down this longstanding business arrangement after Austrian privacy activist Max Schrems alleged his personal information transmitted via Facebook or stored on Facebook’s servers in the U.S. was not, in fact, safe from intrusion from the prying eyes of the U.S. government. Schrems’ lawsuit arose after Edward J. Snowden, former contractor for the National Security Agency, divulged that American intelligence agencies were freely accessing data held by Facebook or transferred by emails and other means between the EU and the U.S. The European high court agreed, holding that U.S. government actions invalidated the “Safe Harbor” provisions.


Unsuspecting and easy to attack – users of public Wi-Fi spots are a hacker’s dream target. Cybercriminals don’t wear cat-burglar masks and striped t-shirts, so it may not be easy to see them. On the other hand, the smart user of a free Wi-Fi hotspot knows that he or she should assume that hackers are lying virtually in wait. The terrain can vary: coffee shops, airports, restaurants, libraries, bookstores, fast food outlets and even schools can all be dangerous. Unfortunately, statistics show that users in general, consumer or business, have a lot to learn if they want to bring their risk back down to reasonable levels.


Hyperconvergence is all the rage at the moment, promising big things in small packages and the ability to support Big Data and other applications at low cost and with none of the complexity that accompanies traditional data infrastructure.

But as with most emerging technologies, the truth is both more and less than it seems.

To be sure, the siren call of hyperconvergence is being heard across the IT landscape. Whether it is web-scale entities like Google and Facebook building their own platforms out of commodity hardware and home-grown software architectures or traditional vendors looking to leverage their platforms for enterprise and cloud deployments, a hyperconverged architecture will likely be the preferred solution going forward.


SACRAMENTO, Calif. – It is time to buy flood insurance, if you don’t already have it. Available to everyone, businesses, homeowners and renters alike, it is the only insurance that will help you recover from flooding and mudflows.

Citing a strong El Niño and other factors, the National Oceanic and Atmospheric Administration predicts wetter than average conditions for central and southern California, along with warmer than normal temperatures from December through February. There is a 30-day waiting period between purchasing flood insurance and the time the insurance goes into effect.

Residents living in the vicinity of the recent wildfires are especially vulnerable to runoff flooding this rainy season because wildfires dramatically alter the terrain and ground conditions.

Normally, vegetation absorbs rainfall, reducing runoff. But wildfires leave the ground charred, barren, and unable to absorb water. That enhances the chances of flash flooding and mudflows. Flood insurance covers mudflows, but not mudslides.

Just because your property is outside a high flood risk zone doesn’t mean there is no risk. But it does mean you can buy flood insurance at a lower price, because the risk is lower.

Information about flood insurance is available at the Disaster Recovery Centers in Lake and Calaveras counties: 891 Mountain Ranch Rd., San Andreas; Middletown Senior Center, 21256 Washington St., Middletown, and 14860 Olympic Dr., Clear Lake.

Flood insurance is for everyone, not just survivors of the wildfires. It is easy to find out how much flood insurance will cost by going to Fill in the blanks in the red box on the right side of the screen, “How Can I Get Covered”. You will be taken to a table of flood insurance options and costs for your address. Contact information for local agents is available on the website.

Survivors can apply for FEMA assistance online at or by calling  800-621-3362; TTY 800-462-7585; 711 or Video Relay Service (VRS), call 800-621-3362. The deadline to register is Nov. 23, 2015.

For more information on California’s wildfire recovery, visit:, Twitter@Cal-OES or and follow us on Twitter@femaregion9 and at

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). If you have a speech disability or hearing loss and use a TTY, call 800-462-7585 directly; if you use 711 or Video Relay Service (VRS), call 800-621-3362.

Unless you’re on a board of directors or in a C-suite, you probably never thought about it, but the communication and collaboration needs of individuals in that rarefied air are different from those of the folks in the trenches. Similarly, you likely never thought about there being a company that caters to that clientele, for that purpose. That’s where Joe Ruck comes in.

Ruck is CEO of Boardvantage, a Menlo Park, Calif.-based provider of a communication platform for boards and leadership teams. I recently had the opportunity to speak with Ruck, and I opened the conversation by asking him a chicken-or-the-egg question: Was Boardvantage created to provide something that boards and C-level executives were clamoring for, or was it an idea for something they felt they could convince boards and C-level executives that they needed? He said the origin of the company was probably the latter, but it has now evolved into the former:


Thursday, 05 November 2015 00:00

Get Resilient

December 2015 sees the launch of a new Cyber Resilience Centre in the South East of England . Part of Bucks New University’s new Aylesbury Vale Campus , this Centre provides a home for a range of short and professional courses in Resilience and Cyber Security, and in 2016 will provide a base for the university’s new Foundation Degree in Cyber Resilience.

Housed in purpose-built facilities in the heart of Aylesbury, the campus is designed with professional education in mind. Three dedicated classrooms will enable delegates to focus on the most pressing security issues of the day, using the latest in computing technology and supported by teaching staff from the university’s highly regarded undergraduate and post-graduate programmes in Security and Resilience, as well as experts from the field of Cyber Resilience.

Throughout the year the Cyber Resilience Centre will offer a range of courses, including both university short programmes focussed on resilience, as well as practical accredited programmes such as the Certified Information Systems Security Professional and Cyber Security Overview for Industrial Control Systems.


Moving to expand the scope and reach of its software-defined approach to storage, IBM today unveiled a series of updates to the IBM Spectrum Storage portfolio that make it simpler for IT organizations to encrypt data regardless of where it is stored in addition to being able to more aggressively compress data.

IBM also announced a new Hadoop File System interface to integrate its storage systems with Hadoop implementations that are rapidly emerging as the “data lake” from which all data in the enterprise is derived.

Finally, IBM announced that its IBM Spectrum Control management and analytics software has been extended to IBM FlashSystem and IBM Spectrum Scale file and object storage systems. Last month, IBM unveiled a hybrid array based on Power processors, called the DS 8880 series, which scales to 3PB of storage at price points that start at $50,000.


Thursday, 05 November 2015 00:00

The Riskiest States for Employee Lawsuits

In 2014, U.S. companies had at least an 11.7% chance of having an employment charge filed against them, according to the new 2015 Hiscox Guide to Employee Lawsuits. The firm’s review of data from the Equal Employment Opportunity Commission and its state counterparts found that the risk also varied notably by state, as local laws creating additional obligations—and risks—for employers led to charge rates up to 66% above average.


Author: Shellye Archambeau, Chief Executive Officer, MetricStream and a Board Member at Verizon

Shellye Archambeau

Building and running a successful startup in America’s fiercely competitive tech industry is never easy. There’s no one-size-fits-all solution or manual for how to go about it. But as they say, experience is the best teacher. So it’s my pleasure to share with you some of my own experiences and observations in building and managing tech companies.

I began my journey in the tech industry over 25 years ago, working my way up to senior management roles in IT companies such as LoudCloud (renamed Opsware), NorthPoint Communications (which was later sold to AT&T), and IBM. For the last 10 years, I’ve served as the CEO of MetricStream, a Silicon Valley-based governance, risk, and compliance (GRC) company which I helped build from the ground up.

I’ve learned several important lessons—not only from my personal career journey, but also from the challenges and successes of my clients and peers in the industry. Here are a few key lessons which have stood me in good stead:


As everyone who does not live under a rock knows by now, Dell and EMC have signed a definitive agreement for Dell to acquire EMC. The deal is multi-billions of dollars ($67 billion to be exact). Privately owned Dell is rich but not that rich, so Michael Dell partnered with MSD Partners and Silver Lake to get the necessary cash.

This article will concentrate on the storage aspect and how this particular merger looks to affect the enterprise storage market and most critically, mid-market storage. All told there will be a lot of customer angst and subsequent hair pulling over suddenly unsupported storage products. The expense of migrating data onto new storage lines will also be a customer irritation, especially if they feel compelled to migrate years earlier than they expected to.


Is the United States dangerously complacent about possible biological and chemical weapon attacks, leaving open the possibility of mass deaths or a huge disruption in the economy or both? Or has the country in fact come a long way in its preparations to protect itself against this type of attack?

The answer may be both.

Tom Ridge, former Homeland Security secretary, and Joe Lieberman, former senator, are co-chairing a Blue Ribbon Study Panel on Biodefense hosted by Hudson Institute and the Inter-University Center for Terrorism Studies. They wrote in Roll Call that “our nation is dangerously unprepared to prevent or respond to” attacks with biological and chemical weapons, citing recent cuts in funding for readiness efforts.


The US Federal Financial Institutions Examination Council (FFIEC) has issued a statement alerting financial institutions to the increasing frequency and severity of cyber attacks involving extortion.

The statement describes steps financial institutions should take to respond to these attacks and highlights resources institutions can use to mitigate the risks posed by such attacks.

Cyber attacks against financial institutions to extort payment in return for the release of sensitive information are increasing says FFIEC. Financial institutions should address this threat by conducting ongoing cybersecurity risk assessments and monitoring of controls and information systems. In addition, financial institutions should have effective business continuity plans to respond to this type of cyber attack to ensure resiliency of operations.

Financial institutions are also encouraged to notify law enforcement and their primary regulator or regulators of a cyber attack involving extortion.

I just published my latest research on threat intelligence: Vendor Landscape: S&R Pros Turn To Cyberthreat Intelligence Providers For Help. This report builds upon The State Of The Cyberthreat Intelligence Market research from June. In the new research, I divide the threat intelligence space into four functional areas: 1) Providers 2) Platforms 3) Enrichment 4) Integration. This research is designed to help readers navigate the crowded threat intelligence provider landscape and maximize limited investment resources. In this report, we looked at 20 vendors providing a range of tactical, operational, and strategic threat intelligence.


Wednesday, 04 November 2015 00:00

FEMA: Rebuild with floods and fires in mind

SACRAMENTO, Calif. – Decisions made now in rebuilding homes destroyed or damaged in the September wildfires can pay big dividends by minimizing future fire and flood damage.

Free publications from the Federal Emergency Management Agency will explain how. They are available at the Disaster Recovery Centers, at FEMA display locations listed below and online by searching for the titles at

Flood after Fire Risks – describes the importance of buying flood insurance. The insurance is available to both homeowners and renters. Standard homeowner and rental insurance may not cover flood damage. Charred, barren ground increases the risk of flash flooding because it is less able to absorb rainfall. Forecasters are predicting above average rainfall this coming rainy season because of an El Niño weather pattern.

Rebuilding After a Wildfire Fact Sheet presents many ways to rebuild safer, stronger and more resilient to wildfires.

FEMA displays are at the following locations:

Sender’s Market
8111 Garabaldi St.
Mountain Ranch, CA 95246

Mendo Mill & Lumber Co.
5255 Old Hwy. 53
Clearlake, CA 95422

Four Corners Builders Supply
14918 Olympic Dr.
Clearlake, CA 95422

Ace Hardware
155 S. Main St.
Angels Camp, CA 95221

These sites have all the information that is provided at the Disaster Recovery Centers about rebuilding and protecting your property and also information about flood insurance. To locate the nearest Disaster Recovery Center, go to The publications listed above also are available online for download at Click on Search and type in the full title shown above.

Survivors can register for FEMA assistance online at or by calling 800-621-3362; TTY 800-462-7585; 711 or Video Relay Service (VRS), call 800-621-3362. The deadline to register is Nov. 23, 2015.

For more information on California’s wildfire recovery, visit: or and follow us on //Twitter%20@femaregion9">Twitter @femaregion9 and at

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Wednesday, 04 November 2015 00:00

The Enterprise in the New Cloud Order

Is the cloud truly the new world order? And if so, will the enterprise have no choice but to push all of its infrastructure to Amazon or Microsoft or Rackspace?

The answer is yes, and not necessarily.

At OpenWorld last week, Wipro COO Abidali Neemuchwala laid out in very stark terms why enterprises that do not embrace the cloud will fail to thrive in the emerging digital economy. In short, those who lack the flexibility and efficiencies that cloud computing provide will be unable to support the kinds of services and applications that today’s data users require, with revenue naturally flowing to those who can. This is why Wipro, an IT integration and services company, has teamed up with Oracle, so as to better deliver the “as-a-service” model that is already driving Uber, AirBnB and even time-honored companies like Hyatt to create the optimal user experience.


Moving to gain access to a platform through which IT organizations can manage heterogeneous environments in the age of the cloud, IBM today announced it has acquired Gravitant.

Richard Patterson, general manager for infrastructure services for IBM Global Technology Services, says IBM will make Gravitant available as a software-as-a-service (SaaS) application, while moving to create a managed service through which IBM will manage IT environments on behalf of its customers. At the same time, IBM will continue to make an instance of Gravitant available as an appliance that can be installed locally on premise.

In effect, IBM is looking to make it simpler for IT organizations to broker multiple cloud services via a common management plane. Gravitant is designed to tap into the application programming interfaces (APIs) that various cloud services expose in a way that provides IT organizations with a single console through which they can all be managed.


Growing populations around the globe have created larger cities, as well as greater concentrations of risk. It is projected that a rise in sea levels and increased intensity of events will amplify the impact of hurricanes, tornadoes, heat waves, floods and droughts. Because of this, climate change is seen as one of the biggest threats to cities and businesses and could account for an estimated 20% of the global GDP by the end of this century, according to “Business Unusual: Why the climate is changing the rules for our cities and SMEs” by AXA.

While some cities have worked to put resilience plans in place to reduce the impact of flooding and other disasters, there is much to be done and businesses are vulnerable, especially small- to medium-sized enterprises (SMEs). Only 26% of SMEs have taken action to protect themselves, yet 54% are worried about the impact climate change could have on their business, and the number rises to 75% in emerging markets, the study found.


(TNS) - It’s a day etched into the memories of all who watched the tragedy’s progression, and it’s a day that has forever changed the lives of America’s first responders.

It was on that day – Sept. 11, 2001 – that New York City’s police and fire departments rushed to the scene of the greatest terrorist attack on American soil, anxious to save as many trapped and incapacitated residents as possible from the burning World Trade Center towers.

But there was one notably significant problem – the two agencies couldn’t communicate with each other.


Tuesday, 03 November 2015 00:00

Hyperscale With CloudPlatform and HP Moonshot


HP’s Moonshot hardware is an interesting one. Each server by itself is a densely packed chassis with lots of microservers. And each can house as many as 1800 servers in a single 47U rack. It’s aimed workloads like IoTs, lightweight web serving and big data analytics.

