Spring World 2017

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 29, Issue 3

Full Contents Now Available!

Industry Hot News

Industry Hot News (6435)

Friday, 24 June 2016 00:00

Building a Future-Proof Data Center

Digital disruption and pervasive innovation are redefining the way CIOs address the dynamics of today’s data center. Now more than ever they require solutions that address constant change within existing compute models as well as enable the build-out of a “future-ready” IT environment that engages solutions that drive and power the adoption of emerging technologies and hyperscale cloud solutions.

The modern era of computing requires CIOs to take a more flexible approach to building a data center that can handle the demands and workloads of today’s compute environment – all while allowing them to continue to address the priorities of their business and technology strategy.

Embracing a compute-centric strategy that synthesizes traditional and new IT builds a clear path to future-proofing the data center that delivers power and flexibility via a common platform. By taking a compute centric approach to empowering the data center, CIO’s can extend existing and new IT applications and architecture that run a spectrum of applications and workloads for any size data center, when and where needed.

...

http://www.datacenterknowledge.com/archives/2016/06/23/building-a-future-proof-data-center/

Growing cloud, social media, and enterprise companies too often place revenue growth at severe risk due to legacy IT infrastructure constraints.

Today’s explosion of data, applications, and business needs requires quick, flexible scaling of data center footprints – including data halls, cages, or entire
data centers.

Scale at Hyper-Speed

CyrusOne delivers large-scale, flexible data center solutions in record-breaking speed, eliminating the risks of unpredictable IT capacity planning.

...

http://www.cyrusone.com/blog/need-speed-reduces-capacity-planning-risks-leaders/

Companies continue to struggle to hire people skilled in cloud computing--and not because potential hires are holding out for jumbo sized paychecks. Simply put, there just aren’t enough qualified candidates.

The competition for talent has never been more fierce, with businesses snapping up cloud professionals as soon as they can find them. Indeed, roughly 75% of organizations already use public cloud services, and the numbers will likely continue to increase in the future. Meanwhile, the corresponding growth in the number of hybrid cloud installations also continues to accelerate.

Universities just aren’t cranking out graduates fast enough. The U.S. creates 120,000 new jobs that require computer science degrees each year. But the educational system produces only 49,000 related degrees. That leaves an annual deficit of 71,000 degrees and a growing number of unfilled IT jobs.

...

http://mspmentor.net/cloud-services/what-it-staffing-shortage-means-msps

Friday, 24 June 2016 00:00

Building Your Big Data Foundations

Whenever a company starts out in their data journey, most face the same broad issues. This is regardless of what kind of data they are collecting, what their business goals are and which industry they work in - each will follow broadly the same route to their goal.

The problem is that many don't know what this map is, as it seems like it is constantly changing as new technologies and techniques are brought to market. However, the truth is that there are four foundations that every company needs to look at when creating their data program.

...

https://channels.theinnovationenterprise.com/articles/building-your-big-data-foundations

First, it helps to compare your own preparations with those of another entity.

Secondly, if the other enterprise in question is one of your strategic suppliers, it is essential to know that your organisation is also protected, thanks to the measures taken by the supplier for its own uninterrupted business operations.

Here, for instance, are the BC position statements of two well-known technology companies. They might surprise you.

...

http://www.opscentre.com/learning-others-business-continuity/

The buzzwords 'big data' have been in the IT news world for a while now, and as the phenomenon of big data has begun to grow, so has its incorporation in big business. However, big data is not just limited to big businesses – small businesses can benefit from the incorporation of big data into their networks as well. However, knowing you need a big data infrastructure and actually building one are two different things. There are a few ways companies of any size – small, medium, and large – can incorporate big data into their business model.

Collecting Your Data

Think of data how it looks when it arrives at your door. Data includes everything about your company, from sales records to marketing lists. You may actually not need to add any more data to what you already have, but the problem is collecting and sourcing the data in a manner that you can use.

Sourcing your data can mean a lot of things, but at the very least, it is going to involve a deeper infrastructure investment. You will need to broaden your social media channels, add forms and prompts to your website to collect more client and customer information, and apps that generate user statistics. Depending on your technical expertise, you may be able to set up the majority of this infrastructure yourself, but if you're trying to build your brand and business, this might be a better task left to an expert, regardless of the cost.

Those who are well-versed in small IT networks, however, could easily set up an infrastructure like this with very little outside help. If you are just in the process of building and registering your company, it's best to leave tasks like these completely up to the experts. Use specialized services to set up your company for a reasonable fee, and leave the computing to other experts.

...

https://channels.theinnovationenterprise.com/articles/how-to-build-your-big-data-infrastructure

Governance Documents and Communications Matrices 

Regina Phelps recently joined forces with Everbridge and recorded a webinar that explores in-depth strategies for improving your disaster and crisis management. Previously in part 3 of this five part series, Regina discussed the 3 main responsibilities of a communications team. If you missed part 3, you can access it here

In this installment of the series, Regina discusses what a governance document and a communication matrix are, and what their content should be.

...

http://www.everbridge.com/improving-disaster-and-crisis-management-with-timely-communication-and-response-4/

Wednesday, 22 June 2016 00:00

US Wildfire Activity

AUSTIN, Texas – Reporting damage to a county emergency management agency or getting help from the American Red Cross is not the same as registering for federal disaster assistance with FEMA.

Many Texas residents affected by the May storms and flooding may have reported damage to their local, state or volunteer agencies. They may have even registered for assistance with those agencies. But that doesn’t mean they’ve applied for federal help.

Survivors can only be considered for federal help if they register with FEMA for each storm that results in a major disaster declaration. While FEMA, the Texas Division of Emergency Management and volunteer agencies often work together, their missions, programs and funding are not the same.

The disaster declaration on June 11 put in place several sources of federal funding for survivors of the May storms in 12 counties. Those counties are Austin, Brazoria, Brazos, Fort Bend, Grimes, Hidalgo, Hood, Montgomery, San Jacinto, Travis, Waller and Washington.

Disaster survivors may register for assistance the following ways:

  • online at www.DisasterAssistance.gov
  • phone 800-621-3362 (FEMA). Applicants who use 711 or Video Relay Service may also call 800-621-3362. Persons who are deaf, hard of hearing or have a speech disability and use a TTY may call 800-462-7585. The toll-free numbers are open from 7 a.m. to 10 p.m., seven days a week. Multilingual operators are available.

  • at a disaster recovery center. To find the nearest one, go to the Disaster Recovery Center Locator at asd.fema.gov/inter/locator.

FEMA grants do not have to be repaid. FEMA assistance is nontaxable and will not affect eligibility for Social Security, Medicaid or other federal benefits.

Survivors should register even if they have insurance. FEMA cannot duplicate insurance payments, but underinsured applicants may receive help after their claims been settled.

For more information on the Texas recovery, visit the disaster webpage for the May storms at http://www.fema.gov/disaster/4272; or visit the Texas Division of Emergency Management website at txdps.state.tx.us/dem. Follow us on Twitter @femaregion6.

# # #

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Download fema.gov/mobile-app to locate open shelters and disaster recovery centers, receive severe weather alerts, safety tips and much more.

When it comes to cloud computing options, enterprise IT departments often focus on Infrastructure-as-a-Service (IaaS) or Platform-as-a-Service (PaaS). That's because, in my experience, IT professionals at large organizations think of Software-as-a-Service (SaaS) as something primarily catering to small- and medium-size organizations.

But SaaS indeed can, and does, offer plenty of potential for enterprise customers, as evidenced by the 10 startups we're exploring here. Our list includes SaaS applications for traditional organizational challenges, such as supply-chain, payroll, sales, recruiting, and company-wide collaboration.

If your company develops software or sells products or services online, you, too, will find SaaS startups to help you offload many IT tasks, including creating development platforms and running payment fraud protection. In addition, several startups on our list take on the latest and most complex IT services, such as the Internet of Things (IoT), big data analytics, and monitoring inter-cloud networks and applications.

...

http://www.informationweek.com/cloud/platform-as-a-service/10-saas-startups-every-enterprise-should-know/d/d-id/1325978

Wednesday, 22 June 2016 00:00

Are you set for the data traffic explosion?

Over the last few years, the amount of information pinging back and forth between devices around the world has skyrocketed. Given that almost all of us now have powerful connected computing gadgets in our pocket at all times, this is hardly surprising, but as even more people get equipped with devices like smartphones, it’s clear the transformation is far from finished.

In fact, data traffic growth is set to get even faster over the next few years. According to a new forecast for Cisco, traffic is set to almost triple by 2020, driven by the introduction of around ten billion connected devices over the next five years.

...

http://blog.krollontrack.co.uk/the-world-of-data/set-data-traffic-explosion/

Cloud Security must remain the top objective when organizations consider moving their data over to a cloud computing platform.  While cloud computing offers businesses many benefits, an organization choosing to place its intellectual property along with its customer information and corresponding emails into a cloud computing environment will also have to come to the realization that that data will be subject to other serious vulnerabilities and threats.

This article would like to focus on raising an awareness to those threats and at the same time propose some steps that an organization can take to ensure and better manage the information they decide to place in a cloud computing environment.

 
Wednesday, 22 June 2016 00:00

Con Men, Criminals, and Compliance

What does it take (or not take) to be a con artist and/or a white collar criminal? Do not kid yourself — white collar criminals can be “dangerous,” in that they usually suffer from significant personality disorders. Many are narcissists and sociopaths and are constantly engaging in manipulation, financial schemes, and inflicting harm to victims.

We all the know the legendary white collar scandals – Lay and Skilling at Enron; Bernie Ebbers at WorldCom; Jack Abramoff; Bernie Madoff. The list goes on and on with infamous criminals.

The term “Con Man” has been coined through the years to describe individuals who can convince an innocent person to invest in fraudulent schemes or manipulate people to trust the con artist.

...

http://blog.volkovlaw.com/2016/06/con-men-criminals-compliance/

Wednesday, 22 June 2016 00:00

How Secure is your Facility?

On a walk with my toddler grandson the other day we waved to everyone (and every animal, including the birds) we came across. Like many young children, he is oblivious to the dangers of taking a walk around the neighborhood. He will take off across the street, run up to any dog or person, run out in the street when he sees a vehicle. I feel bad pulling him back, making sure all is safe as he looks up at me questioning, “Why are you taking this joy away?” As the adult, wanting to keep him safe, it is necessary for me to restrict some of his actions to ensure he stays safe. Now, I do let him fall, play in the dirt, walk through the water and plants. What is life without some dirt and scars? But it is my job to make sure he is not seriously harmed (along with making sure he has ice cream for breakfast).

For most of us, we go about our lives like my grandson, not worrying about our safety (other than the normal precautions we take each day, like looking both ways when crossing the street and making sure we don’t run into the person texting while walking). What a blessing that is. So how does this relate to the title of this blog?

Most of us recognize the various security precautions or technologies present at our place of business, such as badges to gain access to the building, access restricted by need to some areas, parking barriers, security guards at entrances, sign in sheets, etc.

In a recent blog we discussed weapons and facilities. That includes some items that are pertinent to consider here.

...

http://www.mha-it.com/2016/06/how-secure-is-your-facility/

Few areas within a business have benefited from the Internet of Things (IoT) as much as the supply chain. The advent of tracking and tracing technology through the supply chain gave products a voice for the first time, explains Michael Lucas, chairman of i3 Brands, and this technology advancement provided a revolutionary level of transparency that hugely benefited industries and manufacturers, and ultimately consumers.

“The onset of IoT has simply enabled another improved mechanism for collecting all the micro-pieces of data that occur along the product journey,” Lucas continues. “Beyond simply speaking in ‘one word answers,’ IoT-enabled products are able to speak in full sentences, which allows for continuous diagnostic reporting. This creates unprecedented levels of visibility, allowing manufacturers to become proactive in their approach to the supply chain.”

With this increased visibility to receive, analyze and respond to real-time data, supply chain managers are able to optimize their inventory stock and to reduce their costs. However, the devices and technologies, many of them mobile, that make the supply chain more efficient come with security risks if they aren’t properly secured with enterprise-grade hardware and software.

...

http://www.itbusinessedge.com/articles/supply-chain-security-must-mimic-enterprise-security.html

We are excited to announce that Everbridge was recently named one of the Best Places to Work in Los Angeles by the Los Angeles Business Journal and Best Companies Group. The awards program honors the best employers in Los Angeles, benefiting the county’s economy, workforce and businesses. This most recent accolade is just another shining example of the pride and satisfaction employees feel is encapsulated in the Everbridge culture, making it both an exciting and rewarding place to work.

The companies included on the Los Angeles Business Journal’s 2016 Best Places to Work list are primarily determined by employee surveys that measure the employee experience. Workplace policies, practices, philosophy, systems and demographics are also taken into consideration during the selection process.

...

http://www.everbridge.com/everbridge-named-2016-best-place-to-work-by-los-angeles-business-journal/

Raging across the country, threatening businesses and residences alike, wildfires are a reality, burning a reported 1.9 million acres in the U.S. so far this year. West of Santa Barbara, firefighters have battled an intense fire for almost a week. Wildfires are also burning in Arizona and New Mexico. In Canada, the Fort McMurray blaze burned for weeks and scorched some 2,400 square miles of land—more than 1.4 million acres. In five of the past 10 years, in fact, wildfires have ranked among the top 20 worldwide loss events.

...

http://www.riskmanagementmonitor.com/wildfires-a-reminder-to-update-disaster-preparedness-plans/

CHICAGO – With a threatening Wednesday forecast for most of the Great Lakes Region that includes severe storms, heavy rains, strong winds and the possibility of tornadoes, the U.S. Department of Homeland Security’s Federal Emergency Management Agency (FEMA) Region V encourages everyone to get prepared.

“Summer has begun, and with it, the heightened risk of severe storms,” said FEMA Region V Administrator Andrew Velasquez III. “Now is the time to make sure your family knows what to do to stay safe, and verify your mobile phone is enabled to receive Wireless Emergency Alerts to warn you of extreme weather and other emergencies in your area.”

Individuals should follow the instructions of state and local officials and listen to local radio or TV stations for updated emergency information related to this storm system. Purchasing a weather radio for your home is another way to ensure that you receive critical warning information. If a warning is issued, get indoors, and move to the center of an interior room on the lowest level (closet, interior hallway) away from corners, windows, doors, and outside walls.

Find valuable tips to help you prepare for severe storms at http://www.ready.gov/severe-weather and download the free FEMA app, available for your Android, Apple or Blackberry device. Visit the site or download the app today so you have the information you need to prepare for severe weather.

FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Follow FEMA online at twitter.com/femaregion5, www.facebook.com/fema, and www.youtube.com/fema.  Also, follow Administrator Craig Fugate's activities at twitter.com/craigatfema. The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.

CHICAGO – It’s too easy to think we’re invincible when it comes to lightning storms—going outside, staying in the pool, or continuing a softball game as thunder sounds in the distance are not safe activities when lightning and thunder are in the area. Instead, move indoors when thunder roars—such a simple step could save more than 400 people from getting struck by lightning every year.

In recognition of Lightning Safety Awareness Week, June 19 – 25, 2016, FEMA is encouraging everyone to get storm safety smart:

  • There is no safe place outdoors when thunderstorms are in the area. Get indoors and avoid contact with corded phones, electrical equipment, plumbing, and windows and doors.
  •  Water is an excellent conductor of electricity – so get out of and away from water!  
  • Electricity always seeks the shortest path to its destination. Avoid tall, isolated trees or other tall objects in a lightning storm.
  • When camping, set up in a valley, ravine or other low area. Tents and open-sided shelters don’t provide protection from the dangers of lightning. If there isn’t a substantial building nearby, take shelter in your vehicle.
  • Wait 30 minutes after the last lightning or thunder before going back outside.
  • Anyone struck by lightning will need immediate medical attention. Call 911 and remember: lightning victims do not carry an electrical charge and are safe to touch.  

During Lightning Safety Awareness Week, FEMA Region 5 will be hosting a social media engagement campaign in collaboration with the National Weather Service in Chicago—get involved by following FEMA online at twitter.com/femaregion5 and www.facebook.com/fema. You can also find more valuable lightning safety tips by visiting www.ready.gov/thunderstorms-lightning and www.lightningsafety.noaa.gov. Consider also downloading the free FEMA app, available for your Android, Apple or Blackberry device, so you have the information at your fingertips to prepare for severe weather.

FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Follow FEMA online at twitter.com/femaregion5, www.facebook.com/fema, and www.youtube.com/fema.  Also, follow Administrator Craig Fugate's activities at twitter.com/craigatfema. The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.

Today’s world is a very different one to that of just 30 years ago. Where we previously used to be terrified of the idea of one of the superpowers using atomic bombs, today we are scared of somebody hacking our computer systems and destroying our infrastructures. It is a very real fear and one that, unlike atomic bombs, has been regularly unleashed on people.

However, we are not just sitting ducks in the face of this increasing threat and, behind the scenes, work is constantly being done to increase the protection that companies and individuals have from nefarious hackers. One of the most powerful tools they have in this constantly evolving battle is in the use of data.

One of the most progressive industries in this regard is banking and financial services, where a huge amount of money combined with a high number of transactions has meant that it is the perfect environment for data analytics to have a big impact. It is, unfortunately, something desperately needed as we have seen significant increases in the amount of card fraud. In the UK, online banking fraud increased 26% between 2013 and 2014, for instance. In a country of only 63 million people, there were 53,192 cases of online banking fraud where people incurred loss of money. The numbers in the US are even more shocking, with the country responsible of 47% of all credit card fraud despite accounting for only 24% of total card transactions (http://www.creditcards.com/credit-card-news/credit-card-security-id-theft-fraud-statistics-1276.php).

...

https://channels.theinnovationenterprise.com/articles/cyber-security-and-big-data-s-essential-relationship

Wednesday, 22 June 2016 00:00

The Cloud: Still a Work in Progress

It seems that when it comes to the enterprise and the cloud, it’s all over but the shouting. Organizations around the world have integrated cloud infrastructure into their overall data footprints in a major way, and at this point there is no chance of undoing it all.

But this doesn’t mean the cloud is putting all data operations on easy street. Indeed, just as local data infrastructure did in the past, the cloud will fuel its own endless cycle of upgrades and revisions as users come to demand new levels of performance and flexibility at every turn.

As eWeek reported last month, the cloud currently supports about 28 percent of the worldwide compute and storage load, and that portion is expected to increase to 58 percent over the next decade. And perhaps most telling, a good 83 percent of respondents to a recent Tata Communications survey said they have received benefits from cloud computing that they did not expect at the outset, including higher productivity and faster data access.

...

http://www.itbusinessedge.com/blogs/infrastructure/the-cloud-still-a-work-in-progress.html

(TNS) -  Gov. Rick Scott’s unprecedented request for a federal emergency declaration after the mass shooting in Orlando has been rejected by the Obama administration.

In a letter to Scott Monday, Federal Emergency Management Agency Administrator W. Craig Fugate said the emergency declaration was the wrong course of action for Florida to take as it tries to recoup the costs associated with the response to and investigation of the massacre that left 49 dead plus the shooter.

“Because your request did not demonstrate how the emergency response associated with this situation is beyond the capability of the state and affected local governments or identify any direct federal assistance needed to save lives or protect property, an emergency declaration is not appropriate for this incident,” Fugate wrote.

...

http://www.emergencymgmt.com/disaster/Federal-government-denies-Scott-request-for-emergency-declaration-after-Orlando-shooting.html

As cybersecurity risks have increased world-wide, both the SEC and the NFA have dictated that hedge funds and private equity funds have a plan to assess, manage and address risks and incidents. The security threat to private funds is real for all types of funds, big and small, complex and simple. However, cybersecurity planning for this group must be individualized to a great extent due to the wide range of IT configurations that exist. This article will discuss the required elements of cybersecurity planning as they relate to a variety of typical private funds, including hedge funds and private equity funds.

...

http://www.forbes.com/sites/judygross/2016/06/21/cybersecurity-efforts-require-individualized-planning-and-execution/

The roll call of high profile companies whose reputation is still recovering following a crises over recent years includes several who took on greater damage because of the inadequacy of their response to the initial problem.

Think BP and the then CEO’s infamous observation that he “would like his life back”.

Or Target’s attempts to wish away a major data leak that compromised its customers’ bank accounts.

Or Sony’s stalled understanding that media coverage of the toxic content of the stolen emails made it the villain not the victim in the eyes’ of the public.

...

http://www.rockdovesolutions.com/blog/crisis-winner-or-loser-take-a-two-minute-readiness-test

The cloud has revolutionized the way we build IT systems within enterprises. Indeed, enterprise IT’s goal since the inception of cloud computing has been to replicate the power of cloud computing within their own data centers.

The trouble is that cloud computing systems were built net-new, which meant they could start from scratch and thus be more innovative with the use of cloud-based resources using the most modern technology and approaches available. Enterprises don’t have the same luxury. Decades of enterprise hardware and software purchases exist at different levels of maturation, and those structures must also support mission-critical systems in operations.

However, things are changing. New technology now provides enterprises with the public cloud experience, which includes:

...

http://www.datacenterknowledge.com/archives/2016/06/21/creating-public-cloud-experience-house/

The incredible amount of energy needed to power data centers is well documented. Globally, data center energy use accounts for three percent of all electricity consumed, a figure that will continue to grow in the coming years. While fueling one of the backbones of our economy, this incredible power usage has resulted in staggering electricity bills and large amounts of pollution associated with producing that energy. To help combat this, utility companies in recent years have been offering incentive programs to data center owners and operators who are willing to make their facilities more energy efficient.

While these incentives are incredibly beneficial to data centers, I’ve found many operators hesitant to take advantage of the opportunity for a variety of reasons, including not being sure where to start, fear of unknown project costs, and confusion on the different types of incentives that are available. These concerns are all very understandable, and I can share some knowledge to help clear up the confusion that surrounds utility incentive programs.

...

http://www.datacenterknowledge.com/archives/2016/06/21/how-to-make-best-use-of-utility-incentives-for-data-centers/

The company IT Security perimeter no longer exists, now that mobile and cloud computing are so prevalent. The availability of files and information to employees in the office, on site, on the road or at home is high.

But then so are the IT security risks that go with such availability, unless appropriate measures are taken.

Those measures cannot be the same as the traditional firewall solutions, because so much computing activity now takes place outside such firewalls.

