Spring World 2018

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 30, Issue 3

Full Contents Now Available!

Industry Hot News

Industry Hot News (405)

Thanksgiving is almost upon us, which means Black Friday is right around the corner.

According to a recent study from The Balance, Black Friday is still the busiest shopping day of the year with 101.7 million reported shoppers in 2016. Unfortunately, with the crowds come the risks of negative incidents.  When you consider the volume of theft that happens, with the damage to stores and assets, you’re looking at an incredibly volatile situation that must be contained through proactive measures and immediate communication.

Mass notification systems like CodeRED are one of the most effective ways to manage these situations. These mass notification systems can be incredibly valuable for keeping people safe on Black Friday for a range of different reasons that are worth exploring. Let’s look at a proactive approach.



Today we announced our achievement in winning the Global BCI Continuity and Resilience Innovation Award from the Business Continuity Institute.

Steve Jobs was once quoted saying, “Innovation distinguishes between a leader and a follower.” A quote that we strive to achieve for our clients each day here at OnSolve. Providing an outstanding product is critical to a business’s success, but the choice to further develop, improve and enrich the value of that same product is driven through passionate employees dedicated to making a difference.

OnSolve has produced several groundbreaking innovations this year across our three core brands, CodeRED, Send Word Now and MIR3. Thanks to valuable feedback from our customers, we were able to develop five new features to further business continuity and save lives.



The story you are about to read is true. Only the names have been changed to protect the oblivious.

Joe is the CSO of Acme Enterprise. Arriving at his office a bit late one morning, he runs into Cathy from cryptography, who comments that their IT admin, Adam, has been hard at work since about 5 a.m. This seems odd, considering Adam is not known to be a morning person. Cathy says Adam requested access to the company’s latest build system, where they keep the code to a top-secret product that is about to launch. He also requested access to HR records and the customer payment information systems for maintenance purposes. His access credentials and keys were older, she says, but they still checked out, so she let him continue.

Joe heads for his office and sees Diana from Data Loss Prevention. She tells him that she’s surprised how hard Adam has been working this morning, transferring gigabytes of data around the network. Diana figures there must be a major update in the works, and Joe agrees that’s why Adam must have come in so early. Joe’s impressed with Adam’s initiative to work off-hours, and he asks what kind of data Adam’s been transferring.



(TNS) - It’s a question that’s always asked following major events like the Cascade Fire: How things could have been handled differently?

During the fire, strong winds knocked down power lines compromising the effectiveness of electronic alerts. And then people asked about older emergency warning systems, such as sirens. There aren’t any sirens in Yuba County, Calif.

Russ Brown, the Yuba County spokesman, said older technology, like sirens, also have problems.

“The siren discussion comes up after all types of emergencies – flood and fire alike,” Brown said. “Sirens are a very, very expensive endeavor.”



Monday, 20 November 2017 15:07

Sign up Before Next Emergency

Approximately half of all American businesses will have a tough time getting their data back after an unplanned outage and other mishaps, suggests a new survey from data protection specialist StorageCraft.

A solid data protection strategy and backup technology implementation is a top IT priority at most organizations. How else is a business supposed to recover from an unexpected server meltdown or the latest ransomware outbreak?

The StorageCraft study reveals that this critical safety net is looking a little tattered at many companies. More than half (51 percent) of the 510 U.S.-based IT decision makers surveyed by the firm said they had doubts about their ability to recover data immediately following a disaster or failure.



Traditional law practice will see significant changes in the new year. To assist firms in knowing what to expect, Bluelock has compiled an informative eBook of predictionsfrom 15 different experts within the legal industry, with insights coming from Bluelock, law firm partners, associates and a variety of companies that service the legal industry.

The eBook covers seven categories: Operations, Cybersecurity, Compliance & Regulations, Business Continuity & Disaster Recovery, Artificial Intelligence, Workforce and Major Technology Disruptions.

Readers will learn the following:



Monday, 20 November 2017 14:50

2018 Predictions for the Legal Industry

According to Fortune Magazine, “Cyber Monday 2016 was the biggest day in the history of U.S. e-commerce. Consumers spent $3.45 billion online…”

Also, Practical Ecommerce reports that “consumers spent a total of $12.8 billion online in the U.S. during the five-day period from Thanksgiving Day through Cyber Monday, 2016”. Black Friday 2016 was the first day to generate more than one billion dollars in online sales from mobile devices.

Black Friday, the day after Thanksgiving Day in the U.S., used to be the single biggest retail day of the year, officially kicking off the Holiday shopping season. In recent years, that one day has turned into five – some brick and mortar retailers are open on Thanksgiving Day, and the weekend sales stretch into Monday. And of course, online shopping is available anytime, day or night, from a desktop, pad or phone, with a concentration on Cyber Monday.



Cyberattacks from other countries are now seen as a major threat to the U.S. by 72 percent of Americans, according to a national survey from the Pew Research Center.

This view has changed little in recent years, apparently. But what has changed is public opinions about other global threats.

Take climate change—now viewed as a major threat by 58 percent of Americans, up 7 points since January, and the highest share since 2009.



Data warehouse developers have historically walked a narrow line between data quality and business agility. At the same time, they balance the needs and relationships between IT and internal business clients.  Technology has answered this dilemma with two separate approaches: the data vault optimized for data warehouse agility, and data warehouse automation for faster and more reliable development.

Data vault modeling is designed for long-term historical storage of data from multiple operational systems, looking at data associated with auditing, tracing of data, loading speed and resilience. Data vault inventor, Dan Linstedt, first conceived this approach in the early 2000s. Data vault modeling is now in its second generation.   

The data vault is a hybrid of third normal (3NF) and star-schema forms that offers significant benefits and interesting challenges. On the plus side, it promises agility to address rapid changes in business needs, separates ingestion concerns from various business uses and promotes data quality best practices. However, its structure is enormously complex with thought provoking design choices.



A natural disaster can jumpstart your business continuity plans, but it can also do it more harm than good. Is your disaster response hurting you?

Disasters like the one in Puerto Rico sometimes cause people to learn the wrong lessons.

Major natural disasters such as the recent floods in Texas, the fires in northern California, and the hurricane in Puerto Rico grab everybody’s attention.

Sometimes this has a positive impact on organizations’ business continuity plans, as when it prompts companies who have not been investing in BC to get serious about implementing or strengthening their methods for keeping their organizations running in the event of a disaster.

However, sometimes the impact is neutral or even harmful.



It’s Not Just General Liability Anymore

Business needs in the 21st century are far more complex than just one general policy will cover. We live in a “sue crazy” culture and the reality is there are just as many people looking to nail it to the corporation as there are happy consumers eager for your product. We hope this guide helps.

Years ago your business insurance choices were simple. You called an agent uptown they set you up with general liability and you hung up a shingle and opened up shop.

Unfortunately, business needs in the 21st century are far more complex than just one general policy will cover. We live in a “sue crazy” culture and the reality is there are just as many people looking to nail it to the corporation as there are happy consumers eager for your product.

The internet has brought us many benefits and has given businesses a whole new opportunity to promote our company and our products, but it also has exposed companies to a whole new level of vulnerability.

All of this needs to be taken into consideration when looking into the insurance you’re going to require.



SACRAMENTO – After some of the costliest fires in California’s history, you might not be thinking about buying flood insurance. But, the time to buy flood insurance is now.

Areas that traditionally are not flood prone are at risk due to changes to the landscape caused by fire. Large scale fires like the ones that raged in October leave the land stripped of vegetation, charred and unable to absorb rainfall. This creates the perfect conditions for flooding because of run-off.

What starts as normal rainfall can turn quickly into costly and potentially deadly floods. Residents need to protect their assets with flood insurance now—before a weather event occurs and it is too late!

Floods are the most common and costly natural disaster. While floods cause millions of dollars in damage every year, not all of them are on the scale of a national disaster. It takes very little water to cause extensive damage. In fact, the National Flood Insurance Program (NFIP) estimates that a mere inch of water in your home can cause up to $25,000 in damage!

Normally you would look to your insurance to cover these costs, but most homeowner’s policies do not cover damage caused by flooding. Residents and business owners are encouraged to buy flood insurance now. In most cases, it takes 30 days for the policy to go into effect.

Flood insurance is affordable and is the most powerful tool to financially protect your home, business, or personal property from flood damage. Flood insurance offers protection even if there is no major disaster declaration.

For further information on the NFIP go online to www.fema.gov/national-flood-insurance-program and then talk with your insurance agent.

For more information on California’s recovery, visit the disaster web page at www.fema.gov/disaster/4344,Twitter at https://www.twitter.com/femaregion9 and  WildfireRecovery.org.


All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD).

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Wednesday, 15 November 2017 16:18

FEMA: Flood After Fire: The Increased Risk

(TNS) — At least five people are dead following shootings at multiple locations in Tehama County, Calif., including an elementary school where at least two children were wounded.

Authorities described a chaotic scene in which a gunman appeared to pick targets at random in the rural Northern California county. They said the shootings appear to have begun as a "domestic violence incident" but did not provide details.

The gunman was fatally shot by sheriff's deputies. His name has not been released. The Tehama County Sheriff's Office said it was dealing with at least five crime scenes and was trying to assess the number of casualties.



When you see a company trending on social media, do you automatically assume that it’s going to be scandalous gossip? Because I do.  But what if I told you companies could become a player in the game and change the way they appear on social media?

Social media has obliterated traditional communication with its inventiveness and convenience.  Today, it is a rarity to see someone walking around without their phone attached at their hip. This need to be in constant communication with our technologies has changed the way people access information.  “How?” you might ask.  In today’s news reporting world, long before reputable news agencies can report an event, the specifics are already circulating social media avenues in real-time thanks to our societies avid Facebookers and Tweeters.  The answers to all your questions are at your fingertips, quite literally!  You can find an answer to almost any question with a few clicks in Safari or Chrome.

Given its ever-expanding user base, social media has become a powerful tool.  It can be used to shape the publics opinion and even produce desired results from the intended audience!  While social media is often known for being a stage to spread negative comments about an organization, with the proper action plan and team involved it can be used to drive positive outcomes as well.



Wednesday, 15 November 2017 16:15

You Say Social Media like it’s a Bad Thing

(TNS) –– Federal authorities knew technology used to broadcast official emergency warnings from cell towers was outdated years before deadly fires ignited last month in Sonoma County and throughout Northern California, forcing tens of thousands of people to flee for their lives, many with no warning.

Messages were too short, didn’t support web links and had the potential to be broadcast too widely, according to Federal Communication Commission members charged with regulating how cellphone companies issue government warnings. The commission in 2015 began a formal process to update the requirements and bring warning capabilities into step with technological advancements, but implementation was delayed by industry objections.

Sonoma County officials have cited those issues as factors in their controversial decision not to use the Amber Alert-type broadcasts to warn people about approaching fires that erupted Oct. 8 and ultimately burned across 174 square miles in the county, killing 23 people and destroying more than 5,100 homes.



Will it ever go away? The basic password is still alive and well.

Just like a boomerang, every time an attempt has been made to throw it away, it just keeps coming back.

Strong passwords, password vaults, even multi-factor authentication have done little to change the regrettable situation where so many people still “protect” (we use the word loosely) their accounts with a password that reads “1234” or “secret” (or “admin” if you’re working in the IT department).

But perhaps an up and coming field in cybersecurity, that of behavioural analytics, will finally offer the chance to stop the accident and incident prone password, once and for all.



Tuesday, 14 November 2017 15:46

The End of the Password (Again)?

In the first part of this two part series, I outlined why computing power has steadily increased over the years and which challenge it inherently brought for today and in the future. In Part 2, I address why the question of the appropriate cooling system and how additional savings through intelligent waste heat utilization is possible as well as why there are still reservations to water cooling to reduce energy requirements.

Status quo in the air conditioning of data centers is cooling by mechanically cold air.

The entire room is cooled, but more than half of the cold air does not reach the heat hotspots, like the CPU. In doing so, huge sums of money are literally blown into thin air. One of the alternatives to air cooling is to use methods with water or other liquids. But as soon as the data center industry is confronted with "water," it frightens them immediately. Water and IT equipment – they do not fit together. Nevertheless, there are a few operators already who rely on the alternative cooling medium.



How IT Incident Management Can and Should Be Supported with a Foundation of Automated Notifications

One of the most significant challenges in terms of IT incident management today has to do with the growing complexity of the environments themselves. As more and more mission-critical systems move into the cloud, the demands placed on IT managers have never been higher. These hardworking professionals are being asked to accomplish more with less on a regular basis, which itself becomes a major problem when disaster (as it often does) strikes.

In some ways, the solution to these issues is clear – IT professionals need a way to quickly, accurately and concisely communicate essential information to people at a moment’s notice. But what, exactly, is the best way to do that?

This problem has led to many unfortunate trends in the industry today. Many companies make the mistake of assuming there is a one-size-fits-all solution to automated notifications of this type. This fails to acknowledge the fact that every organization is different.



Monday, 13 November 2017 17:30

Improve Your IT Incident Management

Companies are working to transform themselves digitally, and there is perhaps no more important driver than the cloud. However, as more and more companies are discovering, there’s no single path when it comes to moving to the cloud. Rather, an effective digital transformation strategy integrates private, hybrid and, perhaps most importantly, public clouds.

Companies are working to transform themselves digitally, and there is perhaps no more important driver than the cloud. However, as more and more companies are discovering, there’s no single path when it comes to moving to the cloud. Rather, an effective digital transformation strategy integrates private, hybrid and, perhaps most importantly, public clouds.

 In a recent survey of its customers, VMware found that 67 percent foresee an ideal “end state” in which they rely on multiple clouds. And while many companies have dipped their toes into SaaS and private cloud waters, increasing development, data analysis, security and general market demands are driving the need for companies to extend their IT environments to public clouds.

 With all this said, integrating public clouds is not for the faint of heart. The key challenges are:



Our people differentiate us from other products and services. While technology changes and is replaced on a daily basis, our experience and delivery continues to build over time. The team at Continuity Centers will consistently impress you with their knowledge, drive, and focus.

Our instant business recovery (IBR) is made of several parts that complete the whole. Each part works together to deliver a solution that keeps your business up and running through anything.

They include:



Monday, 13 November 2017 17:25

The Features of Instant Business Recovery

Bringing Together HICS, Business Continuity, IT Disaster Recovery, and Information Security

Hospitals place high importance on delivering uninterrupted care regardless of circumstances, and, as such, invest heavily in preparedness.  Hospitals that are the most successful in achieving a high-level of preparedness typically have integration between four disciplines: Emergency Preparedness (HICS), Business Continuity, IT Disaster Recovery, and Information Security.  Building cohesion sounds fairly straightforward, but, in reality, it can be complex. From our experience assisting hospitals successfully tackle this charge, here are some practical steps to move toward an integrated approach to preparedness:

Start with Governance

Ideally, create a cross-functional steering committee that ultimately oversees all of these disciplines and has the authority to make risk-based decisions that takes into account analysis from across the preparedness landscape.  Again, this sounds simple, but it can be difficult to successfully achieve.  If it isn’t possible to work from one steering committee, try to align risk criteria across preparedness disciplines so that risks and considerations are assessed on a level playing field, ensuring the most critical issues are addressed first.