Using CloudPlatform’s Baremetal capability, these servers can be provisioned with as much ease as spinning up a VM. Layered with the other orchestration capabilities like isolated networking and multi-tenanting that becomes one powerful solution that gives enormous flexibility to users who would like to make use of physical hardware directly for some of their workloads.


Tuesday, 03 November 2015 00:00

Broker Survey: Insurers Writing More For Less

Business interruption, commercial property, general liability, umbrella, and workers’ compensation were the lines brokers most often noted had a decline in rates in the third quarter of 2015, according to the latest Commercial P/C Market Index Survey from the Council of Insurance Agents & Brokers.

Broker comments came as The Council survey found rates decreased across all lines by an average of 3.1 percent in the third quarter, compared with a 3.3 percent decline in the second quarter of 2015.

Large accounts saw the largest decreases at 4.1 percent, followed by medium-sized accounts at 3.8 percent, and small accounts at 1.4 percent.


Do you remember those days when IT administrators had to deploy enterprise applications and had to continuously monitor the health of the workloads to ensure they are running at optimal performance and had to manually scale to meet changing demands? Indeed, they must have been be really tough days!

But here comes Citrix Lifecycle Management (CLM), which is going to alleviate all of your pains.

Trust me, I said “all” of your pains, and that’s just what we mean. CLM automates the delivery of application workloads through out-of-the-box Citrix verified Blueprints, and monitors the health, performance and availability of application workloads in real-time.

Today I am going to show you briefly how to gain advantage from CLM through operations, monitored metrics, and alerts for these metrics. This blog is just a cursory overview to demonstrate the immense value which CLM offers.


Attending BCI World? There's an app for that

With only a week to go until the BCI World Conference and Exhibition, have you decided what sessions you would like to attend yet? There are so many to choose from, it’s a difficult decision to make. To improve your conference experience, we have once again invested in an app to assist delegates with their planning, enabling them to stay up to date with the latest conference news, find out more about who is speaking or exhibiting, and network with fellow business continuity and resilience professionals.

The app includes biographies of speakers, details of exhibitors, and maps showing where everything is. The app can be used to take notes, create a calendar and bookmark those speakers, exhibitors or sponsors of interest. Over the two days there is a lot to take in so the app can be used to record all this.

Delegates can further enhance their networking opportunities by registering their details and so allow them and their colleagues to connect with one another during the conference and once it is over.

The app is available by visiting the App StoreGoogle Play or, if you don't have an Android phone or iPhone, you can still access it online.

ASIS International and RIMS have jointly announced the publication of the new ASIS/RIMS Risk Assessment ANSI Standard. This standard provides guidance on developing and sustaining a coherent and effective risk assessment program.

The ASIS/RIMS Risk Assessment Standard provides a framework and process for organizations to establish an ongoing program to evaluate risks and conduct individual risk assessments. The standard complements the ISO 31000 risk management standard and the ISO 31010 standard cataloguing risk assessment methodologies by providing a blueprint for the risk assessment process.

“Managing risk is about managing uncertainties in order to achieve strategic, tactical and operational objectives.  This includes identifying opportunities, minimizing potential losses, and building a more resilient organization and supply chain.  It is essential that decision-makers have accurate and dynamic information on uncertainties and their potential outcomes in order to help better assure their organizations thrive and survive,” stated ASIS Global Standard Initiative Commissioner Dr. Marc Siegel. “The ASIS/RIMS Risk Assessment Standard provides a blueprint for addressing enterprise-wide risk at all levels and regardless of the source.”

The standard presents a basis for a universal and integrated approach to risk management, including: building a risk assessment program; understanding the context for risk assessments; conducting a risk assessment, and using risk assessment outcomes for decision-making.

ASIS and RIMS members get one free download through their respective websites.  Others are welcome to purchase the standard through either organization’s online stores.

Tuesday, 03 November 2015 00:00

Three Words to Improve Disaster Outcomes

If I could say just three words to prepare someone for disaster it would be these: Disasters change things. All of the reasons for not being prepared, and for not following emergency instructions in a disaster (too hard, too expensive, no need), are tied to those words.

If you don’t believe disasters change things, you assume that you can handle whatever happens, and any investment into handling that better is unnecessary. This is our normalcy bias at work. Normalcy bias makes us believe that it won’t happen to us, and that if it does it won’t be that bad. That if we dial 911, help will come and that our actions will always have the same results, regardless of the circumstances.

Normalcy bias is more than believing that the rain will stop before the river floods; it’s assuming that there is nothing but smooth pavement under the water on the road, and being sure that your car can make it through. It’s thinking that the warning is probably overblown, and that you have plenty of time to evacuate because you know how long the route will take. Normalcy bias is not understanding that disasters change things.


Supermarket Morrisons is facing a lawsuit from members of its own staff, after a data breach saw the personal details of thousands of employees leaked by a disgruntled worker.

It comes after around 100,000 staff members were affected by a data breach perpetrated by Andrew Skelton, an auditor at the company. He was jailed for eight years in July after Bradford Crown Court heard how he sent the information to newspapers and placed it on data sharing websites.

Morrisons has already faced fees of around £2 million to rectify the problem, which included giving the affected employees free credit monitoring services.

The incident highlights the threat all companies face from internal individuals with a grudge against their employer, and the new lawsuit could determine whether enterprises can be held liable for the actions of such individuals who leak or destroy data.

Data Privacy lawyer at JMW Solicitors Nick McAleenan said: “Whenever employers are given personal details of their staff, they have a duty to look after them. That is especially important given that most companies now gather and manage such material digitally.”

Around 2,000 people are taking part in the group action, which will be heard at the High Court.

It is wise to choose a data recovery company who has a track record in recovering from the type of data loss you have experienced.


(TNS) — WASHINGTON — Thirty-six members of Congress from Western states asked President Barack Obama on Wednesday for $16.1 million to complete an earthquake early-warning system being developed by scientists in Southern California and along the West Coast.

Reps. Adam Schiff, D-Calif., and Derek Kilmer, D-Wash., led the members in a letter to Obama asking him to include the funding in the U.S. Geological Survey’s fiscal 2017 budget.

“Bottom line is, we want to get this done before we have a major quake. We don’t want to be kicking ourselves afterward because we could have saved lives and a lot of property if we had been able to get people some advance notice of the earthquake,” Schiff said.


SACRAMENTO, Calif. – The U.S. Small Business Administration (SBA) provides low-interest disaster loans to businesses, private nonprofits, homeowners and renters. Survivors of the California wildfires may have questions about the SBA.

Below are the most common along with the answers:

What is an SBA disaster loan?

SBA disaster loans are the primary source of federal long-term disaster recovery funds for disaster damage not fully covered by insurance or other compensation. SBA’s Office of Disaster Assistance is working in conjunction with the Governor’s Office of Emergency Services (Cal OES) and the Federal Emergency Management Agency to help business owners and residents recover as much as possible from this disaster.

Who is eligible for SBA low-interest loans?

When a federal disaster is declared, the SBA is authorized to offer low-interest disaster loans to businesses of all sizes (including landlords), private nonprofit organizations, and to individual homeowners and renters who have sustained damage in the designated counties – in this case  Calaveras and Lake counties.

What’s the most common misunderstanding about SBA disaster loans?

The most common misunderstanding about an SBA disaster loan is the assumption that they are only for businesses. While SBA offers loans to businesses of all sizes, low-interest disaster loans are available to individual homeowners, renters and to private nonprofit organizations alike.

Why should survivors apply?

Survivors referred to the SBA must apply with SBA even if they feel they cannot afford or do not want a loan in order to receive some FEMA assistance.

Whether a loan is wanted or not, the SBA loan application may trigger additional grant assistance through FEMA’s Other Needs Assistance (ONA) program, administered by the state of California.

Some of these additional FEMA grants could include reimbursement for lost personal property, vehicle repair or replacement, moving and storage expenses.

What is available as part of the SBA low-interest disaster loan programs?

Eligible homeowners may borrow up to $200,000 for home repair or replacement of primary residences.

Eligible homeowners and renters may borrow up to $40,000 to replace disaster-damaged or destroyed personal property.

Businesses of all sizes can qualify for up to $2 million in low-interest loans to help cover physical damage.

Small businesses and most private nonprofits suffering economic impact due to the wildfires can apply for up to $2 million for any combination of property damage or economic injury under SBA’s Economic Injury Disaster Loan (EIDL) program.

What are the loan terms?

Interest rates for SBA disaster loans can be as low as 1.875 percent for homeowners and renters, 4 percent for businesses and 2.625 percent for private nonprofit organizations, with terms up to 30 years.

What if I decide to relocate?

You may use your SBA disaster loan to relocate. The amount of the relocation loan depends on whether you relocate voluntarily or involuntarily. If you are approved for an SBA disaster loan you should discuss relocation with your case manager for details on your specific situation.

Is there help available for refinancing?

SBA can refinance all or part of prior mortgages that are evidenced by a recorded lien, when the applicant:

  • Does not have credit available elsewhere,
  • Has suffered substantial uncompensated disaster damage (40 percent or more of the value of the property), 
  • Intends to repair the damage.

Homes: Homeowners may be eligible for the refinancing of existing liens or mortgages on homes, and in some cases up to the amount of the loan for real estate repair or replacement.

Businesses: Business owners may be eligible for the refinancing of existing mortgages or liens on real estate, machinery and equipment, and in some cases up to the amount of the loan for the repair or replacement of real estate, machinery and equipment.

When SBA loan officers discuss their approval recommendations they will include a discussion on refinancing if applicable to your application. 

What are the deadlines to apply?

California survivors have until Nov. 23, 2015 to apply for SBA disaster loans. This is also the deadline for survivors to register with FEMA.

Eligible small businesses applying for only the EIDL program have until June 22, 2016 to apply.

Disaster survivors who are notified by the SBA that they may be eligible for low-interest disaster loans should work directly with the SBA to complete the application.

How do I apply?

Disaster survivors should first register with FEMA by calling 800-621-FEMA (3362). TTY users call 800-462-7585, with Video Relay Service survivors calling 800-621-3362. Or, register online at To apply for an SBA disaster loan survivors can apply in person at any of the State/FEMA/SBA recovery centers or directly online at:

Where do I get specific information about the SBA process?

For questions about SBA or the process, or for help completing the SBA application, contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing This email address is being protected from spambots. You need JavaScript enabled to view it., or visiting Deaf and hard-of-hearing individuals may call (800) 877-8339. Survivors also may visit with an SBA representative at any Disaster Recovery Center. No appointment is necessary.

For more information on California’s wildfire recovery, survivors may visit: or and follow us on Twitter@femaregion9 and

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). If you have a speech disability or hearing loss and use a TTY, call 800-462-7585 directly; if you use 711 or Video Relay Service (VRS), call 800-621-3362.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who are referred to SBA for a disaster loan must apply to be eligible for additional FEMA assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

Monday, 02 November 2015 00:00

Six-County 911 Outage Remains Unexplained

(TNS) - Around 6 a.m. Tuesday, 911 systems in six southwestern Pennsylvania counties failed because of what one emergency official called a software glitch that affected part of the interconnected network overseen by CenturyLink, a Louisiana-based global communications company.

Calls to 911 weren’t going through. Some computer screens at emergency operations centers went blank. Backup systems engaged — and in some cases, backups to the backups had to be activated.

Officials in the counties — Armstrong, Butler, Cambria, Indiana, Somerset and Westmoreland — undertook various emergency measures, posting alternate phone numbers through social media, asking local TV stations to alert the public and contacting facilities that have frequent contact with 911, such as nursing homes, to give them a heads-up.


As we approach Halloween, it seems appropriate to talk about some of the brain-dead stupid practices that can destroy projects and technology companies with evil glee. These monstrous practices can be mitigated by shining heroes armed with the mystical sword of common sense, but only if IT buyers and boards are skilled and brave enough to wield it. Without further ado, let’s talk about the Monsters of IT and Technology.


Monday, 02 November 2015 00:00

School Safety: A Shared Responsibility

As classes resumed at schools across the country this fall, the issue of school safety is once again at the forefront of the national debate. How best to address school safety, both at the K-12 and higher education levels, is a weighty issue with no easy answers.

Simply trying to assess the level of school and university preparedness is challenging.

“As a country, we don’t have a good handle on where schools stand today because there is no good evidence of how safe schools really are,” said Amanda Klinger, director of operations for the Educator’s School Safety Network, a nonprofit that works with K-12 schools and institutions of higher education. “Save the Children did a report on what states require of schools, but we don’t know how many schools are meeting those requirements. From the research we do here, we generally find that schools are sorely underprepared, but we can’t say that in a quantified way.”


Monday, 02 November 2015 00:00

MSPs: Moving Small Businesses to the Cloud

Many MSPs work to target larger companies or major public sector groups such as local or state governments. But you may be missing out on a potentially lucrative faction. Small businesses are an important market for MSPs looking to provide cloud services such as cloud-based file sharing. Most small businesses don’t have the room for large internal IT support needed to use other computer applications. Cloud services provide them with an easy-to-use platform that can be used to satisfy just about any IT need a small business would have.

As an MSP it’s easy to understand why a small business would benefit from cloud services, unfortunately it’s not as clear to the small businesses why the cloud is good for them. Here are a few points you should address when selling your cloud services to small businesses:


Monday, 02 November 2015 00:00

The cyber threat to supply chains

The cyber threat to supply chains

Cyber threats to the supply chain have become increasingly prevalent due to the extensive sharing of digital information between organizations and their suppliers. With changing geopolitical landscapes and the rise of new global powers, outsourcing activities presents new and more complex challenges to businesses. In the latest edition of the Business Continuity Institute's Working Paper Series, Gianluca Riglietti investigates cyber supply chain resilience and highlights why business continuity is so important in helping to achieve this.

In an increasingly interconnected world, supply chains enjoy growing opportunities, while also being exposed to new threats. The paper outlines what these threats in the cyber field look like and how they can disrupt business, as well as demonstrating how to improve supply chain cyber security (SCCS) from a business continuity perspective. It highlights best practice to heighten security in SCCS, and makes suggestions for practitioners in order to practically apply this knowledge to everyday business.

