Fall World 2017

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 30, Issue 2

Full Contents Now Available!

We’ve mentioned multiple times that implementing a BCM program can be challenging and at times painful. No one likes to point out their business’s vulnerabilities. Many times the investment of time and dollars to do just that can feel like a burden. We’ve seen our clients struggle with this during the implementation and maintenance of their programs. Many times the ongoing investment can be even more difficult. It helps to identify and assess both the tangible and intangible benefits of your initial and continuing investment in the BCM program. Identifying the benefits of a business continuity program helps you define benchmarks and see the light a the end of the proverbial BCM tunnel. We’ll take a look at the more commonly known benefits of a business continuity program. Then, we’ll walk you through some benefits you might not have thought of.

...

https://www.mha-it.com/2017/07/benefits-of-a-business-continuity-program/

  
 
The Business Continuity Institute

An earthquake reaching a magnitude of 6.7 on the Richter Scale has hit the Aegean Sea between the Greek island of Kos and the Turkish resort of Bodrum. The earthquake, with its epicentre at a depth of about 10k according to the US Geological Survey, struck at 01:31 local time on Friday, and has reportedly killed two people and left hundreds of others injured.

Turkey’s Disaster and Emergency Management Presidency has reported at least 20 aftershocks since the initial earthquake, and at least five of those registered over 4.0, with the largest reaching 4.6.

According to the US Geological Survey, a earthquake of this magnitude (6.0-6.9 on the Richter Scale, classed as strong) can cause damage to a moderate number of well-built structures in populated areas, but earthquake-resistant structures should survive with slight to moderate damage. Poorly designed structures could receive moderate to severe damage. There will be strong to violent shaking in epicentral area, and it can be felt in wider areas up to hundreds of kilometers from the epicentre.

The region is no stranger to these types of events with an earthquake registering 7.6 occurring near Izmit in the north-west of Turkey in August 1999 killing about 17,000 people, while in September of the same year an earthquake registering 6.0 struck near Athens killing 143 people. In October 2011, an earthquake registering 7.1 occurred in eastern Turkey, near the city of Van, which left about 600 people dead.

Wow - terrifying to wake up to massively shaking room at 6.7 #earthquake on #Kos - thank god no one hurt, just shaken

— Tom Riesack (@QuietConsultant) July 20, 2017

While ensuring that employee and stakeholder safety is paramount, organizations need to ensure they are prepared for such events, certainly those in regions where earthquakes are a distinct possibility. Earthquakes may not feature highly in the Business Continuity Institute's latest Horizon Scan Report, partly because they are very region specific, but there were still a quarter of business continuity and resilience professionals who expressed a concern about the possibility of their organization being disrupted by one.

Organizations must consider what would happen if they are affected by an earthquake, or any other type of disruption, what impact could that disruption have, could anything be done to prevent or reduce the risk, and how would they respond and recover. Furthermore they need to consider how they would communicate with their employees and stakeholders to ensure they are kept informed, and kept safe.

The Business Continuity Institute

 

Canadian businesses are lagging in their risk management approach and are more vulnerable to disruption when compared to their global counterparts, according to a report published by PwC Canada.

Managing risk from the front line revealed that 66% of Canadian respondents (vs 75% globally) had mandatory ethics and compliance training for all employees. When new risks emerge, less than 33% of Canadian businesses (vs 50% globally) reported periodic staff education about new or existing potential risks.

The report also found that future areas of risk and disruption for Canadian businesses will be in technology advancements (70% disruption predicted to 55% disruption globally), human capital (49% compared to 40%) and operations (37% to 26%). 

While Canadian businesses acknowledged that a big part of addressing their vulnerability to risk can be accomplished by moving risk management to the 'front line', many business operations are keeping risk management at the 'second line' (risk management/compliance) or 'third line' of service (internal audit).Respondents indicated that a lack of sufficient resources (skilled people) is the primary factor in preventing a shift in risk management to the first line.

The report reiterates that risk management from the second and third line does not give upper management a clear understanding of their own vulnerabilities. This type of risk management structure has resulted in an inability to manage risks effectively and adapt over time. 