Event Pages Make Organizational Communications More Efficient

Whether it’s an emergency or a non-critical event, ongoing communications with employees is often necessary. AlertMedia is known for mass notifications, but we also support efficient communications throughout the life of any event – from planning through resolution.

AlertMedia recently unveiled its newest feature – Event Pages. This new event information hub can be found on your AlertMedia dashboard and can be utilized as a powerful, real-time two-way communication tool for administrators and employees to share pertinent information. Event Pages provides a single place to find everything related to a specific situation, with current and archived updates, documents, videos and photos, and resolutions.



SACRAMENTO, Calif. – If you suffered personal or business losses in the devastating wildfires that broke out in October and you’re waiting for your insurance settlement before you register with the Federal Emergency Management Agency (FEMA), don’t wait any longer. Disaster assistance may be able to fill insurance gaps or provide help if you’ve been waiting more than 30 days on a homeowner’s claim. Another reason not to delay: the deadline for registering with FEMA is Dec. 11, 2017.

Registering with FEMA is required for federal aid, even if you have registered with another disaster-relief organization, such as the American Red Cross. By law, FEMA cannot duplicate insurance or other benefits. However, FEMA may be able to help with uninsured or underinsured losses if the insurance settlement is delayed. FEMA may also be able to help:

• If you have received the settlement from the insurance company but you still have unmet needs.

• If you have exhausted the settlement for Additional Living Expenses (ALE for loss of use) and you need disaster-related temporary housing.

• If your settlement does not cover disaster-related needs such as medical, dental and funeral costs, emergency home repairs and other disaster-related expenses.

If your settlement has been delayed longer than 30 days, you may write FEMA to explain your situation. Provide insurance documentation to prove you’ve submitted your claim, including the claim number, the date you applied and how long you estimate it will take for the company to settle, and mail your letter to:

FEMA - Individuals & Households Program

National Processing Service Center

P.O. Box 10055

Hyattsville, MD 20782-70155

Or fax it to 800-827-8112.

You should also register with FEMA if your wells or septic systems were damaged in the fires. Homeowners in the eight designated counties – Butte, Lake, Mendocino, Napa, Nevada, Orange, Sonoma and Yuba – may be eligible for grant funding to pump septic tanks, perform required repairs or replace the system as needed. Damaged private wells that are the sole source of water for the home and need to be repaired or decontaminated are also potentially eligible.

Survivors who applied for assistance from FEMA and were contacted by the U.S. Small Business Administration (SBA) have many good reasons to submit a loan application before the deadline of Dec. 11, 2017.

Some of the key reasons for submitting an SBA low-interest disaster loan application include:

• SBA helps businesses of all sizes, private non-profit organizations, homeowners and renters fund repairs or rebuilding efforts and cover the cost of replacing lost or disaster-damaged personal property. Renters, as well as homeowners, may be eligible to borrow up to $40,000 to repair or replace clothing, furniture, appliances and damaged vehicles.

• A future insurance settlement may fall short. Survivors may find out that they are underinsured for the amount of work it takes to repair or replace their damaged home. An SBA low-interest disaster loan can cover the uninsured costs. SBA may approve a loan for the repair or replacement of a home up to $200,000. The loan balance may be reduced by their insurance settlement. However, the opportunity for an SBA loan may be lost if they wait until after the deadline expires on Dec. 11, 2017.

• If SBA determines the survivors aren’t eligible for a loan, SBA may refer them back to FEMA. This could make them eligible for more FEMA assistance.

If those affected by the wildfires need help completing their loan application they should call SBA at 800-659-2955 (TTY 800-877-8339) or send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.. They are encouraged to apply online using SBA’s electronic loan application at disasterloan.sba.gov/ela. They may also come in to any recovery center. A list of open centers may be found at www.sba.gov/disaster.

Survivors are advised to contact FEMA online at DisasterAssistance.gov, or by phone at 800-621-3362. TTY users should call 800-462-7585. Applicants who use 711 or Video Relay Service can call 800-621-3362. These toll-free numbers operate 7 a.m. to 10 p.m., seven days a week, and are staffed by operators ready to assist survivors in their languages.

For more information on California recovery, visit the disaster web page at www.fema.gov/disaster/4344, Twitter at https://www.twitter.com/femaregion9 and the Cal OES website, http://www.caloes.ca.gov/ .


All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD).

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

The SBA is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. SBA helps businesses of all sizes, private nonprofit organizations, homeowners and renters fund repairs or rebuilding efforts and cover the cost of replacing lost or disaster-damaged personal property. These disaster loans cover losses not fully compensated by insurance or other recoveries and do not duplicate benefits of other agencies or organizations. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing This email address is being protected from spambots. You need JavaScript enabled to view it., or visiting SBA’s website at www.sba.gov/disaster. Deaf and hard-of-hearing individuals may call 800-877-8339.

Editor's note: This is the second of a two-part series on managing a profitable cloud services business. In case you missed part one, "Pricing Strategies to Profitability Grow Your Managed Services and Cloud Business," you can find it here.

Cloud Profitability Hacks: How You Can Increase Your ROI

When determining your pricing model, make sure you are fully aware of all your costs, both hard and soft. Simply adding a 30 percent markup on cloud services could leave you just barely breaking even. While you absolutely must make sure you cover your variable costs, here’s how to make sure you make double-digit margins.



ORLANDO, Fla. – Florida continues making efforts toward recovery from Hurricane Irma’s severe impact on the entire state – spanning 65,755 square miles from Pensacola on the west end of the Panhandle, Jacksonville on the east coast, south to Key West.

Affected communities and disaster survivors are repairing and rebuilding better, stronger and safer with the help of neighbors, friends, family members, voluntary groups, faith- and community-based organizations and local, county, state and federal governments.

Recovery takes the whole community. The following are highlights of the progress made within the first 60 days since the September 10 presidential disaster declaration and how disaster survivors and affected communities are overcoming challenges:

Assistance to Floridians and the Communities They Live In

Survivors in 48 of the 67 Florida counties are eligible to apply for help under FEMA’s Individual Assistance (IA) program. All 67 counties in the state are eligible to receive federal funding through FEMA’s Public Assistance (PA) program for debris removal and emergency protective measures, including direct federal assistance.

In addition, local, county and state government infrastructure and certain private nonprofit organizations in 55 Florida counties became eligible to receive all categories of PA funding including the repair and rebuilding of certain eligible disaster-damaged facilities.

The PA program benefits everyone in the affected communities because essential services such as roads, utilities, schools and hospitals are restored. FEMA relieves burdens of local and county governments and the state by paying 75 percent of the eligible costs.


So far, more than 2.6 million Florida households have contacted FEMA for IA help. The deadline for survivors to register for federal aid under the IA program is Friday, Nov. 24, 2017.

  • To date, Floridians have received more than $1.5 billion through funding from FEMA, the U.S. Small Business Administration and the National Flood Insurance Program.

o Of that total, more than $899 million in FEMA individual assistance has gone to homeowners and renters whose insurance, or other forms of disaster assistance received, could not meet their disaster-caused needs.

o Homeowners, renters and businesses have received $388 million in 10,579 low-interest disaster loans from the U.S. Small Business Administration (SBA) to repair, rebuild and replace damaged property and contents. SBA offers low-interest disaster loans to businesses of all sizes, private nonprofit organizations, homeowners and renters. The deadline to apply is Nov. 24, 2017.

o NFIP policyholders have received more than $239.5 million in more than 26,600 claims to repair and rebuild flood-damaged property.

  • More than 76,700 survivors have visited Disaster Recovery Centers (DRCs). The first centers opened six days after the presidential disaster declaration.
  • More than 797,000 FEMA housing inspections have been completed.
  • FEMA disaster survivor assistance specialists canvassed the affected communities, visiting more than 208,000 homes to encourage survivors to register for help, while providing them with recovery information and listening to their concerns.

Partners in Florida Recovery Efforts

Thousands of disaster recovery officials and volunteers continue to reach out to and interact with survivors and communities in various ways to help them recover. To meet the immediate needs of survivors – including helping to muck and gut homes and provide emotional and spiritual care – more than 300 voluntary agencies logged more than 520,000 volunteer hours.

  • In an effort to help reduce further damage to property until permanent repairs can be made, 13,370 temporary roofs have been installed in Florida by the U.S. Army Corps of Engineers through Operation Blue Roof. The temporary covering of blue plastic sheeting is installed using strips of wood that are secured to the roof with nails or screws.
  • Thanks to a unified effort to mitigate pollution threats from vessels displaced by Hurricane Irma, 1,492 sunken vessels have been recovered/removed from Florida waterways by the U.S. Coast Guard, the Environmental Protection Agency, the Florida Fish and Wildlife Conservation Commission as well as private owners.
  • Through the State of Florida, Floridians have received an estimated $1 million in disaster unemployment assistance if they lost work or are out of work due to Hurricane Irma. This dollar amount continues to increase to assist eligible applicants.
  • The State of Florida reopened approximately 100 roads impacted by the storm across Florida within two weeks after landfall. In addition, local power crews and crews brought in from across the U.S. and Canada restored 99.9 percent of power to 12 million customers in Florida within two weeks after the storm.

The whole community of partners—including other federal agencies, state and local governments, the private sector and voluntary and faith-based organizations—continue to offer a wide range of help for survivors. For more recovery information, visit www.FEMA.gov/IrmaFL, or follow us @FEMARegion4 on Twitter and on FEMA’s Facebook page.


FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). For TTY call 800-462-7585.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who receive SBA loan applications must submit them to SBA to be eligible for assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

BC in the Cloud provides private and public-sector organizations with a complete, turnkey cloud computing solution for business continuity and disaster recovery. A rapidly growing business with clients ranging in size from 300 to 1 million employees, BC in the Cloud is focused on delivering a strong yet flexible platform that can adapt to the needs of its dynamic, world-wide client base.

The Challenge

BC in the Cloud has always been a cloud first, cloud only business — an approach designed to give the company the horizontal and vertical scalability needed to serve a geographically diverse client base. To support this level of agility, BC in the Cloud hosts its critical infrastructure on Amazon Web Services (AWS). In addition to providing significant cost savings when compared to an in-house data center, using AWS enables BC in the Cloud to focus on its core business. Notes Patrick Escudero, BC in the Cloud Director of Technology, “Working with Alert Logic allows me to focus on making sure that everything is working great for our customers, rather than spending time worrying about the underlying hardware infrastructure.”

BC in the Cloud’s ability to host data remotely provides a major advantage. When their customer’s systems are down, BC in the Cloud can still facilitate a successful response and recovery.



In a newly-published Gartner report, “Source DRaaS With These Five Steps to Avoid a Disastrous Outcome,” expert analyst Ron Blair explains the complicated nature of selecting a Disaster Recovery-as-a-Service (DRaaS) provider in a crowded landscape with varied specialties. According to the report, “The DRaaS market comprises more than 500 providers.”*

In this report, you’ll learn:

  • How to align priorities and expectations across your organization
  • How to effectively scope your DRaaS project
  • Vendor types and how to manage your selection process
  • RFP best practices and how to assess pricing

With so many options, it’s no surprise that organizations struggle to fully assess which DRaaS vendor is right for their IT systems and business objectives, which may often lead to poor decisions in choosing a provider that’s misaligned with company culture and goals.



Some things are hard to predict. And others are unlikely. In business, as in life, both can happen at the same time, catching us off guard. The consequences can cause major disruption, which makes proper planning, through business continuity management, an essential tool for businesses that want to go the distance.

The Millennium brought two nice examples, both of the unpredictable and the improbable. For a start, it was a century leap year. This was entirely predictable (it occurs any time the year is cleanly divisible by 400). But it’s also very unlikely, from a probability perspective: in fact, it’s only happened once before (in 1600, less than 20 years after the Gregorian calendar was introduced).

A much less predictable event in 2000 happened in a second-hand bookstore in the far north of rural England. When the owner of Barter Books discovered an obscure war-time public-information poster, it triggered a global phenomenon. Although it took more than a decade to peak, just five words spawned one of the most copied cultural memes ever: Keep Calm and Carry On.



On the heels of the devastating wildfires in Northern California, hurricanes Irma, Harvey and Maria, the FCC rejected the five largest wireless carriers’ requests for more time to implement upgrades to Wireless Emergency Alerts.

It was September 2016 when the FCC adopted rules to enhance wireless alerts, including increasing the maximum length of messages from 90 characters to 360 characters and requiring that providers support embedding phone numbers and URLs in alerts.

Since then, the Cellular Telecommunications Industry Association (CTIA) sought delays in implementing the new rules. The FCC finally rejected the industry’s reconsideration of the rules.

“It’s amazing that it took four disasters to make this come about,” retired Adm. David Simpson, former FCC public safety and homeland security bureau chief told the San Francisco Examiner. “It should be an embarrassment to the commission, but it’s done.”



For the past several years we have seen many countries creating residency laws, some of which require all government-related data to be stored locally, while others require all consumer data to be stored locally.  European Union countries as well as Russia, China, Brazil and India, are the major proponents of such laws. 

It is not an easy task to satisfy data residency requirements. On one hand, due to cybersecurity concerns, strict residency laws can hinder cloud productivity. Modern IT infrastructure relies on economies of scale, such as a self-driving car may use artificial intelligence software to train itself with a large amount of training data. The more data that is available to the software, the better the software, which makes it easier to contribute more data for training. This process is critical for the success of many cloud applications, from financial transactions to customer relationship management and search engines.

A true hallmark of the internet era has been the free movement of data, leading to concerns as to whether or not residency laws will hinder the development of cloud infrastructure and software. However, if technology is used to secure the data and minimize chances of data getting into the wrong hands, residency laws might actually increase data sharing which would ultimately create new use cases.



Thursday, 09 November 2017 15:09

Cloud Data Centers Need Encrypted Lock Boxes

New IAPP and TrustArc research uncovers perceptions of compliance risk and strategies to mitigate in U.S. and EU

 BRUSSELS – IAPP Europe Data Protection Congress 2017 – TrustArc, the data privacy management company, today announced the results of a joint survey with the International Association of Privacy Professionals (IAPP) that gauges the perceived risks among privacy professionals of not complying with various aspects of the European Union’s General Data Protection Regulation (GDPR). Surveying close to 500 privacy professionals split evenly between the U.S. and EU, the top GDPR compliance risks are failure to: comply with the new 72-hour data breach notification regulation, map data flows, obtain user consent, and manage international data transfers. The results of the survey were released during the IAPP Europe Data Protection Congress in Brussels, Belgium.