The Paper concludes by emphasising that the business continuity profession can provide a significant contribution to overcoming the challenges, applying existing practices to a relatively new field and cooperating with other protective disciplines.

To download your free copy of ‘cyber supply chain resilience: a business continuity approach', click here.

October is National Cyber Security Awareness Month and an excellent opportunity for MSPs and solution providers to educate their customers on how to protect their data, applications and IT infrastructure from cyber attacks.

One area that SMBs often struggle with is securing how remote workers access corporate data and applications. Many employees want and need access to company files while in the field, but if they access and transmit corporate data via an insecure device, server or network, they are placing the business at increased risk for a cyber security incident. So, what can SMBs do to curb this dangerous behavior, and how can MSPs help?

Here are four steps that will help MSPs create a more stable and secure remote workforce for their customers, without compromising flexibility or manageability.


Thursday, 29 October 2015 00:00

TalkTalk hack a wake-up call for UK businesses

Cyber security and business experts have urged enterprises and the government to do more to prevent data breaches in the wake of last week’s talkTalk hack.

The communications provider initially warned the personal details of as many as four million customers could have been lost in the incident, though it has since said fewer people were affected than originally thought.

However, the scale of the breach has led to industry bodies and security professionals to call for more to be done to keep firms safe from such attacks.


Thursday, 29 October 2015 00:00

Business Continuity at the Edge of Chaos

Every now and again, a new theory of enterprise success appears. Business agility is one example, applying ideas drawn from agility in projects and industries like software development. To reap the benefits of the business version of agility, organisations should apparently operate at the “edge of chaos”. In this region, so the theory goes, the organisation is balanced between forces of change and constraints that work against change. The organisation is then “perturbed” enough to innovate and succeed. With this kind of vocabulary, how does business continuity fit in?


Thursday, 29 October 2015 00:00

Dynamic Bandwidth Allocation Capabilities Grow

Networks are transforming in a number of ways. At the highest level – one that is general and not tied to a specific technology – networks are becoming more dynamic; the amount and nature of bandwidth can be allocated on a fluid and real-time basis.

That’s a huge change. In a post at Vertical Systems Group, Rosemary Cochran points out that the agent of these dynamic capabilities may be software-defined networks, network functions virtualization (SDN and NFV), OpenFlow or others. In other words, the priority is to give customers what they want at a granular level. There are options. How it is done is secondary.

The post suggests that market leaders are taking their places:


Embracing the future is usually more of a process than an event. Once the initial FUD (fear, uncertainty, doubt) passes, there is often a complete 180 in which all the problems of today are expected to be swept away. Once actual development and deployment kick in, however, the real-world practicalities become evident, leading to the realization that new issues invariably arise to take the place of the old.

You can see this dynamic playing out across a variety of data center initiatives these days. From software-defined infrastructure to cloud computing and even plain-old virtualization, the bloom eventually comes off the rose, albeit usually after it is too late to turn back.

ClearSky Data’s Laz Vekiarides recently turned the microscope on software-defined storage (SDS) and found a number of things to be wary of, although certainly nothing that would outweigh the benefits. For one thing, there is no standard definition of SDS, which gives free rein to vendors to slap the label on all manner of solutions without necessarily providing all the functionality that users expect. As well, SDS is often price compatible with legacy storage infrastructure only when deployed on commodity white-box hardware, and even then only when purchased in quantities that exceed the needs of most enterprises.


FEMA and the state of Texas are highlighting Texas communities that have taken steps to reduce or eliminate long-term risk to people and property.

POTTER COUNTY, Texas – A multi-county initiative that began five years ago in the Texas panhandle provides residents an effective emergency alert system that helped save lives and property during the historic May 2015 floods.

The system, which has grown to include 150 counties, got its start in 2010 at the Panhandle Regional Planning Commission (PRPC). Funding was provided through FEMA’s Hazard Mitigation Grant Program.

“We found that only two of our 26 counties had any kind of mass notification capability,” said John Kiehl, regional services director of the PRPC. Established in 1969, the PRPC assists local governments in planning, developing and implementing programs designed to improve the general health, safety and welfare of the citizens in the Texas Panhandle.

“We discovered the other counties could not afford the cost of getting an alert system, much less maintain one,” said Kiehl, “but with help from FEMA and other partners, we were able to establish a reverse calling system to serve a wide array of emergency management purposes at a highly affordable cost.”

After considering different options, the PRPC decided to work with other jurisdictions that shared the need for mass notification. The result was the creation of the Alliance for Community Solutions (ACS), a group of stakeholders with a common interest in developing and implementing cost-effective, technology-based emergency management tools that benefit the group.

The PRPC applied for a grant from FEMA’s Hazard Mitigation Grant Program (HMGP) to fund the project so that all counties in the region could affordably obtain and maintain notification capabilities.

“We submitted a proposal for a system that would serve the entire 26,000-square-mile region,” said Kiehl.

The PRPC received about $785,000 from FEMA toward the project cost of more than $1 million. Most of the balance came from donations from individuals and private foundations. HMGP funds were used to purchase licenses at a cost of $600 per license. Each jurisdiction contributed $200 toward the cost of its license.

“Initially, we had difficulty sending short message system (SMS) text messages. We’d send out the first 25 calls, which would go through without a problem,” said Kiehl. “But after that, they started bottlenecking and bouncing back. We went through a period of time where people were getting their severe weather alerts a day and a half after the storm had passed.”

The issue was resolved by installing a new smartphone application called Fully Connect. Because it bypasses cell phone service provider servers, Fully Connect lets local officials send messages more quickly and reliably.

Kiehl said the system has been improved beyond its original design with enhancements funded by the PRPC and other ACS members. In addition to the common suite of tools that can send alerts by text, voice and email, the PRPC has included an English-Spanish translation. Other ACS partners have added more language modules including French, Mandarin, Cantonese, Vietnamese and German to better serve their non-English speaking residents.

The PRPC is now working on the last major FEMA-funded improvement: integrating the PRPC system with the federal Integrated Public Alert Warning System (IPAWS). When that happens, there will be seven different ways for emergency managers and authorized users to send alerts and notices to residents when their safety is at risk.

In May 2015, historic storms swept through central and south Texas over Memorial Day weekend, dumping up to 10 inches of rain over parts of previously drought-stricken Texas.

Medina County, an ACS partner more than 500 miles from the Panhandle, had funded a system enhancement that connected the county’s flood gauges to the mass notification system. As the river rose, automated notices were sent to keep county responders and residents aware of the situation. The PRPC is now looking to take advantage of this enhancement in the Panhandle.

What the PRPC did in the region is now serving 150 other counties in Texas because they are all working with the same provider. Every enhancement put into the system by any one of the counties is available to all other counties and jurisdictions within those counties, at no additional cost.

“FEMA has invested a lot of money in this initiative and we wanted the return to be as great as possible,” said Kiehl. “One of the best outcomes of this project is the partnership that’s been forged through ACS.

“Together, we’ll continue to cost-effectively improve this system long after our HMGP project has been closed out,” Kiehl said. “And anytime an ACS partner adds a system enhancement, all ACS members will benefit from it.”

For additional information about the Texas Panhandle Partnership Regional Alert System, visit: Panhandle Regional Planning Commission.

To learn more about how cities and towns across Texas are building stronger, safer communities, visit Best Practice Stories |


FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

At the Oracle Open World 2015 conference this week, Oracle revealed what it describes as a major breakthrough in IT security that prevents attacks from being launched at the processor level.

Oracle CEO Larry Ellison says the latest generation of SPARC M7 processors now assigns numbers to units of code and memory on the processor that have to match before that code can be executed. If they don’t match, the processor will not only not run that code, it can also request patches in real time to fix vulnerabilities and send alerts to other systems, regardless of processor type, that the data center is under attack from a potential threat.

As part of this expanded focus on security, Ellison also committed to making certain that encryption is turned on in the Oracle cloud and that, going forward, Oracle will make it impossible to turn encryption off for two reasons. The first is that the impact that encryption has on application performance is now negligible. The second is that Oracle wants to assure customers that none of its employees can actually view customer data when running in cloud, which Ellison says is something no other provider of cloud applications and services can absolutely assure customers.


Thursday, 29 October 2015 00:00

Is ‘Pretty Good’ Enough?

The question on the table today is whether “pretty good” is good enough when it comes to emergency management. Because some things are pretty good, after all. The Stafford Act, FEMA, the Incident Command System (ICS): They get the job done. 

But is that sufficient? There is grumbling throughout much of the emergency management community that each of these pillars of the profession can and should be improved upon.

They’re poorly structured, top heavy, fiscally irrational, inflexible — pick your poison. Changes must be made.

Despite the flaws, some say, the system runs as well as one might hope, and why tinker with (moderate) success? So what should and can be changed? How can Stafford, FEMA and ICS be made to perform to higher standards?


Wednesday, 28 October 2015 00:00

The State of the Cloud 2015

Cloud technologies and services such as cloud-based file sharing are at or moving towards the forefront of today’s IT world. But some of the information we found may be surprising even to a knowledgeable MSP. Using data from a CDW report on all things cloud computing and a survey conducted by RightScale, we have selected some important facts and figures on the current cloud landscape.


We’ve all had “that person” in our organization. The one who risks business security, who downloads information to personal accounts, who disregards IT policy and tries to save everything on a local device. So far in my lengthy career, I’ve worked with people who had these real incidents:

  • the CEO who dropped his mobile phone in the ocean during the company’s sales club trip to the Caribbean.
  • the sales manager who left her laptop at airport security — and flew across the country without it.
  • the engineering lead who lost his corporate phone in a New Orleans taxi during Microsoft TechEd.
  • the marketer who used a personal Dropbox account to share sales report data with his team – then left the company for a competitor.


Many British businesses have been lulled into a false sense of security when it comes to protecting their critical data from breaches, a new survey has found.

Research conducted by YouGov on behalf of Ilex International found that many firms express high levels of confidence in the defences they have in place, despite the growing threat posed by cyber criminals.

Almost a quarter of IT decision-makers surveyed (24 per cent) described themselves as very confident in their solutions, while a further 59 per cent said they were fairly confident their business is protected against data breaches.

Thierry Bettini, director of International Strategy at Ilex, said that given the fact the UK is a major economic centre and therefore a key target for cyber attacks, this level of confidence is concerning and “completely misplaced”.


Wednesday, 28 October 2015 00:00

Cloud Gateways in the Enterprise

In basic terms, cloud gateways translate block or file commands to the cloud via REST or SOAP APIs. They may be physical or virtual appliances, and in some cases, they are storage systems. Specific offerings vary. Some gateways are primarily caching mechanisms to speed up data transfers. Cloud gateways scale up the business food chain from SMB to the enterprise. For mid-sized businesses and enterprise, more advanced gateways offer robust features beyond simple caching.

Enterprise development is centering on gateways with added value, such as NAS storage systems with cloud enablement, native data protection, distributed file sharing and robust security. As of yet, gateways are not sufficient to translate high transaction commands to the cloud.

Some commenters put cloud storage gateways into the STaaS (storage as a service) category, but they aren't really the same thing. They require an on-premise appliance or storage system to work. Whether physical or virtual, the devices require IT optimization and maintenance time, as well as sufficient bandwidth to work. However, their value is clear when faced with the alternative of sending data to the cloud without a gateway.


Wednesday, 28 October 2015 00:00

Hurricane Patricia and Severe Weather Planning

Monumental damage was averted this week as Hurricane Patricia narrowly missed the urban centers of Puerto Vallarta, Manzanillo and Guadalajara and then downgraded when she reached the coastal mountains near Cuixmala in Jalisco state of southwest Mexico.

Strongest Pacific Hurricane on Record

With off-shore winds recorded at over 200 miles per hour, Patricia was recorded averaging 165 MPH when she hit land at 6:15 on the evening of 10/23.  The most powerful Pacific hurricane on record, Patricia, luckily resulted in considerably less damage than predicted and no loss of life.


Wednesday, 28 October 2015 00:00

Apple in the Enterprise: Is It Real This Time?

Apple has set its sights on the enterprise. This is nothing new, of course, as Apple has wanted to play a part in the world of professional data communications for decades.

But with its hold on consumer gadgets, and the idea that most knowledge workers would prefer to use a single client device for both their personal and professional lives, the company is now angling to invade the workplace in a big way.

Apple announced last month that the company earned about $25 billion in revenues from enterprise channels last year, which would be a stunning result for any other company but actually amounts to about 11 percent of Apple’s total haul. The company is busy working with IBM and others to make the iOS operating system more compatible with the enterprise back end, but as ZDNet’s Steve Ranger points out, rigid pricing and a high level of secrecy regarding future development paths make it hard for the enterprise to fully commit to the Apple platform. As well, business organizations are much less willing to pay the premium prices that Apple charges to consumers.


Wednesday, 28 October 2015 00:00

Grant Will Give County Back-up 911 System

(TNS) - Butte-Silver Bow has secured a $185,000 grant to set up an alternative 911 call center at the Emergency Operations Center on the Flat should the one at the Sheriff’s Department in Uptown Butte go down.

The federal grant, administered through the state, will pay for the entire system and equipment. It was one of the priorities when construction on the emergency operations center building was completed nearly a year ago.

The $3.5 million state-of-the-art building also houses the Butte district of the Montana Highway Patrol and a driver’s license office.


(TNS) - Emergency responders in Bay County have a new tool to fight contamination: electronic mist.

Emergency personnel trained earlier this month at the Bay County Emergency Operations center on using the e-mist surface management system (SMS). Representatives from the Bay County Health Department also attended the training session.

The Bay County Hazardous Materials Team can use the e-mist SMS to respond to meningitis and Ebola outbreaks, Bay County Fire Rescue Lt. and Hazardous Materials Team member Seth Imhof said. The e-mist SMS, which operates like a spray gun, was acquired through a federal grant.


Wednesday, 28 October 2015 00:00

10 Tips to Excel in ERM

CHICAGO—For many risk managers looking to implement enterprise risk management programs, one of the biggest challenges is figuring out how to do it properly. Unfortunately, as Steve Zawoyski, ERM leader at PwC, pointed out in a session at this year’s RIMS ERM Conference, you will never find the perfect ERM program—it’s basically as mythical as a unicorn. But there are certain key steps you can take to increase your chances for a successful ERM program. Zawoyski’s top tips are:


The majority of small businesses, the ones most vulnerable to devastating outcomes in the event of an unplanned disruption, continue to ignore IT disaster recovery planning. Unfortunately, they do so at their own peril. As we witnessed with Superstorm Sandy, the “longer a business goes without getting back on their feet, the more likely it is that they will never get back on their feet,” said Michael Mullin, president of Integrated Business Systems. In the past, business continuity solutions were only within reach of businesses with hefty budgets; however, cloud computing has now made IT disaster recovery accessible to small businesses.