"While Canadian businesses have made some progress when it comes to risk vulnerability, there is still a lot of work that needs to be done in order to catch up with their global competitors," said Kishan Dial, Partner, Risk Assurance, PwC Canada. "By moving risk management to the front line, the organization's leadership will obtain a greater understanding of the risks to their operations and enhance their capacity to manage risks in an agile and proactive way." 

The report makes three key recommendations for addressing business vulnerability:

  1. Shift duties and assign responsibilities: Each line of service should have a defined role regarding risk decisions, monitoring, oversight and assessment of vulnerabilities.
  2. Define risk appetite: Organizations must define risk appetite and leverage the technical tools available to them, including aggregation tracking and reporting.
  3. Establish a risk reporting system: Reporting structures should enable the first line of service, but also require the second and third line to monitor the first line's effectiveness.

"In order to address current and future challenges, Canadian firms must commit to strong risk management structures and processes in order to excel in an ever-evolving economy of the future," adds Dial.

The Business Continuity Institute

 

UK business leaders identify far fewer risks affecting their businesses, when compared to Germany and France, according to research from the Gowling WLG, suggesting an overly optimistic picture among UK business leaders. UK respondents consistently identified between 2% and 25% less than non-UK respondents for each risk area analysed.

The Digital Risk Calculator revealed that external cyber risks (69%) are thought to be the most concerning category of digital threat for businesses across all countries surveyed. This risk is anticipated to grow even further, with 51% of respondents believing that it will increase within the next three years. 

Commenting on the research Helen Davenport, director at Gowling WLG, said: "The recent wide ranging external cyber attacks such as the WannaCry and Petya hacks reinforce the real and immediate threat of cyber crime to all organisations and businesses.

"However, there tends to be an "it won't happen to me" attitude among business leaders, who on one hand anticipate external cyber attacks will increase over the next three years, but on the other fail to identify such areas of risk as a concern for them. This is likely preventing them from preparing suitably for digital threats that they may face."

Other digital risks of concern to participants include customer security (57%), identity theft / cloning (47%) and rogue employees (42%). More than a third of respondents (40%) also believe that the lack of sufficient technical and business knowledge amongst employees is a risk to their business.

Additionally, one third (32%) of UK businesses feel that digital risks related to regulatory issues have increased during the past three years. However, less than a third (29%) believe that regulatory issues are a risk to their business.

 

 

Wednesday, 19 July 2017 16:47

Cloud Market Forecast to Hit $200B by 2020

With cloud providers IBM, Microsoft, and Google releasing their quarterly financials within the week, and Amazon soon to follow, the folks at Synergy Research Group have polished their crystal ball in order to determine where it’s all going. They predict good fortune for those in the cloud business, as well as for developers of software that runs in the cloud. The news isn’t quite so stellar for those selling hardware and software to private enterprise data centers, however.

In a report released Monday, Synergy said it expects worldwide revenues from cloud and SaaS services to grow at an average annual rate of 23-29 percent over the next five years and pass the $200 billion mark in 2020. This will come alongside an 11 percent annual growth in sales of infrastructure to hyperscale cloud providers.

Public clouds will see the strongest growth, with an average gain of 29 percent annually, followed by managed or hosted private cloud services at 26 percent and enterprise SaaS at 23 percent. APAC will be the highest growth region, followed by EMEA and North America. The highest growth areas will be databases and IoT-oriented IaaS/PaaS service.

...

http://www.datacenterknowledge.com/archives/2017/07/19/cloud-market-forecast-to-hit-200b-by-2020/

(TNS) - Cherokee County, Okla., will soon boast a new program to keep residents informed when disaster strikes, after the Board of Commissioners approved a new mass communication system for Emergency Management.

CivicReady, a product of CivicPlus, will alert citizens with time-sensitive information, ensuring effective communications that could keep them safe. Tahlequah and Cherokee County EM Director Mike Underwood said he wishes the new system was in place last week.

"Last week, when we had the bomb threat here, that would have been a pretty good tool to not only take care of our citizens and let them know what was going on, but we could also have grouped in all of our employees," said Underwood. "With one phone call, it would taken care of pretty much everybody, instead of having to hunt and make sure you've got everybody."

In the past, Underwood has used Blackboard to spread the word about immediate emergencies. However, he said CivicReady will likely end up being cheaper at $7,000 annually, and will include extra features.

...

http://www.govtech.com/em/disaster/Emergency-Management-to-Get-New-Communication-System.html