“The results of the IAPP survey on the risks of GDPR compliance shines a light on the challenges of implementing effective data protection in general, let alone when you face a looming deadline,” said Chris Babel, CEO of TrustArc. “Working with our customers, we find that the most effective strategy to achieve compliance is based on building employee expertise and know-how, combined with technology platforms that enable the next-generation processes and routines necessary to efficiently do things like identify and map user data and manage user consent.”

With less than seven months to comply with the GDPR, the most sweeping change to data protection in decades, companies all over the world are determining how to best adjust their internal systems and processes in order to address increasingly strict compliance requirements. The risks of not complying with the GDPR include fines up to 20 million Euros or four percent of global turnover, whichever is higher.



A new version of ISO 31000 is due to be unveiled early next year. As the threat of risks grows for governments, organizations and the public alike, how can the new, streamlined standard help to make our future more secure?

Ten years ago, the boardrooms of banks and financial institutions around the world were rattled to hear the news of the collapse of prestigious and highly respected names, such as Lehman Brothers, Bear Stearns and Northern Rock. Alan Greenspan, the former Chairman of the Federal Reserve, described the shock waves that swept the world as a “credit tsunami”.

In family businesses, governments and industry, the aftermath of the global financial crisis is still being felt. Since then, the spotlight has been turned on risk and exposure to risk – how to manage it; how to prepare for it; how to benefit from it; how to learn from it. In our increasingly complex and interconnected world, one of political uncertainty and economic unease and austerity, these questions are more pertinent than ever and the need for best practice even more compelling.



Thursday, 09 November 2017 15:00

The new arsenal of risk management

It’s already that time of year again: pumpkin spice and predictions for the New Year! Forrester’s Cloud team has been busy gathering, analyzing and prioritizing our predictions for what’s ahead in cloud computing for 2018. As our 2018 cloud predictions published today, here’s a sneak peek into what we see ahead for the most transformative technology trend of the past decade.

The cloud computing juggernaut has fueled digital transformation like no other technology disruption before it. Not only have public cloud platforms completely changed how companies of all sizes consume technology; the leading global megaclouds continue to innovate at breakneck speed. New analytics and machine learning services, IoT and edge computing services, powerful container-based development platforms, new database services, advanced SaaS apps that are even easier to buy, integration and API services to link it all together…the list seems endless, and it’s getting longer.

Cloud now permeates all company sizes, industries, and geographies. And all of this innovation isn’t only happening in the big public clouds; exciting new private cloud technology stacks and fresh partnerships between infrastructure vendor stalwarts and upstart cloud-native companies bring the power and energy of elastic, on-demand cloud services to the enterprise data center as well.

In 2018, we’ll pass that magic threshold: Forrester predicts that more than 50% of global enterprises will rely on at least on public cloud platform to drive digital transformation and delight customers. As highlighted in our 2018 cloud predictions, cloud is truly business critical and is now a mainstream enterprise core technology.



You identified risks, then chose and implemented a mitigation strategy. Unfortunately, you have not completed the job. Monitoring risk, including tracking identified risks and evaluating the performance of risk mitigation actions is critical to the risk mitigation process. Systematically monitoring risk feeds information back into the other risk management activities, such as identification, analysis, mitigation planning, and mitigation plan implementation.

The process for risk monitoring includes setting a structure for how often you review your risk, what to monitor, how to report changes, and how to redefine your risk strategies. 



A new 40,000-square-foot training facility will help ensure that the St. Paul, Minn., Police Department gets the most rigorous, up-to-date training available.

It’s been a long time coming, but the department officially unveiled its new $18 million facility, Oct. 31, that will house the trainings that the department has undertaken recently, including efforts that help defuse conflict and provide police with the tools to deal with bias and employ proper strategies when dealing with people with mental illness.

The two-story building is equipped with a new gun range with 12 lanes instead of the six in the old building, five breakout rooms that with moveable walls can be reconfigured into fewer larger rooms or more smaller rooms, a technology room with laptops, virtual training, and even different-sized windows, such as storefront windows for training purposes.  A large classroom can hold up to 10 people or it can be divided into two classrooms with the moveable walls.



BYO Software, BYO Vulnerabilities

The shadow IT phenomenon—in which employees use their personal technology on the job—looms larger than ever. The latest twist- bring your own software.

First up was the bring-your-own-device (BYOD) movement, with employee-owned smartphones, tablets and laptops replacing company-owned devices in the workplace. Now there is a newer shadow IT twist—bring your own software (BYOS). In this increasingly popular model, employees download and utilize software, apps and the like—in some 99 out of 100 cases, web-based—for such work-related purposes as collaborating or exchanging information with colleagues.

Like its BYOD counterpart, the BYOS model affords employees the flexibility to use the tools that best help them fulfill their responsibilities, in turn increasing productivity and benefiting corporations’ bottom lines. But as is true of BYOD, BYOS also opens doors for significant risks, making risk mitigation a must for all corporations that embrace it to any extent.



Nokia let the smartphone get away; Blockbuster never saw Netflix coming to steal its lunch. These are just two of the most frequently cited cases of incumbent businesses that didn’t pay enough attention to the disruptive potential of innovation by a new entrant or competitor. Your company needs to be aware of the imminent reality of being disrupted if it doesn’t stay ahead of the disruption curve.

How do you stay ahead? By starting innovation as early as possible. You’ve heard it many times: fail early, fail often. Or, as Lekshmy Sasidharan wrote in a recent Cutter Consortium Executive Report:

Begin adopting the disruptive and emerging technologies most relevant to your current and future business models as quickly as possible — the idea being to try soon, fail fast to learn fast rather than wait to be disrupted.

“The ‘try soon, fail fast to learn fast’ mentality is essential to both fail fast and fail cheap, since the cost of early failure is less impactful and there’s more time for course corrections by learning from the failure and experimentation. When a company plans to be ahead of the disruption curve, it builds the required capabilities for current and future business models.”

The capabilities Sasidharan refers to include leadership, ecosystem partnerships, strategic flexibility, and a culture that promotes a sense-and-respond outlook on the external environment. Each of these capabilities takes time to build, so getting started early will help you stay ahead of the disruption curve.



Wednesday, 08 November 2017 15:48

Repeat After Me: Fail Early, Fail Often

(TNS) -- Police got a call Monday from people concerned a Janesville man might become violent.

Officers took it seriously, but they determined the man was no immediate threat, Police Chief Dave Moore said.

The man voluntarily turned over a weapon and agreed to work with the police crisis intervention team, which deals with people suffering from mental illness, Moore said.

Paying attention to such tips could avert a tragedy, but despite all their prevention efforts, officials know a mass shooting could happen here, as it did Sunday in Texas.

So they plan for the worst.



Wednesday, 08 November 2017 15:42

Mass Shooting Here? Authorities Have Plans

Bankruptcy per se is not necessarily the end of an enterprise, as several high-profile phoenixes rising from the ashes have shown.

However, unless you know exactly what you’re doing and can trust partners, stakeholders, and bankruptcy courts to let you do it, bankruptcy can end in tears.

For example, trustees or courts force the sales of assets, creditors have their hooks in too deep to be blocked, credit ratings never recover sufficiently for the business to turn a profit, or customers desert in droves, never to return.

Even if bankruptcy is a financial phenomenon (no money), business continuity managers should keep a lookout for factors of any kind that could lead to it.



(TNS) - When the fire swept into Redwood Valley, Calif., Nick Ioimo was among the lucky.

He happened to get up around 1:20 a.m on Oct. 9 to use the bathroom and saw the flames. He and his wife managed to escape, but the elderly couple who lived behind them died in their home.

Nearly a month later, two things are clear to Ioimo, 69: “Nobody could have stopped that fire. But the people could have got out.”

The Redwood Valley fire killed nine people, all living on or near Tomki and West roads, which form the central north-south route in the rural Mendocino County valley. At least half died trying to escape on foot or in their cars.



Tuesday, 07 November 2017 15:49

Confusion Reigned as Redwood Valley Burned

Global mobile commerce growth was expected to double this year, and there are no signs of that growth slowing as we move into 2018. We are seeing the same kind of growth in the use of mobile devices in the enterprise. However, equivalent IT support for that growth is not always a given.

As many of us remember, digital and mobile devices were not always welcome in the enterprise. There was a time when personal mobile devices came into the organization through the “back door,” with employees using them on the sly. The idea of leveraging such devices to access corporate information and systems was just unthinkable.

Flash forward several years: The number of people using mobile devices grew exponentially, and users became accustomed to information at their fingertips—whether their fingertips were at home, in the office, on the soccer field or beyond. The IT department still wanted no part of mobile—at least, not officially—but the genie was out of the bottle and the BYOD movement was born.



We’ve all been in one of those meetings or corporate retreats where “team building” was on the agenda, Teamworkand everyone cringed. Personally, I’ve done more than my share of painful icebreakers in different workplace settings. Team building has gotten a bad reputation for being cheesy or a waste of time. But, according to an article in Forbes, "Despite its reputation for being, well, lame, team building is the most important investment you can make for your people. It builds trust, mitigates conflict, encourages communication, and increases collaboration. Effective team building means more engaged employees, which is good for company culture and boosting the bottom line.” So, how can you reap the benefits of team building without turning people off from the start? 

Here are some tips for team building with purpose:



Tuesday, 07 November 2017 15:46

4 Tips for Team Building with Purpose

In today’s dynamic digital environment, there is no greater imperative than developing an agility and innovation mindset. Organizations must be in a position to turn on a dime—at any time—to meet internal and external customer demand. They must be able to iterate constantly, repeatedly setting and raising the bar in order to stay ahead of the competition. 

However, as partners know all too well, all of this is much easier said than done.

One of the biggest hurdles to business agility and innovation is customers’ legacy data center hardware and software. These systems often exist in silos; therefore, it is difficult to analyze data across systems. This results in information that is, at best, outdated and, at worst, plain wrong. Many companies are also challenged by slow provisioning, complex processes and outdated development systems. And, with shrinking or static budgets, organizations are hard-pressed to scale legacy systems, which means they can’t efficiently meet demand for growth (if they can meet it at all).



Departments within businesses must easily be able to coordinate and cooperate with each other to optimize productivity. Even though this kind of collaboration isn’t always easy, it fosters stability across a company. However, while organizations comprise many specialized departments, the IT department is a driving force behind collaboration, stability and efficiency.

We all would agree that IT management is supported by two major domains: IT services and IT operations. And, of course, the ultimate goal of IT services is to design, manage, deliver and improve information technologies that are used within the organization. IT operations, on the other hand, deal with the administrative side of things. IT operations handle individual application requirements, manage storage and networking, and troubleshoot users’ devices to resolve issues. Typically, organizations employ a help desk solution for their IT services needs and a desktop management solution for their IT operations needs.

Before I dive into how integrating IT services and IT operations streamlines IT management, let’s take a look at how IT services and IT operations influence end-user support and why IT departments need a help desk solution and a desktop management solution in the first place.



The cloud is certainly one of the greatest technology innovations of this century, arguably of all time. The benefits it has provided to organizations across industries are mind boggling, and the benefits it promises in the future are equally profound. It is exciting to think of what organizations will be able to do in five, 10, 20 years as more and more make use of the cloud.

It’s funny, though; once organizations get their data and critical workloads up on the cloud, they often think that they can ignore one of the cornerstones of IT: backup and disaster recovery (BDR).

The logic actually sounds pretty believable. The reason most organizations feel comfortable moving to the cloud now is that it can provide all these benefits reliably and securely. If the cloud is reliable and secure, then it must not have outages, right? Wrong.



During an emergency, you need to know how to send alerts to the public and provide life-saving information efficiently and effectively. Fortunately, today’s officials have much better options than ringing a bell in the town square — the sophisticated and modern IPAWS system is fully integrated with wireless, television, radio and other telecommunication platforms. Learn more about the platform, how to become certified to use it and resources available to you.

Overview of IPAWS

The government’s Integrated Public Alert and Warning System (IPAWS) was created to help protect members of the community as well as to provide protection for valuable property. Emergency management officials can be incredibly busy during an emergency, and creating alerts through three separate systems simply isn’t feasible. IPAWS allows vetted government officials to warn the public through one centralized IPAWS-compliant interface such as CodeRED from OnSolve  The interface  distributes messages via multiple systems that utilize the Common Alerting Protocol (CAP), Emergency Alert System (EAS), Wireless Emergency Alerts (WEA), the weather radio for the National Oceanic and Atmospheric Administration (NOAA) and more.



Advance location alerting helps leaders know when to trigger emergency response plans

By Glen Denny, Baron Services, Inc.


Lately, on an increasingly frequent basis, weather events seem to dominate much of our news, with rising numbers of severe occurrences presenting fresh challenges for public safety officials dedicated to protecting lives and property. It doesn’t just appear that way, it’s an actual fact: Almost 80% of disasters faced by public safety and emergency management professionals today are weather-related. It’s not only dramatic, extreme storms that require advanced forecasting for efficient safety planning, it’s also the numerous, more common fog, rain, ice, snow, and wind events that often impact our daily lives.

In any community, these conditions can differ within neighborhoods, even street to street, and change minute to minute. For anyone involved in safety management—whether responsible for schools, hospitals, churches, companies, organizations, sports venues, pools, parks, or other public gathering sites—being able to monitor and stay ahead of rapidly changing weather at specific locations is a difficult, time-consuming job that can have serious life or death repercussions.

Accustomed to regional forecasting, public safety professionals have traditionally made the best decisions they can given the broad-based storm information they’ve received. But today, with severe weather events rising, they face a growing dilemma: What’s the best way to access customized, advance weather intelligence data specific to their area so they can enforce whatever timely and effective safety plans are necessary to protect their community and its assets?

Though emergency management professionals and public safety officials aren’t trained meteorologists, fortunately, thanks to modern weather data technology and improvements in the ease of access, they don’t have to be. A new system of data-driven, location-based alerts offers an innovative tool for safety management officials, delivering customized, active monitoring that triggers advanced emergency preparation plans addressing multiple weather hazards.

Web and mobile on-demand system alerts keep pace with changing weather conditions

Denny2America’s a big country, one that experiences nearly every weather event Mother Nature dishes out. Safety managers know that severe weather means different things to different regions across the U.S. and preventative plans must change accordingly. In Florida, emergency management professionals might seek weather alerts informing them when temperatures will fall below 40 degrees so they can implement plans to open homeless shelters or advise citrus owners to protect crops. In Arizona, public safety officials need to know when excessive temperatures might dictate additional safety measures to keep people cool, especially the elderly and very young.

Each region has a threshold for hot or cold, too much snow, too little or excessive rainfall. And although the big, headline-grabbing weather events like tornados, blizzards, hurricanes, and floods command attention, safety professionals require accurate weather intelligence affecting specific, localized areas where daily conditions have immediate impact on commuters and the public.