The security paradigm has to be turned inside out. Instead of trying to keep all data within one big fence, each piece of data must travel with its own protection.

...

http://www.opscentre.com/it-security-without-borders/

How do you ensure that the time and money spent on business continuity is yielding the desired results? Karen Humphris, senior advisory manager at ContinuitySA, looks at the subject and provides a checklist of 12 critical BCM success factors.

As business continuity management (BCM) becomes more important as a way to mitigate risk and create peace of mind, ensuring the money and time spent on BCM yields the desired results is critical. Organizations need to be certain that the BCM programme they have in place is realistic, and that it will work. One of the best ways of answering these questions is to measure how mature the BCM plan and capability actually is.

Measuring, as we all know, is the first and vital step to managing anything.

...

http://www.continuitycentral.com/index.php/news/business-continuity-news/1209-bcm-measurement-twelve-critical-bcm-success-factors

Tuesday, 21 June 2016 00:00

The Unsuspecting BYOD User

Many companies have adopted a BYOD program, recognizing the productivity benefits that can deliver. In addition, more and more companies require BYOD users to use a device passcode to prevent company data from falling into the wrong hands if the device is lost or stolen.

However, much like desktop security threats, the risk of data loss from malware and vulnerabilities must also be considered as part of a mobile security program.

Users, unfortunately, are mostly unaware that they can easily get a malware infection by visiting a compromised website and downloading a malicious app. Once on the device, the app can then access confidential data on the device as well as access the corporate network.  Contrary to popular belief, iOS devices are just as susceptible to malware as Android devices, and Skycure has identified that any business with over 200 iOS devices has at least one malware infection.

...

https://www.citrix.com/blogs/2016/06/20/the-unsuspecting-byod-user/

Business resilience is your organization’s ability to adapt and adequately respond to events—no matter how critical the situation—that affect your business internally or externally with little impact to your operations, people, and structure. Your business’s ability to be resilient and prepared relies on careful, corresponding planning related to both business continuity and disaster recovery, and at the forefront of prevention and strong response is access to monitoring your business and your people.

Maintaining a resilient business with regular operations before, during, and after an unexpected event requires emergency notification software that, like business resilience and disaster recovery planning, takes a holistic approach. In order to build a resilient business, you must be able to rely on your emergency notification software to monitor everything around you—potential threats, your people, your business, your communications. You need the full picture of what is exactly going on at all times.

AlertMedia keeps the pulse of your business – monitoring what your organization cares about most.

...

https://www.alertmedia.com/building-resilience-through-monitoring

There are some very important risks in your construction fleet that you may be overlooking. Independent contractors can introduce risks and your employees using their personal vehicles could pose other hidden exposure to your business. These are two top issues to be aware of, and here are some suggestions for mitigating them.

Independent Contractors

If you hire independent contractors, you could be sued for their actions in relation to a vehicle accident that they cause while working for you.

To reduce this exposure, ensure that each of your independent contractors has a valid auto liability insurance policy. Make sure the policy is in force throughout the duration of their contract with you. Additionally, be sure that their insurance carrier is financially stable. You can verify the insurance carrier’s financial strength at www.ambest.com.

...

http://www.riskmanagementmonitor.com/the-hidden-risks-in-your-construction-fleet/

AUSTIN, Texas – Two important deadlines are ahead for Texans who are considering a loan through the U.S. Small Business Administration for recovery from the April storms and flooding.

Most survivors who registered with FEMA for disaster assistance were contacted by the SBA with information on the agency’s loan-interest disaster loans, as well as instructions on how to complete the loan application.

The deadline to submit the application for physical damage is June 24, 2016.  The deadline for businesses to submit a loan application for economic injury is Jan. 25, 2017.

The SBA is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property, offering low-interest disaster assistance loans to businesses of all sizes, private nonprofit organizations, homeowners and renters.

Survivors may apply online using the electronic loan application via SBA’s secure website at disasterloan.sba.gov/ela.

Disaster loan information and application forms are also available from SBA’s customer service center by calling 800-659-2955 or emailing disastercustomerservice@sba.gov. Individuals who are deaf or hard‑of‑hearing may call 800-877-8339. For more disaster assistance information or to download applications, visit sba.gov/disaster.

Completed applications should be mailed to:

U.S. Small Business Administration
Processing and Disbursement Center
14925 Kingsport Rd.
Fort Worth, TX  76155

SBA loan applications should be submitted even as disaster survivors await an insurance settlement. The loan balance is reduced by the settlement. SBA loans may also be available for losses not covered by insurance.

Both FEMA and the SBA encourage Texans who suffered damage or loss from the April storms and were provided a loan application to complete the application.  There is no obligation to take a loan if offered. If approved, and a survivor does not accept the loan, it may make them ineligible for additional federal assistance.

  • Homeowners may borrow up to $200,000 from SBA to repair or replace their primary residence.

  • Homeowners and renters may borrow up to $40,000 to repair or replace personal property.

  • Businesses may borrow up to $2 million for any combination of property damage or economic injury. SBA offers low-interest working capital loans—called Economic Injury Disaster Loans—to small businesses and most private nonprofit organizations of all sizes.

# # #

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

If you are heading up an application develop team or are running an IT organization and you are looking at your developers initial steps to developing cloud native applications, I want to share some experienced insights gained from PaaS customers.  For me it is a view of the path many of you may be heading down applying some best practices that can optimize Dev and Ops together.

Apprenda, one of our ACI ecosystem partners, and Cisco recently hosted a series of presentations, we called PaaS Days, about the Application-Centric Enterprise to share how private PaaS and policy driven automation together can address real-world problems such as application time-to-market, datacenter security and corporate compliance.   I want to share some insights I gained there about different application strategies for cloud. Depending on the company’s cloud maturity level and whether the management is centralized or not, the application strategy can take on a project oriented or an organization level scope.

...

http://blogs.cisco.com/datacenter/developer-productivity-paas-compliance-and-policy-driven-infrastructure

(TNS) - A good 40 inches of rain has pelted Montgomery County this year - well ahead of the typical pace and too much at times for the usually tranquil streams in this rapidly growing area.

So regional leaders are embarking on a nearly $1 million study to improve and expand the early flood warning capabilities for the county.

Under the plan, the San Jacinto River Authority also would analyze water flows and explore ways to reduce the likelihood of flooding, such as scooping out parts of streams that can cause bottlenecks.

The authority, which manages surface water in the river basin, is teaming with Montgomery County and the city of Conroe. The entities are asking the Texas Water Development Board to cover half the costs.

...

http://www.emergencymgmt.com/disaster/Heavy-rains-prompt-Montgomery-County-officials-to-study-ways-to-reduce-flooding.html

At a time when some venture capitalists are holding back, one firm is moving forward. There is a very real need for new technologies in cybersecurity. For example, the attack on Office of Personnel Management last year– which affected at least 21.5 million Americans — had apparently been going on for some time, undetected. The new model is to identify the intruder in the network in real time, observe them, and then suppress that intruder’s activities. This requires active intelligence and a whole new way of thinking about cybersecurity.

“From an architectural perspective we are investing in cybersecurity technologies that are synergistic in one simple goal which is intrusion suppression,” said Tom Kellerman, CEO of Strategic Cybersecurity Ventures (SCV). “We are not investing in capabilities that are perimeter based that are focused on keeping the adversary out at all time. We are focused on capabilities that can force the adversary to be resource constrained, decrease the amount of time they are on a network, and inhibit their ability to exfiltrate your intellectual property or financial data out,” he said.

Kellerman, formerly with Trend Micro, and his two partners — Ann Barron-DiCamillo (CTO), formerly the director of US-CERT, and Hank Thomas (COO), formerly with the NSA and Booz Allen’s cyber intelligence and indigence response practice – each know what they want. Collectively they have fifty years of active experience in cybersecurity.

...

http://www.forbes.com/sites/robertvamosi/2016/06/20/funding-new-deceptive-technologies-in-cybersecurity/

Why is nearly half an organization’s data loss due to insiders? A Fasoo and Ponemon Institute study found that it could be because the vast majority of IT security professionals (72 percent) aren’t confident in their ability to manage or control employee access to sensitive files. Even more worrisome is that these same professionals don’t know where those sensitive files are and have no visibility into what employees are accessing or sharing without authorization. Bill Blake, president of Fasoo, addressed this discovery:

What should be concerning to C-level executives and corporate boards is that most organizations have no idea where mission-critical information is located on the corporate network, who has access and what they are doing with that information. Organizations must be vigilant in applying and enforcing security policies as well as knowing where the organization's most valuable information is located at all times.

http://www.itbusinessedge.com/blogs/data-security/too-little-is-done-internally-to-prevent-insider-threats.html

Monday, 20 June 2016 00:00

BCI: The changing resilience landscape

The Business Continuity Institute - Jun 20, 2016 17:03 BST

At the DRJ Spring World Conference in Orlando earlier this year, the BCI 20/20 Think Tank US Group hosted a session titled 'BCI 20/20 - The future of the continuity industry'. The discussion that followed covered a wide range of issues which illustrated the changing resilience landscape that business continuity professionals face today. The outcome of this was a new discussion paper on the role of business continuity professionals in the changing global threat environment.

The notion of a changing threat environment was supported by a high level discussion on the Business Continuity Institute's latest Horizon Scan Report, also at DRJ Spring World, which considered the changing risk landscape and how it is no longer just the traditional threats like natural or man-made disasters that are being disruptive to our organizations. However, knowing the risks an organization faces enables business continuity professionals to focus on what happens next.

One of the conclusions from the paper was that "only a business continuity professional with a strong understanding of the business, its products/services and customer expectations can contribute meaningfully to responding to risks".

Download your free copy of the role of business continuity professionals in the changing global threat environment today in order to develop your understanding of the changing resilience landscape.

Monday, 20 June 2016 00:00

Containers: Not Just for Food

In all seriousness: in the world of IT, what exactly are containers, anyway? For those of you who are not very familiar with where containers come from and why you’re hearing so much about them right now, this post is for you.

You have an operating system (OS).

You have some applications (apps) running on your OS. 

In most cases, these are packaged together as a “virtual machine.”

And then, virtualization happens. Hypervisors happen — and you can have multiple copies of a virtual machine running on a hypervisor. In many cases, organizations are running lots of instances of the exact same virtual machine on a hypervisor.

...

https://www.citrix.com/blogs/2016/06/20/containers-not-just-for-food/

While a great number of industries have rushed to digitally engage consumers, the financial sector has lagged behind. Online banking platforms are built on top of an infrastructure that is still heavily reliant on paper and human interaction, leaving it prone to loss, error and social engineering techniques.

These administrative costs prevent our financial system from scaling up and reaching the next billion users, a demographic that has no problem purchasing a smartphone but is still excluded from global banking due to exorbitant compliance costs and identification requirements that don’t match people’s realities.

Cyberattacks also threaten to exclude even more people from banking, as they raise the compliance and insurance costs of opening and maintaining bank accounts.

...

http://www.forbes.com/sites/leonhardweese/2016/06/18/cybersecurity-we-need-new-systems-to-save-the-banks-and-the-people-who-rely-on-them/

Monday, 20 June 2016 00:00

The Car Salesman to the Mechanic

So I made the big brave move into a cyber security specific role....

The rationale behind this was simple. Far too often in my world of business continuity did I encounter some CTO who was trying to pull the wool over my eyes when discussing IT risk. They would throw out a few technical terms I’d never heard of and I had no choice but to assume they knew what they were talking about. This needed to change so I decided to throw myself into IT and see what all the fuss was about.

Prior to making the move I genuinely thought my experience of delivering disaster recovery and work are recovery projects meant that I had a pretty good grounding on the subject. However, looking back I'd have to say I was definitely ignorant to what I didn't know. It occurred to me that in recent years I was the car salesmen to the mechanic. But as a security professional did I really need to fully understand the likes of networks, environments and infrastructure?

...

http://www.blueyedbc.com/2016/06/the-car-salesman-to-mechanic.html

Monday, 20 June 2016 00:00

Ransomware: The News Is Always Bad

A study by Booz Allen Hamilton says that Supervisory Control and Data Acquisition (SCADA) systems, which manage critical infrastructure, are becoming targets of ransomware.

The report is full of bad news for industrial control system (ICS) operators. Attacks are increasing: The Department of Homeland Security (DHS) responded to 295 incidents last year, which was a 15 percent increase over 2014. The arc in the evolution of cybercrime is always toward less expensive, more sophisticated and more accessible exploits. The study, which was reported upon at Dark Reading, shows that the tendency continues:

Among the several emerging challenges for owners of industrial control systems identified in the report are ransomware and the emergence of SCADA access as a service. Booz Allen Hamilton defines SCADA access services as entities that specialize in finding zero-day flaws in industrial control networks, developing exploits for them and then selling that as a service to those interested in gaining unauthorized access to third-party ICS networks.

...

http://www.itbusinessedge.com/blogs/data-and-telecom/ransomware-the-news-is-always-bad.html

Jun 17, 2016 17:13 BST

​Small businesses unfairly carrying the cost of cyber crime

Small businesses are unfairly carrying the cost of cyber crime in an increasingly vulnerable digital economy, according to a new report by the Federation of Small Businesses, with firms collectively attacked seven million times per year, costing the UK economy an estimated £5.26 billion.

Cyber Resilience: How to protect small firms in the digital economy notes that, despite the vast majority of small firms (93%) taking steps to protect their business from digital threats, two thirds (66%) have been a victim of cyber crime in the last two years. Over that period, those affected have been victims on four occasions on average, costing each business almost £3000 in total.

Almost all (99%) of the UK’s 5.4 million small firms rate the internet as being highly important to their business, with two in three (66%) offering, or planning to offer, goods and services online. Without intervention, the growing sophistication of cyber attacks could stifle small business growth and in the worst cases close them down.

Mike Cherry, FSB National Chairman, said: “The digital economy is vital to small businesses - presenting a huge opportunity to reach new markets and customers - but these benefits are matched by the risk of opportunities for criminals to attack businesses. Small firms take their cyber security responsibility very seriously but often they are the least able to bear the cost of doing so. Smaller businesses have limited resources, time and expertise to deal with ever-evolving and increasing digital attacks.”

The Business Continuity Institute’s latest Horizon Scan Report showed that small businesses are no different to larger organizations when it comes to determining the greatest threat they face – in both cases it was cyber attack and data breach.

The FSB report also found room for small firms to improve security. Currently just a quarter of smaller businesses (24%) have a strict password policy, 4% have a written plan of what to do if attacked online, and just 2% have a recognised security standard such as ISO27001 or the Government’s Cyber Essentials scheme.

(TNS) - If you see something, say something.

It is a dictum for terrorizing times, and as the carnage mounts, law enforcement is more urgently pressing the public to turn tipster.

But what, exactly, does something mean?

That depends.

"If I have a friend who all of a sudden starts going to the masjid [mosque] five times a day, is that a sign of radicalization - or of admirable devotion?" said Quasier Abdullah, assistant imam at Quba Institute, a school and mosque in West Philadelphia.

...

http://www.emergencymgmt.com/safety/Reporting-terror-suspicions-not-a-simple-call.html

(TNS) - It only took about five minutes of violent winds, but Wednesday evening’s strong storm put the fear of Mother Nature into some of Lindenwald’s (Ohio)  residents.

“It was intense. It was scary,” said Molly Marcotte, who lives down the street from where some of the worst damage happened. She and husband Randy Marcotte heard sounds of trees snapping and transformers blowing, but they say they never heard the sound of storm sirens until after the winds died down.

“Mother Nature’s a beast,” Molly Marcotte said. Their porch swing was pinned against a window, but somehow didn’t break the glass.

...

http://www.emergencymgmt.com/disaster/Officials-Storm-sirens-can-lose-effectiveness.html

AUSTIN, Texas – As storms and flooding wreak havoc across Texas, FEMA officials are warning of another danger: scam artists and unscrupulous contractors out to fleece communities and survivors struggling to recover from disaster.

Be aware of these most common post-disaster scams:

Housing inspectors: If home damage is visible from the street, an owner/applicant may be vulnerable to those who pose as housing inspectors and claim to represent FEMA or the U.S. Small Business Administration.

  • Ask for identification. Federal and state representatives carry photo ID. A FEMA or SBA shirt or jacket is not proof of affiliation with the government.

  • FEMA inspectors never ask for banking or other personal information. < >EMA housing inspectors verify damage but do not hire or endorse specific contractors to fix homes or recommend repairs. They do not determine eligibility for assistance.

  • Use licensed local contractors backed by reliable references; recovery experts recommend getting a written estimate from at least three contractors, including the cost of labor and materials; and read the fine print.

  • Demand that contractors carry general liability insurance and workers’ compensation. If he or she is not insured, you may be liable for accidents that occur on your property.

  • Avoid paying more than half the costs upfront. Doing so offers little incentive for the contractor to return to complete repairs.

Pleas for post-disaster donations: Con artists play on the sympathies of disaster survivors, knowing that people want to help others in need. Disaster aid solicitations may arrive by phone, email, letter or face-to-face visits. Verify charitable solicitations:

  • Ask for the charity’s exact name, street address, phone number and web address, then phone the charity to confirm that the person asking for funds is an employee or volunteer.

  • Don’t pay with cash. Pay with a check made out to the charity in case funds must be stopped later.

  • Request a receipt. Legitimate nonprofit agencies routinely provide receipts for tax purposes.

Offers of state or federal aid: Beware of anyone claiming to be from FEMA or the state and asking for a Social Security number, bank account number or other sensitive information. Scammers may solicit by phone or in person, promising to speed up the insurance, disaster assistance or building permit process. Others promise a disaster grant and ask for large cash deposits or advance payments. Here’s how to protect yourself:

  • Federal and state workers do not solicit or accept money. FEMA and SBA staff never charge applicants for disaster assistance, inspections or help in filling out applications. If you have any doubts, do not give out information and file a report with the police.

If you suspect fraud, call the FEMA Disaster Fraud Hotline at 866-720-5721. If you are a victim of a home repair or price-gouging scam, call the Office of the Texas Attorney General at 800-252-8011. For information regarding disaster-related fraud and how to protect yourself, visit texasattorneygeneral.gov/cpd/disaster-scams.

For more information on the Texas recovery, visit the disaster webpage for the May storms at fema.gov/disaster/4272; or visit the Texas Division of Emergency Management website at txdps.state.tx.us/dem. Follow us on Twitter @femaregion6.

Download fema.gov/mobile-app to locate open shelters and disaster recovery centers, receive severe weather alerts, safety tips and much more.

# # #

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Download fema.gov/mobile-app to locate open shelters and disaster recovery centers, receive severe weather alerts, safety tips and much more.

(TNS) - A biennial test shows that emergency officials — including some in Northwest Missouri — are ready to work together in the event of a disaster at a southeast Nebraska nuclear power plant.

That was the assessment of federal officials, who spoke during a Thursday morning briefing at the Nebraska Public Power District’s emergency operations center in Auburn, Nebraska.

The test, conducted Tuesday, is intended to probe how well agencies, other organizations and the utility itself would react to a crisis involving the Cooper Nuclear Station — positioned along the Missouri River three miles south of Brownville, Nebraska. NPPD owns and operates the plant, and representatives also attended Thursday’s briefing.

...

http://www.emergencymgmt.com/safety/Agencies-get-high-marks-in-nuclear-exercise.html

Tiered storage is the process of assigning progressively less-expensive storage categories to progressively less-valuable data. It’s up to IT to classify storage tiers using a matrix of performance, price (Capex and Opex), storage capacity and data services. Classifying data priority is not entirely up to IT. Within the same storage system, automated tiering functions will classify data by features like I/O patterns and move it accordingly within the storage system’s internal storage tiers.

However, IT will need to assign data priority by business need in order to migrate data effectively throughout the storage infrastructure, ultimately landing in highly cost-effective cold storage. Different companies will assign different data priorities according to their business and compliance needs.

Aging is the most common metadata for demoting data to less expensive storage, but other factors may affect the outcome. For example, IT may progressively demote aging data and eventually add it to cold storage on tape or cloud. But some aging data may reside long-term on SATA on-premises storage because it is subject to regular information audits.

...

http://www.enterprisestorageforum.com/storage-management/why-storage-tiering-still-matters.-a-lot-1.html

While hurricanes are notoriously unpredictable, scientific advancements allow unprecedented insight into what to expect as a storm season approaches. The bad news? 2016 is anticipated to be a doozy, according to a just-released report from The Weather Company. Let’s take a closer look at what weather experts say lies ahead, along with tips for overcoming this less-than-sunny outlook.

Putting the Hurricanes in Hurricane Season

What’s headed our way, according to The Weather Company forecast? Approximately 14 named storms, eight hurricanes, and three major (Category 3 or stronger) hurricanes will comprise the 2016 Atlantic hurricane season.

If this sounds like a lot, that’s because it is: The 30-year historical average consists of 12 named storms, six hurricanes, and three major hurricanes. The Weather Company’s most recent outlook also outpaces predictions from earlier this spring, including one from Colorado State University (CSU) which anticipated 13 named storms, six hurricanes, and two major hurricanes.

...

http://blog.sendwordnow.com/whats-the-forecast-for-hurricane-season-2016

Only a few years ago, business continuity was considered the gold standard of crisis response: If an organization was able to continue operation following an emergency situation, it was considered well-prepared for potential threats. However, today many organizations aim to go beyond business continuity to achieve operational resilience—to not only come back from a crisis, but to continue day-to-day operation with minimal changes to the business.

Resiliency refers to the capacity for a company to thrive, despite the inevitable challenges that it will face over time. IBM has defined operational resilience as “the ability of an organization’s business operations to rapidly adapt and respond to internal or external dynamic changes—[including] opportunities, demands, disruptions or threats—and continue operations with limited impact to the business.” This includes crises such as severe weather, unplanned IT outages, violent incidents, public relations gaffes and everything in between.

Many organizations are not effectively prepared for potential crises. And when one does hit, they struggle to get back up and running. In a 2014 survey, nearly 25 percent of organizations lost critical applications or files for multiple days following a crisis, and 20 percent of companies reported post-incident losses ranging from $50,000 to $5 million. This is not true operational resiliency.

...

http://www.rockdovesolutions.com/blog/what-does-operational-resilience-mean-in-a-crisis-response

When employees leave a company and take sensitive data with them, intentionally or not, the repercussions can be massive. In February of this year, an employee leaving the FDIC exposed 44,000 FDIC customers’ personal information when she downloaded the data to her personal storage device. Later the same month, a former employee of UK regulator Ofcom offered his new employer as much as six years of sensitive data provided to the regulator by television companies.