Proper Planning Can Protect Against Disaster Losses

A recent report from Databarracks revealed that just 27 percent of small organizations have a business disaster recovery plan in place, while their larger counterparts in medium and large businesses have a 68 and 73 percent readiness rate when it comes to having a documented plan. Some small businesses do have a plan in place, but the report confirmed that aren’t actively testing it.


EATONTOWN, NJ. -- In the three years since Hurricane Sandy scored a direct hit on New Jersey, the Federal Emergency Management Agency has been actively engaged in the recovery effort, providing $6.8 billion to date to help the state recover and rebuild.

This money has helped to restore critical facilities, clear debris, replace boardwalks along the Jersey Shore, rebuild public infrastructure, and reimburse municipalities throughout the state for the enormous costs of clearing debris and restoring public safety in the immediate aftermath of the storm.

FEMA’s National flood Insurance program has paid out more than $3.5 billion in claims to flood insurance policyholders whose homes were damaged or destroyed by the storm. Through FEMA’s Individuals and Households Program (IHP), the agency approved $422.9 million in payments to Sandy survivors.

FEMA Public Assistance, which provides funds for repair and rebuilding of infrastructure and public facilities as well as necessary work such as debris removal and emergency response, has obligated $1.809 billion in Public Assistance funds towards repair and rebuilding projects in New Jersey.

As the work of rebuilding continues, FEMA is helping to strengthen the state’s capacity to withstand a future disaster. Thirty-nine percent of all Public Assistance (PA) projects have accompanying mitigation projects. FEMA is funding projects that protect vulnerable facilities from inundation by storm waters, raise homes above the flood plain and convert neighborhoods that have experienced repeated and devastating flooding to public, open space. Eighty-six percent of all New Jersey PA projects over a half-million dollars have a mitigation component.

To date, the FEMA’s Hazard Mitigation Grant Program has obligated $258,456,164 million for a series of mitigation measures that includes voluntary property acquisitions in communities subject to repetitive flooding, energy allocation, retail fuel, infrastructure, home elevations and planning projects, including $30.9 million for home elevations in flood-prone areas and $9.7 million for the Retail Fuel Station Program. The RFS is a voluntary grant program designed to enhance the operational resiliency of retail fuel stations statewide by funding the installation of back-up generators capable of operating fuel pumps when power outages occur.

FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Follow FEMA online at,,,,, and, follow Administrator Craig Fugate's activities at

The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.”

Tuesday, 27 October 2015 00:00

5 simple tools to help count the cost of IT

SaaS TCO Calculator

Buying a SaaS product is very different to paying for software in the traditional sense, with the latter tending to involve one-off licence fees rather than subscriptions, greater overheads in terms of setup and maintenance, and potentially demanding their own dedicated hardware. The Software Advice TCO Calculator allows users to make a side-by-side comparison of SaaS and on-premise software in terms of cost, taking into account a vast array of factors like the terms of their respective licences, their life expectancy, and any support and training that may be required. It also provides a useful visualisation of cost over time.


Tuesday, 27 October 2015 00:00

Cobalt Enters the BCI Hall of Fame

Winning a BCI Award, whether regional or global, is a considerable achievement. It demonstrates your dedication to the industry and reflects the effort you have put in, either as an individual or as an organization. BCI Award winners act as a shining light to those around them, giving them something to aspire to and work towards. To win a BCI Award on a regular basis however, that takes something extra special.

The BCI is pleased to announce that the latest entry to the Hall of Fame is Cobalt. Cobalt have won three consecutive BCI Middle East Innovation of the Year Awards with three different solutions. This category is a particularity difficult category to win repeatedly as entrants must provide evidence that they are exploring new ground, delivering innovation, understanding current and future needs, and at the same time deliver tangible operational benefits for clients.

Jean-François Plante, Cobalt founder and CEO said: “To achieve entry into the BCI Hall of Fame is a realisation of our determination to develop world-class solutions and be a global leader in our industry. From day one, the Cobalt team has worked with a clear focus on innovation and quality, with the BCI and its members’ principal in our endeavours.

There is a lot of marketing strategy in our industry but for Cobalt, it starts and ends with talking to people. People, with their unique experiences, shared concerns and organisational needs, give us our market vision and enable us to listen and provide answers with our technology, this validation is testament to our vision and we are incredibly proud."

The Business Continuity Institute’s Hall of Fame, set up in 2015, is for those who have not only displayed a high standard of achievement, but have done so consistently. As such, only those who have won three BCI Awards within the same category will be permitted to enter.

Tuesday, 27 October 2015 00:00

The IT Security Risk on Your Wrist

Mobile computing devices used to be the challenge for many enterprises. IT departments found themselves tugged in several different directions at once. Employees insisted on using their tablets and smartphones to access company applications, while security officers threw up their hands in horror at the idea of unknown and uncontrollable devices having a way in to corporate data. Judging from statistics from a survey earlier in 2015 by BYOD security solutions provider SOTI Inc., security officers are right in their misgivings. Mobile device usage puts enterprises at risk, whether through sloppy networking or data storage practices or other. Yet what if the bigger security risk was now no longer in your pocket, but strapped to your wrist?


EATONTOWN, N.J. -- When it comes to destruction, disasters like Superstorm Sandy don’t discriminate:  historic structures and environmentally sensitive areas that lie in the path of a storm are in just as much peril as less significant sites.

But when a historic structure or ecologically fragile area is damaged in a disaster, particular care must be taken to ensure that any repair or remediation that must take place is done in accordance with historic and environmental regulations.

To accomplish that, state, county and local officials in the impacted area are able to draw on the support of the Federal Emergency Management Agency’s Environmental and Historic Preservation Specialists.

The EHP cadre plays a critical role in helping municipalities and agencies understand the importance of compliance with environmental and cultural regulations so they may make informed planning decisions.

A view of the damaged Liberty State Park pedestrian bridge
The Liberty State Park pedestrian bridge was destroyed in Sandy.
EHP provides expertise and technical assistance to FEMA staff, local, state and federal partners and applicants who are tasked with the challenge of preserving historic, cultural and natural aspects of our national heritage. They help applicants understand what is required under the law and how best to meet those requirements.

At Liberty State Park, which is adjacent to Jersey City, Superstorm Sandy destroyed a popular pedestrian bridge that provided access to the park for walkers and cyclists in the Jersey City area.

With the help of specialists from FEMA’s Environmental and Historic Preservation Department, city officials acted quickly to develop a plan for reconstructing the bridge.

The city applied for a FEMA Public Assistance grant which, if the project was approved, would reimburse the city for most of the reconstruction costs.

Because the original bridge traversed environmentally sensitive wetlands, it was important that any new construction be environmentally acceptable and that it occupy the same footprint as the previous bridge.

The park, an oasis of green space adjacent to the bustle of Jersey City, offers recreational facilities, a science museum, and several historic sites including the historic Central Railroad of New Jersey terminal where new immigrants arriving from Ellis Island boarded the trains that would take them to new lives across America.

The park is also the site of a memorial honoring those who died in the attacks of Sept. 11, 2001, titled Empty Sky. It is the most heavily visited park in the state.

Located just across the river from lower Manhattan, Liberty State Park also played a critical role following the attacks of 9/11 as a staging area for first responders.

With so many reasons for area residents to visit the park, restoring access via the pedestrian bridge was a priority for Jersey City officials.

The cost of replacing the 120-foot-long, 10-foot-wide bridge replacement project was estimated at $834,600. Jersey City’s Assistant City Engineer Jeff Reeves chose a pre-fabricated bridge that could be lifted onto the foundation via a crane. The pre-made span cost $160,000.

Restoring the foundation cost an additional $650,000, which included the demolition of the remnants of the original bridge and the installation of necessary components such as foundation “riprap.”

The final cost for reconstruction of the foundation and replacement of the pedestrian bridge came in under budget at $755,642 which represents the 90% federal share of the total cost.

A view of the newly constructed bridge
The new Ethel Pesin Liberty Footbridge
Because the total cost of disaster recovery in New Jersey exceeded a benchmark set by the federal government according to a specific formula, the federal share of the cost of the bridge replacement was increased to 90 percent with the remaining 10 percent borne by the state and the City of Jersey City.

On June 20, 2013, Jersey City Mayor Jerramiah T. Healy dedicated the new bridge, which has been officially named the “Ethel Pesin Liberty Footbridge” in memory of the woman who, with her husband, Morris, worked tirelessly to  establish the park. A community leader and founding trustee of the Friends of Liberty State Park, Pesin died early in 2013.

“We know how important this piece of infrastructure is to our residents, and that is why we worked with OEM and our engineering staff to find a way to expedite the replacement of the Jersey Avenue footbridge,” the mayor said.

Today, walkers and cyclists are again able to enjoy the recreational facilities at Liberty State Park and visit the park’s historic sites via the Jersey Avenue Bridge.

And because of the teamwork between state and local officials and FEMA’s EHP experts, the environmentally sensitive wetlands that surround the bridge have been protected.

Please be sure to watch the video titled, “Apr 17, 2013- Liberty State Park - A Gift Worth Saving” at

FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Follow FEMA online at,,,,, and, follow Administrator Craig Fugate's activities at

The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.”

(TNS) - In the midst of powerful storms and heavy rains, Victoria set a new record Saturday, receiving 3.87 inches of rain.

The previous record for the most rainfall received on Oct. 24 was set in 1949 with a total of 2.17 inches, according to the National Weather Service.

Although the city is not experiencing any major flooding at the moment, Richard McBrayer, coordinator of Victoria's Office of Emergency Management, said Sunday that the public should not let its guard down. The city received .3 inches of rain Sunday with most ending by 11 a.m. Sunday.

"Right now, we're at a mild to moderate flood rate, but we'll be monitoring it and know more later in the week," McBrayer said, as the rain continues to drain into regional creeks and the Guadalupe River.


(TNS) - Greenfield Twp. firefighters were cutting a driver out of a Jeep last week when an elderly man from the other car involved in the wreck started having chest pains.

Firefighters tried to call for another ambulance, but the crash scene near the intersection of Route 247 and Greenfield Road was in a dead zone in the county radio network, Fire Chief P.J. Fortuner recalled.

“We had to call Susquehanna County to dispatch the ambulance,” Chief Fortuner said. “It took a good 10 minutes for the ambulance to get there because they couldn’t hear us.”


Tuesday, 27 October 2015 00:00

Tornado Watch Issued for South Mississippi

(TNS) - South Mississippi was under a tornado watch until 2 a.m. Monday.

The National Weather Service issued the report Sunday evening and said a couple of tornados are possible in southeastern Louisiana, coastal Mississippi and coastal waters.

A tornado watch means conditions are favorable for tornadoes and severe thunderstorms. The weather service said a gradual increase in tornado threat is apparent across the area through at least part of the overnight.

The area included in the watch is from 40 miles south of New Orleans to 50 miles east of Gulfport, which includes the three Coast counties and the waters to the south.


Tuesday, 27 October 2015 00:00

BCI: The impact of losing an employee

Only four in ten small or medium sized businesses in the UK would be able to survive if their founder suddenly left. That is according to a study by Network ROI which also revealed that a third of respondents to their survey claimed their business would not even survive a month.

Of course it may not be the founder of an organization who is pivotal to its success, the lack of a suitable person to fill any key role could cause a crisis. The latest Horizon Scan Report published by the Business Continuity Institute revealed that the lack of availability of talents/key skills was considered a potential threat to organizations by a third of business continuity professionals who responded to a global survey, while 59% noted that the loss of a key employee was something to watch out for in the future.

This goes to show how valuable some people can be to their organization, either because of the figurehead role they provide, or perhaps because their skills are so niche. This study helps reinforce the importance of succession planning so that when someone leaves an organization, for whatever reason and whether temporary or permanent, their workload can still be carried out effectively, without disruption to the organization.

Sean Elliot, Managing Director of Network ROI, commented: "We carried out the business continuity and succession planning survey to get a better understanding of attitudes towards these issues within the UK small business community. The results show that business continuity is an area that requires a greater deal of investment and understanding, especially within the SME space."

Sony (SNE) has reached a settlement related to claims from current and former employees over the theft of personal information in a cyber attack that took place last year.

And as a result, Sony tops this week's list of IT security newsmakers to watch, followed by TalkTalk, G DATA and Xero

What can managed service providers (MSPs) and their customers learn from this week's IT security newsmakers? Check out this week's edition of IT security stories to watch to find out:


When emergencies arise, one of the most difficult aspects of crisis management is accessing the most accurate and timely information available to drive effective response planning and decision making.  Whether the incident is happening across campus or across the globe, it’s unlikely that all of the people needed to determine next steps are on-site with a first-hand view of the situation. Real-time, interactive field communications are a key success driver.

Common Field Communication Challenges

MissionMode supports hundreds of organizations across a wide variety of industries many of which encounter frequent field-based situations that need rapid management.  Very often, the people on the spot when a situation arises don’t include all those who need to be involved in determining response. Some common customer examples we see include:


Tuesday, 27 October 2015 00:00

Bucking the Rating Trend

Broker Willis has just published its commercial insurance rate predictions for 2016.

What’s the outlook for insurance buyers?

Overall, the property/casualty insurance market continues to soften and Willis predicts further softening ahead, fueled by relatively benign losses and an oversupply of capacity from traditional and non-traditional sources.

For 2016, 10 lines of insurance—property, casualty, aviation, energy, health care professional, marine, political risks, surety, terrorism and trade credit—are expecting decreases.


In the rush to enact open data policies and dive into innovation projects, cities are seriously considering the value of chief data officers — and officials in Long Beach, Calif., are no different. But the city is taking a different approach: crowdsourcing.

The chief data officer role is an emerging one, encapsulated in a trichotomy of technical expertise, internal strategizing and community engagement. For cities, chief data officers often oversee the nuances in analytics projects and open data policies, coordinate department data initiatives, and vet potential tech partnerships in the private sector. For citizens, the role is most visible in their advocacy for civic apps and volunteer expertise.