One provider of reliable, weather technology data is changing the way safety and emergency management professionals stay ahead of severe weather events. At Baron, a global leader in critical weather intelligence, scientists have teamed with seasoned meteorologists to develop a next generation tool, easily accessible to emergency safety managers and planners, advancing precision weather forecasting. Baron Threat Net’s web portal products offer public safety officials a comprehensive weather monitoring platform targeting street level views.

Threat Net’s high resolution, customizable mapping allows emergency managers to concentrate their attention on operational conditions impacting specific areas of concern, with user-friendly navigation and a pre-set feature allowing up to 20 site maps to be stored for future reference. How much rain has fallen, and how much is expected? Exclusive precipitation, accumulated precipitation and 24-hour accumulation forecasts keep users on top of possible flooding risks. Baron Threat Net’s Severe Threats allows simultaneous views of areas threatened by potentially damaging winds, flooding or hail. A Cloud to Ground Lightning feature shows real-time lightning strikes at street level. Using a combination of actual and forecasted products, the Road Weather/Conditions feature offers actual road condition alerts displaying a variety of concerns such as Patchy Ice, Flooded, Snow and Heavy Snow or just plain slippery road surfaces. Baron Threat Net’s complete tropical weather package tracks hurricanes and tropical storms, monitoring the latest maximum wind speeds, watches, warnings and storm surge conditions, making the information easily accessible.

Denny3To keep safety professionals informed in advance, Threat Net delivers customizable, pinpointed local alerts making officials aware of locations and assets in the path of impending, potentially dangerous, weather. Users select a location, identify the risk and choose a notification method—on screen, by email, or via push notifications to a phone—while the system, which includes patented Baron Safety Alerts and standard National Weather Service watches and warnings, automatically monitors that location. A companion app lets users access real-time weather conditions from any location, a valuable feature for safety departments sometimes short on personnel resources.

Proprietary, customized weather alerts safety management professionals can depend on

Local and regional safety managers are familiar with their area environment and the kinds of weather events making them most vulnerable. Most have been on the job for some time, and may have grown somewhat skeptical about the accuracy of long and short-term weather forecasting. They shouldn’t be. Advances in computing power, speed and forecast algorithms have dramatically improved weather forecasting technology, and today accessing that critical information is easier than ever.

That’s where Baron’s Threat Net products are making the biggest difference for safety management professionals. While traditional weather services are okay, none deliver the kinds of proprietary, customized weather alerts available through Threat Net & Pinpoint Alerting products. The proprietary alerts they provide supply pre-set custom alerting of 80 different weather conditions.

"When I'm in the field I use a lot of tools to help me navigate around severe weather, and the most reliable one is Mobile Threat Net,” says Martin Lisius, a Severe Weather Expert from Arlington, TX.

Denny4Safety personnel can receive customized forewarning of changing conditions invaluable for getting them ahead of weather events, helping them determine timing and scope of emergency response plans. And quite simply, the more advance notice officials get before dangerous weather arrives—the more accurate, granular and detailed that information—the better their response planning will be.

“Baron has a history of working with our partners to understand their needs and has developed customized alerts that pinpoint the exact timing and location of weather events that will impact our customers; many of these alerts go beyond the traditional weather warnings we are accustomed to receiving and focus on specific weather phenomena, such as hail and lightning,” says Bob Dreiswerd, Baron’s Chief Development Officer. “Baron also works with customers to develop alerts specific to their situation that focus on weather related events that directly impact their operations.”

Not your grandmother’s weather forecasts: incisive weather intelligence takes the ‘might’ out of forecasting

Baron’s suite of weather intelligence products offers safety officials user-friendly, data-informed alerts letting them know what’s actually coming, in many cases well before it arrives. The complete data set of customized tools can provide street-level road forecasts 24 hours in advance, deliver a tropical weather package tracking maximum wind speed, watches, warnings and storm surge, and even keep safety personnel informed during unpredictable emergency situations like hazmat spills or terrorism. With trains and trucks transporting hazardous materials through communities daily, Threat Net can help safety management professionals determine wind and rain conditions with potential to spread spills, smoke, gases or other toxic substances when and if spills occur.

Whether you’re a small-town mayor charged with knowing how much additional rainfall to expect in order to keep residents in the path of impending flooding safe, or an Emergency Management Coordinator like Rusty Chase of Isle of Wight County, VA, relying on Mobile Threat Net to make decisive plans based on its alerts, all safety management professionals need access to the best weather intelligence available today. “We saw dangerous weather on Mobile Threat Net and were able to give the schools adequate time to shelter children in the hallways during a tornado,” Chase says. “Had we released the kids to go home prior to my alert we would have had them on the roads and probably had injuries and fatalities.”

Relying on critical weather intelligence and customized alerts like these gives safety officials the confidence they’re using the most effective tool available for making informed planning decisions to secure the safety of their community. A recent example of the utility of Baron’s weather intelligence tools came with the arrival of Hurricane Harvey on the gulf coast. Threat Net’s live monitoring of Hurricane Harvey allowed users to prepare for the storm before it made landfall. While the storm’s impact couldn’t have been avoided, Threat Net’s prediction helped many people better prepare for Harvey’s force. When advanced technology produces weather data products capable of delivering customized advanced warnings today’s safety management professionals can depend on, why wouldn’t they?  

Positioning Companies to Face the Future Confidently

With most companies and industries facing uncertainty when looking to the future, there arises the question of how confident organizations are in executing their strategies successfully. More specifically, how can executive management and the board of directors assist the organizations they oversee with facing the future confidently?

Confidence is neither a cliché nor an assertion of mere optimism, but rather a quality of the human spirit that drives leaders and their organizations forward. Given the importance of confidence in human endeavors, especially in a rapidly changing environment, we explore the attributes of confidence that executives and directors can use to assess and advance their organizations along the journey to realize their organizations’ respective vision.



Thursday, 02 November 2017 14:57

Armed With Confidence: The Infallible Edge

(TNS) — Two days after a heavy storm ripped through Connecticut, an estimated 21,000 customers remained without power Wednesday morning and both residents and many local officials were growing increasingly frustrated with the response from Eversource.

“I think the storm did take them by surprise,” said Lebanon First Selectwoman Betsy Petrie. “That’s just not acceptable,” said Petrie, who had about 1,100 homes in her town without power late Tuesday afternoon. By 6 a.m. Wednesday, the number of outages was down to 763, 35 percent of the town; Lebanon schools are among a handful that remained closed Wednesday.

In Hebron, where about 25 percent of the town remained without electricity Tuesday night, Town Manager Andrew J. Tierney said residents “can’t understand why it’s taking so long to restore power.” By 6 a.m. Wednesday, 175 Hebron customers, or 4 percent of the town, lacked electricity, according to Eversource.



Avoiding the burden of server management is one frequent reason for moving workloads to the cloud.

Yet the fact is that many cloud environments still require a fair degree of management -- a fact organizations tend to overlook.

This creates an opportunity for MSPs.

Setting up and managing physical servers is a lot of work.

This is a primary reason why organizations move to the cloud.

In the cloud, users don't have to set up the physical servers that host applications or data.

Nor is it users' responsibility to keep the servers up and running.

Failing hard disks, problems with the host operating system and so on are managed by the cloud provider.



The Internet of Things (IoT) has been a hot area in the last few years. The number of connected devices has been growing steadily with Gartner forecasting that IoT devices will outnumber the world’s population in 2017: 8.4 billion connected things in 2017 and 50 billion in 2020. These connected devices generate massive amounts of data. Today, devices and appliances that were not previously connected (fridges, cars, watches, etc.) are equipped with sensors and peripherals that generate data.

Alongside IoT, enterprises are betting hard on big data. Data is the most precious resource of our digital economy. Many enterprises are applying big data analytics to harness this vast amount of data and take advantage of the insights it provides: identifying trends and patterns to deliver improved services and experiences to their customers, helping companies monitor and streamline their operations, or perform preventive maintenance of machinery and infrastructure.

The business process is similar across many applications. IoT devices provide the data and big data analytics allows for extracting insights. However, a monumental challenge arises: Where will all this data be processed and stored?



Aligning ITIL processes to your DR plan leads to more efficient and effective use of IT infrastructure. Inadequate planning is a risk to the business, and is often overlooked until it is too late – when a crisis event such as a major outage, security or other breach results in the loss of supporting IT systems.

About the ITIL Framework

Many organizations strive to become ITIL compliant or to use ITIL as an IT process framework. ITIL is exactly that – a framework for IT processes and services. It provides best practices, key performance indicators (KPI), and benchmarks for measuring IT service development, performance, and quality.  It is not my intent to use this blog to describe ITIL in detail. Standard searches will provide multiple resources than can be used to learn about ITIL. Complete implementation of ITIL can be time consuming – and a program unto itself. We recommend using ITIL, to the level it makes sense in your organization, as a framework. Use of the basic concepts will provide tremendous value without overshadowing other business critical functions and projects.

The goal of using ITIL is to ensure that your program and implementation follow best practices, and to promote efficiency and functional capability.

We will map the appropriate ITIL processes to IT Continuity Service Management listed below. In general, the ITIL processes associated with IT DR are: SD,,,



2017 has shaped up to be a historic year in terms of disasters. In the last 3 months alone, we’ve seen some catastrophic security breaches and cyber attacks along with other disruptions (i.e. active shooters, severe devastation from natural disasters – wildfires, earthquakes, and hurricanes) hit organizations. The need for recovery and response plans is apparent, but leaves the question of how can I better prepare? One way to improve these plans is taking a holistic approach by incorporating Governance, Risk and Compliance (GRC) into planning efforts. As OCEG states, “GRC is the integrated collection of capabilities that enable an organization to reliably achieve objectives, address uncertainty and act with integrity”.



Thursday, 02 November 2017 14:44

The Holistic Approach to Planning

A new crop of emerging technology stands poised to unleash another cycle of raised consumer expectations, changing behaviors, and disruption. The stakes for business leaders are high — a wrong investment could put your firm out of business; make the right move and you’ll vault over your competitors.  

Which tech should you bet on? Which vendors are in the space? Which vendors will be the best fit for you, and will they actually be around in two years? We’re launching two new research methodologies to help you untangle the crowded and complicated emerging tech space. These are: 



Fraud Frequently Asked Questions

1. What fraud issues should survivors be aware of after Hurricane Irma?
    There are a number of fraud concerns survivors need to be aware of to protect themselves:

  • Beware of individuals charging survivors a fee to apply for disaster assistance, receive a home inspection or install a blue tarp through the Blue Roof Program. THIS IS FRAUD. Federal workers NEVER solicit or accept money from applicants.
  • There are also reports of people registering for assistance using someone else’s information. If you suspect anyone of committing fraud and stealing your identity, report it to local law enforcement. You should also report it to:

a. The Department of Justice's Disaster Fraud Hotline at 866-720-5721 or email This email address is being protected from spambots. You need JavaScript enabled to view it..

b. If you discover that someone is misusing your information file a complaint with the Federal Trade   Commission through the website: IdentityTheft.gov.

c. You can also file a complaint with the OIG:

i. Online at the OIG’s website (www.oig.dhs.gov),
ii. Fax it to 202-254-4297, or
iii. Mail it to the DHS Office of Inspector General: Mail Stop 0305; Department of Homeland Security; 245 Murray Drive SW; Washington DC 20528-0305.

d. Make sure to alert the FEMA helpline to the issue as well by calling 800-621-3362.

  • Beware of robocalls from imposters. However, FEMA does plan to conduct outreach by autodialer, in some cases. If you are contacted, the phone number you should reply to is the FEMA Helpline: 800-621-3362 (FEMA).
  • Watch out for insurance related scams.

a. Notify your insurance company after a disaster.
b. Beware of imposters claiming to be FEMA representatives, asking for money to assist with the filing of federal flood claims.

2. How do I know if a FEMA representative is legitimate?

  • If you’re meeting a FEMA representative in person, ask to see their identification badge. All federal employees carry official, laminated photo IDs. FEMA shirts, hats and jackets do not make them official.
  • When a FEMA inspector comes to your damaged home, he or she will require verification of your identity, but will already have your registration number. Keep your FEMA registration number safe. Do not share it with others.
  • No federal government disaster assistance agency will call you to ask for your financial account information. If you’re unsure whether someone claiming to be a FEMA representative is legitimate, say you are hanging up and call the main FEMA helpline at 800-621-3362 to speak about the incident.

3. Do inspectors charge for an inspection?

  • Federal inspectors do not charge a fee at any time to inspect your property. FEMA and the Small Business Administration will never ask you for money.  Our inspectors never require banking information or payment in any form.
  • They also do not determine eligibility or dollar amounts of assistance.

4. What happens when a building contractor shows up, and says they were sent by FEMA?

  • FEMA does not send building or repair contractors. The job of a FEMA housing inspector is to verify damage. FEMA does not hire or endorse specific contractors to fix homes or recommend repairs.
  • If someone comes to your door and says that your home is unsafe, do not believe them and do not let them in.
  • Have an engineer, architect or building official inspect it. An unethical contractor may actually create damage to get the work.
  • When in doubt, report any suspicious behavior to your local authorities.

5. How do I hire a legitimate building contractor?
    Here are a few tips to consider when hiring a legitimate building contractor:

  • Always use a licensed local contractor backed by reliable references.
  • In Florida, contractors are required to carry general liability insurance and worker’s compensation.
  • Require a written contract with anyone you hire. Be sure to read and understand the contract. Never sign a blank contract and never pay more than half the cost of the job upfront. Be sure to get a written receipt for any payment.
  • If one estimate seems much lower than the others and sounds too good to be true, it probably is. Many unethical contractors provide low-ball bids that seem attractive. But the contractors are often uninsured and may charge substantial cancellation fees.
  • Never pay for work in full in advance. The Better Business Bureau recommends a consumer pay half or less of the contract price before the contractor begins repairs and the remaining balance once the work is complete and the owner is satisfied.

6. What should people who did not apply for disaster assistance do if they suspect that they are a victim of disaster fraud?

  • To report disaster fraud, contact The Department of Justice's Disaster Fraud Hotline at 866-720-5721 or email This email address is being protected from spambots. You need JavaScript enabled to view it..
  • Email FEMA’s Office of the Chief Security Officer (OCSO) Tip line at This email address is being protected from spambots. You need JavaScript enabled to view it..
  • You can also file a complaint with the OIG:

a. Online at the OIG’s website (www.oig.dhs.gov),
b. Fax it to 202-254-4297, or
c. Mail it to the DHS Office of Inspector General: Mail Stop 0305; Department of Homeland Security; 245 Murray Drive SW; Washington DC 20528-0305.

  • Contact the FEMA Helpline at (800) 621-3362 if you had not previously registered for FEMA assistance, and do not wish to register. They will not need to take further action. The original application will be locked to maintain a record of the potentially fraudulent file.