A recent survey of 400 employees by Veriato, a provider of employee monitoring software, found that a third of respondents believe they own or share ownership of the corporate data they work on;  more than half feel it's acceptable to take corporate data with them when they leave a job.

"The potential damage from even one employee taking confidential and proprietary customer data, software code or login credentials with them to a new job, especially with a competitor, is astronomical," Veriato COO Mike Tierney said at the time.

So what should companies do to prevent such potentially serious damage?

...

http://www.esecurityplanet.com/network-security/5-ways-to-defuse-data-threat-from-departing-employees.html

The Business Continuity Institute - Jun 20, 2016 10:23 BST

There has never been a more fascinating debate than that of the United Kingdom’s potential exit from the European Union, but what impact does this have on business continuity and the business community within the UK?

A lot of business continuity professionals compensate for the tangible disruptive events but how many have prepared for such an intangible event as the UK leaving the EU. If ever an event has highlighted the importance of business continuity within the Boardroom, then this is it.

In the ongoing programme of business continuity planning, business continuity professionals will recognise the significance of Brexit while conducting a strategic business impact analysis. The acronym PESTELO analyses the external factors which highlights the weaknesses and threats for an organisation under the political, economic, social, technological, environmental, legal and organizational components.

Brexit maximises the utilisation of PESTELO. It will define your organization’s beta Factor and how well prepared your organization is for this potential exit. It is the responsibility of the business continuity professional to reduce this beta factor by identifying the risks to critical processes and minimising the impact an exit will have.

Numerous political leaders within the EU and further afield have highlighted their scepticism and the potential pitfalls of the UK’s withdrawal. However the debate within UK industry and the discipline of business continuity is inextricably linked because the continuance of a business or industry may be dependent upon this result.

The UK fishing industry has suffered with EU regulation and might be more pleased with the exit. The threat of London being removed as the financial centre of Europe to Paris, Frankfurt or Dublin has been commonly discussed. The threat of global terror has reached unsurpassed levels. MI5 officers have publicly stated that it would make better sense if Britain remained in the EU. A dilution of coordinated efforts undermines the effect of intelligence. On the other hand, some experts within MI6 say that a departure would improve the nation’s security. The two leading security agencies with differing views probably sums up this conundrum.

Numerous economists have suggested that Britain is putting monetarily more into the EU than it is getting back. This may be the quantitative position but from a qualitative point of view the total return on its investment have economists’ opinions varying greatly. For example, the EU aggregation of bulk power has negotiated tariff agreements with China and the USA, so how would the UK fair as a standalone entity? The fact is that if the UK does decide to exit no one knows what the implications are and the debate will continue right up until the final hour. The UK’s debate surrounding the exit is maybe better positioned not necessarily as a risk but as an uncertainty. The critique of scenario analysis (or in the case of Brexit maybe better referred to as ‘alternative worlds’) will allow pessimistic, optimistic and likely outcomes however due to this uncertainty simulation analysis maybe better utilised in this example as numerous variables could be the determining factor in an organisations success or failure.

For business continuity professionals the systemic risk posed by Brexit means that each organization within the UK faces this uncertainty as well as its own unsystemic challenges. If you are an importing business, you are already feeling the loss in the drop of the pound. The multi-disciplined business continuity professional should be advocating to diversify their organization’s portfolio by aligning their thoughts with their procurement departments to maybe look for indigenous suppliers or alternative vehicles for obtaining these goods and services.

If you are an exporting business your pound has become more highly valuable. The business continuity professional should be advocating the maximax policy.

If the UK decides to remain within the EU our public services could be under further scrutiny with more countries joining the EU. The business continuity professional has to deal with the current status quo and possibly this immigration influx. Can our public services deal with this continuing growth?

The business continuity professional is now compelled to horizon scan not only the tangible factors but also the potential black swans such as Brexit in the future.

Whatever the UK decides to do, the business continuity professional will be facing challenges.

Padraig McGoldrick AMBCI is the Vice President of Corporate Services for First Derivatives

The Business Continuity Institute - Jun 17, 2016 17:13 BST

 

Small businesses are unfairly carrying the cost of cyber crime in an increasingly vulnerable digital economy, according to a new report by the Federation of Small Businesses, with firms collectively attacked seven million times per year, costing the UK economy an estimated £5.26 billion.

Cyber Resilience: How to protect small firms in the digital economy notes that, despite the vast majority of small firms (93%) taking steps to protect their business from digital threats, two thirds (66%) have been a victim of cyber crime in the last two years. Over that period, those affected have been victims on four occasions on average, costing each business almost £3000 in total. 

Almost all (99%) of the UK’s 5.4 million small firms rate the internet as being highly important to their business, with two in three (66%) offering, or planning to offer, goods and services online. Without intervention, the growing sophistication of cyber attacks could stifle small business growth and in the worst cases close them down.

Mike Cherry, FSB National Chairman, said: “The digital economy is vital to small businesses - presenting a huge opportunity to reach new markets and customers - but these benefits are matched by the risk of opportunities for criminals to attack businesses. Small firms take their cyber security responsibility very seriously but often they are the least able to bear the cost of doing so. Smaller businesses have limited resources, time and expertise to deal with ever-evolving and increasing digital attacks.”

The Business Continuity Institute’s latest Horizon Scan Report showed that small businesses are no different to larger organizations when it comes to determining the greatest threat they face – in both cases it was cyber attack and data breach.

The FSB report also found room for small firms to improve security. Currently just a quarter of smaller businesses (24%) have a strict password policy, 4% have a written plan of what to do if attacked online, and just 2% have a recognised security standard such as ISO27001 or the Government’s Cyber Essentials scheme.

 
The Business Continuity Institute - Jun 17, 2016 09:31 BST

Companies that have predefined Business Continuity Management (BCM) processes in place are able to find and contain data breaches more quickly, discovering breaches 52 days earlier and containing them 36 days faster than companies without BCM. This is according to a study sponsored by IBM and conducted by the Ponemon Institute.

This is of significant importance as the study revealed that the average cost of a data breach for companies has grown to $4 million, representing a 29% increase since 2013, at least among those companies surveyed as part of research.

The Cost of Data Breach Study found the longer it takes to detect and contain a data breach, the more costly it becomes to resolve. While breaches that were identified in less than 100 days cost companies an average of $3.23 million, breaches that were found after the 100 day mark cost over $1 million more on average ($4.38 million). The average time to identify a breach in the study was estimated at 201 days, and the average time to contain a breach was estimated at 70 days.

Cyber security incidents continue to grow in both volume and sophistication, with 64% more security incidents reported in 2015 than in 2014. As these threats become more complex, the cost continues to rise. In fact, the study found that companies lose $158 per compromised record. Breaches in highly regulated industries were even more costly, with healthcare reaching $355 per record – a full $100 more than in 2013.

Business continuity professionals are well aware of the threat the cyber world poses to their organizations, as identified in the Business Continuity Institute's latest Horizon Scan Report. In this report cyber attack and data breach were ranked as the top two threats with the vast majority of respondents to a global survey (85% and 80% respectively) expressing concern about the prospect of them materialising.

"The amount of time, effort and costs that companies face in the wake of a data breach can be devastating, and unfortunately most companies still don't have a plan in place to deal with this process efficiently," said Ted Julian, Vice President, Resilient an IBM Company. "While the risk is inevitable, having a coordinated and automated incident response plan, as well as access to the right resources and skills, can make or break how much a company is impacted by a security event."

DriveScale, the Silicon Valley data center technology startup founded by a group of Sun and Cisco veterans who were behind some of the two iconic companies’ core data center product lines, such as Sun’s x86 servers and Cisco’s Nexus Switches and Unified Computing System (Cisco UCS), has built a scale-out IT solution geared specifically for Big Data applications. The company, which recently came out of stealth and announced a $15 million funding round, is addressing a growing need in the data center and has a founding team whose technological abilities are undeniable, but its current product is only on its first generation and still has a ways to go before it is proven out in the market.

Let’s back up a little and discuss why a scale-out solution for Big Data is important. Creating virtual controllers which enable some kind of software-defined platform aren’t anything new. In storage, we’ve seen this with Atlantis USX and VMware vSAN; in networking, it’s Cisco ACI, Big Switch, and VMware NSX. The vast majority of these technologies however are designed for traditional workloads, such as virtual desktop infrastructure, databases, application virtualization, web portals, and so on.

What about managing one of the fastest-growing aspects of IT today? What about controlling a new critical source of business value? What about creating a virtual controller for Big Data management?

...

http://www.datacenterknowledge.com/archives/2016/06/16/drivescale-says-big-data-needs-a-new-kind-of-data-center-infrastructure/

Remember the economic meltdown (almost) of eight years ago? Two buzzwords came to the fore at that time. One was “systemic risk”, the risk that applies to an entire sector or domain; in this case, the global economy. The other one was “too big to fail” (TBTF) or TICTF referring to any entity that could by its own failure cause systemic failure. Thus, American investment bank Lehman Brothers was “too big to fail”.

However, fail it did, triggering a financial crisis worldwide. However, rather than TBTF, another measure known as TICTF may be a smarter way of understanding which measures for resilience you should be taking.

Interestingly, TICTF (Too Interconnected to Fail) was also the measure preferred by the US government in many cases, when deciding whom to help financially.

The impact of a “TICTF” enterprise is measured in terms of the products and services supplied by that enterprise, plus all other activities that depend on that enterprise, plus the exposure of the enterprise to other systemic risk.

...

http://www.opscentre.com/resilience-tictf-interconnected-fail/

The compliance profession faces many challenges. Some are more important than others. When it comes to evaluating performance, or measuring compliance programs, the profession has a steep uphill climb.

Unfortunately, measuring compliance programs and defining what an “effective” program is an issue that requires extensive research and analysis. Justice Potter Stewart’s famous words defining “obscenity” – “I know it when I see it,” just will not work when it comes to effective compliance programs.

The US Sentencing Commission has provided required elements of an “effective” compliance program; the Department of Justice has advanced the dialogue with its own approach and definition, as set forth in the FCPA Guidance and recently in the FCPA Pilot Program.

...

http://blog.volkovlaw.com/2016/06/defining-effective-ethics-compliance-programs/

In the film Limitless, the main character Eddie finds himself able to learn and analyze information at a superhuman rate. He temporarily has the ability to instantly and meaningfully cross-correlate all of the previously forgotten experiences from his past (1) and assess multiple scenarios in the future. He does this simply by taking a pill.

I don’t have a pill for you, and I’m not going to claim any product can make you Limitless. However, I will say Cisco Tetration Analytics comes closer than anything in the industry to delivering similar capabilities!

...

http://blogs.cisco.com/datacenter/tetration-analytics-limitless-time-machine

At Citrix Synergy this year, ExtraHop won the Best of Show award for our ransomware detection solution.

Giving the reasons for the win, panel judge Brian Madden said, “You could literally put the product in, push GO, and get the benefits instantaneously.”

We were honored by the recognition and thrilled that the judging panel interviewed some of customers and heard firsthand how they were using the ExtraHop ransomware detection solution.

...

https://www.citrix.com/blogs/2016/06/15/ransomware-profitable-for-criminals-hard-to-stop-for-enterprises/

(Bloomberg) — Cyber-security firm Kaspersky Lab says it has uncovered an online marketplace where criminals from all over the world sell access to more than 70,000 hacked corporate and government servers for as little as $6 each.

Kaspersky discovered the forum after a tip from a European internet service provider. The market, called xDedic, is operated by hackers, who are probably Russian speaking, that have ditched their traditional business model of just selling passwords and have graduated instead to earning a commission from each transaction on their black market.

“It’s a marketplace similar to EBay where people can trade information about cracked servers,” said Costin Raiu, head of global research at Kaspersky Lab. “The forum owners verify the quality of the hacked data and charge a commission of 5 percent for transactions.”

...

http://www.datacenterknowledge.com/archives/2016/06/15/hackers-found-selling-access-to-70000-company-servers/

(TNS) - The Baltimore 911 system crashed for at least an hour Tuesday night, leaving police and firefighters unable to receive calls to the emergency phone line, the city's Office of Emergency Management and firefighters announced.

The system went down around 8:20 p.m., city officials said. Mayor Stephanie Rawlings-Blake announced around 10:15 p.m. that it was restored.

The crash was suspected to be caused by a problem with Verizon, said Robert Maloney, director of the Mayor's Office of Emergency Management.

...

http://www.emergencymgmt.com/next-gen-911/Baltimore-911-system-crashes-restored-after-at-least-an-hour-down.html

(TNS) - The Newton, Iowa, Police Department in partnership with the Jasper County Sheriff’s Office to launch the “If You See Something, Say Something” campaign throughout Jasper County.

The U.S. Department of Homeland Security’s campaign aims to raise public awareness of the indicators of terrorism and terrorism-related crime activity.

“This program came about as a result of our want and need to partner with the community at a deeper level and encourage them to report any type of suspicious activity,” Newton Police Chief Rob Burdess said.

The main focus of the national campaign is terrorist and terrorist activity, but Burdess sees the local program as a way to empower citizens to report any suspicious activity regardless of the severity.

...

http://www.emergencymgmt.com/safety/Local-authorities-launch-See-Something-Say-Something-campaign.html

AUSTIN, Texas – Texans who suffered damage or loss from the May flooding and were referred to the U.S. Small Business Administration may lose income-based FEMA grants if they don’t complete and submit the SBA loan application.

Other Needs Assistance grants may cover uninsured losses for furniture, appliances and other personal property, even vehicles. Survivors will not be considered for this type of assistance unless they complete and return the SBA loan application.

Applicants from Austin, Brazoria, Brazos, Fort Bend, Grimes, Hidalgo, Hood, Montgomery, San Jacinto, Travis, Waller and Washington counties should complete the application, even if they don’t want a loan.

“The SBA loan application is used to review an applicant’s eligibility for additional assistance,” said Federal Coordinating Officer William J. Doran III, who is in charge of FEMA’s operations in Texas. “For that reason, complete the application even if you don’t plan to accept the loan.”

Some types of Other Needs Assistance—medical, dental and funeral expenses—are not SBA dependent, and completing the loan application is not required. However, it is always recommended by recovery experts. The application is not required for survivors seeking temporary rental assistance.

The SBA is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property, offering low-interest disaster assistance loans to businesses of all sizes, private nonprofit organizations, homeowners and renters.

Survivors may apply online using the electronic loan application via SBA’s secure website at disasterloan.sba.gov/ela.

Disaster loan information and application forms are also available from SBA’s customer service center by calling 800-659-2955 or emailing disastercustomerservice@sba.gov. Individuals who are deaf or hard‑of‑hearing may call 800-877-8339. For more disaster assistance information or to download applications, visit sba.gov/disaster.

Completed applications should be mailed to: U.S. Small Business Administration, Processing and Disbursement Center, 14925 Kingsport Rd., Fort Worth, TX  76155.

SBA loan applications can be submitted even as disaster survivors await an insurance settlement. The loan balance will be reduced by the settlement. SBA loans may also be available for losses not covered by insurance.

  • Homeowners may borrow up to $200,000 from SBA to repair or replace their primary residence.

  • Homeowners and renters may borrow up to $40,000 to repair or replace personal property.

  • Businesses may borrow up to $2 million for any combination of property damage or economic injury. SBA offers low-interest working capital loans—calledEconomic Injury Disaster Loans—to small businesses and most private nonprofit organizations of all sizes.

For more information on the Texas recovery, visit the disaster webpage for the May storms at fema.gov/disaster/4272; or visit the Texas Division of Emergency Management website at txdps.state.tx.us/dem. Follow us on Twitter @femaregion6.

Download fema.gov/mobile-app to locate open shelters and disaster recovery centers, receive severe weather alerts, safety tips and much more.

# # #

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Download fema.gov/mobile-app to locate open shelters and disaster recovery centers, receive severe weather alerts, safety tips and much more.

In today’s world with everyone constantly on the go and the need to rely on our phones for work-related activities, it’s essential to provide mobile app accessibility to both the administrator and the audience you’re communicating with. You never know when a critical event will strike, but by having access to an emergency notification app to reach and interact with your people gives you the ability to keep your business and people safe.

Emergency notification app for administrators:

AlertMedia’s emergency notification app enables admins to send and receive important notifications on the go from your smartphone—Android, iPhone, tablet, and more. Getting the message out to your audience fast requires only a few simple taps to create and send a notification.

With the app, you can receive alerts that monitor your organization’s safety, respond to events and incoming messages quickly, and resolve time-sensitive situations. It securely stores and retrieves messages and past notifications, so you can keep the pulse of the business and your people informed.

...

https://www.alertmedia.com/using-alertmedias-emergency-notification-mobile-app-to-manage-critical-communications/

The Business Continuity Institute - Jun 16, 2016 11:11 BST

Small businesses are leaving themselves open to potential threats with only 20% considering cyber security as a top business priority. This is according to new research by Barclaycard, which also found that 10% had never invested in improving the security of their website, putting them at risk from cyber crime.

The study also revealed that almost half (48%) had been hit by at least one cyber attack in the past year, with 10% experiencing more than four attacks. Almost one in five (16%) admit they were only prompted to review their cyber security when they were hit by an attack.

The latest Horizon Scan Report published by the Business Continuity Institute revealed that small businesses are no different to larger organizations when it comes to the main threats they face. In both cases the top threats were cyber attack and data breach.

Barclaycard's research found the majority (54%) of SMEs are concerned they could be at risk from an attack, but many lack the knowledge and expertise on how to better protect their business online. Only one in eight (13%) claim to be confident they understand enough about cyber crime to protect their business, and just one in six (15%) are very confident they have adequate measures in place.

Paul Clarke, Product Director at Barclaycard, said: “Businesses of all sizes face a constant and growing threat from cyber crime. As our research shows, many small businesses are failing take the necessary precautions, either because they don’t know how to protect themselves or, more worryingly, because they don’t think they need to. Cyber security is not a one-off investment that can then be forgotten about, especially as criminals are becoming increasingly sophisticated in the way they target businesses.”

Wednesday, 15 June 2016 00:00

What Does MAM-First Mean to You?

With more and more employees carrying smart devices, it’s natural for them to want to be able to use them for work. Bring-your-own-device (BYOD) programs and policies empower people to choose the best device to get their work done. Allowing employees to use their own mobile devices can also help businesses reduce hardware and service costs.

But corporate IT has a responsibility to protect corporate information wherever it resides. This includes employee-owned mobile devices.

The key is to find the right balance between corporate responsibility to keep enterprise data secure, and the employees’ expectations for a great user experience as well as the security and privacy of their own information.

...

https://www.citrix.com/blogs/2016/06/15/what-does-mam-first-mean-to-you/

Wednesday, 15 June 2016 00:00

How Much Water Do Apple Data Centers Use?

Apple will fund construction of a wastewater treatment facility in Prineville, Oregon, where its data center campus is the single biggest consumer of water, Oregon Live reported.

Data centers use enormous amounts of water to cool IT equipment they house, and reducing water use by data center cooling systems has been growing in importance. Numerous data center operators have been designing their cooling systems in a way that enables them to use recycled municipal water.

The issue of data center water usage gained more attention last year as a result of the drought in California, which is continuing despite a relatively wet winter season.

...

http://www.datacenterknowledge.com/archives/2016/06/15/how-much-water-do-apple-data-centers-use/

The Internet of Things (IoT) is no longer happening in a galaxy far, far away. It’s happening right here, right now. It may be in your pocket, on your wrist, in your clothes – heck, it might even be helping you drive your car.

In fact, IoT is moving so fast, we’re actually on the third wave , according to a panel of experts who weighed in on the topic during a recent episode of Internet of Things with Game-Changers, presented by SAP. However, a nagging question arises when it comes to this third IoT wave: What’s going to happen to all the data that’s being collected?

Coping with IoT reality

Gray Scott, futurist and founder/CEO of Seriouswonder.com believes questions remain around IoT data collection because technology is moving faster than we can cope with.

...

http://www.forbes.com/sites/sap/2016/06/15/internet-of-things-where-is-all-the-data-going/

Enterprises commonly use bots to reduce customer service costs and improve responsiveness to customer requests. Many of the bots in use lack any real intelligence, although the landscape is changing rapidly with the help of artificial intelligence (AI) and machine learning. Major industry players, including Amazon, Facebook, Google, and Microsoft, are all jumping on the bot bandwagon.

"You can now plug AI, machine learning, and technology resources into your bots without owning that part off the technology stack," said Felix Rios, technology and innovation manager of the market research unit at managed analytics solution provider Ugam Solutions, in an interview. "[Meanwhile], as a society, we are becoming more comfortable with the concept of talking to machines. We also increasingly favor chatting over calling someone. All in all, it seems like the perfect storm for [an] explosion of bots to happen."

So, what does the rise of the bots really mean for your business?

...

http://www.informationweek.com/big-data/software-platforms/the-rise-of-the-bots-11-ways-your-business-can-prepare/d/d-id/1325895

Wednesday, 15 June 2016 00:00

A Rush to Compliance: Patience is a Virtue

Compliance officers are, by definition, goal driven. They are high achievers and expect to succeed. So what. You may say – we all know that.

Compliance officers are not the most patient group of people. They want to see change, improvement and action. Patience is not in their blood, nor is it their middle name(s).

Unless a CCO is directed by the board or the CEO to improve a compliance program rapidly or the company is staring down the barrel of a government investigation, there are two important reasons for a CCO to move deliberately and with care.

...

http://blog.volkovlaw.com/2016/06/rush-compliance-patience-virtue/

COLUMBUS, OHIO — A funny thing happened when Chattanooga, Tenn., set out to create the fastest municipal broadband service in the country: Telecommunications firms got angry and sued the city. Four times.

That was many years ago, but cities in Ohio have found out more recently that when a government entity wants to set up a high-speed network, dealing with telecommunications firms is still a tricky business.

“Access rights and all that, those we can overcome because we have the right of way, we have permits, we can do all kinds of things,” recalled Moez Chaabouni, former deputy chief information officer for the city of Columbus, Ohio, at a roundtable discussion at the 2016 Intelligent Community Forum Summit on June 14. “Probably the biggest hurdle we faced was organizations like AT&T, Verizon, Sprint. And I only mention these guys because they’re great at what they do, but they were incredibly opposed to us putting up anything in the downtown area, or anywhere for that matter, that was going to compete with their business.”