Although we might have a baseline understanding and systems in place to handle a disaster, the reality is that most businesses will experience significant downtime as a result of an unplanned disruption. Three in four companies worldwide have inadequate disaster recovery plans according to the Disaster Recovery Preparedness Council’s 2014 Annual Report. In the majority of cases, this is simply because companies do not have the time or resources to sufficiently safeguard all areas of their business. In order to secure your business, let’s take a look at some of the best ways to close the most typical gaps in disaster recovery preparedness.

Start with the Disaster Recovery Plan

Every company needs to have an effective disaster recovery plan documented. Many organizations may have started to write a plan, but it’s not comprehensive or possibly not entirely effective in the event of the worst-case scenario. Evaluate where your company is with its planning, and commit to making an improved plan as soon as possible.


Tuesday, 27 October 2015 00:00

9 Questions to Ask During a Crisis

When an incident happens it is essential that the top management of an organization establish, define and document their policy for crisis management, which includes clear directions and expectations. It includes a statement of intent that clearly and concisely outlines their objectives, describes in broad terms how they intend to realize them and conveys their commitment and determination. The policy statement should include a definition of scope. It should identify who is to be responsible for various aspects of the response and recovery actions and its overall coordination. It should also establish priorities, timelines and standards for the delivery of the organization’s crisis management capability, as well as budget and other resource limitations as necessary. The document should address key questions that set the tone for the duration of the crisis such as:


Monday, 26 October 2015 00:00

Top 5 Cloud Adoption Barriers

Although cloud adoption is on the rise, with 35 percent of all IT services being delivered by cloud according to a CDW report, there are still many concerns from both private businesses and the public sector. The hesitancy toward adopting cloud services and cloud-based file sharing can be attributed to a myriad of reasons, but there a few barriers that stand above the rest. These are the top 5 cloud adoption barriers and what MSPs can do to move past them.

Although cloud adoption is on the rise, with 35 percent of all IT services being delivered by cloud according to a CDW report, there are still many concerns from both private businesses and the public sector. The hesitancy toward adopting cloud services and cloud-based file sharing can be attributed to a myriad of reasons, but there a few barriers that stand above the rest. These are the top 5 cloud adoption barriers and what MSPs can do to move past them.


The University of Cambridge released research earlier this month that suggests that 88 percent of Android devices have been vulnerable to at least one of 11 critical security flaws during the past four years, according to eWeek.

The variables in the computations take into account the diligence of manufacturers in releasing patches and a number of other factors. The bottom line of the study suggests that manufacturers are not doing their jobs. A strategy was also suggested for assessing how the manufacturers are responding over time:

The researchers proposed a benchmark to measure the overall security of devices and the support of their manufacturers. The benchmark, dubbed the FUM score, uses three metrics: the proportions of devices free from critical vulnerabilities and running the latest version of the Android operating system, and the mean number of vulnerabilities still unpatched by the manufacturer.


Over the course of the next few days, millions of tweeters will be given the option to create and respond to public polls in a few short steps.

The wildly popular social network announced its plans to roll out the feature in a blog post Wednesday and said the anonymized voting system would allow users to weigh in on the topics that matter most to them.

While we are sure to see a fair amount of pop culture-centric polls as a result of the new function, we are also likely to see governments putting it to work as a means of directly connecting with their citizens.


(TNS) - When Frederick County firefighters upgraded to the 800 megahertz radio frequency several years ago, not all of the county’s closest neighbors followed suit.

As a consequence, county firefighters found themselves unable to communicate directly with stations in Jefferson County, West Virginia, Franklin County, Pennsylvania, and Washington County, all of which stayed in the lower, 400 MHz range, said Chip Jewell, chief of the Frederick County Division of Volunteer Fire and Rescue Services.

“Essentially, the lower the frequency, the wider the penetration you get,” Jewell said of the outlying counties’ decision to stick with the lower frequency. “They get better penetration using the UHF 400 MHz frequencies due to the mountainous terrain that you see more of past Frederick.”


Monday, 26 October 2015 00:00

Alerts & Notifications

By Rick Wimberly

Can Earthquake Alerts Work?

With earthquake sensors evolving in the US, how far behind is a fast-acting system for delivering earthquake alerts to the public? A system for detecting earthquakes, then making alerts available for dissemination is being developed by the U.S. Geological Survey agency, the State of California, universities, foundations, and private companies. Oregon and Washington states are also involved. Apps and software systems are being developed to pick up the alerts from the new system, called ShakeAlert, and distribute them to the public.

One of the approaches would use FM radio signals to deliver alerts to special devices. The signals would be delivered through what’s called Radio Data System.  RDS is the same method used to send names of recording arts and other information to car dashboards. Global Security Systems/AlertFM (GSS) says its RDS/receiver system will deliver earthquake alerts faster than other alerting systems such as Wireless Emergency Alerts (WEA) or the Emergency Alert System (EAS).   Read More

Hurricane Patricia, the strongest storm ever measured in the eastern Pacific, is on track to devastate southwestern Mexico starting Friday afternoon. The National Hurricane Center is warning about a "potentially catastrophic landfall," and authorities are scrambling to evacuate the area:

The storm's current size is shocking. Just 30 hours ago, Patricia was an ordinary hurricane with maximum winds of 60 miles per hour. Since then, Patricia has grown into a monster Category 5 hurricane, with maximum sustained winds nearing 200 miles per hour. The current storm appears to be unprecedented in the historical record.


Friday, 23 October 2015 00:00

Why MSPs are Failing Compliance Tests

Regardless of how efficient your cloud-based file sharing infrastructure is, having proper compliance is still essential.  If you’re the type of ambitious managed service provider (MSP) that plans on introducing your services to highly-regulated industries like healthcare, banking, or retail, compliance becomes even more important.

Sure, there is a lot of money to be made, but the barriers-to-entry for these coveted grounds are also pretty high. Manning these barriers are the compliance auditors, the gatekeepers that possess an array of methods with which they can figure out whether or not you are worthy of being let in.

Not only are the audits grueling, but failing to pass their scrutiny can lead to detrimental consequences for your company.  Not being compliant is as dangerous for your clients, as it is for you. So tread carefully, enterprising MSPs, because the penalties for not meeting standards can range from $500 to $1,500,000!


While plenty of organizations are decommissioning their datacenters in favor of the cloud model, many are not comfortable with a leap to big public cloud providers. 

That’s why Breakthrough Technology Group (BTG) is finding success with private cloud – the sweet spot for customers that no longer want to manage their own on-premises datacenters, but have reservations about moving their infrastructure to mass-market public cloud services.

“We often hear from customers that they don’t want to be in the datacenter business anymore,” said Joey Widener, vice president of business development.

“However, they are wary of public clouds, for example, because they have no control over where their data resides and don’t want to compete with other customers for resources.”


Friday, 23 October 2015 00:00

Making Visual Evidence Manageable

In the wake of the 2013 Boston Marathon bombing, the Boston Police Department encouraged anyone who had taken smartphone photos or video at the scene to send their footage to investigators. The public response was so strong that the department was soon overwhelmed by the volume of potential evidence it received, requiring the FBI to step in and help sift through it all.

The Vancouver, British Columbia, Police Department was similarly inundated by citizen-recorded photos and video after the city’s 2011 Stanley Cup riot — 5,000 hours of video alone had to be examined during the investigation. This job was too big for the department to handle. Luckily its personnel were aided by a team of experts assembled by the Law Enforcement and Emergency Services Video Association (LEVA).

In both instances, the citizen-supplied evidence was attached to a cloud of extensive IT resources and manpower demands, and all of this potential evidence had to be collected, accessed and stored somewhere. This can make citizen-sourced visual evidence an unmanageable nightmare for most police departments.


(TNS) - Hartshorne Public Schools Superintendent Mark Ichord recalls a day when the city’s tornado sirens blared as a violent thunderstorm approached.

“I was going through town and the sirens were going off,” Ichord said. His thoughts immediately flashed to the safety of the students — but they had nowhere to go.

“They didn’t have anything except a concrete block building,” he said. Fortunately, the storm passed, but it left a persistent feeling that Hartshorne students are too vulnerable to extreme weather.

Ichord and other members of the Hartshorne school administration and board of education would like to see that changed — not only for the students, but also for the entire community.


Cyber criminals in the UK are increasingly targeting specific individuals, rather than simply casting a wide net and hoping to get lucky, according to a new report.

Research by internet security campaigners Get Safe Online found many people in the UK have been exposed to this new wave of targeted attacks. More than one in five individuals surveyed stated they believed they had been specifically targeted by criminals, with 37 per cent left feeling vulnerable as a result.

One of the most common ways in which victims were targeted was through ‘phishing’ emails, with 26 per cent of people saying they had fallen victim to this.

This type of attack – and in particular its more targeted ‘spear phishing’ sub-type – can include information highly specific to an individual or company in an effort to get them to part with personal data such as financial details or business login credentials, which can then be used to steal sensitive data.

However, Britons are becoming more alert to the risks posed by cyber criminals, with some 30 per cent stated they know more about online security now compared with a year ago, while a further 21 per cent say they know more than they did two years ago.

Get Safe Online found the growing number of high-profile data breaches has played a key role in this. Almost two-thirds of the public (64 per cent) have become warier about sharing personal details with businesses, with 23 per cent saying this was a result of the Carphone Warehouse hack, while 18 per cent cited the Apple iTunes email scam and 17 per cent stated the TalkTalk, Sony and Ashley Madison breaches.

Chief executive of Get Safe Online Tony Neate said: “As we spend more of our lives online, our digital footprints inevitably get bigger. Sadly, that means opportunist fraudsters will use information about us to make their scams more believable and difficult to detect.”

When looking for data recovery services, look for one with a track record of success. Ontrack Data Recovery services has 40,000 data recovery stories to tell every year.


Friday, 23 October 2015 00:00

The Challenges of Reliable Tape Archiving

No matter whether we are talking about contracts, customer data or manufacturing plans and design diagrams, corporate data has a significantly longer half-life than the ephemeral IT systems on which it is stored. If legal retention periods are also taken into account, it is no wonder that companies are looking for a reliable and secure solution to archive their data. Tape archiving has proved to be the method of choice for decades, but there are some challenges and pitfalls lurking behind it that should be considered.

Archiving instead of saving

The most important basic rule in data archiving is that data may not simply be saved, but that it must be preserved in the long term so that it is accessible when necessary. Retention periods of 10 years and more cause companies to face problems over and over again, as proven by examples from everyday work at Kroll Ontrack. Thus, for example, a bank audit required the submission of 35,000 booking records from the 1980s. Since this bank takes its archiving responsibilities very seriously, the relevant data had been preserved on tapes, but the hardware and software required to run them was no longer operational.

At another company, the internal audit department ordered the restoration of all Lotus Notes email accounts from an AS/400 system. However, the hardware used at that time no longer existed at the company, thus lacking the ability to read the data needed.


Friday, 23 October 2015 00:00

FEMA: Hurricane Wilma: Ten Years Later

ATLANTA -- Ten years ago October 24, Hurricane Wilma slammed ashore near Naples, Fla., as a Category 3 storm with a 50-mile-wide eye. Wilma was the most intense hurricane on record in the Atlantic Basin, with wind speeds reaching 175 mph over the Gulf of Mexico.

By the time Wilma exited the state near Palm Beach, it had spawned 10 tornadoes, left five people dead and six million people without power. Rainfall exceeded seven inches in some parts of the state. The President's Oct. 24, 2005, disaster declaration made federal funding available to disaster survivors in Brevard, Broward, Collier, Glades, Hendry, Indian River, Lee, Martin, Miami-Dade, Monroe, Okeechobee, Palm Beach and St. Lucie counties.

In addition, federal funding was made available to the state and eligible local governments for debris removal, emergency protective measures and other public assistance in Brevard, Broward, Charlotte, Collier, De Soto, Glades, Hardee, Hendry, Highlands, Indian River, Lee, Martin, Miami-Dade, Monroe, Okeechobee, Osceola, Palm Beach, Polk, Sarasota and St. Lucie counties.

To help disaster survivors FEMA obligated $342.5 million to 227,321 disaster applicants for the Individual and Household Program. Of that amount, $150.8 million was provided for housing (including temporary rentals and repairs) and $191.5 million for other serious disaster-related needs, such as personal property losses and moving and storage, medical or funeral expenses.    

FEMA also has obligated more than $1.4 billion in Public Assistance to the state of Florida, local governments and eligible nonprofit organizations for eligible projects. Of that amount:

  • $956.3 million reimbursed for debris clearance and emergency measures to protect public health and safety immediately after the storm;
  • $477.5 million reimbursed the work needed to make permanent repairs.

To date, more than $141.5 million has been obligated by FEMA for 119 Hazard Mitigation

Grant Program projects to build stronger, safer more resilient communities in Florida since Hurricane Wilma. A total of 111 mitigation projects are completed of which 90 are to retrofit public structures to protect against wind damage and 11 drainage projects to protect the public from flooding events.


FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

COLUMBIA, S.C. — South Carolina’s historic floods affected people’s jobs, mental state or left them needing legal assistance. But help is still available. There are several programs to assist survivors with these issues as they work to recover from the floods:

Disaster Unemployment Assistance

Disaster Unemployment Assistance application deadlines are approaching for several counties. DUA may be available to survivors who lost their jobs or businesses as a result of the recent floods. Survivors in any of the federally designated counties are eligible to apply. Apply by visiting or by calling 866-831-1724.

The deadline for survivors to file a claim is Nov. 4 in Charleston, Dorchester, Georgetown, Horry, Lexington, Orangeburg, Richland, and Williamsburg counties; Nov. 5 in Berkeley, Clarendon and Sumter counties; Nov. 6 in Calhoun, Darlington, Florence, Kershaw and Lee counties; Nov. 7 in Bamberg, Colleton and Greenwood counties; Nov. 12 in Newberry County; and Nov. 19 for Fairfield and Marion counties. Call 888-834-5890 for more information.

Disaster-Related Legal Assistance at No Charge

A free helpline is available for survivors who have disaster-related legal questions. A partnership between the American Bar Association Young Lawyers Division, the South Carolina Bar, the South Carolina Bar Young Lawyers Division and South Carolina Legal Services is providing the service.