7. If I was a victim of disaster fraud, but I still need to apply for assistance, what should I do?

  • Contact the FEMA Helpline at (800) 621-3362 and tell them you have not previously registered for FEMA assistance and that you wish to register.

8. If I tried to apply, but the system said I have already applied, what should I do?

  • Contact FEMA’s Helpline at 1-800-621-3362.

9.  Will I need to wait until the investigation is complete, before I can register for assistance?

  • No. FEMA does not need to complete the investigation before you can have a new registration taken. However, FEMA will need to verify your identity.

10.  Is there anything else people should know?

       Unfortunately, scam artists may pose as government officials, aid workers, charitable organizations, or insurance company employees.

  • Do not respond to texts, phone calls or requests seeking your personal information. The only time you should provide personal information is during the initial application process for FEMA help or when you initiate contact with FEMA to follow up on an application. FEMA inspectors only require verification of identity. FEMA may call you by autodialer, in some cases. These calls will not request your personal information—you will only be asked to call the FEMA Helpline at 800-621-3362. 
  • Ask for identification and don’t be afraid to hang up on cold callers.
  • If you need to contact government agencies, use official information posted on their websites or in other verified sources.
  • Don’t sign anything you don’t understand or contracts with blank spaces.
Wednesday, 01 November 2017 16:42

FEMA: Fraud Frequently Asked Questions

Many companies have strong Annual Plans but fail to execute on them and miss their targets year after year. They know that they are missing something, but they aren’t sure what. There are many reasons why nearly half of all companies fail to meet their annual targets, but one of the most important reasons is that they fail to implement a software system to drive company execution. 

Many smaller organizations are using Excel spreadsheets to track their progress and run their company. For some, that may have worked when they were a very small organization, but once they reach 25 or more employees, they hit a new ceiling of complexity. At that size, the old systems no longer work, and many CEOs don’t realize it until it is too late. They get used to losing critical information in a long email list as they search for status updates on projects, trying to find the most recent report from a slew of emails. They should be collaborating in real time with colleagues with comments connected directly to their most important initiatives, the most important data and the vision across all of the departments contributing to the effort.

There is a better way. Hundreds of companies have implemented thousands of plans with Rhythm Software to keep their annual and quarterly plans on track, solve problems faster at weekly adjustment meetings, help managers better utilize their resources and collaborate better on cross-functional projects. The cloud-based software allows you to connect your strategic thinking and annual plan directly to your daily execution. No longer will the efforts of your team be wasted on projects that don’t drive your corporate strategy.



“You know, if you ask a professional athlete what the hardest thing is to do in sports, they’ll all say hit a baseball, but a coach once told me that the hardest thing to do in sports is to walk into your Superbowl locker room at half time and change the strategy that got you there ’cause it’s no longer working.” – The character of President Josiah Bartlett on “The West Wing”.

Even if you’re not a West Wing fan, you can appreciate the challenge implied in the above quote. And, if you deal with protection of data and the resiliency of information systems at work… that quote may hit extra close to home.

The way the majority of businesses today are protecting their data and increasing the resiliency of their systems isn’t working anymore. It may be showtime for your company, but if the data protection and resiliency strategies are no longer working… it’s time to throw out that one and get a new one.



Wednesday, 01 November 2017 16:38

Changing the Data Protection Game

Data center cooling design is one of the most diverse aspects in what otherwise is an industry built on commonality. Despite a common goal of cooling server and heat generating equipment, the factors that drive mechanical cooling system selection differ wildly for each owner, developer, operator, and end user.  Factors such as initial cost, operating efficiency/cost, speed to market, redundancy, reliability, scalability, flexibility, climate control/SLA compliance, water use, equipment space, and maintenance are all weighed differently and have various levels of influence when selecting a system. Today, new technologies offer efficiencies that are reducing both initial costs and energy usage for data center operators.

Out of those factors listed above, initial cost and operating efficiency/cost are often the primary drivers for data center cooling design. Naturally, the question that follows is, ”which cooling system would minimize initial cost and maximize operating efficiency, while scoring well in all the other categories?” One emerging technology that meets these criteria is air cooled chillers with integrated waterside economizer. Integrated waterside economizer provides the ability to create chilled water using just cold air during ideal ambient conditions with no mechanical cooling, all integrated into the standard sequence of controls for the air-cooled chiller.

Air-cooled chillers, while very competitive from a first cost perspective, traditionally have not performed well with regards to energy consumption while operating in mechanical cooling mode.  With a lack of an integral waterside economizer option, air-cooled chillers were almost unusable in most climates, especially those with significant cold weather hours where an economizer would provide significant mechanical cooling relief.



Workplace safety is and will always be a pressing concern. According to a study conducted by the Occupational Safety and Health Administration, we’re making a significant amount of progress in that regard – from a certain perspective. In the four decades that OSHA has been working with state partners, employers and safety and health professionals around the country, worker deaths have fallen from 38 per day on average in 1970 to just 13 a day in 2015. Equally positive is the fact that worker injuries and illnesses are also way down, from 10.9 incidents per 100 workers in 1972 to just 3.0 incidents per 100 employees in 2015.

But one of the unfortunate facts about the modern era that we’re now living in is that the types of dangers that people are likely to face have evolved in a harrowing and unsettling way. People don’t have to worry about falls, being struck by objects, electrocutions or being caught in or between pieces of equipment anymore. They don’t have to worry about safety hazards that were not properly communicated or guidelines that were not adhered to.

With increasing and disappointing regularity, they’ve got to worry more and more about their own co-workers.



Tuesday, 31 October 2017 19:58

How to Spot a Potentially Violent Coworker

It’s not paranoia, they really are out to get you. When the very organisations promoting IT security manage to botch it up, it’s difficult to have confidence in anything anymore.

One of the latest cases of misplaced trust is the CCleaner software saga.

This software, available for PCs and for Android mobile devices, is designed to help users optimise performance by cleaning cookies, internet history, and other temporary files. The PC version was recently hacked, spreading malware to possibly millions of users.



Tuesday, 31 October 2017 19:57

Why You Can’t Trust Anyone These Days

Our Clients Asked. We Delivered!

We recently released a new version of our recipient app to make it even more useful and simple to use.

The MIR3 Recipient App is a free companion app that users can download to their iOS or Android devices as a convenient way to receive and store messages.



Tuesday, 31 October 2017 19:55

The New MIR3 Recipient App

People walking a busy street in Zanzibar.

Countries in Africa are no strangers to major disease outbreaks that can result in illness and death of millions of people.  In the past two years alone the continent has experienced infectious disease outbreaks of cholerameningitisEbola Virus DiseaseLassa fever, and Yellow fever, and other public health emergencies such as drought and famine.

Understanding the big picture

Training participants from Zanzibar discuss the development of an emergency management program
Training participants from Zanzibar discuss the development of an emergency management program.

It is vitally important to have a big picture perspective on emergency management and response – if one country is not prepared for a public health emergency, then all the countries in the region are susceptible to public health threats that can easily cross borders and impact surrounding countries. This is where public health emergency management (PHEM) comes in. In-country PHEM capacities and systems can be strengthened to support global health security. When the workforce is trained, emergency management infrastructure is in place, and functional systems exist, a country is better positioned to execute a coordinated response that can mitigate risk and save lives.

CDC and other international partners support ongoing efforts to help countries across Africa build capacity in outbreak detection and response. This includes preventing avoidable epidemics, detecting public health threats early, and responding rapidly and effectively to outbreaks of international concern. CDC provides expertise in PHEM to train emergency management technicians, provide input on emergency management operations, and guide development of functional processes and systems for ministries of health around the globe.

Getting the workforce ready to respond

In August 2017, CDC spearheaded a 5-day PHEM workshop in partnership with the World Health Organization, the United States Defense Threat Reduction Agency, and Public Health England.  The workshop brought together 55 emergency management staff members from across Africa to learn from experts in the field about how to enhance coordination and response capabilities of their country’s PHEM programs.

Participants came from seven countries – Tanzania, Uganda, Kenya, Ethiopia, Liberia, Sierra Leone, and Nigeria – which all share common interests and challenges related to emergency response. The training focused on developing core principles in PHEM, including trained staff, physical infrastructure, and processes to run a fully functional Public Health Emergency Operations Center (PHEOC). The training highlighted best practices, but since many of the participants had first-hand accounts of responding to public health events in their own countries, they were encouraged to share experiences and network with their peers.

Sharing knowledge and expertise

Public health professionals who work in emergency response know that it’s important to build relationships before an incident so that during a response you work effectively and efficiently with partners. One participant noted that the “rich, valuable contributions from other people’s experiences to build upon what I already knew” was one of the most rewarding parts of the workshop.

The tabletop exercises at the end of the workshop emphasized the importance of information and idea sharing. Participants engaged in tabletop exercises that simulated a response to a Yellow Fever outbreak in northern Tanzania. Participants were divided into 7 teams: management, plans, logistics, operations, finance and administration, communication, and partners. Each team had a mix of participants from different countries.  Teams utilized information they had learned throughout the workshop to developed response products, including an organizational structure chart, objectives for the response, and an initial situation report. This exercise led to a robust conversation about different approaches to public health emergency response.

Seeing response in action

Public Health Emergency Operations staff survey the scene after mudslides in Regent, Sierra Leone.
Public Health Emergency Operations staff survey the scene after mudslides in Regent, Sierra Leone.

A highlight of the training was when Dr. Ally Nyanga, the Tanzania Ministry of Health PHEOC Manager and an alumni of the CDC Public Health Emergency Management Fellowship, took workshop participants on a tour of the Tanzania PHEOC, a small room on the third floor of the Ministry of Health building. Previously used as a storage area for the library, the 10 x 20 foot PHEOC is now an efficient space that staff can use when they respond to public health emergencies and outbreaks.  To date, Tanzania’s PHEOC has been activated to respond to widespread cases of Aflotoxicosis, a type of severe food poisoning, and cholera outbreaks in Tanzania.

While the workshop is over and participants have returned home, the work that they do to prepare for the next public health emergency is ongoing. The workshop highlighted some important takeaways – you do not need a big space and high-tech equipment to respond quickly and efficiently to a public health emergency.  Instead, coordination to share information, resources, and ideas is vital to a successful emergency response, both in-country and across an entire region.

Learn more

Posted on  by Loretta Jackson Brown, PhD, RN, Health Communication Specialist and Meredith Pinto, MPH, Health Scientist

If you are a survivor of Hurricane Irma, have flood damage, and no flood insurance coverage, you may receive a Group Flood Insurance Policy (GFIP) if you claimed disaster assistance for a home or personal belongings.  

You may receive Group Flood Insurance coverage if you:

  • Live in a flood-prone area;
  • Do not have flood insurance;
  • Suffered property damage from Hurricane Irma flooding;
  • Are approved for FEMA disaster assistance; and
  • Were denied a loan from the U.S. Small Business Administration (SBA).

If you meet all these conditions, you will receive Group Flood Insurance coverage for a three-year period. The 36-month GFIP policy term begins 60 days after the date of the presidential disaster declaration, which was Sept. 10, 2017 for Hurricane Irma. The premium will be part of your FEMA disaster assistance grant.

Renters will also receive Group Flood Insurance if they intend to return to their rental property. However, they must first notify FEMA of their intent to return by submitting a written statement or calling the National Flood Insurance Program (NFIP) helpline at 800-621-3362.

Group Flood Insurance provides coverage up to $33,300. You can upgrade your coverage by purchasing an individual flood insurance policy. If you choose to purchase an individual policy, your Group Flood Insurance will be canceled.

If you were affected by Hurricane Matthew in 2016 and qualified for Group Flood Insurance, you may already have coverage. To get more information or to make a claim, call the NFIP direct servicing agency at 800-638-6620.

FEMA gives GFIP recipients a notice 60 days prior to the three-year policy expiration and a final notice when coverage has been terminated. When a GFIP expires, you will be responsible for obtaining and maintaining flood insurance on your own. Failure to maintain flood insurance will affect your eligibility for future disaster assistance.

Individual coverage becomes effective 30 days following NFIP’s receipt of the applicant’s name and premium payment from either the local, state, territorial, tribal government, or FEMA.

For more information regarding the Group Flood Insurance program or flood insurance in general, call the NFIP call center at 800-427-4661 or go online to www.fema.gov/national-flood-insurance-program.

Tuesday, 31 October 2017 19:51

FEMA: Group Flood Insurance -- How It Works

Halloween unleashes a parade of pint-sized pirates and princesses on towns and city streets throughout the country. Unfortunately, this cherished fall holiday isn’t all fun and games. The reality is that a number of threats can compromise public safety on October 31. There is good news, however. Local agencies can play a significant role in safeguarding the health and well-being of their constituents this October 31, by raising awareness with emergency notifications. Here’s what you need to know. 

The Scary Truth About Halloween

Halloween is a magical time for children. However, most of them fail to realize the adults behind the scenes working hard to keep them safe.

One of the biggest public safety challenges haunting Americans every Halloween? Pedestrian safety. In fact, October is second only to August as the month with the most motor vehicle-related deaths, according to the National Safety Council’s Injury Facts 2016 report.  Not only that, but twice as many child pedestrians are killed while walking on Halloween than on other day of the year, according to SafeKids.org.



Balaouras StephanieBy Stephanie Balaouras

Forrester Research Vice President, Research Director

Each year, Forrester Research and the Disaster Recovery Journal team up to launch a study examining the state of business resiliency.

  • Each year, we focus on a specific resiliency domain, whether it’s business continuity, IT disaster recovery, or overall enterprise risk management. The studies provide BC and other risk managers an understanding of how their practices compare to the overall industry, and it also tracks how priorities, challenges, and practices are shifting over time.
  • This year’s study will focus on business continuity practices. We’ll examine the overall state of BC maturity, particularly in process maturity (business impact analysis, risks assessment, plan development, testing, maintenance, etc.), but we’ll also examine how organizations handle workforce continuity and crisis communication, and we’ll explore the most common causes of business disruption and the lessons that we can gleam from them.
  • What I’ve learned from past studies and from all of the high-profile business disruptions that have occurred in the past two years – from massive airline IT outages to natural disasters – is that business continuity has never been more important. Customers’ expectations for availability have increased dramatically while business complexity, IT complexity, and an increasing number of external risk factors have made the likelihood of a major business disruption highly probable.

For those who will be at DRJ Spring World 2018 March 25 to 28 in Orlando, I’ll be there presenting the complete results and answering questions in person. I hope to see you there. The DRJ will also have a summary of the results on its site. For Forrester clients, the survey results will be examined in-depth in a series of reports in the next few quarters. If you think that this data is valuable to the industry and you are a BC decision maker or influencer at your organization, please take 20 minutes to complete the survey. All the results are anonymous. You don’t even need to submit your email address unless you’d like to receive a complimentary Forrester report, and we won’t use your email address for any other purpose.

Click here to take our survey: forr.drj.com

In theory, your disaster recovery plan works perfectly. But have you told your staff about it?