...

http://www.govtech.com/network/3-Ways-Ohio-Cities-Overcame-the-Telecoms-to-Set-Up-Broadband-Networks.html

When buying or selling an MSP, varying circumstances may be involved.

Conditions may require that an MSP streamline its operations, liquidate assets due to a force majeure or transfer ownership due to some unforeseen occurrence. They may also signal that it’s time to expand into a new geography, seize a one-time opportunity or enter a new market adjacency.

Regardless of the underlying motivations, giving more value to your IT services’ entity or MSP business requires you to consider many different variables, including your accounting models or applications; tools or custom software; trademarks, patents, and/or other assets that increase the value of your company and thus make it more enticing to a prospective buyer, not to mention current clients.

Here are some things to consider:

...

http://mspmentor.net/guest-bloggers/what-you-should-know-about-buying-or-selling-managed-it-services-business

BATON ROUGE, La. — Community members, volunteers and all levels of government continue developing solutions to move recovery forward following the severe storms and floods that occurred March 8 through April 8.

The collaboration includes neighbors, friends and family helping one another, identifying places to mobilize volunteers, and providing resources so disaster survivors can move back home. Governments are also collaborating to make communities better, stronger and safer so they will have enhanced protection from future disasters.

Here are some of the ways survivors, communities, volunteers and all levels of government have pulled together to address recovery challenges in the 90 days since the March 13 presidential disaster declaration.

Nearly 40,000 survivors applied for help under the Individual Assistance (IA) program in the 36 eligible parishes during the 90 day registration period. The registration period has closed but help remains just a phone call away. By calling the FEMA helpline you can:    

  • Ask questions about FEMA determination letters.
  • Learn how to appeal FEMA’s determination. All applicants have the right to appeal.
  • Inquire about the status of a registration.
  • Provide change of address, telephone and bank account numbers and insurance information to avoid disaster assistance processing delays.
  • Receive information about FEMA home inspections.
  • Get other questions answered about federal disaster assistance.

Call the helpline at 800-621-3362 or TTY 800-462-7585. Those who use 711/VRS can call 800-621-3362. Lines are open 7 a.m. to 10 p.m. seven days a week until further notice. Llame a la línea de ayuda 800-621-3362 ó (TTY) 800-462-7585. Aquellos que usan 711 o el Servicio de Retransmisión de Video (VRS) pueden llamar al 800-621-3362. Las líneas telefónicas operan de 7:00 a.m. a 10:00 p.m. siete días a la semana hasta nuevo aviso.

To date, survivors have received nearly $380 million in federal disaster assistance through a variety of sources.

  • Approximately $69 million in grants has been approved for a place to stay for homeowners and renters whose residences were uninhabitable and to make essential repairs for homes to be safe, sanitary and secure.
  • About $19 million in grants has gone to homeowners and renters to repair and replace certain household items and for burial, medical and dental expenses.
  • Homeowners, renters and businesses have received more than $95 million in low-interest disaster loans from the U.S. Small Business Administration to repair, rebuild and replace damaged property and contents. Disaster loans cover losses not fully compensated by insurance or other sources.
  • National Flood Insurance Program policyholders have received approximately $196 million in claims to repair and rebuild flood-damaged property.

Moving back home marks significant recovery progress for survivors and their communities. Many survivors have successfully taken this step because of the volunteers from Louisiana and across the country who have donated their time and skills.

Voluntary, faith and community-based groups are coordinating with their local, state and federal recovery partners to identify survivors in need and ensure resources are there to help. This coordination has resulted in mucking out properties, making repairs and donating essential items like furniture and appliances so survivors can get back home.

If you want to donate your time and skills you can contact Volunteer Louisiana online at www.volunteerlouisiana.gov or email enauck@crt.la.gov and be put in touch with a voluntary group in need. Volunteer Louisiana is a state-run organization.

Local, parish and state government infrastructure and certain private nonprofit organizations in 37 parishes are progressing in their recovery with the help of FEMA’s Public Assistance (PA) program. So far the program has obligated approximately $2.3 million.

The program is relieving burdens on local governments and the state by reimbursing 75 percent of eligible costs to restore essential services like roads, bridges, utilities, schools and hospitals. Many services will be restored more resilient than they were before the disaster.

The program also assists with removing the debris that blemishes communities. Many repair and rebuilding projects have been able to start on properties of towns and parishes because disaster-related clutter has been cleared.

Disaster recovery officials have interacted with survivors in several different ways and many remain on the ground in Louisiana to assist with recovery.

  • Governor’s Office of Homeland Security and Emergency Preparedness (GOHSEP) and FEMA specialists have held 14 applicant briefings to provide a general overview of the Public Assistance program to local leaders.
  • State and federal Public Assistance specialists have held more than 250 kickoff meetings to discuss with parish representatives and certain nonprofits what projects may be available and to answer questions.
  • FEMA specialists have attended approximately 60 community organization events in Louisiana to discuss and answer questions about federal disaster assistance.
  • Nearly 21,000 survivors visited 44 disaster recovery centers (DRCs) where they met face to face with federal, state, local and volunteer representatives. The first centers opened less than a week after the presidential disaster declaration. The last ones closed June 10.
  • More than 35,000 FEMA housing inspections have been completed.
  • More than 70,000 survivors spoke with FEMA disaster survivor assistance specialists. These are FEMA staff who canvass affected communities to encourage survivors to register for help, provide recovery information and listen to their concerns and resulted in more than 4,000 field registrations for federal disaster assistance.
  • Free consultations on building hazard-resistant homes were given to nearly 7,000 survivors at DRCs and more than 5,000 at Louisiana home improvements stores.

A team of state and federal disaster recovery specialists are identifying additional funding sources and strategies to restore, redevelop, revitalize and better prepare affected communities. They are working with local and parish governments, community leaders and the private sector to overcome long-term recovery challenges by pooling resources, providing technical assistance and identifying recovery funding sources.

Recovery partners continue coordinating to get survivors back home, advance the recovery of affected communities and make Louisiana more resilient.

The relationship between small- and medium-sized businesses and cloud computing is deep and rich. We look into the details with Anurag Agrawal, the founder and CEO of Techaisle, who sees use cases that are growing and evolving. They are also different depending on whether the larger or smaller sector of the SMB category is being considered.

IT Business Edge: What does the emergence of the cloud mean for small- and medium-sized businesses?

Agrawal: For small and medium-sized businesses, cloud is both an IT priority and an IT reality. In fact, it has become not only the essential IT infrastructure but also the essential business infrastructure as it addresses real-world issues. Techaisle’s survey of 848 SMBs [small- and medium-sized businesses] in the United States not only found a strong link between cloud and IT – it also found a strong link between cloud, IT and business success.

...

http://www.itbusinessedge.com/interviews/whats-driving-the-deep-and-growing-cloudsmb-relationship.html

We spend hours developing plans and strategies – preparing for possible emergency events that we hope will never happen. Many of our colleagues, and let’s be honest, even some of our management team, believe this planning is of little value. They feel that we only need the documentation to “check the box” for an audit. The implied desire is to get it done as quickly and with as little use of resources as possible. We may fall into the trap of being influenced by those feelings, generating what seems like good documentation that, when looking deeper and more objectively, is really just a lot of words that may not be usable.

For this week’s blog, the functional item we are considering is communication. We all know that during an emergency event communication will be critical, and we understand the basic groups and type of information we must communicate. Though the items below may seem obvious, many do not take the time to ensure that the appropriate planning is in place – it is assumed that everything will work when needed.

...

http://www.mha-it.com/2016/06/think-can-communicate-event/

Big Data implementations are invariably built around Hadoop, Apache Spark and other open source solutions. And since these constructs must integrate into the broader enterprise data ecosystem at some point, is it possible that open source will come to rule the data center as a matter of course?

The idea might not be as outlandish as it sounds. As business models across multiple industries come to rely on the insights gleaned from predictive analytics and broadly federated data infrastructure, proprietary systems may emerge as more a help than a hindrance. And while open systems tend to require quite a bit of in-house knowledge for both provisioning and management functions, many of these tasks are likely to be automated in the coming decade, providing for more user- and enterprise-friendly environments.

...

http://www.itbusinessedge.com/blogs/infrastructure/will-open-big-data-platforms-lead-to-an-open-enterprise.html

CyrusOne has acquired a big parcel of land in Northern Virginia, the biggest and most coveted data center market in the US, the company announced Tuesday. The parcel gives the data center provider room to expand in a key region where it is currently at capacity.

The Northern Virginia data center market is continuing to snowball. It is a high-demand data center location because of the big cluster of data centers and network infrastructure that are already there.

Companies that have data centers there want to continue expanding there, and ones that don’t want to access the rich ecosystem that’s grown in Northern Virginia over the years.

...

http://www.datacenterknowledge.com/archives/2016/06/14/cyrusone-buys-land-for-third-northern-virginia-data-center/

It’s 2016, yet IT experts are still challenged with how to effectively and efficiently cool their data center. The cooling process accounts for 40 percent of all power consumed by data centers, so this question is a top priority for operators. Ensuring optimal cooling in a data center not only lowers operational expenditure, but it reduces the strain on equipment cooling mechanisms, extending the lifespan of the hardware; and freeing up power for IT equipment, increasing equipment uptime. The decision to invest in cooling infrastructure is easy, however, choosing the method with which you regulate temperature within the data center can be more challenging.

Cooling and efficiency strategies are constantly evolving, with companies like Microsoft going so far as to drop a self-contained data center into the ocean. However, you do not need to plunge your equipment into the sea or move to the Arctic to keep yours cool. Hot-aisle containment (HAC) and cold-aisle containment (CAC) are the primary methods used by leading businesses to reduce energy and optimize equipment performance within the data center. This proven and highly effective methodology of cooling has emerged as a new best practice within the industry.

...

http://www.datacenterknowledge.com/archives/2016/06/14/impact-of-cooling-and-efficiency-in-modern-data-center-design/

Wednesday, 15 June 2016 00:00

Risk Landscape: Coverage Trends to Watch

Being aware of your company’s new and changing risks is critical for sound risk management. As the year progresses, we have identified growing risks facing companies, and their directors and officers, that are likely to impact policyholders. These risks include cybersecurity, Telephone Consumer Protection Act (TCPA) lawsuits, drones, wage and hour lawsuits and food recalls. The risks and issues to watch out for are expanded below:

Cybersecurity

Cyberattacks against businesses doubled in 2015 and are expected to continue to increase as attackers become even more sophisticated. Watch out for:

Phishing scams and social engineering fraud. In social engineering scams, hackers utilize phishing, purporting to be legitimate employees or third parties try to trick businesses into wiring funds or allow access to their systems. Although many businesses have crime insurance that covers “computer systems fraud,” ambiguous provisions or liability limits may restrict coverage. Some courts have held that fraud coverage applies only when intrusions are unauthorized, but not when an unwitting employee falls prey to an online scam.

Data breaches. Companies should also be conscious about their coverage for data breaches, which increasingly present significant exposures. Insurers often contest whether data breaches constitute “publication” of private information, and, if so, whether an insurer’s duty to defend applies. This is particularly important as the storage of consumer data is a lynchpin of many businesses’ operations and marketing.
Businesses need to ensure that their commercial insurance policies adequately cover their business risks and consider purchasing dedicated cyber policies.

...

http://www.riskmanagementmonitor.com/risk-landscape-coverage-trends-to-watch/

CSR is something that companies today are taking more and more seriously. It is no longer just a way to get better press from journalists, it is a fully fledged strategy to effectively run a company, creating a sustainable and pleasant environment for both employees and customers.

Traditionally we have seen that this has revolved around charity work, sustainable business practices, environmental efforts, and supply chain management. However, in recent years, it has become a question of transparency. Essentially, if we can't see what a company is doing, it cannot be trusted. Data has had a big impact on this, allowing people to see how a company is operating without bias.

However, it is not only in the use of data to show good CSR, but increasingly their use of data is part of good CSR.

...

https://channels.theinnovationenterprise.com/articles/data-security-is-modern-business-sustainability

Tuesday, 14 June 2016 00:00

How to Architect a Data Lake

“How do you architect a lake?”

If the question sounds like the opening line of a joke, the answer would clearly come as: “You don’t. You can only discover one.”

Whether it is data warehouses or marts, data lakes, or reservoirs, the IT industry has a penchant for metaphor. The subliminal images conjured in the human mind by the above terms are, in my opinion, of critical importance in guiding thinking about the fundamental meanings and architectures of these constructs. Thus, a data warehouse is a large, cavernous, but well-organized location for gathering and storing data prior to its final use and a place where consumers are less than welcome for fear of being knocked down by a forklift truck. A data mart, on the other hand, creates an image of something between your friendly corner store and Walmart.

...

http://blog.cutter.com/2016/06/14/how-to-architect-a-data-lake/

Five Pitfalls of DirectAccess You Can Fix With NetScaler

DirectAccess is a feature of Windows that allows a PC to automatically connect to the corporate network whenever it detects an Internet connection. It’s been around for years, but has recently gained increased attention from organisations deploying Surface™ Pro or other Windows 10 hybrid devices.

DirectAccess is “free” … assuming your Microsoft licence agreement permits unlimited deployment of  Windows servers, and the cost of underlying server infrastructure or ongoing management and security of server instances hits someone else’s budget. This makes it very easy for server administrators to stand up a DirectAccess pilot during a Windows 10 or Surface™ Pro rollout without the constraints of seeking budget approval and similar formalities.

...

https://www.citrix.com/blogs/2016/06/14/no-such-thing-as-free-remote-access/

Tuesday, 14 June 2016 00:00

A Lean Approach to Business Continuity

Often, techniques that are invented in one domain can be of use in another one too. If you’ve spent your working in life so far in business continuity, you may not have seen much of the lean approach that is frequently used in manufacturing.

The lean approach in general is one of continuous improvement with the aim of eliminating activities that add no value.

Over time, other sectors such as IT, banking and insurance have also started to adopt lean approaches. Here’s a glimpse of what “lean” might do to help business continuity.

Taking a lead from manufacturing, lean models define a number of different types of waste. In the examples below, parallels can be made with business continuity planning and management.

...

http://www.opscentre.com/lean-approach-business-continuity/

Tuesday, 14 June 2016 00:00

How does RAID storage work: RAID levels

In our last article we explained the basic idea of RAID, as well as the most commonly used terms when talking about this type of storage. In this second part, we’ll take a look at what RAID levels are and explore how some of the traditional level configurations work. We’ll also find out what challenges RAID storage can bring if data recovery services are required. Let’s take a look!

RAID storage levels

First, let’s delve into the three key concepts in RAID: mirroring, the copying of data to more than one disk; striping, the splitting of data across more than one disk; and error correction, where redundant data is stored to allow problems to be detected and possibly fixed (known as fault tolerance). Different RAID setups use one or more of these techniques, depending on the system requirements.

...

http://blog.krollontrack.co.uk/making-data-simple/raid-storage-work-raid-levels/

Cloud software solutions permeate all aspects of your customer accounts, from where they store information to how they communicate, purchase supplies and manage their sales efforts. IT Service Management (ITSM) is no exception. Analysts predict that cloud service management will grow at an impressive 27.8% rate over the next five years. So, what is driving this shift to cloud ITSM, and, more importantly, is it time for you to consider heading into the cloud to deliver your ITSM services? 

The massive growth of cloud service management is being driven by today’s mid-market CIOs, who continue to place the transition to cloud solutions as their No. 1 priority. These CIOs see the potential to reduce costs, simplify implementation projects and maximize IT productivity by leveraging cloud solutions, and cloud ITSM is no exception.

Here are the top 3 reasons why you should offer ITSM from the cloud:

...

http://mspmentor.net/blog/top-3-reasons-why-you-should-offer-it-service-management-itsm-cloud

If we agree on the fact that a major IT issue is a business issue, then every minute in which a computer application is unavailable hurts the business; loss of revenue, drop of employee productivity, patient safety at risk, brand damage or just a big mess.

Companies have done a good job over the past years at automating issue detection with APM and NPM tools, and at automating ticket creation with ITSM solutions listed above.

...

http://www.everbridge.com/dont-let-an-it-issue-become-a-customer-experience-issue/

You’ve probably heard the old saw that goes, “There’s an easy way to do something, and there’s a hard way.”

When it comes to energy consumption in the data center, the saying is technically correct, although there is a caveat: The hard way is not necessarily wrong and the easy way is not necessarily the lazy way out. Instead, there is room for both major overhauls to data infrastructure, like CDIM and converged systems, and small moves, like turning out the lights and raising the thermostat.

In fact, says Energy Manager Today’s Carl Weinschenk (also an IT Business Edge contributor), even the easy way can add up considerably over time. One of the newest trends making the rounds is to paint data equipment white, which, according to DAMAC’s Dave Johnson, requires less lighting to make units visible to IT techs and, consequently, less heat from those light sources. As well, creating as little as an inch-and-a-half of space behind devices in the rack can vastly improve air-flow and simplify cabling.

...

http://www.itbusinessedge.com/blogs/infrastructure/the-easy-way-toward-data-center-efficiency.html

How often do you find a user who has a session freeze because a process is consuming too much CPU power, and there is no way to troubleshoot the problem easily? If only you could review CPU usage trends from the last month, you could plan better for the new delivery groups that you’re provisioning.

With the latest release of Citrix Director as part of Citrix Cloud you can get insight into the CPU and memory usage on your apps and desktops, enabling you to better prepare for CPU and memory consumption.

...

https://www.citrix.com/blogs/2016/06/13/citrix-director-cpu-memory-usage-and-process-information/

Tuesday, 14 June 2016 00:00

Crisis Management Team Mobilization

For business continuity, the Crisis Management Team (CMT) is charged with the responsibility of managing responses to disruptive events. The CMT includes senior management (with the authority to manage active crisis events) and is responsible for:

  • Gathering facts and analyzing conditions regarding a crisis
  • Making decisions during a crisis
  • Allocating internal resources
  • Obtaining needed external resources

For a CMT to be effective, members must be able to 1) assemble rapidly (possibly virtually) when a crisis event is identified and 2) communicate in real time to make decisions regarding proper response initiatives.

...

http://blog.sendwordnow.com/crisis-management-team-mobilization

Tuesday, 14 June 2016 00:00

How Do You Identify Your Key Risks?

I was at New York University last week for an International Center for Enterprise Preparedness (InterCEP) forum on urgent threats, which included roughly 75 participants from government, the corporate sector, and a small number of us from academia as well.  Following several presentations that set the stage, our host orchestrated a “lightening round” in which each of us introduced ourselves and identified key risks we were working on.  By the time it was my turn there had been at least thirty speakers who identified risks that we would all put at the top of our lists, and the challenge for the rest of us was to keep on identifying critical risks without simply repeating risks identified by previous speakers.  As we went around the room, I drafted several versions of my top risks, which looked something like this:

  • cyber –emerging threats and actual breaches
  • weather/climate change –impacts on economic recovery & critical infrastructure
  • income disparity –the cause and effect of many other threats
  • disenfranchised populations
  • domestic  terrorism—from militia groups to home grown Islamic terrorists
  • infectious disease – not just Zika or Ebola, but highly resistant new strains of viruses
  • quality of political discourse –it has never been lower or so factionalized
  • technology and law enforcement—from militarization of police, to surveillance via dashboard and body cameras

In the end, I didn’t use any parts of the list in the lightning round, but ended up characterizing the top risks I was working on under the broad category of conduct risk and culture.

...

http://anniesearle.createsend.com/t/ViewEmailArchive/r/B29BD44AB5CCA0212540EF23F30FEDED/6F21BA1D1D483682/

Business Continuity Awareness Week 2016 is now over and the BCI would love to hear your feedback so it can improve on its current services, and help inform the planning process for BCAW2017. If you haven't already then please take the short survey which can be found here: https://www.surveymonkey.co.uk/r/bcaw2016

One of the paradoxes of storage management is that while the sheer volume of data that needs to be managed continues to grow, utilization rates of traditional magnetic storage systems have never been that high. One of the reasons for this is that virtual machines lay claim to a lot of storage space they are actually not using.

Formation Data Systems has added a Virtual Storage Recapture (VSR) capability to its FormationOne Dynamic Storage Platform that enables IT organizations to identify and redeploy storage stranded in a virtual server or hyperconverged system.

Formation Data Systems CEO Mark Lewis says FormationOne is a software-defined storage offering that can be used to make storage appear as a file, block or object system. The result, says Lewis, is a more efficient use of storage in a world where existing legacy and modern applications often need to access the same data.

...

http://www.itbusinessedge.com/blogs/it-unmasked/formation-data-systems-recaptures-stranded-virtual-storage.html

A mobile-ready campus promotes innovative and flexible learning—and provides a competitive advantage. Students are increasingly using mobile technology during the college search process. Once enrolled, today’s college students don’t just request access to campus services on their mobile devices — they demand it.

In the K-12 arena, a study found that more than half of parents believe schools should make more use of mobile devices in education. And according to EdTech, “[mobile] technology allows educators to move away from traditional lectures and focus more on individualized and project-based learning through the use of cloud applications (Google Apps for Education, for example) and online content.”

...

https://www.citrix.com/blogs/2016/06/13/with-citrix-services-becoming-a-mobile-ready-campus-is-as-easy-as-abc/

The enterprise seems pretty set on the hybrid cloud as the preferred architecture for scale-out virtual infrastructure.

This is not a slam dunk, however, because while hybrids do provide high degrees of flexibility and control over the data environment, they also introduce greater complexity and thornier integration challenges than all-public and all-private solutions. But since we are talking about software-defined infrastructure, the hope is that sophisticated operating systems and middleware solutions will mask much of this complexity, leaving the enterprise free to engage in higher-level efforts to enhance the value of data.

So far, so good. But the next step is determining what kind of management system is appropriate for the enterprise business model. What sorts of tools are needed? Where should it reside? Should it be proprietary or open source? And how can any one system be expected to corral not only the multitude of vendor solutions in the legacy data center, but everything in the cloud as well?

...

http://www.itbusinessedge.com/blogs/infrastructure/options-abound-for-the-hybrid-cloud-management-stack.html

(TNS) - Friday’s 5.2 magnitude earthquake that hit the desert southeast of Los Angeles, Calif., was centered along the San Jacinto fault, which is one of the region’s most active and potentially dangerous fault lines.