Survivors who have flood-related legal issues and cannot afford a lawyer should call 877-797-2227 ext. 120 or 803-576-3815 between 9 a.m. and 5 p.m., Monday through Friday.

Crisis Counseling Available

Many survivors recovering from the floods are also recovering emotionally. Free help is available for flood survivors who feel overwhelmed, exhausted or unable to cope. Mental health professionals are available at disaster recovery centers. Survivors can find their closest recovery center by calling 800-621-3362 or by logging onto

Survivors who sustained losses in Bamberg, Berkeley, Calhoun, Charleston, Clarendon, Colleton, Darlington, Dorchester, Florence, Georgetown, Greenwood, Horry, Kershaw, Lee, Lexington, Newberry, Orangeburg, Richland, Sumter and Williamsburg counties are eligible to register for federal disaster assistance.

Apply for assistance by registering online at or by calling 800-621-3362. Disaster assistance applicants who are deaf, hard of hearing or have speech disabilities should call 800-462-7585 (TTY); those who use 711/VRS may call 800-621-3362. The toll-free telephone numbers will operate 7 a.m. to 10 p.m. seven days a week until further notice. Survivors may also choose to visit a disaster recovery center in their county. To find the nearest center log onto

(TNS) - The United Nations on Tuesday lauded the Philippine government’s preparedness for Typhoon Lando (international name: Koppu) that minimized the number of both casualties and affected communities compared to past typhoons that befell the country.

Although the United Nations Children’s Fund (Unicef) expressed concern for children stranded in remote areas, the disaster risk reduction arm of the international organization credited the Philippine government’s preparedness program for minimizing the typhoon’s damage to life and property.

A statement from the Unicef and the UN Office for Disaster Risk Reduction (UNISDR) said the country’s preparedness strategy “paid off.”


(TNS) - A new phone app introduced by the Grundy County Emergency Management Agency [EMA] will allow users to be notified immediately of emergencies and give them a place to report damage.

EMA Director Joe Schroeder said the app provides an economical and user-friendly way to get emergency alerts out to residents.

“We used to use Reverse 911 service funded by the ETSB [Emergency Telephone System Board], we no longer use that and had to develop a plan to still get the information to the residents,” Schroeder said.

Schroeder said Reverse 911 is a public safety communications system developed by Cassidian Communications that allows users to pick a geographic area to which to push alerts. The cost of the system is $17,000 a year and it dials home phones within the defined area.


Thursday, 22 October 2015 00:00

The Internet You Never Knew Existed

Could you imagine doing business without the Internet today? From ecommerce to online CRM, and from social networks to cloud disaster recovery, the Internet has been grafted onto most existing businesses and is built into the DNA of new ones. That, of course, means the Internet that most people know, the one with Facebook, Amazon Web Services, Salesforce, Gmail and Microsoft Office 365. There is however another part of the Internet that remains hidden to anybody using a “normal” browser like Chrome, Edge, Firefox or IE. Also known as the Tor Network, it includes about 50,000 websites that live in a cyber business space all of their own. Is this a new commercial opportunity – or a security nightmare you should avoid like the plague?


In advance of the breakup of Hewlett-Packard that is scheduled to go into effect in a little over a week, Trend Micro revealed today that it has acquired the TippingPoint security business unit from HP.

Trend Micro COO Wael Mohamed says the acquisition comes after years of collaboration and joint product development between the two companies. By acquiring TippingPoint, Mohamed says that Trend Micro is now venturing into the realm of network security as a complement to its existing endpoint and data center security offerings.

Valued at $300 million, Mohamed says Trend Micro had previously preferred to partner with providers of network security technologies. But with the rise of cloud computing, he says it has become apparent that IT organizations are increasingly looking for a more holistic approach to IT security that spans the entire IT environment.


As you would expect, the opening of Dell World had a lot to do with the announced EMC merger. The goal is for Dell to build the biggest IT infrastructure company in the world. Michael Dell’s opening keynote focused on the power of the EMC merger for the company’s future and present success. It remains one of the few firms that has found a way to become successful while building a company that can anticipate the future.

Interestingly, the final guest at the keynote was Satya Nadella from Microsoft, who talked about their joint project in the cloud. The two companies announced a combination of Azure and CPS to provide hybrid cloud solutions for organizations of all sizes. Dell and Nadella also spoke about how they both were excited about Windows 10 and then spoke to the fact that both firms now build competing PCs (some of which Dell will resell). So, as big as Dell plus EMC will be, the point is that the company’s future will still be largely defined by some of its largest partners. This showcases a breadth from client to cloud that is currently unmatched in the market.

Let’s talk about the specifics of the rest of the keynote.


NEW YORK—At yesterday’s Advisen Cyber Insights Conference, Zurich and Advisen released the fifth annual Advisen Cyber Survey of U.S. risk managers, finding a 9% acceleration in cyber liability insurance purchasing from 2014 to 2015. The firm has seen a 26% increase in the number of respondents who have coverage since the first survey in 2011.

Companies are taking cyberliability more seriously, Zurich reports, with the number of organizations developing data breach response plans up 10% from last year. What’s more, companies appear to be better recognizing the sheer amount of value at risk, with two-thirds of respondents saying they have either increased their policy limits or are considering doing so. While Zurich found that more organizations view information security as an organizational challenge rather than the purview of the IT department alone, and respondents said that boards and executive management are taking cyberrisk more seriously, those who have not yet obtained cyber coverage say it is because their superiors still do not see the need. There is also still a considerable difference in take-up rates among large corporations and small and mid-sized businesses, with Catherine Mulligan, senior vice president and national underwriting manager of specialty E&O, telling the audience there is an approximate 20-point spread between the groups.


Thursday, 22 October 2015 00:00

Managing Containers in the Cloud

With so many technology initiatives hitting the enterprise these days, it’s getting difficult to see exactly how they will come together to shape the data environment of the future.

A case in point is containers and the public cloud. On the one hand, containers make it easier for the enterprise to support emerging applications and services within private cloud infrastructure, but on the other, they also allow public providers to tailor their generic infrastructure to targeted workloads.

According to InfoWorld’s Eric Knorr, one of the most significant under-the-radar projects at the moment is the Cloud Native Computing Foundation, which is looking to turn the Google Kubernetes container management stack into a multi-cloud foundation for distributed workloads. The group is headed up by Craig McLuckie, who founded the Kubernetes project at Google and is now setting his sights on incorporating Facebook, Twitter and other hyperscale providers into the Kubernetes fold. If successful, it means enterprises may soon be able to launch containerized applications and scale them to unprecedented levels using cloud infrastructure across the globe.


Thursday, 22 October 2015 00:00

Cyber Insurance: Growing and Innovating

The Internet of Things (IoT) is expanding rapidly—even permeating the minds of five-year olds.

My own Kindergartener’s query from the back of the car during a routine drive to swim class the other day is a good example:

“Mummy, how did God know to create all these things that we need?” As I paused to consider the appropriate response, he answered for me: “You can just ask Siri, or Google it.”

Just how far we’ve come in our technological transformation is reflected by the development of innovative insurance products to cover the associated—and growing—risk.


EATONTOWN, N.J. – The devastation caused by Hurricane Sandy left survivors and businesses in New Jersey with large-scale recovery needs. In the three years since, the state’s private sector has made significant contributions to strengthen recovery efforts.

Immediately after Sandy struck, Private Sector specialists with FEMA’s External Affairs division deployed to New Jersey to work with chambers of commerce, industry associations, individual companies, colleges and universities, the medical industry and other organizations.

An outside shot of the Panini Bay Restaurant
Panini Bay Restaurant in Tuckerton built an innovative elevator for wheel chair accessibility 

Response was immediate. Utility companies inserted disaster assistance information in utility bill inserts, reaching 3.3 million customers. The South Jersey Transportation Authority featured registration information on its Vehicle Messaging Systems at toll plazas as well as on its website ticker messaging system, reaching an estimated 2.9 people a month.

Through utility bill inserts, newsletters, signage, advisories and other means, FEMA’s Private Sector specialists successfully distribute some 14 million disaster assistance messages to New Jersey residents.

One fast food chain that requested anonymity handed out disaster assistance messaging along with 7,000 sandwiches they distributed at 32 locations throughout New Jersey. “That’s just one example of how essential the private sector is to a strong recovery effort,” noted Gracia Sczech, who served as Federal Coordinating Officer for FEMA’s Joint Field Office in Lincroft during the early days of the disaster.

Chambers of commerce, associations and businesses shared FEMA’s electronic newsletter, the E-News Update, with their memberships and contacts. This access to recovery information proved invaluable to their members and had far-reaching effects.

FEMA’s Private Sector worked with The New Jersey Association of Realtors to present a series of seminars and question and answer sessions on recovery issues. These events updated and advised the real estate community on issues pertinent to Sandy recovery, including, Flood Mapping, the National Flood Insurance Program, Home Elevation, Business Continuity, Federal and State recovery programs, and grant and loan opportunities.

In all, more than 2,000 realtors received the latest information regarding Sandy recovery. “To have the opportunity to interact directly with FEMA representatives, ask questions and get answers has helped not only members, but their clients as well,” said New Jersey Association of Realtors Chief Executive Officer Jarrod Grasso. “The recovery process in the aftermath of Sandy has not been easy, but getting the correct facts to our members has relieved a great deal of uncertainty related to flood maps, insurance and elevation that so many New Jersey residents felt.”

Two FEMA program areas, Private Sector and the Federal Disaster Recovery Coordination group, facilitated an Insurance Industry Roundtable, forming a public-private partnership that resulted in a series of four meetings to explore how to enhance and expedite the disaster assistance process. A roundtable work group identified issues impeding the process and then developed recommendations that were submitted to President Obama’s Hurricane Sandy Rebuilding Task Force.

A view of the info tables at Home Depot on Preparedness Day
FEMA’s Mitigation and Private Sector teams man tables at Home Depot's Preparedness Day 

The private sector reached out in more basic ways as well. Sometimes, it was as simple as speaking at a local chamber of commerce meeting or a single business, staffing information tables at business and industry functions or offering work space for businesses displaced by the storm.

Operation Photo Rescue, a nonprofit organization of volunteer photojournalists from around the nation, came to New Jersey to help Sandy survivors restore treasured photos. The organization began helping disaster survivors during the Hurricane Katrina recovery in Louisiana.  Operation Photo Rescue volunteers needed to set up a temporary site close enough for survivors to access their free services.

“Finding a place for us to host our copy run was turning into a major problem as we could not secure a building close enough to where Sandy hit,” recalled Operation Photo Rescue President Margie Hayes.

“We were coming up empty-handed until Chris Spyridon, regional pro sales manager for Home Depot, offered us a space at Home Depot in Seaside Heights.”

Another area in which the private sector played an important role was in the academic arena. FEMA offers a disaster preparation program to elementary schools titled “FEMA for Kids,”  which helps children recover from the stress and uncertainty of the unknown that a disaster can bring by teaching them skills that serve to alleviate that uncertainty, including developing a family communications plan for disasters and determining what items their family should plan to have on hand to prepare for disaster, such as canned food, medications, water and pet supplies.

With the success of FEMA for Kids came a similar prepared program aimed at high school and college-age students titled “Ready, Steady, Strong.” Designed and developed by a FEMACorps team at the NJ Sandy Joint Field Office in Lincroft, Ready, Steady, Strong teaches the same principles as FEMA for Kids at a more sophisticated level, including a tabletop exercise simulating a disaster in which the students practice emergency management skills.

Thousands of students throughout New Jersey participated in the two programs, gaining the attention of the Mayor of Newark, who invited FEMA to present the program in the Newark school system. More than 45,000 elementary and high school age students as well as teachers and administrators participated.

The business of recovery is long-term, and an important part of recovery is preparedness, which not only helps individuals survive a disaster but can help businesses endure as well. FEMA’s Private Sector specialists have traveled throughout the state to help executives and officials understand the need for a business continuity plan to implement in an emergency to ensure the business can survive and continue once the emergency is over. Montclair State University recorded FEMA’s preparedness webinar to share with all of New Jersey’s colleges and universities.

As we mark the third year of Hurricane Sandy Recovery, the work of our Private Sector partners continues to benefit residents and businesses throughout New Jersey.

“We are proud of the contributions that members of New Jersey’s business communities made toward the goal of recovery,” said NJ Sandy Recovery Office Director Christopher Hartnett. “Their efforts have made a difference for thousands of residents and businesses across the state.”

Please be sure to watch the following video-links for two success stories: Partnering for Preparedness:  Jenkinson’s Aquarium Continuity Plan Works at and Serenity Spa Open for Business at

You may also enjoy two FEMA links called Ready Steady Strong Visits East Side High School at and First Avenue Elementary School is Prepared for Emergencies at

FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Follow FEMA online at,, and, follow Administrator Craig Fugate's activities at

The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.”

With profit margins continually under pressure, MSPs are looking to value-add services such as backup and disaster recovery as a means of boosting profitability. A recent survey by demonstrated that almost one-third of businesses are actively planning to add another form of backup to supplement their existing approach.

But many MSPs have not yet assembled the platform required to offer enterprise-class backup or disaster recovery to customers. So should they invest months in erecting their own infrastructure? Such a decision should never be taken lightly. It is essential to achieve a full understanding of the costs involved.

The primary expense, of course, is the acquisition cost of the storage itself. Once that purchase had been made, you will need to factor in more expenditures than you at first realized. It is best to tally up all of these costs to come up with an internal price per GB overall. But be careful to take into account the price of hardware, software, support costs, personnel, power usage, cooling, networking and everything else that goes into storing data.



Thursday, 22 October 2015 00:00

Is Your Firm Compliant or Complacent?

How contracting processes are harming compliance efforts.

Almost everyone I know has a story about the financial crisis of 2008. Lost homes. Investment losses. Impact on retirement. Since then, federal regulators have been hard at work ensuring banks pass stress tests, aren’t “too big to fail” and that their operational processes can survive another financial disaster.

But are they looking in the wrong place?

Banks are, in large part, firms with money under contract with another firm to do something with that money. Swaps. Derivatives. Commodities. Mutual funds. Hedge funds. All of these firms have contracts to manage their businesses, and every contract has to be drafted, negotiated and signed.  While most compliance efforts are focused on business risk, very few are focused on contract risk.