Creating the plan isn’t enough. DR decisions made in the board room must be communicated effectively to those who need to take action. If your employees don’t know what you expect them to do, you’ll be left without the proverbial paddle.

Inform employees about the DR plan long before a crisis, not in the throes of a hurricane or a cyberattack. Assign roles, build those into job descriptions, and conduct regular training and testing. When DR training is part of employees’ routine, it’ll make all the difference when disaster strikes.

Disaster Recovery Plan Cartoon

  • An enraged man concealing a Glock .45 enters your facility to hunt down his ex
  • A visitor loses consciousness during a meeting, and no one knows what to do as the critical first four minutes tick by
  • The fire alarms go off, you think all of your people have evacuated, but you can’t account for all of them as required by law
  • A company in your same building receives a serious bomb threat, but no one alerts you
  • When you call 911, it takes a least four to eight minutes for help to arrive. You don’t realize during these first life-threatening minutes, you are on your own.

You can’t stop crazy, but…



Tuesday, 31 October 2017 16:32

What scares me

It all started with the rapid rise of technology. Businesses around the world decided that it was time to ditch the old school methods of communication. Instead, they decided to accept the future – and that’s when computers entered the picture.

Along with these computers came maintenance problems and constant issues. Most companies brushed these issues aside. But like everything else, they needed to be repaired when they completely broke. It was that exact mentality that created the break/fix model of IT services.

As the name implies, the model was very simple; when a machine broke, the IT teams were dispatched to fix it. While the machines were slowing down and malfunctioning, the IT teams did nothing. After all, it wasn’t broken yet. Why bother wasting time on a machine that (kind of) works?



Friday, 27 October 2017 15:12

The History of Managed Services

Multi-cloud approaches are taking a bigger share of the market. More than 85 percent of enterprise IT organizations will commit to multi-cloud architectures by 2018, according to IDC.

This will decrease the large cloud players’ monopolies and will lead to higher competition, which in turn will lead to more innovation - new and improved products, efficient pricing, better quality services and many more options to attract customers.

Businesses don’t ask anymore why they need the cloud; rather, they ask which cloud they should choose. So the emergence of multi-cloud is a natural progression, as it offers the flexibility to mix and match cloud technologies and services from different vendors to suit an organization’s exact needs. These can be multiple public clouds, multiple virtual or on-premise private clouds, multiple managed or unmanaged clouds, or a mix of them all.



Friday, 27 October 2017 15:08

Multi-Cloud Approaches Within Reach

Organizations That Want to Survive Significant Operational and Reputational Damage Need to Implement a Complete Crisis Management Program

Your crisis management program creation journey starts here…

We hope you’re reading this article because your organization and its leadership have signed off on the company creating a crisis management program, or there was some other driver that got you to this point.   If that’s the case, and you’re here to find out what a program looks like, so you can present it to your leadership team, then you will benefit from this guide to creating a successful crisis management program. This guide is not all-encompassing, but will give you some clear general guidance on what a typical corporate crisis management program looks like.



Thinking Outside the Box

One of the best ways to achieve ROI is to find ways to extend the use of an investment. You may have purchased software to do one thing and then found it could be optimized somewhere else. While this scenario may not happen frequently, it’s considered a victory when it does.

Emergency notification systems can easily fall into this category. We find most of our clients purchase our software in order to quickly and easily connect with employees when a critical event occurs. They want to eliminate all of the disparate communication systems in lieu of a single, integrated system that enables them to leverage one or several communication channels at the same time. They want to be able to segment their audience, pre-build their messages using templates, and in a click or two, know their message has not only been delivered, but received loud and clear. They want to be able to measure message open rates and constantly improve their emergency plans.

Well done, companies. You are prepared. But did you know you can use your emergency notification system for a whole lot more than emergencies? You can quickly increase ROI by maximizing your use of the software for any desired communication with a specific audience, internally or externally.



Imagine entering your workplace and being met with a sign instructing you NOT to turn on your desktop computers or dock your laptops until further notice. No network access; no email; no dependent application. Unfortunately, this was the actual scenario that played out for one global law firm, DLA Piper, who fell victim to the Petya cyberattack in late June. For this law firm, the loss of email services is devastating; and their email was unavailable for over one week.

The June 2017 cyberattack, known as Petya, affected major organizations throughout many industries. Global shipping conglomerate, Maersk, has estimated quarterly losses of between $200M-$300M, due to experienced interruptions. Large manufacturing facilities were brought offline for many days while working to re-establish critical systems.

Prior to Petya, in May, WannaCry spread worldwide and infected over 200,000 computers. In both cases, infected computers had their data encrypted and hidden from its owners until a ransom was paid.



(TNS) - Question: I keep hearing about how we need to be prepared for a potential nuclear attack by North Korea. They say “know where to go,” but I don’t know where to go! Are there shelters? If so, how do I find out which one?

Answer: No, there are no public nuclear blast or fallout shelters designated in Hawaii, according to the Hawaii Emergency Management Agency, a division of the state Department of Defense.

The agency’s recent PSA, which advises “know where to go, know what to do and when to do it,” gives listeners and viewers general information about how to prepare for any potential disaster, such as having 14 days’ worth of food and water on hand.



Five years ago this month (October 29), Superstorm (hurricane until a few hours before landfall) Sandy made landfall along the coast of New Jersey just northeast of Atlantic City.  Sandy was one of the most devastating hurricanes to hit the northeast United States, causing more than 70 fatalities and $50 billion dollars in damage. It was the deadliest Northeast United States hurricane since Agnes (1972) and the 2nd most expensive United States hurricane on record behind Katrina (2005).  While heavy rainfall and strong winds were part of Sandy’s legacy, the primary cause of the massive destruction and damage that occurred was due to high storm surge levels.

Sandy developed in the SW Caribbean on October 22 (Figure 1). This region is a typical hotbed for October Atlantic hurricanes.  The system slowly intensified, eventually reaching hurricane strength before hitting Jamaica as a Category 1 hurricane.  It briefly reached major hurricane strength (Category 3+ on the Saffir-Simpson Wind Scale) before making landfall in Cuba.



Thursday, 26 October 2017 15:46


Cloud computing offers tremendous advantages and has spurred the continued growth of the as-a-service market. In fact, a recent McAfee report found that 93 percent of organizations utilize cloud in some form. Earlier this year Gartner predicted the public cloud services market would grow nearly 20 percent this year to $246 billion. This is largely due to the fact that many organizations are trying to lower their capital expenditures (Capex) by offloading on-premise solutions hosting, management and maintenance needs.

The perceived advantage of any-as-a-service model is that someone else can take ownership and responsibility, so you’re able to sit back and concentrate on other business drivers. It’s the same reason why many of us opt to pay for Spotify and Pandora to stream our music, rather than having music eat up storage on our computers.

But for all its benefits, there is a dark side to the cloud that you might not have heard about unless you’ve experienced it firsthand. The thing about any as-a-service model is that the goals of any subscription is to facilitate recurring revenue. From that perspective, the minute you trade ownership for convenience, you are beholden to the provider, and doing business on their terms, not yours. You can hope the provider continues to deliver services at the same price tomorrow that they did today, or expect them to continue meeting their SLAs, but that probably won’t be the case. Few, if any providers, are going to willfully admit if or when they underserve you. For all these reasons, once you’re in the cloud, getting out is easier said than done.



Wednesday, 25 October 2017 17:30

Beware of the Dark Side of the Cloud

The scenarios are chilling: A busy hospital suddenly cannot use any of its electronic medical records or other computerized systems. The victim of a ransomware attack, the hospital will not regain access without paying those who locked down the records — if at all.

At another hospital, hackers find a way to connect to the software that controls IV pumps, changing their settings so they no longer deliver the correct doses of medication.

Cybersecurity experts say these are among the situations they worry about when they consider the health-care industry — which, with its reliance on technology and a wealth of data, is increasingly a target of cybercrimes.



You may well have heard the story of the person trying to streamline business operations and driving past huge, separated grain silos one day, which reminded him of the mentalities and divisions he was trying to overcome back in the office.

Thus (the story goes) was born the term “silo management” and its derivatives like “silo thinking” and “silo mentality”.

Business continuity managers are usually aware of the challenge to get all departments to collaborate and do their business continuity in harmony, ensuring that no individual action in one area will endanger BC in another.

But even in these enlightened days of cloud computing and workforce mobility, silos will continue to be a challenge and here’s why.



In our experience consulting with universities, high schools, or elementary schools on Emergency Management preparedness, we have found a number of issues that come up on a regular basis. It does not matter if the institution is a private or a public school. Don’t wait for an event to happen to find out if your child’s school is ready.

Here are 10 questions you should ask to make sure your child’s school is ready for an emergency:



(TNS) - To grasp the power and terror of the 2007 firestorms — a 27-day ordeal that began 10 years ago this weekend— you had to be there.

You had to be in Michelle Grimaldo’s car, as flames swept across Honey Springs Road in Jamul, blocking her escape route.

“Everywhere you looked,” she said, “there was fire.”

You had to be with Tony Mecham, stunned by the number of severe burn victims — 22 — being airlifted from Cal Fire's Potrero station.

“It was like a war zone,” said Mecham, now head of the county's Fire Authority. “That was the first time I’d seen that kind of human suffering on a wildland fire.”



In the span of the last few decades, email has become a key communication avenue to coordinate case proceedings and counsel to a law firm’s clients and co-workers. Now more than ever, law firms are leaning on technology to deliver essential and innovative representation, but this is only possible so long as firms are connected to the internet.

Additionally, lawyers and partners may not always recognize the direct connection of their IT stance on email availability. When a technology disruption may impact access to email, it is critical to ensure proper budgeting and resources for IT systems and data protection—but this is where firms often fall short.



The connected world that we’re now living in, along with the Internet in general, has undoubtedly made our lives better in countless ways. Unfortunately, they’ve made our lives more dangerous, as well – particularly when you consider the current state of cybersecurity worldwide.

According to one study conducted by Panda Labs, there were 18 million new malware samples captured in the third quarter of 2016 alone. That number breaks down to an average of about 200,000 per day. Likewise, new and devastating techniques like ransomware are on the rise. More than 4,000 ransomware attacks occurred every day in 2016 – an increase of 300% over the previous year, according to the Computer Crime and Intellectual Property Section of the FBI.

Based on these stats, it’s easy to see why cybersecurity is such a rising concern among organizations in nearly every industry. But the most important thing for them to understand is that the hackers aren’t some group of cartoon super villains operating from a secret bunker somewhere. In truth, they don’t need to be. Cyber-attacks are far easier than that to pull off because of two unfortunate little words: Human Error.



(TNS) — Someday, the waterfront businesses along La Conner’s First Street may be raised to allow coastal floodwater to wash under them. A barrier along the east edge of the street could keep the water from pushing farther into town.

That was an idea generated recently by town officials and Skagit County, Wash., Climate Science Consortium scientists who together brainstormed ways to handle the town’s flood risks, which are increasing as the global climate warms.

“We wouldn’t defend against that area, we would allow water to flow through,” La Conner Town Administrator John Doyle said of the concept.



Most enterprise workloads are poised to run in the cloud within a year. Based on a recent survey conducted by 451 Research, the percentage of these private or public cloud workloads will increase from 41 percent to 60 percent by mid-2018. Among survey respondents, 38 percent have already adopted a cloud-first policy, which prioritizes cloud solutions for all workload deployments. This is not surprising based on the agility, flexibility, scalability, perceived reduction in TCO, and cloud-born data that cloud computing offers. Cloud pricing is a key driver of cloud workloads. As the cost of cloud computing continues to fall, enterprises are increasingly reluctant to pursue costly expansions of their on-premises data centers or even appliances like a data warehouse.

On top of cloud pricing and inherent computing advantages, cloud providers continue to add services such as data warehouse, data integration, data preparation, and analytics that are essential for accelerating the delivery of analytics to both internal and external customers. It's no wonder that the center of gravity for both data and compute capacity is increasingly shifting from the traditional on-premises data center to the cloud, as companies take advantage of its inherent flexibility.



As traditional ICT spending matures, emerging areas of technology including the Internet of Things, AI, and next-gen security will drive new spending through 2021.  

The latest forecast by International Data Corporation (IDC) released this week said that IoT, robotics, and AR/VR in particular will represent a significant share of the overall ICT market by 2021, including in emerging markets.

Spending on traditional IT, telecom services, and new technologies will grow from $4.3 trillion in 2016 to $5.6 trillion by 2021, which represents a compound annual growth rate of 6 percent in constant currency.



Solid state storage has risen to dominance, outselling hard drives in the enterprise market. While organizations are opting to buy all-flash or hybrid arrays in preference over disk arrays, that still leaves the thorny question of what you do with all the old stuff: existing hard disk drive (HDD) arrays, NAS filers or even older hybrid arrays.

Assuming the absence of an unlimited budget, how can you maximize existing storage investments, while adding all-flash arrays strategically?

The good news is that there are plenty of ways to eke out more value from older storage hardware. This article offers tips on how to achieve that, advice on what to run on the newest all-flash arrays, how best to make the transition to an all-flash (or mostly flash) future, how to migrate from one medium to another and more.



(TNS) — Historian Stephen Pyne sees no coincidence in the fact that on Oct. 8, 1542 — 475 years to the day before the wildfires began ravaging Northern California — the Spanish explorer Juan Rodríguez Cabrillo saw smoke in the sky above Southern California.

Cabrillo’s pilot, Bartolomé Ferrelo, dutifully recorded the phenomena in the ship’s log, as the explorer christened the San Pedro roadstead “Bahía de los Fumos o Fuegos.”

“Fire isn’t going away,” Pyne says on the phone from his home near Tempe, Ariz.

Pyne, a onetime smoke chaser on the North Rim of the Grand Canyon, is the author of more than 30 books, most on the cultural and social effects of wildland and rural fires around the world. He is completing a 10-volume history of fire in the United States.



Woman typing


Infographic: CDC Train

When I think about public health preparedness and response I ask myself three questions:

  • Who provides the infrastructure to train public health responders?
  • Where do they learn what they know?
  • Who helps a responder fulfill their mission?

The answers to these questions may rest in the TRAIN Learning Network (TRAIN). After the September 11th terrorist attacks, public health departments needed a way to track the preparedness-related training of professionals in their state, region, or locality. TRAIN was established in 2003 to offer a solution to the tracking challenge and help train the next generation of the public health workforce.

This network IS the track on which the trains run (pun intended)! If we equip responders with as many skills and as much knowledge as possible before an incident, we can expect:

  • Increased expertise during a response,
  • Just-in-time training that is more readily available,
  • Quicker response and recovery efforts, and
  • Greater resilience.
What is TRAIN?

TRAIN is a national learning network of agencies and organizations that deliver, track, and share trainings for professionals who protect and improve the public’s health. The network identifies, develops, and promotes opportunities for professionals to build their skills and knowledge.