The fault runs through populated areas including San Bernardino, Colton, Moreno Valley, Redlands, Loma Linda, Hemet and San Jacinto, as well as near Riverside, Rialto and Fontana. The epicenter of Friday’s quake was in a more isolated area near Borrego Springs.

Experts have been warning for some time that the San Jacinto fault – while less well known than the San Andreas – poses a major threat to the region.

...

http://www.emergencymgmt.com/disaster/52-earthquake-in-SoCal-shows-danger-of-deadly-but-little-known-San-Jacinto-fault.html

(TNS) - The first students to race up the stairs at Ocosta Elementary School’s new gym and tsunami refuge were so excited, it took teachers a while to corral them into orderly lines on the rooftop.

“It’s really cool to finally see kids up here,” Paula Akerlund said, as the third-graders jostled and joked and tried to peer over the tall parapet on a sunny spring afternoon.

Akerlund is superintendent of the Ocosta School District, headquartered near Westport in Washington state a scant half-mile from the Pacific Ocean. On Saturday, she will preside over a dedication ceremony for what — on the outside — looks pretty much like any modern school complex.

...

http://www.emergencymgmt.com/disaster/It-will-happen-here-Washington-Coast-school-builds-nations-first-tsunami-refuge.html

In today’s corporate structure, many workers telecommute full time, or at least have the ability do so in certain circumstances. Most of our customers use “Work from Home” (WFH) as a recovery strategy for their loss scenarios. In a lot of cases, this can be a great approach, but it should never be your ONLY strategy. In many instances, there are simply too many variables to have WFH be a reliable plan on its own.

Consider the following examples:

...

http://www.bcinthecloud.com/2016/06/when-is-work-from-home-a-valid-strategy/

At least $7 billion—that’s how much global disasters and severe weather are expected to cost insurers and reinsurers in May.

Aon Benfield’s latest Global Catastrophe Recap Report notes that the Fort McMurray wildfire in Alberta, Canada, will become the costliest disaster in the country’s history.

Insured losses—including physical damage and business interruption—are expected to be in excess of $3.1 billion, while total economic losses will be well into the billions of dollars.

...

http://www.iii.org/insuranceindustryblog/?p=4482

Friday, 10 June 2016 00:00

How does RAID storage work: key terms

Redundant Array of Independent (originally Inexpensive) Disks (RAID) is a term used for computer data storage systems that spread and/or replicate data across multiple drives. RAID technology has revolutionised enterprise data storage and was designed with two key goals: to increased data reliability and increased I/O (input/output) performance.

Unfortunately though, RAID storage isn’t a perfect technology and as a result data loss can still occur when using these systems. In this post we’ll explore how RAID levels work and how data can be stored (and lost!) with this type of storage.

...

http://blog.krollontrack.co.uk/pieces-of-interest/how-does-raid-storage-work-key-terms/

The IT security market is very crowded. Along with death and taxes, this is a truth we can pin down irrefutably. London has just played host to its annual InfoSec event and the Olympia conference centre was crammed with over a hundred firms all claiming to offer ‘a new approach to threat intelligence’ and so on. As repetitively deflating as some of these claims are, a few trends are emerging.

Every year there’s a new IT security theme. We’ve had Cyberecrime-as-a-Service, we’ve had ransomware and we’ve had Advanced Persistent Threats (APTs)… this year it’s watching the attack surface and seeing malicious payloads being delivered by cybercriminals to analyse the crime and improve security – we could call it ‘live-hack-attack-analysis’, or something like that.

On the other side of Europe, Helsinki Finland headquartered F-Secure (whose cheif reseach officer Mikko Hyppönen also presented at InfoSec) is reflecting this trend for live reactive analysis. The firm’s technology proposition combines decoy sensors, threat intelligence and a 24/7 monitoring team to produce what it claims to be a more holistic approach to security. Hmm, it still doesn’t sound markedly differentiated from any other vendor does it?

...

http://www.forbes.com/sites/adrianbridgwater/2016/06/10/finlands-f-secure-lays-code-honeypots-to-catch-cybercriminals/

Cogeco Peer1’s data center in Atlanta experienced a partial power outage Thursday afternoon, affecting some of the customers in the facility.

The data center outage started around 1:30 pm local time, company spokesperson, Shawna Gee, said. The company posted regular updates on its Twitter feed during the outage, and in a tweet around 6:30 pm Eastern reported that full power had been restored to the facility.

“There was a disruption in power to the facility,” Gee said. “It was partially affecting certain areas of the facility.”

...

http://www.datacenterknowledge.com/archives/2016/06/09/cogeco-recovers-from-atlanta-data-center-outage/

3 Responsibilities of a Communications Team

Regina Phelps recently joined forces with Everbridge and recorded a webinar that explores in-depth strategies for improving your disaster and crisis management. Previously in part 2 of this five part series, Regina discussed the basics of crisis communication and how to establish and organize a communications team. If you missed part 2, you can access it here.

In this installment of the series, Regina discusses the 3 main responsibilities of a communications team.

...

http://www.everbridge.com/improving-disaster-and-crisis-management-with-timely-communication-and-response-3/

In the first segment of our four-part blog on workplace violence, we detailed the financial cost to Virginia Tech following the campus massacre which killed 32 people and wounded 17 others in 2007. What we didn’t mention? The determination by a state panel following the shooting that had an alert been issued earlier or classes canceled following the first two shootings, the death toll might have been contained. Not only that, but the messages the school did send failed to convey the full extent of the situation as it unfolded, according to the report.

The takeaway for organizations facing the reality that an act of violence might occur within their workplaces? Communication counts. It’s fitting, therefore, that in this blog we’re focusing on the vital role communication plays as part of an emergency action plan.

...

http://blog.sendwordnow.com/workplace-violence-making-communication-count-during-a-crisis

Outsourcing is by no means a new idea, but outsourced database and application management have become more prominent in almost every type of industry. For the most part, that has to do with how today’s technology has broadened the possibilities and capabilities of remote management, making it much more flexible.

Executives still debate whether there are any tangible benefits to having a remote team handle certain responsibilities or tasks for a business. But the reality is that if you find the right people and identify the right areas to outsource, hiring a remote team will positively impact your bottom line. Outsourcing managed services can help reduce costs, tap into top quality talent, provide efficiency and flexibility, and most importantly, lets you and your team focus on what really matters in your business—the core tasks that drive meaningful growth.

1. Letting internal teams focus on core projects. The key to getting the most out of outsourced remote management is through finding the best balance of services across support areas, whether the need is for remote application management, database administration, or specialized functional support. Having a dedicated and reliable team will allow you to free internal resources to focus on more important projects.

...

http://www.datacenterknowledge.com/archives/2016/06/09/why-outsource-application-and-database-management/

Overprovisioning, viewed in data center design and management as something between a best practice and a necessary evil, has been built into the industry’s collective psyche because of its core mission to maintain uptime, at all costs. If a data center team spends more than it really has to, it needs to improve efficiency, but if a data center goes down, somebody’s failed to do their job.

Data center managers and designers overprovision everything from servers to facility power and cooling capacity. More often than not, they do it just in case demand unexpectedly spikes beyond the capacity they expect they will need most of the time. The practice of overprovisioning is common because few data center operators have made it a priority to measure and analyze actual demand over time. Without reliable historical usage data, overprovisioning is the only way to ensure you don’t get caught off-guard.

...

http://www.datacenterknowledge.com/archives/2016/06/09/how-server-power-supplies-are-wasting-your-money/

(TNS) — More than 100 Martin County, Fla., employees and volunteers gathered Tuesday at Dr. David L. Anderson Middle School as "Hurricane Lucas" struck the Martin County area as part of a hurricane simulation exercise.

"No beds, what do you mean no beds?" shouted Malecia Matheny, 56, who played "Lois." "I'm 82. I ain't got time for that."

She sat in a wheelchair as people with neon vests, clipboards and tags that read "actor" or "player" buzzed around her.

In Anderson Middle School, the only special needs shelter in Martin County, cots were laid out in classrooms and the gym for people who needed help with medication, oxygen and other medical issues.

...

http://www.emergencymgmt.com/training/Hurricane-Exercise-Martin-County-Fla-Special-Needs-Shelter.html

(TNS) — If a massive, 9.0-magnitude quake hit Whatcom County today, emergency responders might not be able to communicate effectively.

That’s what officials said they learned after a two-day exercise that simulated such a disaster.

Differing radio systems and frequencies meant that while the county sheriff’s office and, say, fire departments, can talk to each other, they can’t talk with the Department of Homeland Security or other agencies that use a more secure radio system.

“Obviously we need to have the hardware to be able to contact back and forth, but then along with that we also need ... the policies and procedures so that there’s more of a push of information from the (Whatcom Unified Emergency Coordination Center) out to those of us that need it so that we can answer questions on behalf of the community when we’re asked,” County Executive Jack Louws said Wednesday, June 9, during a media briefing on the results.

...

http://www.emergencymgmt.com/training/What-Whatcom-County-Wash-Needs-Fix-Before-Big-One.html

(TNS) — A Cascadia megaquake will devastate ports across the Northwest at a time when the region is in desperate need of supply shipments.

Delivering cargo under difficult conditions is something the military knows how to do.

So that expertise is being tested this week, as Navy, Army, Marine and Coast Guard units from across the country participate in the biggest disaster drill in Northwest history.

The Cascadia Rising exercise is meant to simulate response to a monster earthquake and tsunami. With roads and airports heavily damaged, one of the best ways to deliver food, heavy equipment and other gear will be by water, Capt. Greg Vinci, of the U.S. Naval Construction Force, or Seabees, said Wednesday during a tour of several operations.

...

http://www.emergencymgmt.com/training/If-Megaquake-Destroys-Docks-Navy-Can-Build-its-Own.html

While most consumers are coming to consider hacking normal, they are definitely far from letting businesses off the hook for their failures to guard against cyberthreats. According to a new study from enterprise security firm Centrify, about three quarters of adults say it is probably or definitely normal and expected for businesses and large organizations to be hacked, and 66% of adults in the U.S. are at least somewhat likely to stop doing business with a company that has suffered a cyberbreach – a figure that rises to 75% in the U.K.

Consumers also firmly believe that the burden of responsibility for guarding against cyberrisk falls squarely on businesses. On a 10-point scale, two thirds of respondents rated corporations as a nine or 10 in terms of how responsible they should be for preventing hacks and securing customers’ personal information. When companies are hacked, they consequently also bear the burden of being fully accountable to their customers, and many are failing, further compounding the odds of concrete consequences from clients. In the U.S., 41% said that corporations do not take enough responsibility when they are hacked, a sentiment shared by 50% of U.K. respondents.

The study found that 21% of U.S. consumers say they are “very likely” to stop doing business with a company that has been hacked. Those most likely to do so include those who have had their personal information compromised in a hack, those who are tech savvy, and those who are frequent online shoppers.

...

http://www.riskmanagementmonitor.com/customers-accept-hacking-risks-but-hold-businesses-fully-accountable-for-cyber-risk/

Safety first is a motto that everyone has heard, but life today is so hectic that making a plan to stay safe during an emergency often slips to the bottom of the priority list. It shouldn’t. Having an emergency preparedness plan in place for your business or property is invaluable. It can mitigate property damage and help your employees or tenants remain safe in a bad situation. The Red Cross, your insurance company, and local fire and police departments can all provide advice on assembling an effective emergency preparedness plan, but here are a few tips to get you started.

Prepare Your Property

Knowledge truly is power. Whether the emergency is a natural disaster or a man-made catastrophe, much of preparing your property involves making sure that people have the information they need to stay safe. This includes making sure that you or your representative knows what to do in the event of an emergency and that you have signage in place to direct others to safety. To prepare your property for an emergency:

...

http://nationaldisasterrecovery.org/just-in-case-emergency-preparedness-planning-for-business-owners-and-property-managers/

The company has a vision of making its Messenger app the default communication mode for businesses, whether with other businesses or with customers.

Because of the current popularity of Messenger with consumers and therefore customers of many enterprises, Facebook (or its CEO Mark Zuckerberg at least) thinks enterprises themselves will move to Messenger, to avoid losing their customers.

However, while Messenger scores high in the popularity stakes, the story on security and business continuity is rather different.

In particular, the Electronic Frontier Foundation (EFF) gave Messenger a score of just 2 out of a possible 7 for security.

...

http://www.opscentre.com/facebook-rules-world-business-continuity/

Careful preparation and planning will help make implementing an emergency notification system go smoothly. After you’ve partnered with AlertMedia, these are the steps you can expect to take with your dedicated Customer Success Representative.

5-Step Checklist for Smooth Implementation

 1. Set Up Your Account Preferences & Configure Company Settings

What You Will Need: An idea of how you plan to use the system—whether it’s primarily for emergency notification (severe weather, office closures, IT outages), operational needs, or other business communications like company announcements.

Overview: Experiences within your emergency notification system can be customized to accommodate your organization’s audience and administration.

With your Customer Success Manager, in your initial onboard session, you’ll walk through and set up all of your company settings, including custom registration processes, notification layouts, templates, and more. Together, you can set up your profile and define your personal admin preferences.

...

https://www.alertmedia.com/the-essential-emergency-notification-system-checklist-5-steps-to-implementation-success/

Big customers frustrated with the complexity and difficulty of securing their enterprise technology systems are turning to Managed Security Service Providers (MSSPs) in increasing numbers, a new study reveals.

The study of 101 customers with more than 500 employees, “Rethink Your Security Strategy,” was completed on behalf of Masergy Communications by Forrester in May. Results were made public this week during a webinar. The companies polled represent organizations from a variety of industries including financial services, manufacturing, technology and retail.

While half of survey respondents said they already engage an MSSP in some fashion, 28 percent said they are planning on doing so in the next 12 months. For comparison, two-thirds of those with ties to an MSSP say they have been engaged with an outside provider for less than 18 months. Thirty percent, meanwhile, say they have been engaged for only 6-12 months while 8 percent have been working with an MSSPs less than six months.

...

http://mspmentor.net/managed-security-services/enterprise-customers-turning-droves-managed-security-service-providers-mss

Thursday, 09 June 2016 00:00

The Future of NAS Data Storage

Some might tell you that NAS could be going away soon. But don’t believe a word of it.

According to International Data Corp. (IDC), file-based data storage continues to be a thriving market. Spending on file-based storage solutions is expected to increase to more than $34.6 billion in 2016. Further, file based storage accounts for two thirds of the total storage capacity shipped each year.

“NAS appliances and NAS software will stick around despite the hype,” said Greg Schulz, an analyst with StorageIO Group. “NAS in its various implementations will continue to thrive, despite being declared dead by the converged, hyperconverged and object crowds, as it is an enabler for those technologies to plug into existing environments.”

...

http://www.enterprisestorageforum.com/storage-hardware/the-future-of-nas-data-storage.html

Back in the early 1980s, every household had to have a personal computer – or so we were told. It could balance your checkbook, help the kids with their homework, organize your shopping list, and on and on.

And a few months after making this expensive purchase, many heads of those households looked on in dismay as it sat in the corner of the living room collecting dust.

In many ways, the enterprise is experiencing this same pattern in the cloud. By now, most organizations have bought into the premise that the cloud is cheaper, more flexible and easier to use than legacy infrastructure, but many are starting to realize that, like the PC, the cloud is only valuable if it is used correctly, and for the right reasons.

...

http://www.itbusinessedge.com/blogs/infrastructure/an-optimal-cloud-comes-down-to-workload-management.html

Hosting workstations in the data center — it’s a topic that deserves a second look. The mobile era is upon us, and with everyone demanding access to resources on the go, how do you mobilize graphically demanding applications in the data center for users that usually have workstations below their desks? While popular wisdom says that hosting graphics-rich applications is hard, thanks to recent advancements in workstation and hypervisor technology the answer may be easier than you think.

In today’s atmosphere of data consolidation and security, it’s important to know that you can store your corporate data in your corporate data center, and still provide users with the access and performance they need. What’s the best option for your organization? Here are a few approaches to consider:

...

http://www.datacenterknowledge.com/archives/2016/06/08/hosting-graphics-rich-apps-in-the-data-center/

When it comes to cloud security, should you go public or private?

Proponents of each have no trouble marshaling evidence to support their competing claims. But don’t expect this choice to be an easy one. This the equivalent of a bar stool debate that only gets louder as the night gets longer--with no firm answer either way.

It’s a key question that deserves careful consideration. Unfortunately, it’s more likely than not to lead in circles as there are strong cases to be made for both approaches. Here’s where managed services providers can help their clients understand the issue more broadly, steering it toward a strategic conversation that factors in the company’s budgetary resources as well as its own in-house capabilities. Some of the issues to consider include the following:

...

http://mspmentor.net/cloud-services/private-vs-public-cloud-what-s-more-secure

Thursday, 09 June 2016 00:00

“New” Citrix Best Practices 2.0

It’s been a couple years since I published the first “New Citrix Best Practices” article, so I wanted to publish another article for a couple reasons.

The first is pretty obvious in that things change quickly in this industry – what we considered leading practices last year might not be anymore. Even I look back at that article from 2014 and laugh a bit at some of the stuff I wrote.

The second reason is that “Article 1.0” was one of the most popular pieces I’ve ever written, so the content must have resonated or proved valuable to some folks out there. And it was also one of the most commented articles on Citrix Community/Blogs with 93 total comments and counting. So, I feel like it’s a great time to refresh the list and continue to challenge some of our bad habits and old ways of thinking.

...

https://www.citrix.com/blogs/2016/06/08/new-citrix-best-practices-2/

(TNS) - After nearly two years of construction and nearly $8 million in project costs, the Madison County, Ky., EOC has brought several emergency agencies under one roof.

The EOC, which became operational in February, is home to The Madison County Emergency Management Agency (EMA)/ Chemical Stockpile Emergency Preparedness Program (CSEPP), the Madison County Fire Department and Madison County Enhanced 911.

“Being able to effectively and efficiently direct citizens in the event of an emergency is critical,” said County Judge/Executive Reagan Taylor in a release. “Having the Blue Grass Army Depot and the demilitarization taking place directly in our county requires we have a facility that enables all partners who participate in emergency situations to be housed in one location. This provides the best results in crisis situations.”

According to the release, funds for the renovations, which began in 2014, were paid through the U.S. Army and the FEMA.

...

http://www.emergencymgmt.com/disaster/Emergency-Operations-Center-up-and-running.html

(TNS) - A nationally spurred catastrophic event training hits the Lewiston-Clarkston Valley this week to test the mettle of area emergency responders and culminates around noon Friday following a simulated emergency at the Lewiston-Nez Perce County Regional Airport.

The training is part of a national emergency program called "Cascadia Rising." Its premise is that a tsunami decimates coastal communities in Oregon and Washington and causes refugees to flood into Idaho. Regional responders will begin the exercise Thursday in Lewiston in order to test the region's communication and emergency medical response.

The scenario, said Katy Dudley with St. Joseph Regional Medical Center, manager of the North Central Healthcare Coalition, is a sea of destruction along the Northwest coast that results in throngs of evacuees fleeing inland to safety.

...

http://www.emergencymgmt.com/disaster/Doomsday-drill-includes-local-agencies.html

As the volume of data companies generate and need to keep balloons, the top cloud providers have come up with a type of cloud service that may replace at least some portion of the market for traditional backup products and services. Cold storage delivered as a cloud service is changing the way organizations store and deliver vast amounts of information. The big question is whether cold storage can provide for better backup economics.

Amazon Web Services, Google Cloud Platform, and since April also Microsoft Azure now offer cloud cold storage services. Each has a different approach, so how do they stack up against each other?

...

http://www.datacenterknowledge.com/archives/2016/06/08/cold-storage-in-the-cloud-comparing-aws-google-microsoft/

Continuity Central interviews Capital Continuity managing director Lee Exall, who gives his views on disaster recovery as a service, how it is a much more versatile tool than often appreciated, and how it is likely to develop.

Introduction

DRaaS – or disaster recovery as a service to give it its full name – has become very fashionable. In a nutshell, DRaaS is the ability to utilise cloud computing based recovery services from a third party, normally on a subscription-based basis. With the acceptance by the vast majority of organizations that cloud computing is a mainstream technology bringing more benefits than difficulties, so DRaaS has grown in popularity alongside.  Barely a week seems to go by without a new DRaaS service being launched, either by a technology provider itself or by one of a multitude of resellers; and Gartner predicts that ‘by 2018, the number of organizations using disaster recovery as a service will exceed the number of organizations using traditional, syndicated recovery services,’ (1).

As well as growing alongside its enabling cloud computing technology, DRaaS has also grown because of the pressure on organizations to steadily decrease the time that it takes for data and services to be available following an outage. The days of four-hour recovery time objectives being acceptable are gone, driven by rapidly diminishing customer tolerance of downtime. DRaaS reduces recovery times to minutes, something far beyond the capabilities of traditional disaster recovery.

Initially the perceived wisdom was that DRaaS was mainly a service for small organizations but, as the market has developed, this perception has changed, with mature enterprise-class DRaaS solutions successfully in place around the world.

...

http://www.continuitycentral.com/index.php/news/technology/1171-there-s-more-to-draas-than-disaster-recovery

Wednesday, 08 June 2016 00:00

Is your DR/BC Implementation Functional?

I have been thinking quite a bit about things in my life being usable and functional vs. being “pretty” and just “there.” It’s not that I don’t like or want nice clothes or that I don’t enjoy the colors in the backyard, but what is in my life that is taking up time and effort that really does not push me to be a better person and world citizen? This blog is not about how to improve our lives, but rather, what is in our BC program that is “pretty” or “there” and is not really making our business more resilient or functional?

Here is a DR example. The IT team says they have a DR strategy in place and are able to recover servers. Everything has been tested. But after looking a little closer, it is clear that only the test environment for an application was included, and that not all of the necessary production servers are being replicated to the DR site. The basic functionality will be available, but not the middleware servers or external facing (public) servers. If this were an order entry system, the only way to get information or make changes on self-service would be to call or physically go to the support center. Also, passing information to suppliers would not occur. Orders can be processed, but the actual functionality is severely limited.

...

http://www.mha-it.com/2016/06/drbc-implementation-strategy-functional/

Despite the wealth of experience the enterprise has gained in the cloud over the past decade, there is still a lot of uncertainty when it comes to establishing the right services, architectures and general functionality to produce an optimal data environment.