Dell World 2015, one of the most well-known events for industry leaders, is being held at the Austin Convention Center in Austin, Texas. Dell World 2015 brings together some of the top professionals with important insight into topics vital to the ever-evolving world of technology and business. Above all, Dell World 2015 helps MSPs achieve a higher level of success as they stay ahead of the most innovative ways to boost profits and better serve their customers.

During his keynote address, Dell Chairman and CEO Michael Dell discussed what has been touted as the most comprehensive merger in IT history—Dell's acquisition of EMC and its satellite properties including VMware (VMW).

“If you look at the current major areas of IT, this combined company has a leadership position in four of the most critical areas: servers, storage, virtualization, and PCs with incredible strength and scale in those areas,” Dell said. “This company also has a very strong position in the IT of tomorrow: digital transformation, the software-defined data center, converged infrastructure, hybrid cloud, security and mobility. They have incredible go-to-market strength across customers of all sizes, an incredible breadth and reach across customers around the world, an innovative engine and a long-term focus.”


Wednesday, 21 October 2015 00:00

Villanova Universary to Arm its Police Force

Villanova University announced Monday that it will add armed police officers starting next fall in response to rising nationwide concerns about campus safety.

The Catholic university now has a 75-member public safety department, responsible for patrol, investigations, parking enforcement, residence hall and building security, and crime prevention, but the officers cannot arrest suspects or carry guns or batons.

However, under the new arrangement, 19 members of the department -- about 20 percent -- will become armed police officers who will have completed police academy training, the university said.

The decision comes as college campuses across the country face increasing security threats. Villanova spokesman Jonathan Gust said there had been about 100 college campus shootings since the 2007 massacre at Virginia Tech that left 32 dead and 17 wounded.


Wednesday, 21 October 2015 00:00

Data loss inevitable, Brits say

The majority of workers in the UK agree that the loss or theft of their digital data is inevitable at some point.

This is according to a survey of 2,000 Brits conducted by Citrix, which found 71 per cent of respondents have accepted the fact they will fall victim to this problem sooner or later.

Younger individuals were found to be more alert to the risks, with a third of 16 to 25-year-olds saying they felt more vulnerable to attacks than in the past, compared with just 15 per cent of over-65s.

However, despite this, a large number of people are still relying on outdated solutions when it comes to backing up their most valuable data.


(TNS) -- Middletown police are asking homeowners and businesses for some extra help with criminal investigations by registering their privately owned surveillance or security cameras with the department.

Police say security camera footage is one of the best ways to catch crooks and convict them in court. That's why a number of police agencies around the nation are developing local networks of homes and businesses that have security cameras. By voluntarily registering with the police department, if a camera captures evidence such as a suspicious person lurking around cars or homes, passing vehicle or an actual crime in progress, police can request the footage from the owner.

"There are a lot of cameras out there and this can be a resource that we can reach out to," said Maj. Mark Hoffman, assistant police chief with the Middletown Division of Police. "Often a neighbor who has a security camera might not realize that they may have valuable evidence and may be able to help find the person who stole a lawn mower from their neighbor's shed."


National Cybersecurity Awareness Month (NCAM) got off to a bit of a bumpy start, with three major data breaches announced shortly after the event’s October 1 start date.

Of course, those breaches happened before October, so there is hope that NCAM will make an impact and both companies and consumers will begin to take cybersecurity more seriously. For that to happen, however, security leaders need to promote NCAM within their organizations and get employees to buy in on the idea of better security practices. Here’s how three security officers are approaching NCAM and what they hope their efforts will achieve.


Zuora is a billing platform for subscription services like Netflix, and this is the first year the company will be participating in NCAM. Security awareness is critical for the company and, according to Pritesh Parekh, chief information and security officer, NCAM is the perfect starting point to further ingrain security into the culture of the company.

“It is important that our employees are safe and secure not only at work, but also in their personal online lives,” said Parekh. “Our primary goal is to embed security awareness and best practices in our workforce as they go about their day to day activities.”


Wednesday, 21 October 2015 00:00

National Pre-Disaster Standards Called For

Establishing state and local building codes would insure resilient construction and stop the cycle of spending to rebuild after disasters such as hurricanes, according to the Insurance Institute for Business & Home Safety (IBHS). The organization said it supports the BuildStrong Coalition’s National Mitigation Investment Strategy, which calls for a comprehensive federal plan to improve disaster resilience across the U.S.

The plan focuses on investment in pre-disaster funding using unspent, non-FEMA grant program funds to reduce damage caused by natural disasters—funds that were established in the wake of Hurricane Sandy, IBHS said.


LabTech Software is now offering the Symantec (SYMC) Endpoint Protection solution to its managed service provider (MSP) partners. 

The remote monitoring and management (RMM) software provider said Symantec Endpoint Protection now integrates with LabTech and is available for purchase directly through LabTech Software.

"We are excited to begin offering this solution from Symantec," LabTech Software CEO Matt Nachtrab said in a prepared statement. "Through the integration of this product, LabTech Software continues to set the standard for RMM platforms by delivering unparalleled security, allowing administrators to focus on providing their customers with an excellent user experience."


WASHINGTON —The Department of Homeland Security (DHS) Federal Emergency Management Agency (FEMA) National Continuity Programs’ Integrated Public Alert and Warning System Division has begun to assess the feasibility of a public alert and warning capability that is being developed in the private sector.   

New technologies could deliver detailed emergency information to the public with pictures and videos of evacuation routes, storm tracks, and shelter information – increasing community preparedness before, during, and after a disaster. The media alerts will be able to include multilingual and multi-format information to warn non-English speaking populations and people with access and functional needs.  

“FEMA is committed to working with the private sector to examine and improve future alerts and warnings,” said Roger Stone, Acting Assistant Administrator for National Continuity Programs. “New systems could someday include pictures and video as part of the advanced alert and warning information provided to the general public.”

One such technology being considered is the Advanced Warning and Response Network (AWARN).  AWARN works by using advanced capabilities in the next generation of digital television broadcast system called ATSC 3.0 being standardized by the Advanced Television Systems Committee.  The emerging television broadcast standard provides for the transmission of large media rich, data messages over-the-air to mobile, portable, and fixed television and video devices without interrupting ongoing television shows.   

FEMA’s IPAWS is a national system for local alerting. IPAWS enables authorities at all levels of government to alert and warn people in areas endangered by disasters. IPAWS is used by federal, state, and local authorities to send emergency alerts to cellular phones as Wireless Emergency Alerts (WEAs), to radio and television as Emergency Alert System (EAS) broadcasts, to NOAA Weather Radios, and to an All-Hazards Alert and Information Feed for Internet applications, services, and websites.

For more information on IPAWS, go to


FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Follow FEMA online at,, and  Also, follow Administrator Craig Fugate's activities at

The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.

Wednesday, 21 October 2015 00:00

Use of Cloud Service Brokers on the Rise

Traditionally, when an enterprise is looking to make a transition to cloud services they go on search to find an MSP that meets their needs. Now however, there is an emerging role in the business of cloud services, the Cloud Service Broker (CSB), a middle man of sorts. Whether a business is looking to move applications to the cloud or invest in cloud-based file sharing, they are increasingly looking to CSBs for help.

Gartner predicts that by 2016, 25 percent of enterprises will secure access to cloud-based services using a cloud application security broker (CASB) platform, reducing the cost of securing access by 30% in the process.

The reason CSBs are becoming so popular probably has something to do with how fast the market itself is growing.  Cisco predicts that by 2018 approximately 59 percent of companies will be using software-as-a-service in some form. On top of that, research shows that employees use an average of 28 different apps for work. In order to provide the necessary services for the enterprise, there needs to be a middle man to facilitate the transition. The good thing for MSPs is that they are already among the most qualified to take on the responsibilities of a cloud service broker. Even if you choose not to add these functions to your business, you should be best equipped to work with CSBs to find the best solutions on behalf of your clients.


Wednesday, 21 October 2015 00:00

Do OSHA and HIPAA Rules Stand at Odds?

The Occupational Safety and Health Administration (OSHA) Act[1] requires most employers with 10 or more full-time employees to keep a yearly log of all work-related injuries and illnesses[2].  OSHA prefers that employers subject to the law use its Form 300 to record the required information.  The OSHA Form 300 is an actual, fillable form for employers to record all reportable injuries and illnesses that occur in the workplace, with spaces to report where and when the incidents occur, the nature of the case, the name and job title of the employee injured or made sick and the number of days away from work or on restricted or light duty, if any.

OSHA requires employers to record all new cases of work-related fatalities, injuries and illnesses if they involve death, days away from work, restricted work or transfer to another job, medical treatment beyond first aid, loss of consciousness or of significant injury or illness diagnosed by a physician or other licensed health care professional.  Each recordable injury or illness must be recorded on the 300 log and OSHA Form 301 Incident Report within seven calendar days after the employer receives notice the injury or illness occurred.  The OSHA 300 log requires employers to check one of six boxes to categorize the illness or injury:  injury, skin disorder, respiratory condition, poisoning, hearing loss or “other.”  Employees, former employees and employee representatives are authorized to review the OSHA 300 logs.


Wednesday, 21 October 2015 00:00

Should you review your tape archives?

If your only exposure to the world of data storage has been in the context of a small to medium-sized business or a startup, you’d be forgiven for thinking that magnetic tape is a relic from another era of enterprise computing. Once the de facto standard for long-term data retention, the format no longer gets much airtime in an age of cloud backups and tumbling HDD prices.

Nonetheless, rumours of the magnetic tape’s demise have been greatly exaggerated. According to an Information Age article from September 2014, all ten of the world’s biggest banks and telecoms firms, as well as eight of the world’s ten biggest pharmaceutical companies, are tape users. And as trends like big data pick up steam, there’s more interest than ever for organisations to invest in low-cost, high-volume storage for offline data.

For all their advantages, though, tape archives need to be looked after. It can be tempting to think that business records are out of sight, out of mind once they’re filed away in a format proven to last upwards of decades, but this is a mistake. The reasons for creating a tape archive aren’t trivial – regulatory compliance, mainly, and disaster recovery – and you don’t want to discover at the critical moment that your records are patchy.


Sacramento, CA – The California Office of Emergency Services (CalOES) and the Federal Emergency Management Agency (FEMA) are continuing to encourage Lake and Calaveras county residents with disabilities, or any survivor with additional needs, who were affected by the recent wildfires, to utilize the many available accessible resources to register for assistance. 

People with disabilities are eligible to receive the same services and assistance that are offered to everyone in the declared disaster area, and both CalOES and FEMA are committed to ensuring services and assistance are available for people with disabilities. 

A direct telephone hotline is operational to process any requests from survivors who may need additional assistance. 

  • 916-381-0330
  • TTY CALL 711

In addition, to serve the whole community, certain accommodations are available at Disaster Recovery Centers (DRCs).

  • For those who are deaf or hard of hearing, the DRCs are equipped with captioned phones and iPads that can access video remote sign language interpreters.  On-site interpreters are also available upon request.
  • For those survivors who are blind or have low vision, documents are available in large print and Braille.
  • DRCs have accessible parking, ramps, and restrooms.
  • If a survivor cannot transport themselves to the DRC, FEMA will arrange a home visit. 

The first step for any survivor is to register with FEMA. While one-to-one registration assistance is available at a DRC, survivors may also register online or over the phone. 

  • Online at or by smart phone or tablet at
  • The number to register for assistance is 1-800-621-3362
  • TTY 1-800-462-7585
  • If you use 711 or Video Relay Service (VRS), call 1-800-621-3362
  • Operators are multilingual and calls are answered seven days a week 24 hours a day.
  • FEMA representatives can also register survivors at a location of their choosing if needed.

The application deadline is November 23. For those survivors with a disability, and others with additional needs who require assistance, should not hesitate to contact FEMA and ask for help.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362).  If you have a speech disability or hearing loss and use a TTY, call 800-462-7585 directly; if you use 711 or Video Relay Service (VRS), call 800-621-3362.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who are referred to SBA for a disaster loan must apply to be eligible for additional FEMA assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

Watching the Dell/EMC story, as with any big merger, a lot of misinformation is being tossed about, particularly with regard to what is going to happen to parts of EMC once Dell buys them. Much of this is coming out of the various research firms and is being authored by folks that I know and respect. However, most of it that I’ve seen is poorly founded, because it doesn’t start with Dell’s acquisition process, which is unique within the industry. Granted, that process has largely been used for small acquisitions, but it does scale. Given how successful it has been for Dell and how unsuccessful the more traditionally invasive acquisition processes that firms like HP use are, it would seem unlikely that for any acquisition, let alone one of this scale, Dell would throw out the process that works in favor of one that doesn’t work.

The most recent report I’ve seen suggests that within a few months of the acquisition, Dell will effectively blow up VCE (despite commitments to the contrary), because it competes with Dell’s own converged infrastructure unit. VCE is profitable, growing in the double digits, and a multi-billion dollar business, so any suggestion that Dell would off the venture makes Michael Dell seem like an idiot. I assure you he isn’t, I know the guy. Let me explain.


The potential for big problems on the Internet of Things (IoT) makes for scary reading. Last week, The Internet Society released a document titled, “The Internet of Things: An Overview - Understanding the Issues and Challenges of a More Connected World.” It puts security at the top of the list of vital IoT topics, according to a blog at the society’s website by Karen Rose, the society’s senior director, Office of Strategy & Research:

As you will see in the document, we believe the security in the Internet of Things is perhaps the most significant challenge and we believe ensuring security in IoT must be a fundamental priority. Poorly secured IoT devices and services can serve as potential entry points for cyber attack and expose user data to theft by leaving data streams inadequately protected. A proliferation of poorly secured devices also has the potential to impact the security and resilience of the Internet globally.

The challenge must be faced at several levels. Lev Lesokhin, the executive vice president of Strategy at CAST, makes a very important point at Dark Reading. The IoT, he writes, is not introducing security vulnerabilities. Rather, it is increasing the possible damage that will occur when long-known vulnerabilities are multiplied by the huge increase in sensors and other elements that are deployed.


Wednesday, 21 October 2015 00:00

The Many Flavors of Data Infrastructure

It seems that with each passing day, the software-defined data center (SDDC) becomes more of a fait accompli. Data infrastructure will consist of advanced software architectures resting atop commodity hardware, and all but the largest of organizations will shift their entire data environment to the cloud.

This is both cheaper and easier to do, and it will also provide for much greater flexibility and scalability to meet next-generation workloads.