TRAIN has more than 1.5 million registered learners in all 50 states, 5 U.S. territories, and 177 countries.

TRAIN is an open platform, meaning that anyone, anywhere can access the training. Learners have access to thousands of health knowledge and skill-related courses. An emergency management specialist at a state health department can take courses in other disciplines or topic areas with content that is curated by the CDC or another partner in the network.

Learners are able to search TRAIN for courses that are tagged with PHEP Capabilities or PHPR Core Competencies. You can register as a learner through your state’s TRAIN affiliate or through CDC TRAIN.

How does TRAIN work?

TRAIN is a collaboration between 27 state health agencies and partners, as well as 3 federal partners – Centers for Disease Control and PreventionVeterans Health Administration, and Medical Reserve Corps – who serve as TRAIN Learning Network affiliates. More than a thousand CDC-developed learning opportunities are available to all the registered learners in the TRAIN network.

Why is TRAIN a wise investment? Over 12 years (2005 – 2016), the Kansas Department of Health and Environment saw a cost savings of $35 million as a result of staff taking trainings through its portal, KS TRAIN. Learners and the agency saved travel expenses as well as personal costs.

TRAIN affiliates operate branded online portals, which allow them to:

  • Identify specific groups of learners for targeted courses or training plans
  • Monitor training and completion of specific groups of learners, including the use of custom reports
  • Partner on training with state, tribal, local, territorial, national, and international providers

Meanwhile, organizations that provide training, including other government agencies, academic institutions, and nongovernmental organizations can:

  • Assign training to a specific group of learners and monitor their progress towards completion
  • Test knowledge and collect feedback, develop custom curricula, and access course data

The TRAIN approach fosters collaboration, saves cost by reducing duplication, and reaches learners across jurisdictional lines. This ensures that together, we can train the entire workforce with all the tools at our collective disposal.

Get more information

If you have additional questions, please send an email to This email address is being protected from spambots. You need JavaScript enabled to view it..

Residents of Crosby, Texas, located 30 miles northeast of Houston, were evacuated last month in the aftermath of Hurricane Harvey. The imminent threat to human life? Not flooding, but noxious explosions at the nearby Arkema chemical plant, which had lost power during the storm and was unable to maintain safe temperatures at its cold storage warehouses.

Wondering whether your community is in danger of a similar incident involving hazardous materials, aka “hazmats,” and what steps you can take to safeguard public health and safety? Here’s a closer look.



Demands on IT in small and medium businesses (SMBs) are continuing to rise exponentially. Competing IT priorities such as budget restrictions, increased application and customization demands are pushing IT administrators to the breaking point. IT administrators lack the time, resources and desire to spend their day in the weeds of keeping their infrastructure up and running.

New technologies such as hyperconverged infrastructure offer help with improved efficiency, scaling and management breakthroughs. Hyperconvergence is the combination (or convergence) of many potentially disparate platforms into a single platform. In relation to the physical hardware, this means placing compute (CPU and memory) and storage (spinning disk and solid state drives) into a single server. From a software perspective, this means that at the very least, all components of the system are managed from a common interface. This may be a custom user interface built by the manufacturer, or it could be an add-on or extension to the existing hypervisor management software.

There are many myths and misperceptions around hyperconvergence for SMBs however. Below are a few to highlight:



If you registered for disaster assistance following Hurricane Irma, stay in touch with FEMA.

Missing or outdated information, such as phone numbers or addresses, can delay help.

The easiest way to update your application, check your status or provide missing information is to create an account at DisasterAssistance.gov to:

  • update your current mailing address or phone number;
  • receive information on the status of your home inspection;
  • find out if FEMA needs more information about your application;
  • learn how to appeal an eligibility determination;
  • get answers to other questions about your application, or upload personal documents.

Call the Helpline to:

  • add or change household members and number of occupants;
  • check on the status of your case;
  • update;
    • insurance information
    • contact preferences (mail, email, other)
    • payment preference
    • location of where you currently reside
    • correct/verify home and property damage

You can also visit a Disaster Recovery Center (DRC) for face-to-face assistance with a FEMA specialist. To find the nearest DRC, visit www.fema.gov/IrmaFL.

If you don’t have internet access or require services not offered on the website call the FEMA Helpline at (800) 621-3362 (voice,711 or VRS, TTY (800) 462-7585) between 7 a.m. and

11 p.m. ET. To minimize wait times, call during off-peak hours (early morning or late night).

Callers should refer to their nine-digit registration number, which is located on all communications received from FEMA and helps us assist you.

The Problem with Emails

Emails. How many do you get each day? How often do you check them? When I say “check,” I mean read. The average time spent reading an email is 11.1 seconds and only five seconds for a text. With instant communications available via texting, instant messaging and social media, email is rapidly losing its charm, particularly amongst millennials.Email still has its place in the work environment for non-urgent messages and regular communications with vendors, customers or other businesses, but is it really the most effective way to notify employees of an urgent situation? Likely not.

There are several problems with emails, such as the sheer number of them we receive each day, (an average of 88, per one study), sending and receiving isn’t always instantaneous, and there is no guarantee the receiver will take the time to open and read it. If there is a network outage, you may never get your message across as it sits in your outbox indefinitely.

When it comes to emergencies, emails simply do not convey a sense of urgency. People assume they can get to an email whenever they get the chance, and only 30 percent of them ever get read. Few emails garner the same level of attention as a text alert or similar form of communication.



Friday, 20 October 2017 14:42


While MSPs do not need a reminder to practice good cybersecurity habits, we cannot always say the same for end users. That being said, National Cybersecurity Awareness Month is a great opportunity to ensure your customers are up-to-date on the latest best practices with a cybersecurity training program.

The nature of your business will dictate the specific cybersecurity training schedule you choose. However, a good start is to ensure new employees receive training as part of onboarding and all employees receive training on a regular basis. It’s important to have a formalized plan in place to keep security front of mind and keep employees informed about new threats.

Unfortunately, there’s no single product that will solve all of your cybersecurity problems. In today’s world, it takes many technologies and processes to provide comprehensive risk and security management. Total data protection requires a multi-pronged approach:



(TNS) - Dr. Scott Witt kept close behind the ambulance carrying the newborns. On his motorcycle, he drove over and ducked under downed power lines. He swerved around embers blowing onto the highway.

Sutter Santa Rosa Regional Hospital, where Witt oversees the neonatal intensive care unit, was being evacuated Oct. 9 because of wildfires that would become the deadliest in California history.

But Witt couldn’t call the doctors who would be caring for the babies because there was no power. The physicians at the other hospital also had no way of accessing Witt’s medical records online to know what treatment was needed.

“I knew if I didn’t leave then, there would be no way I could take care of the babies,” he said.

As the blaze grew feet away, Witt tailed the ambulance through smoke and debris.

The Northern California wildfires created what some described as an unprecedented health care crisis that has served as a wake-up call in the region. Not only were two major hospitals evacuated hours into the disaster, but the chaos continued for days after.



It has been nearly three years since an Amazon Web Services senior executive said “Cloud is the new normal”.  Since that time, the momentum behind cloud migrations has become unstoppable as enterprises look to take advantage of the agility, scalability and cost benefits of the cloud.  

In its 2017 State of the Hybrid Cloud report, Microsoft found that 63 percent of large and midsized enterprises have already implemented a hybrid cloud environment, consisting of on-premise and public cloud infrastructures.  Cisco’s latest Global Cloud Index predicted that 92 percent of enterprise workloads will be processed in public and private cloud data centers, and just 8 percent in physical data centers, by 2020.  

So the future is cloudy, with enterprises adopting hybrid cloud strategies using services from a mix of providers.  But irrespective of the cloud services they use, or the sector in which they operate, all enterprises share common goals:  they want their business applications to deliver a quality user experience under all conditions; they want those applications to be secure and resilient; and they want them to run as efficiently as possible.



Compliance with the Health Insurance Portability and Accountability Act--or HIPAA--often keeps healthcare professionals up at night. Indeed, there is a great deal of misunderstanding and confusion on the topic.

HIPAA requires healthcare organizations to comply with specific security, privacy and breach notification rules for the storage and transmission of protected health information (PHI), including electronic data. Healthcare professionals should have a solid knowledge of HIPAA requirements. But healthcare providers who establish their own smaller practices need to understand the regulatory framework. This is important when it comes to transmitting sensitive information via email.

Many healthcare organizations are concerned about a governing body initiating a HIPAA audit. However, there are many ways that practices can come under scrutiny for email-related HIPAA compliance violations. For example, an audit can originate from a patient or an orthodontist reporting an unencrypted email, or an email server might be hacked.



Recommended four consecutive years by NSS Labs

HONG KONG, CHINA – The need for strong and reliable threat defense is critical to everyday operations and becomes more important as high profile attacks continue to increase. Trend Micro Incorporated (TYO: 4704) (TSE: 4704), a global leader in cybersecurity solutions, attained a perfect breach detection rating of 100 percent in the NSS Lab's Breach Detection System report. This marks the fourth consecutive year that NSS Labs has recommended Trend Micro.

A critical way to compare solution vendors is by their detection rate of evasions, an area in which five of the seven companies tested by NSS struggled. Trend Micro posted a 100 percent evasion detection rating, establishing the company in the top of the breach detection quadrant. NSS Labs results prove that Trend Micro reliably equips customers with the protection needed to keep critical data safe, and detect threats moving inbound, outbound or laterally across the network.

"The data speaks for itself, we are very proud that our customers benefit from the protection and peace of mind that come from using our solutions," said Steve Quane, executive vice president of network defense and hybrid cloud security, Trend Micro. "We remain focused on leading the industry in threat prevention, evasion protection and remediation."

CEO of NSS Labs, Inc., Vikram Phatak said, "Trend Micro's Deep Discovery achieved a 100% security effectiveness rating with the fastest time to detect attacks amongst all tested products," said Vikram Phatak, CEO of NSS Labs. "There is no question that Deep Discovery should be on the short list for everyone considering a Breach Detection solution."

With its layered security approach, Trend Micro, and specifically Deep Discovery Inspector™, has continually improved effectiveness and significantly lowered total cost of ownership. Over the last few years, costs dropped from $240 per protected Mbps to under $40 per protected Mbps on average.

The ultimate recipe for integrated advanced threat prevention calls for two essential ingredients, Deep Discovery coupled with the TippingPoint Next-Generation Intrusion Protection System. Together these protect critical data, applications, and infrastructure from known, unknown, and undisclosed attacks stemming from endpoints to data centers and networks.

To access the NSS Labs Breach Detection System report, click here.

About Trend Micro
Trend Micro Incorporated, a global leader in cyber security solutions, helps to make the world safe for exchanging digital information. Our innovative solutions for consumers, businesses, and governments provide layered security for data centers, cloud environments, networks, and endpoints. All our products work together to seamlessly share threat intelligence and provide a connected threat defense with centralized visibility and control, enabling better, faster protection. With more than 5,000 employees in over 50 countries and the world's most advanced global threat intelligence, Trend Micro enables users to enjoy their digital lives safely. For more information, visit www.trendmicro.com.hk.

It’s a fact of business life that customers, markets, and industry commentators only see your brand, and not the suppliers who provide the materials, components, or products behind it.

Naturally, that’s what many enterprises want, so that they can build their brand image and reap the benefits of more revenues and bigger margins.

The flip side is that if a material, component, or brand is bad or if a vendor exposes your confidential business information, then people still only see your brand.

They then consider your enterprise alone to be the culprit, putting your business continuity in danger. Companies can check up on their vendors to make sure they have preventative procedures in place.



Don’t worry, this isn’t another one of those articles that says, “multi-cloud is coming!” We all know multi-cloud is already here, right? In fact, in its “2017 State of the Cloud” report, Rightscale found that approximately 85 percent of organizations have a multi-cloud strategy. Further, companies in the cloud are utilizing, on average, 1.8 public clouds and 2.3 private clouds.

We also know the reasons why companies have been moving to the multi-cloud model. Making use of many cloud platforms helps you avoid vendor lock-in and choose the right cloud for each app and it’s data.

One thing many companies can’t quite explain, however, is why their multi-cloud projects aren’t staying within budget. One of the major reasons to move to the cloud is the cost savings it promises, so this problem is particularly frustrating for IT departments – and budget makers.



In today’s high-pressure and limited-resource environment, it’s easy for a BCM practitioner to be overrun with just managing the program and addressing external influences. Audit requests and questionnaires can pull you in all directions and before you know it, you’ve had to push back everything you planned to do that day, week or even month.

How do you address this state of things? How do you prioritize your task list?

We’ve put together a 6-step process for taking control of, organizing, and simplifying your BCM program workflow; effectively streamlining your BCM program without creating any gaps.



(TNS) - The morning after Hurricane Harvey struck Victoria, Texas, Councilman Jeff Bauknight started getting calls from residents. But there was a problem.

"A lot of citizens were calling," said Bauknight. "And I had no idea - I absolutely had no idea of what to tell them."

Like some Victoria residents, Bauknight was having trouble getting information after electricity and the internet crashed. After the storm, the city largely relied on Facebook to push out updates, but that became a problem for residents who didn't use social media.



Accumulation risk, where a single event triggers losses under multiple policies in one or more lines of insurance, is emerging in new and unforeseen ways in today’s interconnected world, says a post at Swiss Re Open Minds blog.

From Ruta Mikiskaite, casualty treaty underwriter, and Catriona Barker, claims expert UK&International Claims at Swiss Re:

“Accumulation scenarios have always been familiar in property insurance but for casualty lines of business, they have been perhaps less of an issue. However, large losses in recent years show how traditional physical perils should not be underestimated for their casualty clash potential.”

For example, Kilmore East-Kinglake bushfire, the most severe of a series of deadly wildfires in the Australian state of Victoria on Black Saturday, 7 February 2009, led to a settlement of A$500 million—the biggest class action settlement in Australian legal history.



It's no secret that passwords can be stolen.

In order to maximize the security of your passwords, however, you should understand how password attacks actually occur.

Before we begin, we should note that stealing or "cracking" passwords is not the only way that attackers can gain unauthorized access to sensitive data.



(TNS) - With the annual Great ShakeOut earthquake drill coming on Thursday, now’s a good time to ask yourself: “How’s that whole emergency preparedness thing going?”

Are you feeling twinges of guilt because you still haven’t stashed away any food, water or spare batteries? Maybe you were patting yourself on the back for your family’s three-day supply of provisions and gear — until last year’s Cascadia Rising drill made it clear that folks in Western Washington may have to survive on their own for up to two weeks after a megaquake and tsunami.

From hurricanes in Houston and Puerto Rico to deadly earthquakes in Mexico, recent disasters show how long it can take for assistance to arrive and for power, water and transportation to be restored. Victims are left to fend for themselves and help each other in the chaotic aftermath.