Part of this lies in the changing attitude toward the cloud. Where once it was seen as primarily a cost-cutting tool, the goal these days is to leverage the cloud’s unique capabilities for more forward-leaning applications and services – to essentially redefine the nature of enterprise architecture for an increasingly mobile, app-centric economy.

To be sure, the uptake of cloud services is on the rise. The latest report from Technavio pegs the compound annual growth of hybrid services at 23.8 percent between now and 2020. The growth spans a range of SaaS, PaaS and IaaS offerings as organizations seek to find more flexible and reliable means of supporting important, if not necessarily critical, business operations. Perhaps most significantly, the largest growth is likely to emerge in the small-to-medium sized enterprise market (SME), which will help level the playing field with their larger brethren in terms of infrastructure scale and global reach.

...

http://www.itbusinessedge.com/blogs/infrastructure/the-cloud-a-crucial-partner-in-digital-transformation.html

(TNS) - The map above Alene Tchourumoff’s desk shows lines that appear, at first, to denote rivers -- they sprawl and branch off, weaving and curving across the state.

Instead, they depict a vast network of railroad tracks.

In her new role as Minnesota’s rail director, Tchourumoff will refer back to the map often as she leads Gov. Mark Dayton’s efforts to improve rail safety, train first responders and track the movements of the rail cars that transport Bakken crude oil and other hazardous freight.

...

http://www.emergencymgmt.com/safety/States-new-rail-director-will-tackle-oil-train-safety-other-issues.html

Wednesday, 08 June 2016 00:00

Cybersecurity Startups Set For Surge

Cybersecurity has become an integral part of the world we live in even if it’s behind the scenes.  Now the topic is even showing up in movies like the Edward Snowden documentary CitizenFour and TV commercials. Ads highlighting product lines such as those of BAE Systems have appeared with the tagline: “It’s not just security. It’s defense.” The need for cybersecurity is immense for both large organizations and the general public.

Venture capital investment in cyberphysical security startups rose 78% to $228 million in 2015, and will rise to S400 million in 2016 as rapid adoption of the Internet of Things (IoT) raises the threat to products such as connected cars, smart homes and future factories, according to Lux Research.

“What we have seen in the past is smaller venture capital investment, but that is set to change,” says Mark Bunger, research director of Lux. Air conditioning system and car manufacturers and construction/building companies will lead the fray, he adds.

...

http://www.forbes.com/sites/mergermarket/2016/06/07/cybersecurity-startups-set-for-surge/

The demand for smart city technologies shows little sign of slowing down, which comes as no surprise. Cities are growing in size and population, and the need for digital tools and systems to help manage everything from traffic and public safety to garbage and parking meters continues unabated. Technology spending for the global smart city market is expected to reach $27.5 billion by 2023, according to market research company Navigant Research.

But as urban centers expand their reliance on automated sensors and algorithms that improve productivity, sustainability and engagement, they increase risks of data security breaches, vulnerabilities to invasions of privacy and concerns about software reliability. And as cities rely more on data to drive their decision-making, it raises the concern that technocratic governance could begin to replace the traditional political process that’s more deliberative and citizen-centered.

So far, problems with smart city technology have happened at a slow pace, but some of the incidents have been alarming. A software bug closed down San Francisco’s subway system three years ago, temporarily trapping some riders underground. In 2006, during a labor strike, two Los Angeles traffic engineers were accused of hacking smart traffic light systems that created gridlock that lasted for several days. In 2012, the traffic management system for a major artery in the port city of Haifa, Israel, was also hacked. And two years ago, a researcher at a security firm blogged about how easy it was to hack into Washington, D.C.’s traffic signals, which lacked any security controls.

...

http://www.govtech.com/security/Security-Privacy-Governance-Concerns-About-Smart-City-Technologies-Grow.html

Some of you may remember a time when national security was a question of police officers protecting individuals from crime on the street, or the Army’s defence against international threats. Today, that picture looks very different. If anything, it is more volatile, uncertain and complex than it was in the past because it is now plagued by online security concerns, whether individual privacy whilst browsing online, harmful material to younger internet users or hackers trying to access your internet banking.

With every benefit that technology has brought us – global communication, mobile working and easy money management – comes additional risks to watch out for. We all know what the media, businesses and government have to say about national security and protecting consumers, but what about the consumer’s opinion? We recently commissioned Opinium Research to find out and here’s what we discovered…

...

https://channels.theinnovationenterprise.com/articles/where-do-we-go-from-here-how-the-debate-between-privacy-and-security-is-evolving

Outsourcing data requirements to a third party for the first time can be nerve-racking. Endless requirements paired with an increased expectation for data performance puts IT in the hot seat. Below is a list of key considerations when deciding whether to build vs. buy, along with some guidance on how to address each.

 

Control

Control is the most common factor driving organizations to a “build” decision. Enterprises have an intimate familiarity with their unique data requirements and want to retain control of operations, economics, location and design. The right provider, however, should be able to address each of these concerns individually to provide a holistic solution, as well as provide secure access to equipment for approved staff members. Treat your data center decision as an interview process. Come with a list of your top priorities and make sure the provider in question has an answer that sits well with you and meets all of your requirements.

...

http://www.datacenterknowledge.com/archives/2016/06/07/build-or-lease-eight-key-considerations-for-data-centers/

Submit your credentials upon login and what do you get? An All Access Pass. Everything you have access to through your role, rights and relationships connect you to disparate applications and data that you likely don’t need for the task at hand. For many of us, enabling default access to everything that might be useful means that we live our online lives cloaked in excessive access

In order to protect against unintended use and disclosure while meeting compliance objectives, maintaining privacy and securing intellectual property, access to sensitive apps and data must be strictly controlled. Sensitive data is overly exposed while in transit, in use and at rest through excessive access – and, unfortunately, damaging breaches teach this lesson all too often. To compound the problem, access today is primarily safeguarded by the erstwhile login event.

...

https://www.citrix.com/blogs/2016/06/07/security-begins-with-access-but-it-doesnt-need-to-end-there/

You might also determine costs, budgets, efficiency, results and so on, to see what sort of return you are getting on your investment.

The weak point is perhaps at the start of all this. Are you sure you are getting the right information? Are any risks or problem areas being covered up, thus flawing your BC planning or management?

You might need some help from people who really know what’s going on.

There can be a number of reasons why important information for business continuity planning is omitted. Time pressure, peer or management pressure, ignorance and faulty communications are just some examples.

However, if a situation arises in which somebody notices that safety is threatened or risks are being ignored, it is essential for good business continuity that the person concerned is able to express those dangers without fear of reprisals.

...

http://www.opscentre.com/whistleblowing-fits-business-continuity/

The “smart city” covers a lot of real estate -- literally and figuratively. It involves myriad systems and subsystems, all with their own standards and other distinguishing characteristics. Some are far more advanced than others. For the expansive version of the smart city concept to work, however, all of these must communicate instantaneously, when necessary.

For instance, say a cardiac patient is being rushed to the emergency room in the least amount of time possible; the street lights must automatically be set to green in the direction the ambulance is going. To do this, however, the traffic and hospital systems must be tightly integrated. That involves two silos of connectivity.

Deep coordination is one of the many challenges that smart cities face. It’s a tall order. RCR Wireless points to five advances that auger well for the future of the smart city. Lower power wide area (LPWA) networks are increasing connectivity; sensors, actuators and switches are coming down in price; and edge computing is growing more sophisticated. Efforts to standardize interfaces and increase interoperability are increasing and data analytics is becoming less expensive.

...

http://www.itbusinessedge.com/blogs/data-and-telecom/smart-cities-concept-faces-standards-cost-hurdles.html

(TNS) - It was here before anyone made a map and called this corner of it the Pacific Northwest.

“To me,” said David McCloskey, waving an aging hand toward tidelands formed millenniums ago, “it’s an energy field.”

McCloskey, a retired sociology and ecology professor who has spent a lifetime exploring the region’s mountain ranges and waterways, was standing here near the southernmost stretch of Puget Sound. He was trying to explain not just the view in front of him, but all of Cascadia, an elusive realm he helped conceive decades ago that stretches from Northern California to the coast of British Columbia, and deep into the imagination.

...

http://www.emergencymgmt.com/disaster/Cascadia-a-state-of-mind-and-a-megaquake.html

Latest Atlantic hurricane season forecasts are focused on the numbers – how many storms can we expect? and how many of those will be major hurricanes? NOAA, Colorado State University and Tropical Storm Risk cast their predictions here, here and here.

But as the latest storm surge analysis from CoreLogic indicates, it is where a hurricane hits land that is often a more important factor than the number of storms that may occur during the year.

Why?

...

http://www.iii.org/insuranceindustryblog/?p=4477

In preparation for the opening of Hurricane Season 2016, FEMA has developed a new Fact Sheet on wind retrofit projects.  Wind retrofits are enhancements made to strengthen roofs, walls, doors and windows to minimize damage to homes from wind and wind-driven rain caused by high wind events such as hurricanes.  FEMA offers two Hazard Mitigation Assistance (HMA) grants that provide funds for cost-effective wind retrofit projects:  Hazard Mitigation Grant Program (HMGP) and Pre-Disaster Mitigation (PDM).

The Wind Retrofits Fact Sheet provides an overview of wind retrofit projects and the streamlined process for determining the cost effectiveness of wind mitigation projects. The Fact Sheet compliments FEMA's guidance P-804: http://www.fema.gov/media-library/assets/documents/21082" style="color: #1D5782;">Wind Retrofit Guide for Residential Buildings(2010), which provides guidance for selecting and implementing wind retrofit projects for homes in all coastal regions, and FEMA’s http://www.fema.gov/media-library-data/1424368115734-86cfbaeb456f7c1d57a05d3e8e08a4bd/FINAL_WindRetrofit_BCA_JobAid_13FEB15_508complete.pdf" style="color: #1D5782;">Cost Effectiveness Determination for Residential Hurricane Wind Retrofit Measures Funded by FEMA(2015), which provides a simplified pre-calculated benefits methodology for determining cost effectiveness  that can be used instead of the traditional Benefit-Cost Analysis (BCA).

The http://www.fema.gov/media-library/assets/documents/117414" style="color: #1D5782;">Residential Hurricane Wind Retrofits Fact Sheet is available from the FEMA website.

Monday, 06 June 2016 00:00

Big Data for the Small Enterprise

Big Data is not just for the big enterprise. Organizations of all sizes can leverage the power of large data sets and advanced analytics to derive the kinds of insight needed to fuel next-gen business opportunities.

But creating the big infrastructure needed to support Big Data is no easy task, nor is finding the right way to use it in order to produce the highest level of return. Until now, that is.

In recent weeks, a number of platforms have emerged that aim to remove much of the complexity from Big Data, allowing mid-sized and even small enterprises to get started without a lot of lead time or a major hit to the capital budget.

...

http://www.itbusinessedge.com/blogs/infrastructure/big-data-for-the-small-enterprise.html

(TNS) - Tiffany Nguyen’s nursing class at UCLA on Thursday morning spent part of the session talking about the murder-suicide that left a professor and a former graduate student dead the day before.

After class, Nguyen realized the classroom where that discussion took place likely could be locked only with a key — something that made her somewhat nervous in light of Wednesday’s dramatic alerts telling students and staff to shelter in place.

“We don’t have access to keys,” said the third-year student, who lives in Westwood. “If that were to happen again, I would feel pretty unsafe knowing it’s not something that I would be able to control.”

...

http://www.emergencymgmt.com/safety/UCLA-murder-suicide-raises-questions-about-campus-security.html

(TNS) - Whether it’s a tornado, thunderstorm or boil water advisory, Boyd County, Ky., Emergency Management wants everyone to be alert.

The agency has launched a new notification system called AlertSense. The system, which is intended to be used for emergency alerts as well as nonemergency incidents, will notify residents via text message, email or voicemail about incidents that may have significant impacts on lives.

It replaces an older system called Nixle.

“With this new system there are more capabilities,” director Tim England said.

...

http://www.emergencymgmt.com/disaster/Boyd-EMS-launches-new-alert-system.html

When NASCIO surveyed its members about IT procurement in 2015, almost 50 percent had negative opinions about the process and 70 percent of vendor partners were moderately to very dissatisfied with state IT procurement processes.

This February NASCIO proposed several actions states could take to improve procurements, including removing unlimited liability clauses in terms and conditions and introducing more flexible terms and conditions. One idea absent from the list is an approach being piloted in California: creating vendor performance scorecards on IT projects for use in future procurements.

In June 2014, the California Department of Technology (CDT) began work on a Contractor Performance Evaluation Scorecard. A workgroup made up of staff from the State Technology Procurement Division within the Technology Department, the Department of General Services, other state departments and volunteer members of the vendor community met several times to provide input and work out the details. Pilot projects are expected to begin this year.

...

http://www.govtech.com/state/Can-Vendor-Scorecards-Cut-Down-on-IT-Project-Failures.html

(TNS) - Managers and business owners in Rockwall were invited last week to attend the chamber of commerce’s “Disasters and Businesses” presentation.

Disasters and Businesses focused on helping businesses prepare for natural and man-made disasters such as tornadoes, severe storms, contagions or acts of terrorism.

The presentation was funded by a grant from the North Central Texas Council of Governments. The grant is intended to create programs to help businesses plan with government partners to prepare for emergencies.

Joe DeLane, emergency management coordinator for the Rockwall County Sheriff’s Office, led the presentation.

“One of the things I do is I deal with disasters and emergencies,” Delane said. “I’ve been doing that for 35 years and I really see it as a public service. I really have a passion for responding to disasters.”

...

http://www.emergencymgmt.com/disaster/Local-businesses-prepare-for-the-next-big-disaster.html

Organizations are constantly looking to drive improvements, make savings and increase speed of service. It’s therefore, no surprise that data within companies has become a key driving factor for understanding your organization and making changes. Although big data is often a key theme for businesses, a huge amount of content and knowledge is tied up in document repositories that companies could be inadvertently overlooking.

Through digital transformation, companies are able to harness the huge amounts of data stored in paper files. The first step is to transform these paper sources into digital assets and making sense of the data puzzle. Document and information management solutions are available to help organizations capture the missing pieces of the information puzzle. Effective big data management helps companies locate valuable information in large sets of unstructured data and semi-structured data from a variety of sources, including call detail records, system logs, and social media sites.

Document management improves information flow, opening communication channels and eliminating the need for paperwork. However, the paperless office is only half of the story. The data in those documents needs to be a part of the business processes so that it’s not suffering the same fate as it did in the paper-based world.

In four steps, your organization can make sure it is unlocking the very best from its data gold mine.

...

https://channels.theinnovationenterprise.com/articles/teaching-an-old-dog-new-tricks-how-to-make-sense-of-big-data

As a UCLA faculty member who works on critical infrastructure cybersecurity, I spend a lot of time thinking about how to secure the complex networks and systems that deliver our energy, water, food, and data. Given the tragic June 1 murder-suicide at UCLA, it’s particularly timely to consider some important security analogies between those systems and physical spaces such as university campuses.

Campuses, like critical infrastructure systems, are complex, have many ingress and egress points, and are highly decentralized and dynamic. Like those systems, campuses are accessed by very large numbers of people—the overwhelming majority of whom are well-intentioned, and a tiny fraction of whom are not. And, both campuses and complex networks require balancing the need for effective security solutions with the need to make sure those solutions don’t impede normal operations.

In light of those similarities, here are some lessons from cybersecurity that can be used to improve on-campus physical security.

...

http://www.forbes.com/sites/johnvillasenor/2016/06/03/what-cybersecurity-can-teach-us-about-campus-physical-security/

Data is now an integral part of all of our everyday lives. Whether it is retailers building up a detailed profile of our activities in order to provide more personalised offers or a mobile map tool dynamically finding a new route in order to avoid congestion, the latest technologies gather and analyse information all around us, often in ways we don’t even notice.

In the years to come, the potential for this is only set to grow, as the amount of information we generate increases exponentially. As more people get online and tools such as mobile devices become ubiquitous, this will present companies with a huge new resource they can tap into to learn more about consumers and how they interact with the world around them.

According to research conducted last year by Cisco, more than half the world’s population will be online by 2019 – amounting to nearly four billion people. This will result in around 168 exabytes of data being sent around the globe every month by the end of the decade, from 24 billion connected devices.

...

http://blog.krollontrack.co.uk/pieces-of-interest/quest-smart-city-unlocking-public-data/

Friday, 03 June 2016 00:00

What I’ve Learned from Workshifting

Working for a company that is all about making the mobile workstyle achievable certainly has its perks. Being able to work from home or a nearby coffee shop a few days a month is wonderful, but I’ve realized I’m a city girl, trapped in suburban South Florida and it’s time to make my move.

But I love my job! The people I work with are amazing and we work for a great company. It would be tough leaving. Thankfully, the company is Citrix, a leader in workplace mobility software, and my team is extremely supportive – as long as my productivity and quality of work don’t take a dip.

So, how can you work away from the office and still be successful, keep your team and customers happy and still maintain visibility? Pairing research with my own learnings of what works for me, I’ve come up with a few helpful tips:

...

https://www.citrix.com/blogs/2016/06/03/what-ive-learned-from-workshifting/

For most organizations, emergency management and alerting is daunting and the logistics are challenging.  Planning for, and incorporating a few best practices can turn a potentially disastrous situation into an inconvenient one.  We’ve put together a list of those practices every organization should implement before a crisis occurs.

The More Modalities the Merrier

“Modalities” are the different devices and communications channels available to notification managers. While it is possible in a widespread disaster some channels might be down or overloaded, sending alerts through as many channels/devices as possible increases the odds your message will get through, as it is highly unlikely all modalities will be unavailable at once.

...

http://blog.sendwordnow.com/top-communication-best-practices-to-implement-before-a-crisis-strikes

"Resilience" is the next evolutionary phase of busines continuity. What is resilience and how does it differ from traditional perspectives on organizational response to disruptive events?

What is Resilience?

Resilience helps businesses take continuity principles out of their silo and integrate business continuity with all disaster recovery and emergency preparedness initiatives for a stronger response to any threat.

Resilience builds upon the concepts of preparedness and recovery by focusing on how businesses can maintain their usual operations in the face of unexpected disasters. Resilience focuses not just on how to get back to business after something goes wrong, but on how businesses can position themselves to protect their brand equity, their resources, and their staff from threats in the first place.

...

http://blog.sendwordnow.com/what-is-resilience-and-how-does-it-fit-with-business-continuity-principles

Cloud computing, at its core, is deployed by enterprises looking to increase flexibility, productivity and cost savings over legacy systems. More and more companies that look to outsource IT functions have turned to the cloud--more specifically, cloud infrastructure as a service (IaaS)--to automate and virtualize computing functions. According to a recent cloud computing report, 93 percent of organizations surveyed are running applications or experimenting with IaaS. The value to customers is a positive ROI when choosing a solution to address their IT challenges, while increasing the aforementioned key business objectives. 

A recent infrastructure as a service customer survey conducted by TechValidate, on behalf of NaviSite, aimed to better understand how cloud deployments have made an impact on businesses. The survey provided insight into key IaaS use cases, results and trends from customers in the cloud, including:

...

http://mspmentor.net/blog/new-data-shows-cloud-services-offer-freedom-scalability-and-innovation-it

We'd like to present  some current and future standards and technical documents related to Data Center sustainability. These are  relevant to Data Center design, construction and operation. Sticking to standards-based environmental regulations, procedures and best practices is good for Data Center business. Especially as companies increasingly ask suppliers Data Center sustainability and efficiency-related questions. Not just to save on costs and energy consumption, but also because they have their own strict targets and image to consider.

Data Center Sustainability Standards and documents: an overview

CENELEC’s EN 50600 series standards define minimum requirements for data centre infrastructures of all shapes and sizes. This covers protection from environmental events and failure and unauthorised access, including internal and external environmental events within the pathways and spaces that house the infrastructure. EN 50600-3-1 deals with measurement, monitoring and metering energy consumption at specified locations. Properly managed, this operational information may help assess Data Center performance using sections from the EN 50600-4 series and its Key Performance Indicators (KPIs). EN 50600-4 series directly handles efficiency such as Power Usage Effectiveness (PUE) and Renewable Energy Factor (REF).

...

http://www.datacenterjournal.com/data-center-sustainability-useful-standards-and-technical-documents/

Many of the most important values of object storage are derived from the fact that it leverages the advantages of distributed, scale-out architecture, which expands capacity by simply adding nodes.

The easiest way to think of object storage may be to compare it to the containers we’ve been discussing in this blog series. This will also introduce the first of many advantages of object storage, which is its ability to manage data in context.

The Major Components

File storage consists of data in raw form -- ultimately zeroes and ones arranged to express specific characters or other entities such as pixels.  Block storage organizes the files into fixed-sized blocks for easier management and transport.

Object storage consists of three key components:

...

http://www.informationweek.com/partner-perspectives/redhat/the-fundamental-components-of-object-storage/a/d-id/1325765

AUSTIN, Texas – Flooding is a familiar and frequent natural disaster in Texas. Heavy rains are a consistent threat across the state, while hurricanes have caused hundreds of millions of dollars in flood damage to Texas homes and businesses in just the past few years.

A flood insurance policy through the National Flood Insurance Program offers Texas residents their best protection against loss. It takes 30 days for a new NFIP policy to go into effect. 

Hurricane season runs June 1 through Nov. 30. Will you have flood insurance in time?

“During hurricane season, Texas residents and businesses are at risk,” said Federal Coordinating Officer William J. Doran III, who is in charge of FEMA’s operations in Texas. “A policy with the NFIP is one of the best ways to supplement federal assistance and protect your home and livelihood.”

Flood damage is not covered under homeowner insurance policies and there is no guarantee that federal disaster assistance will be available when a flood occurs.

Flood insurance is available to homeowners, business owners and renters.  Policies offer up to $250,000 coverage for homeowners, up to $100,000 for personal property and up to $500,000 each for business contents and buildings.

Property owners who already have flood insurance policies are encouraged to check their policy each year, update as necessary and make sure premiums remain paid in full.

For more information or to find an insurance agent near you who sells flood insurance, visit floodsmart.gov, or call the NFIP's toll-free number at 1-888-356-6329 (1-888-FLOOD29). Persons who are deaf, hard of hearing or have a speech disability and use a TTY may call 1-800-427-5593.

Download fema.gov/mobile-app to locate open shelters and disaster recovery centers, receive severe weather alerts, safety tips and much more.