There is nothing wrong with this vision, of course, and with the advent of software-based networking architectures to supplement virtualized server and storage environments, the dream of implementing a fully abstracted data ecosystem is closer than ever. But just because we can do this, does that mean we should? And does that then mean it is the appropriate infrastructure for every organization or every workload?


Nine out of 10 health care organizations have been breached since 2013.

That is a mind-boggling statistic. And it gets worse. According to Trustwave’s 2015 Security Health Check Report, hackers are causing some costly damage:

[T]he number of individuals who have had their medical records compromised has doubled in the past five years. All told, cybercriminals are wreaking $6 billion in annual damage on America’s largest private-sector industry.

The Trustwave study is just the latest one to report on the serious security issues within the health care industry. An eSecurity Planet article reported on a health care study conducted by Raytheon/Websense, which found that:


Are passwords a dying breed? With every other organization getting hacked, many S&R pros would argue that if passwords aren’t dead yet, they should be. Yet many companies such as LogMeIn and LastPass continue to make strategic acquisitions, proving that interest in password management solutions remain high among enterprises and consumers (check out their press release, here.) It’s hard to have any confidence in a method that appears to be ineffective, frustrating, and highly outdated. Many companies are attempting to gain back consumer trust by offering voice biometrics, multi-step authentication methods, or other authentication alternatives to supplement or replace their existing policies.

Unfortunately, fraudsters are getting smarter and customers don’t want to spend more than 30-seconds logging into their accounts. With the addition of the multiple banking accounts, online shopping IDs, and social media platforms that almost every consumer uses daily, the challenge for these companies to keep all online accounts secure while also providing the painless log-in that customers are demanding can quickly turn into a catch-22. What is easy and convenient for customers is also incredibly insecure, thus making them the perfect bait for cybercriminals.


America's Thrift Stores recently were victimized by malware.

And as a result, the thrift store chain tops this week's list of IT security newsmakers to watch, followed by Bit9 + Carbon BlackESET and the Dridex malware. 

​ What can managed service providers (MSPs) and their customers learn from these IT security newsmakers? Check out this week's edition of IT security stories to watch to find out:


Monday, 19 October 2015 00:00

The Worst Day of Their Lives

(MCT) - Keeping a 911 caller calm is often the hardest job of being an emergency dispatcher.

“People that call 911 are having the worst day of their lives. Whether someone knocked over their mailbox or because they have a loved one with a medical condition, they are needing help now,” said John Ziegler, 54, who has been a Salina dispatcher for 19 years.

“One of the hardest things is to calm them down enough to make sure we are sending the right people to the right place and getting descriptions of who it is,” he said. “When you scream into a phone, it is hard to understand, especially cellular, and know where you are. We get a description so when there are 20 people there, they can look for the guy in the red shirt and khaki shorts who was hitting people.”


(MCT) - At 3:45 a.m., Jerry Hardy’s wife wakes him. He downs a cup of coffee, slips on his rain boots and together they climb into a small camouflage boat docked by their front steps.

The couple drifts into the darkness, keeping an eye out for mailboxes as they head down Waccamaw Drive to the landing near U.S. 501. Since the flood, each workday commute begins with a short voyage.

But Hardy offers no complaints. The 60-year-old carpenter is grateful to have a dry home where he can wait for the Waccamaw River to recede.

That wasn’t the case in 1999, when Hurricane Floyd dumped more than 20 inches of rain upstream and sent the Waccamaw spilling over its banks. Back then, the Hardys lived in a block house that sat squarely on the ground. The river rose 6 feet in their abode and the currents pushed the small dwelling off its foundation. Rather than move, the family rebuilt, this time more than a dozen feet above the earth.


In news that will be welcomed by companies hiring young people, a survey of about 2,000 16- to 35-year-olds in the United Kingdom and the United States, conducted by Atomik Research at the behest of identity management firm Intercede, found that millennials indeed care about cybersecurity.

Eighty percent of respondents, according to Dark Reading’s report on the research, said that the sharing of important personal information only with people holding authorized access is important or very important to them. Seventy-four percent said the same about location data, 58 percent for social media content, and 57 percent for purchasing preferences, the story said.

The bottom line is that the kids are alright. Intercede CEO Richard Parris was quoted suggesting that millennials are not that different from their parents after all:

Yes, they do share a bit more - but it doesn’t mean that they aren’t concerned with privacy or that they aren’t uncomfortable by the idea of that privacy being compromised.


Monday, 19 October 2015 00:00

Disruption for the Data Center’s Sake

Most people, when asked if they favor or are oppose to disruption, will say they are opposed to it. Disruption is scary, produces a lot of unknowns and generally requires a great deal of work as new processes and skill sets take hold in the workplace.

In reality, however, these attitudes depend largely on whether you are the disruptor or the disruptee. For those who are ready to embrace change, disruption is cathartic in that it sheds old problems and ushers in new opportunities.

When we’re talking about disruption in the data center, the ideal is to implement disruptive technologies in a non-disruptive way; that is, to welcome new technologies and new ways of doing things without completely severing ties to legacy systems until you are ready. Part of it is discerning between good disruption and bad, says tech analyst Dan Kuznetsky, and unfortunately the IT industry is rife with systems and platforms that require a lot of rip-and-replace but then do not provide adequate replacement of all that has been ripped. The reason technologies like the mainframe have had such long shelf-lives is because of the value they bring to the enterprise, so the first criterion for any replacement is that it must provide equal or superior value to those who rely on the legacy system.


Risk management is maturing and is playing a larger role in insurance companies, both strategically and with their compliance objectives. As a result, the key task for chief risk officers is to help their company achieve balance between upstream and downstream activities, according to Accenture’s 2015 Global Risk Management Study of risk management in the insurance sector.

“Neither an unfettered approach to growth, nor an excessive focus on compliance, will deliver the desired outcomes. Instead, the risk function should steer a course between an informed, connected risk agenda, and the need for a sustainable and innovative strategic business direction,” the survey found.

While organizations mostly agree that risk management has helped their long-term business growth (85%), a large number believe that silos of business functions are hindering the effectiveness of their risk management programs.


Monday, 19 October 2015 00:00

Memphis Trying to Improve 911 Service

(MCT) - Under scrutiny for slow response times to emergency calls, the city of Memphis is hiring new 911 operators and is looking at whether it should build a new call center.

Memphis Chief Administrative Officer Jack Sammons said a host of problems are causing the delays, including public misunderstandings about when to call 911, understaffing and cramped and rundown offices in the Shelby County Justice Complex in Downtown.

"Memphis has kept putting Band-Aids on the one we've got," he said of the call center.

Those issues can have devastating effects on response times, and on the amount of time it takes for operators to answer calls. Sammons said the city is answering 911 calls within 20 seconds about 37.2 percent of the time — far short of its goal of 95 percent.


(MCT) - When the Sleepy Hollow Fire hit an industrial area in Wenatchee in June, the state Department of Ecology’s spill response team came armed with a new tool: their cellphones.

Equipped with a new smartphone app, their cellphones give immediate access to the latest data showing exactly what chemicals and how much of each are being stored at facilities across the state.

Still in its pilot phase, the free app is now available to fire departments and other emergency responders, said Ecology spokesman Andrew Wineke.

The app was launched just a few days before Sleepy Hollow broke out, so few emergency responders even knew about it, he said. Now, both Chelan and Douglas county emergency management departments have downloaded the app, but it hasn’t yet gotten to individual fire departments or other emergency agencies in those counties, he said.


PD ISO/TS 22318:2015 - Overview of new ISO Supply Chain Continuity Guidance

An Introduction by Lead author Duncan Ford MBCI

BSi has just published the UK edition of the recently released ISO Technical Specification 22318 Guidelines for Supply Chain Continuity. The title describes where this document fits in with the established BCM standards 22301 and 22313.  A technical specification is not a full standard; its purpose is to amplify not undermine the established standards.

Every organisation has a supply chain which may range from the purchase of basic resources to complex outsourcing arrangements for the delivery of a core service including both external suppliers and internal support such as the provision of IT services.  Each of these arrangements presents a risk to the organisation if it is unavailable, which needs to be properly understood and appropriate contingency measures put in place to protect against disruption of that product supply or service. 22318 provides guidelines on how to manage Supply Chain Continuity challenges.


After a couple of decades with one of the oldest road weather sensor networks in the U.S., Pennsylvania is once again looking to jump ahead of the curve on technology meant to reduce accidents in bad weather. And that move, now a trend among states, is emblematic of a broader shift to bring new data and much broader insights into what the weather is doing at any given moment.

It used to be that state departments of transportation installed little hockey puck-like discs -- sensors that transmitted information through dial-up connections -- directly into the asphalt of roads. These days, states like Pennsylvania are augmenting those in-road sensors with roadside towers that can provide better information. Using lasers, heat sensors and other equipment, Pennsylvania’s new system will reveal things like the friction level on the roads. The network will consist of 64 stations, about half of which don’t involve any sensors placed directly into the roadway.

That system, set up by Vaisala, allows the state to better assess road conditions, which makes for better decision-making about how to treat the roads.


In one of our previous posts, we made a jovial reference to an infographic that detailed some of the most common myths surrounding cloud-based file sharing services, including how some people believe the weather can have an adverse effect on cloud computing. While the staggering volume of misinformation surrounding cloud computing is, well, staggering, the weather and other natural elements can in fact leave you and your services high and dry (or wet) if you are not adequately prepared for them.

Let’s take a look at what precautions you should consider taking if you want your cloud infrastructure to outlast the next hurricane.


Friday, 16 October 2015 00:00

Get Ready for the New Age of IT Governance

Following the current economic turmoil, today’s business environments are focused toward establishing a solid enterprise governance framework in order to reach objectives, set adequate direction and ultimately create stakeholder value. As the majority of businesses processes are now performed through information technology systems, the importance of information technology enterprise governance has reached the agenda of the Board, committees and major business stakeholders.

There’s a common misconception of the term “governance:” that it is associated solely with the Board and executive management. This is despite the fact that the majority of governance activities also reside with middle management and operational levels; they play a major role in the implementation and success of the governance framework as the parties directly involved with its application, under the direction of the Board and executive management.


SolarWinds N-Able launched a new remote control access and support platform this week designed to help MSPs deliver support and repairs to customer systems from a central location.

The remote monitoring and management software vendor’s new platform, called SolarWinds N-able MSP Anywhere, is a cloud-based solution that allows users to manage incoming requests and collaborate with other technicians to solve customer problems in real time. The platform is compatible with Windows, Mac, iOS and Android based devices, according to the announcement.




Temperature - U.S. Winter Outlook: 2015-2016
(Credit: NOAA)

Forecasters at NOAA’s Climate Prediction Center issued the U.S. Winter Outlook today favoring cooler and wetter weather in Southern Tier states with above-average temperatures most likely in the West and across the Northern Tier. This year’s El Niño, among the strongest on record, is expected to influence weather and climate patterns this winter by impacting the position of the Pacific jet stream.

“A strong El Niño is in place and should exert a strong influence over our weather this winter,” said Mike Halpert, deputy director, NOAA’s Climate Prediction Center. “While temperature and precipitation impacts associated with El Niño are favored, El Niño is not the only player. Cold-air outbreaks and snow storms will likely occur at times this winter. However, the frequency, number and intensity of these events cannot be predicted on a seasonal timescale.”


Precipitation - U.S. Winter Outlook: 2015-2016
(Credit: NOAA)

Other factors that often play a role in the winter weather include the Arctic Oscillation, which influences the number of arctic air masses that penetrate into the South and nor'easters on the East Coast, and the Madden-Julian Oscillation, which can impact the number of heavy rain storms in the Pacific Northwest.

The 2015 U.S. Winter Outlook (December through February):

Precipitation Outlook:

  • Wetter-than-average conditions most likely in the Southern Tier of the United States, from central and southern California, across Texas, to Florida, and up the East Coast to southern New England. Above-average precipitation is also favored in southeastern Alaska.  

  • Drier-than-average conditions most likely for Hawaii, central and western Alaska, parts of the Pacific Northwest and northern Rockies, and for areas near the Great Lakes and Ohio Valley.

Temperature Outlook:

  • Above-average temperatures are favored across much of the West and the northern half of the contiguous United States. Temperatures are also favored to be above-average in Alaska and much of Hawaii. Below-average temperatures are most likely in the southern Plains and Southeast.

Drought Outlook:

  • The U.S. Drought Outlook shows some improvement is likely in central and southern California by the end of January, but not drought removal. Additional statewide relief is possible during February and March. Drought removal is likely across large parts of the Southwest, while improvement or removal is also likely in the southern Plains. However, drought is likely to persist in the Pacific Northwest and northern Rockies, with drought development likely in Hawaii, parts of the northern Plains and in the northern Great Lakes region.

VIDEO: Winter Outlook for 2015-2016

Video: Winter Outlook 2015-2016. (Credit: NOAA)

While it is good news that drought improvement is predicted for California, one season of above-average rain and snow is unlikely to remove four years of drought,” said Halpert. “California would need close to twice its normal rainfall to get out of drought and that's unlikely.”

This seasonal outlook does not project where and when snowstorms may hit or provide total seasonal snowfall accumulations. Snow forecasts are dependent upon the strength and track of winter storms, which are generally not predictable more than a week in advance.

NOAA produces seasonal outlooks to help communities prepare for what's likely to come in the next few months and minimize weather's impacts on lives and livelihoods. Empowering people with actionable forecasts and winter weather tips is key to NOAA’s effort to build a Weather-Ready Nation.

NOAA’s mission is to understand and predict changes in the Earth's environment, from the depths of the ocean to the surface of the sun, and to conserve and manage our coastal and marine resources. Join us on FacebookTwitter, Instagram and our other social media channels.


New research into earthquake activity in the United States has revealed that nearly half of all Americans are at risk of potential ground shaking from earthquakes. This is almost twice the previous estimate of 75 million, according to the U.S. Geological Survey (USGS).

“The new exposure estimate is nearly double the previous 2006 estimate of 75 million Americans in 39 states, and is attributed to both population growth and advances in science,” William Leith, USGS senior science advisor for earthquake and geologic hazards and co-author of the study said in a statement. “Populations have grown significantly in areas prone to earthquakes, and USGS scientists have improved data and methodologies that allow for more accurate estimates of earthquake hazards and ground shaking.”