# # #

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Download fema.gov/mobile-app to locate open shelters and disaster recovery centers, receive severe weather alerts, safety tips and much more.

Part Two of a Conversation with Patrick Dennis, CEO of Guidance Software

Last week, I had the chance to sit down with Patrick Dennis, CEO of Guidance Software, during Enfuse Conference 2016. Earlier this week, I discussed Dennis’s thoughts about the jurisdiction of cybersecurity events. Today, we get his view on how we should approach cybercrime’s law enforcement jurisdiction.

Dennis made the point that if our home or business were burglarized, we would call the police and expect them to show up and conduct an investigation. He then asked, “Who do you call when there is a cybercrime?” I joked that you can’t call Ghostbusters. Dennis chuckled but answered that Ghostbusters might be as effective as our current solution, adding:

We have built a regulatory framework that is ineffective at recognizing, let alone combatting, cybercrime. That puts business leaders and the FBI and the military in a position where they have one arm tied behind their back. If we were this lackadaisical about physical crime, there would be anarchy.

...

http://www.itbusinessedge.com/blogs/data-security/cybercrime-who-do-you-call-when-theres-a-cybercrime.html

(TNS) - Lake County, Fla., officials are concerned that the public's priority to prepare for hurricanes has diminished in the dozen years since the damaging winds of Hurricane Francis tore through the county.

In the event of a violent storm, government workers, at least, won't be caught flat footed, and they'll try to make sure residents are prepared, too. This week, the day-shift crew of about 85 employees from municipalities and the county gathered at the Lake County Emergency Communications and Operations Center and worked through a mock hurricane scenario.

Hurricane season officially got underway Wednesday.

...

http://www.emergencymgmt.com/disaster/Lake-County-government-workers-brace-for-start-of-hurricane-season.html

(TNS) - Central Texas will most likely see heavy rain and flooding this week, and FEMA recommends having an emergency kit in your house or car with at least some basic supplies.

In case you’re scrambling to refresh or build your kit, we compared prices at three Austin-area stores — Wal-Mart, Target and H-E-B — to help you figure out the cheapest and easiest way to gather supplies.

Altogether, Wal-Mart won for price; first-aid kits and gallons of water were particularly inexpensive. Things were easiest to find in H-E-B, where I also spent the least amount of time looking for supplies, even though I went to the always-crowded South Congress-West Oltorf store. H-E-B also came in a solid second on pricing, tying with Wal-Mart for a number of items.

...

http://www.emergencymgmt.com/disaster/Are-you-prepared-for-a-flood-Heres-what-to-put-in-an-emergency-kit.html

Convergence can be great thing: the U.S. states came together to form an entity greater than the sum of its parts.

But convergence can also lead to burdensome creations that accomplish little.

It can be the same with storage hyprconvergence. There may be times when it makes sense to implement hyperconverged infrastructure (HCI), and other times when all it may achieve is to inflate the budget or keep IT occupied with a new architecture.

So when should you introduce it, and in which cases should you avoid it? And if you are embarking on this journey, where should you start?

...

http://www.enterprisestorageforum.com/storage-hardware/storage-hyperconvergence-when-does-it-make-sense.html

Crisis Communication Basics

Regina Phelps recently joined forces with Everbridge and recorded a webinar that explores in-depth strategies for improving your disaster and crisis management. Previously in part 1 of this five part series, Regina discussed why timely communication is important in a disaster, as well as some definitions to help get to the root of communication strategies and their effectiveness. If you missed part 1, you can access it here.

In this installment of the series, Regina discusses the basics of crisis communication. Specifically, how to establish and organize a communications team.

...

http://www.everbridge.com/improving-disaster-and-crisis-management-with-timely-communication-and-response-2/

Thursday, 02 June 2016 00:00

9 Secrets Of Data-Driven Companies

The competitive landscape is shifting rapidly in virtually every industry, fueled by the intelligent application of technology and data. While nearly all companies have more data than they know what to do with, a powerful minority is discovering new ways of leveraging it.

"Everyone is trying to figure out what the best route is, and what value data science can bring to the business," said Vivian Zhang, CTO and founder of the NYC Data Science Academy.

Internal fragmentation is one of the biggest obstacles facing companies as they seek to become data-driven. Data remains trapped under the control of a given department or business unit. The fact often frustrates efforts to use data strategically across the enterprise.

...

http://www.informationweek.com/big-data/big-data-analytics/9-secrets-of-data-driven-companies/d/d-id/1325746

Thursday, 02 June 2016 00:00

Outward-Looking Business Continuity

It is easy to indulge in navel-gazing when it comes to business continuity. We examine our business, its components, its requirements, its objectives and the risks that could affect it.

Then we draw up business continuity plans and put them into action. Yet a business only means something if it has customers it can serve.

It is remarkable therefore to see how FINRA (the US Financial Industry Regulatory Authority, Inc.) emphasises the notion of the end-customer when defining requirements for financial firms to create and maintain business continuity plans.

With its Rule 4370 (are there really 4369 rules before this one?!), it specifies that BCP procedures must be designed so that existing obligations to customers can be met.

...

http://www.opscentre.com/outward-looking-business-continuity/

Thursday, 02 June 2016 00:00

Turning a big storage ship

Storage is a funny old part of IT industry and a part of the industry that is going through change much quicker than most.

The rapid move to flash, the need to integrate cloud, issues over management, security and governance all make the storage industry a challenging place for vendors and those architecting and using storage solution alike.

If we add to that a change in how we view our infrastructure, we see technologies that are abstracting much of our infrastructure from end users and developers, we see tech like openstack, Azurestack and even tech like Vmware VVOLS all of which present a single look and feel higher up the technology stack, this move almost sees some parts of the decision making cycle have a view of “we don’t really care about storage.”

...

https://techstringy.wordpress.com/2016/06/01/turning-a-big-storage-ship/

NEW YORK – Learning from leaders whose decisions changed lives and careers, who experienced a situation that took them to the brink and back — that’s the purpose of the newly-launched podcast series, “Resilient,” from Deloitte Advisory. The biweekly podcast series explores the story of real-life executives, board members and government officials who led through crises, navigated through disruptions, managed through significant risk events and came back stronger. Each “Resilient” episode is designed to help today’s leaders embrace risk and improve performance by becoming better prepared to manage confidently in this unpredictable world.

 “Clients routinely tell us that they want to hear the stories and experiences of their peers. But more often than not, those stories are kept quiet or only heard by a few,” says Mike Kearney, National Managing Partner for Deloitte & Touche LLP, and leader of Deloitte Advisory strategic risk services. “We lay it all out there for the benefit of the listeners and take them on the executive’s journey. Resilient leaders don’t get knocked down by disaster or disruption, they find ways to navigate through it and come back stronger, and that is what you’ll hear in each episode.”

In the first episode, Deloitte Advisory’s Mike Kearney interviews former Verisign CEO Bill Roper about his experience transitioning from a lead independent director to CEO during a volatile crisis. Roper shares the complexity of the short-term decisions that had to be made and frames the crisis with an eye on the long game as well.

...

http://corporatecomplianceinsights.com/new-resilient-podcast-series-explores-stories-executives-midst-risk-disruption-crisis/

In 2012, the UK Government launched 10 Steps to Cyber Security guidance, and now around two thirds of the FTSE350 are using it. It was simplified and updated in 2015.

As you would expect, the 10 Steps involve people, process, and technology – and include everyone from the board to individual users. Today, I want to discuss how Citrix supports each of the 10 Steps.

Let’s take a look.

...

https://www.citrix.com/blogs/2016/06/01/ten-steps-to-cyber-security-guidance-for-business/

In conjunction with Business Continuity Awareness Week, an annual event organized by the Business Continuity Institute to raise awareness of the importance of business continuity and resilience, Everbridge invited a panel of BC professionals to discuss how a unified critical communications platform can derive additional value.

Oftentimes, business continuity professionals have the difficult task of proving the value of business continuity in terms of ROI.  The expert panel webinar covered topics such as crisis event management, unplanned IT outages, business communications, information and physical security, data breaches, etc. and how these activities raise the profile of the business continuity team.

Our expert panel members included:

...

http://www.everbridge.com/the-power-of-unified-communication-in-driving-roi-an-expert-panel/

Ideal data management strategies are different for every organization; everyone has his or her own take on the exact definition of what “information governance” is even supposed to be. Full data management has become a very multifaceted business challenge, and analysis tools seem to promise to offer some assistance. However, analytics can’t fix the absence of strategy.

Myths arise because everyone loves a simple explanation. We’re drawn to them because they offer to (seemingly) to streamline the vast and unwieldy. The more complex a topic, the more likely it is that myths will spread. File analysis and file governance are excellent examples of this. With file share environments being the epicenter for human-generated activity within the business, organizations question how file analysis best fits into the data management strategy. However, with such a broad topic, it’s easy to fall into the occasional trap made by an attractive myth. Here are some of the more common ones.

...

http://www.datacenterknowledge.com/archives/2016/06/01/data-debunked-myths-truths-file-analysis/

A road sign in Death Valley warning travelers of Caution Extreme Heat Danger

Extreme heat events, or heat waves, are a leading cause of weather-related deaths in the United States. Between 1999 and 2012, extreme heat caused more than 7,400 heat-related deaths in the United States.  Extreme heat increases hospital admissions for heart disease, respiratory disease, and stroke.

CDC’s Climate and Health Program funds 16 states and two cities through the Climate Ready States and Cities Initiative.  Through this initiative, CDC helps states and cities partner with local and national climate scientists to understand potential climate changes in their areas, including extreme heat.  CDC also assists states and cities in developing and using models to predict health impacts, to monitor health effects, and to identify the areas that are most vulnerable to these effects to help ensure that communities are prepared for the health challenges associated with climate change.

Evaluating the effectiveness of different preparedness actions and interventions is an important step in protecting people from extreme heat.  States can use data on heat-related illnesses from the National Environmental Public Health Tracking Network to help make decisions about the best ways to prepare for extreme heat.

Identifying who is at risk

The Minnesota Tracking Program analyzed data on heat-related illnesses and deaths to understand more about the people who are at the most risk during extreme heat events. The analysis revealed two new pieces of information:

  • People between the ages of 15 and 34-years old are at risk during extreme heat–not just people over the age of 65.
  • The rates of extreme-heat-related hospital stays and emergency department visits were higher across the entire state of Minnesotathan in the metropolitan area that includes the seven counties in and around the Twin Cities.

State and local health professionals used the tracking data to develop and update maps showing areas with populations that are at the highest risk for illness or death during heat waves. They are using the maps to identify areas that need additional support and planning to prepare for heat waves.

Taking action and being preparedThermometer reading 100 degrees

The 2006 North American heat wave began in mid-July of that year.  Between July 15 and August 27, 140 people died as a result of extreme heat in California, which had the most severe death toll in the country due to heat.  An additional 515 people were suspected to have died from this period of extreme heat in California.  The heat wave resulted in an estimated $133 million in health-related costs for the state of California.

Heat waves will continue to impact all regions of California, including urban, rural, inland, and coastal areas.  These periods of extreme heat are expected to get longer and to become more frequent over time.  In order to inform preparedness initiatives for the extreme heat, the California Tracking Program conducted a study to determine whether heat alerts accurately predicted the times when people suffered the most heat illness.

The findings from the study provided scientific proof of a link between heat alerts and heat illness.  Decision-makers in San Jose used the results to approve opening cooling centers as part of the city’s heat alert response plan.  Cities and counties nationwide must be prepared in this way to respond to heat alerts and to take preventative actions, such as opening cooling centers where people can gather for life-saving relief from the heat.

The California Tracking Program and the National Weather Service (NWS) are conducting similar studies in other parts of California, including Los Angeles. This information will help cities to make decisions about heat wave preparedness policies and help NWS refine its heat alert system for each region.

Learn more about extreme heat at http://emergency.cdc.gov/disasters/extremeheat

  • Check out this infographic about how to prepare yourself and your loved ones for the next heat wave.
  • Check out the National Environmental Public Health Tracking Network’s Info by Location feature to view data and information on extreme heat for your county.

In enterprise circles, a serverless architecture sounds like infrastructure deconstruction to the extreme. How can you do anything without a server to process data?

But marketing hype being what it is, serverless does not actually mean “without servers.” Instead, it refers to an application deployment model in which issues surrounding server configuration and provisioning are no longer handled by the developer.

While the underpinnings of serverless architecture have their origins in PaaS and IaaS frameworks dating back to the early cloud days, the modern movement can be traced to late 2014 when Amazon launched its Lambda service. According to software engineer Alex Casalboni, Lambda offers a means to run code, create backends and do everything else to support an application without delving into capacity management, OS updates, fault tolerance and other tasks related to server management. The key advantage is that it allows you to lease server capacity on a sub-second basis – literally, you pay only for the split second it takes to churn data ­– which not only lowers cloud computing costs but provides a highly robust environment for microservices.

...

http://www.itbusinessedge.com/blogs/infrastructure/what-can-serverless-computing-do-for-the-enterprise.html

When an emergency strikes, an organization’s crisis communications plan is one of the keys to a streamlined response and a quick return to normalcy. Consider your own company’s plan. Does it allow for fast, decisive action and real-time updates? Can it be activated in 30 minutes or less, a goal achieved by more than 75 percent of organizations? More than anything, does your plan suit the way your company and your employees operate on a day-to-day basis?

Given the range of technology available to today’s businesses, it’s no wonder that many are incorporating mobile communications applications into their crisis planning. Today, 55 percent of organizations report using some form of emergency communication software, which includes mobile apps.

Mobile apps are a good fit for a wide variety of organizations. Regardless of the type of crisis communication plan you have in place, an app will likely offer several important benefits. Here, we take a look at the areas of your communications planning to consider when evaluating a mobile app:

...

http://www.rockdovesolutions.com/blog/is-a-mobile-app-right-for-your-crisis-communications-plan

Thursday, 02 June 2016 00:00

New Hope for Stopping Ransomware?

Imagine walking into your office and booting up your computer to finish up that important report you’ve been working on. Instead of seeing your usual desktop, however, you’re greeted with a message demanding ransom….or you’ll never see the contents of your computer again. This may sound like the plot of John Grisham book, but it’s a real-live scenario increasingly playing out across the country and around the world. Even worse? This type of malware -- dubbed “ransomware” -- may be coming soon to a computer near you.

With millions of organizations at the mercy of this new breed of cybercrime, legislators in California are stepping up to take them on with a new ransomware bill known as Senate Bill 1137. Let’s take a closer look at the increasing prevalence of ransomware, along with how this latest legislation aims to take on the problem.

...

http://blog.sendwordnow.com/new-hope-for-stopping-ransomware

CenturyLink has committed to improving energy efficiency of its entire US data center portfolio by 25 percent by joining a voluntary US Department of Energy program that promotes investment in more efficient energy use in buildings.

The Monroe, Louisiana-based telco has been upgrading its sprawling data center portfolio to improve efficiency since last year, despite the possibility that it may sell some or all of those sites. CenturyLink management has been evaluating numerous alternatives to owning its data centers.

Bill Gast, CenturyLink’s director of global data center energy efficiency, said uncertainty about ownership of the portfolio in the future hasn’t disrupted the current push to improve its efficiency that started last year.

...

http://www.datacenterknowledge.com/archives/2016/06/01/centurylink-commits-data-center-efficiency-targets-federal-challenge/

The potential of radiation risk exposure causing harm in your organization’s workplace may not be the first thought that comes to mind at an ISO  quality management system team meeting…..but, under the new ISO risk-based thinking approach to broaden your scope of understanding risk and its relationship to the context of your organization …perhaps it could be.

To follow this logic further, we begin with the need to better understand radiation.

Today’s corporate environments are filled with leaps and often times hesitations, followed by even larger leaps toward cloud deployment. But about those hesitations: from fears about IT jobs being outsourced to security concerns and questions about the most effective ways to centrally manage a cloud solution, apprehensions can run far and wide.

IT Innovators recently caught up with John Webster, analyst at Evaluator Group, to chat about some of the most common assumptions about the cloud and what factors should instead be top of mind for a more effective cloud deployment.

...

http://www.datacenterknowledge.com/archives/2016/05/31/innovators-rethinking-assumptions-cloud/

Once it’s done shedding its Enterprise Services business, Hewlett-Packard Enterprise is betting on its bread-and-butter data center hardware business – servers, storage, networking, and software to manage all of the above – to continue driving the bulk of its revenue.

The company, which only recently separated from the former Hewlett-Packard’s printer and PC business, announced earlier this month that Enterprise Services would spin off and merge with Computer Sciences Corp.

In an analysis of recent revenue and profit trends of HPE’s various businesses, The Next Platform’s Timothy Prickett Morgan points out that enterprise technology services are a people-intensive, low-margin business, and says that this is probably the biggest reason CEO Meg Whitman has decided to get out of it.

...

http://www.datacenterknowledge.com/archives/2016/05/31/hpe-bets-on-core-data-center-hardware-sales-to-drive-profits/

Colocation data centers are hands down the largest consumers of commercial biometric technologies for access control.

So how come every colocation provider I speak to is unhappy with the way biometric solutions scale inside their data centers? The reason is biometric systems are inherently hardware focused and almost always offer no ability to scale, integrate or support at enterprise scale.

For colocation providers, security is not a “keeping the lights on” activity but rather a driving factor in the day-to-day success of business. Biometric solutions are actually a key selling feature of their data centers.

...

http://www.datacenterknowledge.com/archives/2016/05/31/why-colocation-data-centers-cant-scale-biometrics-effectively/

(TNS) — Under pressure from Congress to reduce federal dollars spent on emergency aid, the Federal Emergency Management Agency is floating a new proposal that would give states a financial incentive to better prepare for storms, floods, hurricanes and other disasters.

Some state and local officials are pushing back. Many of the 150 public comments filed to the agency express concern that the proposed changes would just shift the financial and administrative burden to local governments already overloaded during disaster situations.

“Disaster assistance administrators at the state and local level are already overburdened, particularly in the aftermath of a major disaster,” the bipartisan National Governors Association said in its comments, calling the current system an already “complex and time-consuming exercise.”

...

http://www.emergencymgmt.com/disaster/FEMAs-new-disaster-deductible-shifts-responsibility-to-states.html

TNS) - The National Hurricane Center will launch storm surge inundation maps for the first time this summer, predicting where and how deep flooding will hit here and elsewhere.

Two years ago the maps were tested on the Outer Banks. Data from hundreds of hurricane forecast scenarios was fed into a supercomputer.

Hurricanes and tropical storms are measured according to wind speed. The new maps turn attention to flooding. Storm surge threats could be worsening as the ocean level rises and more people build on the coast, said Jamie Rhome, storm surge specialist with the National Hurricane Center.

“People have focused on wind,” Rhome said. “The world is awakening to storm surge.”

...

http://www.emergencymgmt.com/disaster/Hurricane-Center-to-launch-maps-that-will-predict-storm-surge-after-successful-tests-on-Outer-Banks.html

Wednesday, 01 June 2016 00:00

FEMA: Summer Safety

Summer means vacation, outdoor activities, and fun in the sun! It’s a time when families hit the road to visit national parks or distant relatives. The warm months and long days mean that there is plenty of time for baseball games and barbecues. The sultry temperatures practically invite you to take a dip in the pool or ocean.

But don’t let the sunny days and warm nights fool you. Summer also holds significant weather and water hazards. Heat waves can be lengthy and deadly. Lightning deaths are at their peak during the summer. Beach hazards such as rip currents can catch the unprepared. And, it’s the start of hurricane season.

This summer, the http://weather.gov/" target="_blank">National Weather Service (NWS) wants you to be prepared for the following weather and water hazards:

But you’re not powerless in the face of these hazards. With just a few simple steps, you can become weather-ready. Stay safe this summer: Know Your Risk, Take Action and Be a Force of Nature! Reprint from ready.gov for more information.

  1. Know Your Risk

Being prepared means learning about summer weather and water hazards such as hurricanes, heat, lightning, rip currents, air quality, tsunamis and wildfires. Here’s what you need to know:

  • The Atlantic Hurricane Season runs from June 1 through November 30. Hurricane hazards come in many forms, including storm surge, heavy rainfall, inland flooding, high winds, tornadoes, and rip currents.
  • Since 2003, 43 states within the continental United States have come under a tornado watch; 49 states have come under severe thunderstorm watches; and lightning strikes occur in every state.

Heat waves are common across the country during the summer. They are dangerous because the human body cannot cool itself properly when exposed to an extreme combination of heat and humidity.

  1. Take Action

While the weather may be wild, you are not powerless. This summer, prepare for hazards with these simple steps:

There is no safe place outside when lightning is in the area. If you hear thunder, you are likely within striking distance of the storm. Just remember, http://www.lightningsafety.noaa.gov/" target="_blank">When Thunder Roars, Go Indoors.

  1. Be a Force of Nature

Your action can inspire others. Be a Force of Nature and share how you’re working to stay safe from weather and water hazards this summer.

  • Write a post on Facebook. Share with your friends and family the preparedness steps you’re taking to stay safe this summer.
  • Tweet that you’re prepared withhttps://twitter.com/search?q=%23summersafety&src=typd"> #SummerSafety. Tell us what you’re doing to be prepared for summer hazards.

Create a http://www.ready.gov/make-a-plan">Family Communication Plan so that your loved ones know how to get in touch during an emergency. And let your friends know that they should create a plan also.

Your company has likely spent a lot of time, effort, and money keeping its security systems, policies, and practices up to date. Can the same be said of your law firm?

The legal industry isn't exactly known for its technology leadership, which should be of concern, especially from a security perspective. Don't assume that your data is safe, in other words. Be prepared to do your own due diligence.

"Law firms retain a lot of sensitive corporate data that would be extremely valuable to hackers or outside parties. In particular, hackers are interested in corporate legal information, intellectual property from their clients, information on directors and officers of corporate clients, settlement terms, and more," said Jacob Olcott, the former legal adviser to the Senate Commerce Committee, counsel to the House of Representatives Homeland Security committee, and current VP at Bitsight Technologies, in an interview.

...

http://www.informationweek.com/strategic-cio/security-and-risk-strategy/panama-papers-fallout-what-if-your-lawyer-gets-hacked/a/d-id/1325545

We have all seen data visualization grow in stature over the past decade and it is now an essential part of our daily lives.

Newspaper articles that discuss statistics uniformly communicate these through visualizations, sports teams are critiqued through graphs and animations, and in boardrooms, leaders see the data they want through interactive dashboards. But what can actually be done with visualizations? What is the point of them and why have they become so important?

Showing complex data sets in simple ways

The most important element of any data visualization is the ability to show something complex as simply as possible. If you have a dataset with hundreds of different points, trying to see what the correlation is from an excel spreadsheet is going to be almost impossible. The ability to clearly see trends allows decision makers to act quickly.

...

https://channels.theinnovationenterprise.com/articles/so-what-can-you-actually-do-with-data-visualization

Your emergency notification system should be incredibly user-friendly—and the process to understanding your vendor and how you would partner together should be just as easy.
From demo to implementation, the process should be painless! Here are some tips for you when you’re getting ready to evaluate and implement a new technology.

First, know what your emergency notification vendor should be doing for you:

An emergency notification system empowers organizations to keep their people safe, informed, and connected through relevant, streamlined mass notifications during a critical event. Emergency notification systems automate and deliver messages so you can quickly and easily communicate with, or engage, your audience from anywhere, at any time, using any device. Your emergency notification system should monitor threats for you, establish business resilience, and protect your organization and people.

When evaluating emergency notification systems vendors and to ensure your success, it’s important to get an understanding of what you can expect from your partnership.

...

https://www.alertmedia.com/finding-the-best-emergency-notification-vendor-8-tips-for-approaching-the-evaluation-process

Whichever way you slice it, NOAA’s just-released outlook for the 2016 Atlantic Hurricane Season appears to suggest we’re on track for more hurricane activity than we’ve seen in a while.

NOAA predicts a 70 percent chance of 10 to 16 named storms (winds of 39 mph or higher), of which 4 to 8 could become hurricanes (winds of 74 mph or higher), including 1 to 4 major hurricanes (Category 3, 4 or 5; winds of 111 mph or higher).

It calls for a 45 percent chance of a near-normal season, but there is also a 30 percent chance of an above-normal season. The likelihood of a below-normal season is at 25 percent.

...

http://www.iii.org/insuranceindustryblog/?p=4466

Using the Business Impact Analysis to Understand Relationships Between Resources and the Business

BACKGROUND
The business impact analysis (BIA) establishes the foundation of an organization’s business continuity program by establishing business continuity requirements. As a result, a significant part of Avalution’s work involves helping organizations design and execute the BIA process. Furthermore, a well-executed BIA can deliver so much more than just a list of recovery time objectives (RTOs) and recovery point objectives (RPOs)!

One of the ways Avalution adds value as part of the BIA process is by illustrating or “mapping” the relationships between products and services, business activities, and resources. By doing so, we can better understand the business use of specific resources and understand how unavailability impacts the business as a whole. This BIA task is extremely valuable when working with business continuity planning stakeholders, such as an application manager, to plan for and mitigate the risks associated with a disruptive incident. Should a disruptive incident occur, this work also enables our clients to quickly understand the implications of the incident, based on resource loss scenarios.

...

http://perspectives.avalution.com/2016/more-than-just-recovery-time-objectives/

After Volkswagen admitted designing software that provided false emissions data in order to appear compliant with emissions standards, many questions were raised about the culture of the company. The scandal also highlighted the difficulties in locating risk across an organization.

The resignation of Volkswagen’s CEO further illustrates how difficult it is to run an organization from an ethical perspective.

With a multinational company as large as Volkswagen, it is inherently tough to keep an eye on every single aspect of the business. It is, therefore, impossible that a senior Volkswagen executive could have known everything about the engine emissions testing process.

...

http://corporatecomplianceinsights.com/4-lessons-from-the-volkswagen-emissions-scandal/

What is encryption?

Encryption is the process of transforming information (referred to as plaintext) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a “key”. The result of the process is encrypted information. In many contexts, the word encryption also implicitly refers to the reverse process, decryption (e.g. “software for encryption” can typically also perform decryption), to make the encrypted information readable again (i.e. to make it unencrypted).

...

http://blog.krollontrack.co.uk/making-data-simple/encryption-decrypted-learn-how-your-data-is-protected-online/

The grass is green. The days are longer. The school year is over, or winding down. It’s the time of year many people begin thinking about summer vacations.

Business continuity professionals are, of course, no exception.

So, how can you, a person responsible for mission critical resiliency plans and emergency notification programs, really relax (at least a little) on your upcoming vacation? Here are a few helpful tips for dealing with your notification process now, before you pack your Speedos and sunscreen.

...

http://blog.sendwordnow.com/the-vacation-planning-guide-to-emergency-notification-0

When you start to evaluate emergency notification system vendors, you’ll need to narrow in on your organization’s specific needs. Which features matter the most? And are they easy to use? As you’re looking for a vendor to best fit your emergency notification requirements, be on the lookout for these seven must-have features that will make your communications easier.

...

https://www.alertmedia.com/7-must-have-features-for-an-emergency-notification-system

Damage to a company’s reputation can come from so many different crises. Consider Chipotle, which is struggling to bounce back from multiple health scares. Or Target, whose customers questioned the security of its payment systems following its devastating data breach. Or Volkswagen, a company that is struggling to maintain its image in the wake of its falsified emissions tests.

Your organization likely has a crisis response plan to help employees get through any number of emergencies. But will your plan also protect your company’s reputation? Here are a few ways to ensure that your organization keeps its good name, even in the face of a crisis:

...

http://www.rockdovesolutions.com/blog/will-your-crisis-response-plan-protect-your-organizations-reputation

Thursday, 26 May 2016 00:00

Emerging Risk: the Internet

We think of the Internet as a borderless entity, but that could all change, according to an annual emerging risk report from Swiss Re.

The publication is based on the SONAR process, an internal crowdsourcing tool that collects inputs and feedback from underwriters, client managers, risk experts and others to identify, assess and manage emerging risks.

Increased localization of internet networks within country borders is one of the key emerging risks that industry players should prepare for, the report suggests.

...

http://www.iii.org/insuranceindustryblog/?p=4463

How else have IT departments been doing so much more with so much less? Cloud service providers have done what so many CIOs and IT managers have only dreamed of.

They have packaged virtualisation, automation, replication and innovation together, and put cost reduction in as part of the deal too.

Never before have enterprises and organisations had so much power at their fingertips for so few dollars (well, thousands of dollars). However, there’s just one big drawback.

The drawback isn’t really due to cloud computing. After all, much of cloud computing fulfils its function marvellously well. That includes providing resources for business continuity and disaster recovery, as well as for data archiving.

...

http://www.opscentre.com/cloud-business-continuity-brilliant/

For many organizations, it is a constant challenge to meet the current year goals and objective for the business continuity management program.  There are a plethora of causes and symptoms, including:

  • Exercises continually fail to meet recovery time objective (RTO) targets.
  • The internal and/or external auditors have black notes that have not been fixed.
  • The board, interested parties, customers and other stakeholders are making more demands.
  • The competition now has certified BCM programs and is winning more business.
  • A lack of confidence in consistently meeting contractual and regulatory obligations.
  • A need to expand the BCM program scope, e.g., additional departments, regions, or community responders, etc.

But there is hope.  A set of fresh eyes to perform a gap analysis of your BCM program can highlight non-conformities and provide direction on how to reasonably move forward to meet your goals.

...

http://www.continuitycentral.com/index.php/news/business-continuity-news/1142-a-methodology-for-business-continuity-gap-analysis

Turmoil in emerging markets, increased localisation of Internet networks within country borders and financial repression are some of the key risks identified in this year's Swiss Re SONAR report, published recently. Although aimed at the insurance sector the report contains useful information for all enterprise risk managers. The publication is based on the SONAR process, a crowdsourcing tool drawing on Swiss Re's internal risk management expertise to pick up early signals of what lies beyond the horizon.

The report offers insights into emerging risks, those newly developing or evolving risks whose potential impact and scope are not yet sufficiently taken into account. Among these, the report also highlights a ‘crisis of trust’ in institutions, the ‘legal and pricing risks of the sharing economy’ and technology-related topics, such as the rise of ‘precision medicine’ and ‘distributed energy generation’.

"Risk management is not just about managing risks in the present. It is about anticipating future ones to make sure we will be in a position to deal with them," says Patrick Raaflaub, Swiss Re's Group Chief Risk Officer. "These risks may only fully reveal themselves to future generations. That doesn't mean that we shouldn't act today to reduce uncertainty and alleviate their burden."

The identified risks are relevant to life and non-life insurance areas and are presented with the goal of helping industry players prepare for new scenarios by adapting their behaviours, market conduct and product portfolios.

Detecting early signals of looming threats allows for a proactive approach to risk mitigation and is an important step to help society as a whole to become more resilient.

The three top risks with the highest potential impact:

Emerging markets crisis 2.0: turmoil in emerging countries could hinder the market entry and the penetration strategies of global insurance companies and even result in higher underwriting losses, especially in property, personal and commercial lines, for example in the case of riots.

The great monetary experiment: the long-term costs of negative interest rates and unconventional monetary policies are still unknown, yet they might lead to a broader loss of confidence in the monetary system. Short-term benefits are limited as the policies are unlikely to boost economic growth.

Internet fragmentation: firewalls, special software to filter out unwanted information and isolated IT infrastructure detached from global networks: disconnected nets could soon become a reality. Their potential impact includes increased costs and disrupted business models for insurance companies and other businesses operating across borders.

Read the full report

Unplanned system downtime is the reality that IT departments need to deal with every day.  Some even see downtime as being the worst thing that can happen with their IT systems.  In fact, as almost everything we know has gone through a digital transformation, businesses rely more and more upon IT; therefore an IT issue is a business issue. When critical incidents occur, the business operations can quickly suffer from it:

  • Loss of online revenue for e-retailers
  • Drop off in employee’s productivity in manufacturing
  • Frustrated clinicians, increased patient safety risk and drop of the hospital bed turnover rate in hospitals
  • Impact on brand, company image and patient satisfaction

Not long ago, CloudEndure published a survey that put system downtime, and more specifically the cost of system downtime into perspective.  The online survey was conducted in January of 2016 and responses were collected from 141 IT professionals from around the world who were using or looking to implement disaster recovery.

...

http://www.everbridge.com/you-cant-prevent-it-outages-from-happening-but-you-can-be-better-prepared-to-deal-with-them/

Springtime is a time for flowers, leaves on trees and new grass – a manifestation of nature’s own recycling program – but it also marks the beginning of weather patterns that can create less-inviting scenarios. Between the tornado season, the hurricane season kickoff and what traditionally has been the start of a fire season, springtime lights up a veritable cauldron of natural disasters just waiting to boil over.

That’s why MSPs at this time of year should be talking to their clients about data backup and disaster recovery (BDR) strategies. With those clients who already have a strategy in place, this is a good time to review their plans to assess whether they still meet all of the clients’ requirements.

Are all new users included in the backup process? Are they aware of recovery procedures in the event of a disaster? Have any systems been installed recently that require some kind of upgrade to the BDR?

...

http://mspmentor.net/blog/start-hurricane-season-good-time-talk-bdr-clients

Thursday, 26 May 2016 00:00

Safety After a Tornado

So, you and your family have survived a tornado; it’s awesome that you were prepared, and you ended up coming out of it in good shape. Unfortunately, after a tornado, it’s very common for homeowners to see significant property damage. When you’re dealing with structural damage to your home, you need to consider the safety of your family, and what you do after a tornado can be just as important as what you did in preparation for it.

A study done on tornado damage in Marion, Illinois, showed that 50 percent of tornado-related injuries occurred after a storm
had passed. It’s common for injuries to occur during cleanup and post-tornado activities; almost a third of these injuries occurred after a person stepped on a nail. A tornado damages power, gas and electrical lines, and when you combine that with storm debris, it really puts you at risk.

...

http://nationaldisasterrecovery.org/safety-after-a-tornado/

Object storage delivers an underlying agility that lets a wide variety of users access and utilize data with a wide variety of applications across a wide landscape of locations.

Have you ever met a senior corporate executive who was asking for data?

Not likely. Answers are what most senior execs are seeking. Actionable answers. Answers that can help them more quickly make more highly effective decisions that drive truly impactful action.

...

http://www.informationweek.com/partner-perspectives/redhat/using-object-storage-to-deliver-the-agility-todays-big-data-apps-require/a/d-id/1325678

SALEM, Ore. — When Target’s systems were breached in 2015, it was rumored that the cyber side of the house had the information it needed, but didn’t know it was looking at an attack that compromised its clientele's credit card information.

In just the last decade, threat vectors have evolved from the standard “known” perils of the cyber realm to the evolving attacks that change from discovery to detention within systems — and the ever-changing threats are not just a problem for the private sector.

During the Oregon Digital Government Summit held May 24, Bob Pelletier with Palo Alto Networks discussed the issues facing IT teams everywhere and how they could better defend their networks from bad actors.

...

http://www.emergencymgmt.com/safety/Cybersecurity-Changing-Landscape.html

In speaking with enterprise CIOs and IT managers, I hear a lot of the same stories about successful technology deployments and complicated mistakes. As companies scale, they tend to take separate paths to similar ends, eventually running into the same obstacles and undertakings.

One of the most interesting, but not infrequent, stories I’ve heard comes from enterprises that recently built primary or secondary data centers – without considering that in the modern cloud era, there are no circumstances under which a company should build a data center.

A company telling this story likely bought land and constructed its new data center in a remote part of the country, where real estate and utilities were cheap. It entered a contracted agreement with a single network carrier that served the area. Then, as the organization grew and the company sought to work with new service providers, the team was surprised to learn that its site’s so-called valuable location prevented the data center from accessing certain services, ultimately putting a cap on the company’s growth.

...

http://www.datacenterknowledge.com/archives/2016/05/25/colocation-cloud-killed-data-center/

In our mobile world, our mobile devices play a pretty large role in our lives, right? We go to sleep with our phones by our beds, most of us even use its alarm to wake us up in the morning. And during the day, it’s always within reach.

That means you should be able to use your most valuable emergency preparedness tools—like your emergency notification system—right from your phone.

Why do you need an emergency notification mobile app?

Smart technology and mobile devices allow you to keep your people safe, informed, and connected from anywhere. You should have access to your emergency notification system whether you’re at your desk or on the go, from whichever device is within reach—whether it’s your personal iPhone, your Android that’s just for work, your PC, or your tablet. The right ENS vendor makes your smart phone even smarter when you have the most reliable enterprise monitoring and notification software available in one easy-to-use app.

...

https://www.alertmedia.com/your-emergency-notification-system-the-role-of-the-mobile-app/

Wednesday, 25 May 2016 00:00

The Cost of Compliance

FINRA released advance warning of their 2016 priorities for broker-dealers with its latest Regulatory and Examinations Priorities Letter earlier this year, highlighting data quality and governance as primary areas of concern. But many firms are forgoing the investments needed to upgrade their compliance programs – even as regulators and data issues increase year over year. Is your firm’s passive ignorance a sure path to more fines this year?

The amount of data being created and stored by broker-dealers has increased over the past few years, and data is being stored in multiple and unstructured formats across a multitude of different systems. This has led to siloed processes and sloppy reporting – and FINRA has noticed, firmly outlining the top areas of concern in the new letter:

...

http://corporatecomplianceinsights.com/cost-of-compliance/

FMCSR stands for Federal Motor Carrier Safety Regulations.

While companies are subject to many compliance related requirements, it can still be argued that not all compliance requirements are viewed to be equally important to the operations of a company.  FMCSR and its requirements can often fall into that “of less importance” category.

This posting assumes that Federal Motor Carrier Safety Regulations is a requirement where training is all too often incomplete and in some cases not performed at all ….even knowing that all training must be documented and available on request for internal or external audits.

Even worse — When nothing happens, no accidents, and no one performs a thorough audit, everything can often be perceived to be “OK”.  As a result, many companies are falsely lulled into believing they are in compliance when they are not.

In the middle of a critical event, it’s easy to forget who needs a notification and where they’re located. When time is of the essence, using groups can streamline the notification process allowing you to notify your users more efficiently. When you have a next-generation emergency notification system like AlertMedia, groups can simplify that process.

Groups are a collection of people that you can quickly and easily send a message to from your emergency notification system. Users can be grouped together based on common traits such as the user’s location, departments, their function, etc. – the possibilities are endless. Here are a few group must-haves you will want to incorporate with your emergency notification system:

...

https://www.alertmedia.com/using-groups-to-succeed-with-your-emergency-notification-system

The State of Virginia Department of Motor Vehicles lost access to its IT systems for hours this past Saturday as a result of a data center outage that disrupted network access for more than 60 state agencies.

Caused by a faulty network switch, the outage was resolved about five hours after it started, Richmond Times-Dispatch reported. The data center is owned and operated by Northrop Grumman, which resolved the issue by replacing a faulty part with one from a test environment that was running in the facility.

The switch failure “caused a widespread outage of inbound and outbound communications traffic through the information technology infrastructure for executive branch agencies,” Marcella Williamson, spokesperson for the state’s IT agency, told the Times-Dispatch.

...

http://www.datacenterknowledge.com/archives/2016/05/24/report-data-center-outage-cripples-virginia-dmv/

Wednesday, 25 May 2016 00:00

Symbolic IO Rewrites Rules For Storage

The defiant math of Radiohead's song "2 + 2 = 5" can now be found in an enterprise storage system called IRIS from Symbolic IO. With IRIS, which stands for Intensified RAM Intelligent Server, the whole is greater than the sum of the parts. That turns out to be an advantage because you can allocate less storage space for the parts than they'd require as a single set.

The four-year-old company, founded by CEO Brian Ignomirello, who served as CTO of HP, claims it has found a way to store data in substantially reduced form and to retrieve it without any loss in random access memory (RAM). Symbolic IO's technology, which the company says is the first computational-defined storage product, thus amounts to magic, in the sense that "any sufficiently advanced technology is indistinguishable from magic," as author Arthur C. Clarke put it.

Indeed, Symbolic IO describes its storage system in magical terms when it refers to IRIS "'materializing' and 'dematerializing' data in real-time."

...

http://www.informationweek.com/data-centers/symbolic-io-rewrites-rules-for-storage/d/d-id/1325643

(TNS) - Federal officials on Monday announced new procedures for flood insurance policy holders to file appeals and internal steps to exert more control over the process following complaints that private contractors underpaid claims after superstorm Sandy.

The changes come amid lawmakers’ and homeowners’ continuing criticism of the way claims and appeals are handled by the FEMA's National Flood Insurance Program and the private insurance companies it contracts with to carry out its work.

“Fundamental changes need to take place in this program,” said Roy E. Wright, the flood insurance program administrator. He said he was rolling out “three elements” that would go into effect later this year in what he called “a long-term process.” Wright said they include:

...

http://www.emergencymgmt.com/disaster/FEMA-changes-handling-of-flood-insurance-claims-appeals.html

(TNS) - The John F. Kennedy assassination, the 9/11 terrorist attacks and the Berks County hailstorm of May 22, 2014.

Like the where-were-you aspect of two infamous episodes in U.S. history, the savage hailstorm that hit a small piece of the county slightly more than two years ago has become an unforgettable moment in the lives of those who experienced it.

"It just seemed like the whole world was coming apart," said the Rev. Mark Johnson, pastor of Bausman Memorial United Church of Christ in Wyomissing. "When I came out, my Honda Civic was dimpled up like a golf ball."

The memorable storm hit on a Thursday afternoon. Hail reported as the size of golf balls or larger fell from 2:45 to 3:30 p.m., followed by a second hailstorm within an hour.

...

http://www.emergencymgmt.com/disaster/-Two-years-later-the-hailstorm-that-battered-Berks-County-still-has-an-impact.html

Market research firm IDC forecasts a 50% increase in revenues from the sale of big data and business analytics software, hardware, and services between 2015 and 2019. Services will account for the biggest chunk of revenue, with banking and manufacturing-led industries poised to spend the most.


Data is the driving force underlying market disrupters such as ride-sharing service Uber. Data and analytic projects dominated the top of InformationWeek's Elite 100 list in 2016. So it's no surprise that IDC's most recent forecast for the big data and business analytics market shows significant revenue growth for the next five years.

IDC predicts revenue from the sales of big data and business analytics applications, tools, and services will increase more than 50%, from nearly $122 billion in 2015 to more than $187 billion in 2019. The analyst firm estimates revenue by technology, industry, and geography in its Worldwide Semiannual Big Data and Analytics Spending Guide.

...

http://www.informationweek.com/big-data/big-data-analytics/big-data-analytics-sales-will-reach-$187-billion-by-2019/d/d-id/1325631

Let’s be honest: PCI DSS compliance is viewed as a pain in the neck.  It is seen by management in many companies as a big fire drill to check the compliance box, but without real business value.  They see the scramble to test, remediate and report to achieve compliance, but they often cannot connect it to improvements in their actual security posture.  The lack of perceived value is the result of the prevalent “compliant but not secure” mode of operation.

The fire drill typically includes the following scenario: A large company with tens or hundreds of legacy systems, some of which store its most valuable information, is tasked with complying with PCI DSS requirements and validating compliance in quarterly tests and annual audits. The systems are siloed, owned by different line-of-business and application owners, sometimes with their own IT and security experts.  Each application and associated infrastructure needs to be tested, scanned or otherwise validated to be in compliance.  To minimize potentially negative impact on business critical applications, testing and scanning needs to be coordinated and scheduled with application owners.  Results need to be communicated to those same owners and coordinated with IT administrators to apply the fix.  After the fix is finally applied, the scans and tests need to be repeated to verify the exposure no longer exists.  All of this information exchanging hands starts out in vulnerability scanning and governance, risk management and compliance tools, but most often ends up in spreadsheets and emails.  Multiply those spreadsheets and emails by the number of components and stakeholders, and it is easy to see why the process overtakes the intended objective of cardholder data protection.

...

http://corporatecomplianceinsights.com/pci-dss-compliance-not-check-box-fire-drill/

Data breaches are now a fact of life. Regardless of the size of your business, or the sector you operate in, sooner or later you should expect to come under attack by hackers.

In the past couple of years, there’s been a steady stream of high-profile attacks on companies around the world, from retailers to banks and healthcare providers. And if smaller firms think they will be overlooked by hackers in the belief they are not a valuable target, they are mistaken.

...

http://blog.krollontrack.co.uk/pieces-of-interest/data-breach-response-business-hacked-prepared-fallout-free-template/