Digitalization in economy and society is rapidly increasing the demand for computing power. As more data centers and server cities are necessary, operators are also challenged to cope with increased energy costs. Part 1 of this two-part series,addresses the need to offset rising costs of power consumption with a green perspective for the efficient data centers of tomorrow.

In recent years, the number of enterprises using cloud computing has steadily increased. More and more devices and sensors are connected to the internet, with their control, measurement and tuning processes digitally coordinated. According to an estimate by Gartner, about 4.9 billion connected devices exist today. Cisco experts  predict 50 billion connected devices by 2020, suggesting that the number will quadruple within the next few years. Consumers will especially use these networked devices in the "smart home" segment. For example, an empty refrigerator can automatically create a new shopping list or request the re-ordering of popular food directly in the store. Networked devices also play an increasingly important role in industry and business in order to better plan production and manufacturing processes, as well as to make them more cost- and time-efficient.

The increasing digitalization of the economy and society leads to a very high demand for computing and storage capacities. The current requirements for data protection and security demand further computing power. New technologies such as Industry 4.0, Machine Learning or Augmented Reality do not only mark the next stage of technologized life, but represent a growing need for a reliable and efficient IT infrastructure. Germany has established itself as the largest data center market in Europe and the third largest in the world, thanks to the expansion and construction of data centers. Many large data centers are concentrated mainly in the Frankfurt am Main area. One of them is e-shelter, the fifth largest data center in the world with nearly 700,00 square feet of total space. Globally, most of the large data centers are found within the U.S., in states including Illinois, Utah, Nevada, Virginia, and Iowa. 



Think about the challenge interpreters at the United Nations undertake. First, they need to understand the concepts being communicated. Next, they translate the concepts for people who speak different languages — without coloring the information with their own perspectives. These interpreters use an “internal resource” that maps terms and concepts. In the business technology world, when we formalize or automate such a resource, we create a conceptual reference model.

Because the terms and concepts in conceptual reference models represent the “stuff of the business,” not the stuff of IT, they make sense to business stakeholders. In his recent Executive Update, Connecting Inside and Outside the Enterprise, Cutter Consortium Senior Consultant Cory Casanave makes the case that the conceptual reference model, which defines the terms and concepts used by the enterprise and the communities in which it operates, provides the foundation needed for any “connection” architecture, capability, or project. Writes Casanave:



Working on cars can be quite the challenge. If you’ve got a project car that you’re hoping to get up and running, you probably want to control every aspect of what goes into it. From the engine to the tail lights, you’re willing to tackle every project head-on without any external help.

Until you get stuck on a problem that you’re not equipped to handle.

When you hit a brick wall, you can keep trying to fix the issue by yourself – which can be extremely frustrating. Or, you have the option to take your car to a master mechanic that can easily fix the issue for you.

It’s not unlike running your company. When you need IT support, what’s your best option for support? Most businesses have two distinct choices; either hire an in-house IT support employee (the DIY fix), or partner with a managed service provider (the master mechanic).

Though both options have their own pros and cons, one comes out on top for growing organizations that want to stay ahead of the curve.



To continue providing us with the products and services that we expect, businesses will handle increasingly large amounts of data. The security of this information is a major concern to consumers and companies alike fuelled by a number of high-profile cyberattacks.

The havoc caused by such attacks runs from celebrities embarrassed by careless photos, to the loss of medical records, to ransom threats amounting to millions that have hit even the most powerful corporations.

Where such data contains personal, financial or medical information, companies have both a moral and legal obligation to keep it safe from cybercriminals. That’s where International Standards like the ISO/IEC 27000 family come in, helping organizations manage the security of assets such as financial information, intellectual property, employee details or information entrusted to them by third parties.

ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS).It’s an International Standard to which an organization can be certified, although certification is optional.



People – “Can’t live with them, can’t live without them” might be the motto for many enterprises and their chief information security officers (CISOs).

Even in the most automated of companies, human beings are still necessary to handle emergencies, think creatively, and exercise judgment.

On the other hand, when it comes to IT security, people are often their own worst enemies and by association the worst enemies of their companies too.

Here are a few bad habits that you might usefully encourage IT colleagues and other employees to change.



Tuesday, 17 October 2017 16:24

Bad Habits Are the Worst IT Security Risk

One of the most important things to understand about working and operating in a healthcare environment is that emergencies are not a question of “if” – they’re a question of “when.” Events that impact patient care, employee safety and overall operations can happen suddenly and without warning. The key to continuing operations involves the ability of doctors, nurses, staff and leadership to respond to these events as quickly and as accurately as possible.

Part of success in this regard comes down to effective crisis communication – something that the Centers for Medicare and Medicaid is already emphasizing. It considers communication to be so pivotal, in fact, that it is one of the four main pillars of the CMS’ new Conditions for Participation for Emergency Planning, which MUST be in place for many types of healthcare organizations by November of 2017.

But just the ability to communicate in an emergency is not enough on its own – you need a system in place that will guarantee that the right message gets to the right people at exactly the right time, no exceptions. When it comes to accomplishing this mission-critical goal, more and more of today’s leading healthcare providers are turning to critical emergency alerting services.



You’ve convinced management to do a BIA, and now it’s time to jump in. But, wait! A proper business impact analysis requires some preparation. You don’t jump into a body of water without looking at it first and changing into swim trunks or at least taking everything out of your pockets. Otherwise, you might hit a rock or damage the phone in your pocket. The same logic applies to a BIA. Preparing for a BIA is critical to its success. 

Here, we’ll outline the prep work required to conduct a solid BIA; one that is worth your while and creates tangible results. In the following, we assume a basic understanding of the concept and components of the BIA



Closeup view of an eighty year old senior woman's hands as she sorts her prescription medicine.

If you read our blog on a regular basis you can probably recite the mantra “Make a kit. Have a plan. Be informed.” in your sleep. You are probably familiar with the important items you should keep in your emergency kit – water, food, a flashlight, and a battery-powered radio. What you may not think about is personalizing your kit for your unique medical needs or the needs of your family. Particularly, including prescription medications and other medical supplies in your emergency kit and plans.

As a pharmacist whose job is focused on emergency preparedness and response, I want to give you 10 pointers about how to prepare your medications for an emergency so you can decrease the risk of a life-threatening situation.infographic illustrating an emergency kit.

  1. Make a list. Keep a list of all your medications and the dosages in your emergency kit. Make sure you have the phone numbers for your doctors and pharmacies.
  2. Have your card. Keep your health insurance or prescription drug card with you at all times so your pharmacy benefits provider or health insurance plan can help you replace any medication that was lost or damaged in a disaster.
  3. Keep a record. Make copies of your current prescriptions and keep them in your emergency kit and/or go bag. You can also scan and email yourself copies, or save them in the cloud. If you can’t reach your regular doctor or your usual pharmacy is not open, this written proof of your prescriptions make it much easier for another doctor to write you a refill.
  4. Start a stockpile. During and after a disaster you may not be able to get your prescriptions refilled. Make sure you have at least 7 – 10 days of your medications and other medical supplies. Refill your prescription as soon as you are able so you can set aside a few extra days’ worth in your emergency kit to get you through a disaster.
  5. Storage matters. Keep your medications in labeled, child-proof containers in a secure place that does not experience extreme temperature changes or humidity. Don’t forget to also include nonprescription medications you might need, including pain relievers, cold or allergy medications, and antacids.
  6. Rotate the date. Don’t let the medications in your emergency supply kit expire. Check the dates at least twice every year.
  7. Prioritize critical medicines. Certain medications are more important to your health and safety than others. Prioritize your medications, and make sure you plan to have the critical medications available during an emergency.
  8. Communicate a plan. Talk to your doctor about what you should do in case you run out of a medication during an emergency. If you have a child who takes a prescription medication, talk to their daycare provider or school about a plan in case of an emergency.
  9. Plan ahead. Make sure you know the shelf life and optimal storage temperature for your prescriptions, because some medications and supplies cannot be safely stored for long periods of time at room temperature. If you take a medication that needs to be refrigerated or requires electronic equipment plan ahead for temporary storage and administration in an emergency situation.
  10. Check before using. Before using the medication in your emergency kit, check to make sure the look or smell hasn’t changed. If you are unsure about its safety, contact a pharmacist or healthcare provider before using.


Trust in business is at an all-time low. Trust in governments is rock bottom as well. At the same time, huge challenges remain to create sustainable societies. What to do? A new project to develop a standard for organizational governance could help, and has just been given the green light.

We don’t need to go far back in history to see how bad governance can ruin lives and tarnish industries. Enron and Lehman Brothers are just some of the names that spring to mind, contributing to an increasing expectation from society for the heads of businesses to be accountable for their organizations. While laws and regulations are necessary foundations, truly good governance that takes organizations to new levels of performance over the long term goes far beyond the law to instil trust and effectiveness.

In this context, ISO’s committee of experts that specializes in governance (ISO/TC 309) has just been given the green light to develop an ISO international guidance standard that will help organizations establish good governance practices, going beyond the avoidance of risk and contributing to their long-term value overall.



For Cybercriminals, it’s a Match Made in Heaven

This is an age in which ransomware has made the barrier to entry for would-be cybercriminals lower than ever. And, with the proliferation of IoT devices, for attackers, there’s ample opportunity to compromise smart devices. And the convergence of these two threats has certainly attracted the interest of cybercriminals.

Ransomware and IoT are colliding – and the impact has created the perfect storm for cybercriminals.

At a high level, ransomware encrypts its victims’ data or blocks their access to a computer system or network until a sum of money is paid. With lower execution costs, high returns and minimal risk of discovery (compared to other forms of malware), ransomware has quickly become a preferred method of attack for cybercriminals. And it’s now easier than ever for virtually anyone – even individuals with minimal security knowledge – to extort money from companies and individuals through do-it-yourself ransomware toolkits or via the services of a Ransomware-as-a-Service (RaaS) provider.

When it comes to the popularity of ransomware as an attack vector, the numbers don’t lie. An August 2016 report from Osterman Research found that, during the course of the previous 12 months, nearly 50 percent of the companies surveyed were the victim of a ransomware attack. And Kaspersky’s Q1 Lab Malware Report revealed a 250 percent rise in mobile ransomware during the first few months of 2017. The business model of ransomware has proven highly lucrative, and there’s no sign that the malware will go away anytime soon.



Tuesday, 17 October 2017 16:17

When Ransomware Marries IoT

With the end of September’s National Preparedness Month, incident response professionals may get questions from colleagues about how their organization responds to natural disasters or other major disruptions.

Communications is an especially important element of disaster response. Small businesses may find calling trees sufficient, but larger enterprises and government agencies often depend on advanced communications and information technology.

Organizations have three options for deploying incident response communications infrastructure:



For Cybercriminals, it’s a Match Made in Heaven

This is an age in which ransomware has made the barrier to entry for would-be cybercriminals lower than ever. And, with the proliferation of IoT devices, for attackers, there’s ample opportunity to compromise smart devices. And the convergence of these two threats has certainly attracted the interest of cybercriminals.

Ransomware and IoT are colliding – and the impact has created the perfect storm for cybercriminals.

At a high level, ransomware encrypts its victims’ data or blocks their access to a computer system or network until a sum of money is paid. With lower execution costs, high returns and minimal risk of discovery (compared to other forms of malware), ransomware has quickly become a preferred method of attack for cybercriminals. And it’s now easier than ever for virtually anyone – even individuals with minimal security knowledge – to extort money from companies and individuals through do-it-yourself ransomware toolkits or via the services of a Ransomware-as-a-Service (RaaS) provider.

When it comes to the popularity of ransomware as an attack vector, the numbers don’t lie. An August 2016 report from Osterman Research found that, during the course of the previous 12 months, nearly 50 percent of the companies surveyed were the victim of a ransomware attack. And Kaspersky’s Q1 Lab Malware Report revealed a 250 percent rise in mobile ransomware during the first few months of 2017. The business model of ransomware has proven highly lucrative, and there’s no sign that the malware will go away anytime soon.



Monday, 16 October 2017 14:57

When Ransomware Marries IoT

Emergencies Aren’t Biased

Small companies can fall victim to a dangerous mindset of thinking they are too small to take formal precautions against crises. They believe that fancy emergency notification systems are relegated to the companies with thousands of employees scattered around the globe. While the magnitude of the emergency may scale with the size of the company, even the smallest mom and pop company needs a plan and a system to communicate when an unexpected event occurs.

The truth is, emergencies can happen anywhere, anytime, to anyone. All we have to do is look at the crazy hurricane season we will thankfully see coming to an end in the coming weeks. Hurricanes Harvey, Irma, Maria and Nate paid no attention to whether or not the buildings they destroyed were owned by a large or small company. They didn’t care if four employees were displaced or 4,000. It was of no concern as to which streets would be impassable and how long the power would be out.



Blockchain technology related topics are gaining a lot of attention lately, most of the attention is focused on cryptocurrency such as Bitcoin.  Some predict it as the new internet revolution which could lead to new technological innovations in economics and social transformations.

Blockchain is running on a peer-to-peer network, with many distributed nodes and supporting independent computer servers globally.  Part of it is implemented without any centralized authority and has a built-in fraud protection and consensus mechanism, such as the concept of Proof-of-Work, where peer computers in nodes approve every requirement for the generation of a new set of transactions or block to be added to the database a.k.a. “Block Chain”.

It also has a built-in check and balance to ensure a set of colluding computers can’t game the system.  Blockchain also brings in an element of transparency, which reduces fraud as the entire chain is visible and auditable.



(TNS) - The heavy winds that downed power lines Sunday night at the start of the deadly wildfires raging across Northern California were far from “hurricane strength,” as PG&E has claimed, according to a review of weather station readings.

On Tuesday, the Bay Area News Group reported that Sonoma County emergency dispatchers sent fire crews to at least 10 reports of downed power lines and exploding transformers as the North Bay fires were starting around 9:22 p.m. In response, PG&E said that “hurricane strength winds in excess of 75 mph in some cases” had damaged their equipment, but they said it was too early to speculate what started the fires.

However, wind speeds were only about half that level, as the lines started to come down, the weather station records show. At a weather station in north Santa Rosa where the Tubbs Fire started, the wind gusts at 9:29 p.m. peaked at 30 mph. An hour later, they were 41 mph.



The Need for Aligned Assurance

Today’s changing risk landscape has put increased pressure on assurance functions to simplify their requirements and to provide the board, senior management and other key stakeholders with a complete risk and assurance picture. To do so requires coordinating on the risk universe, risk terminology and ratings. Malcolm Murray and Rafael Go discuss how, in light of this mandate to the board and companywide remit, internal audit is best placed to kick-start and champion these aligned assurance efforts.

In recent years, both the size and scope of the risk landscape has changed dramatically. These changes are driven by the reality that organizations are becoming larger, more complex and more geographically dispersed. Add that to the number of third parties (now including fourth and fifth parties) rapidly proliferating and the increase in digitization efforts that are requiring more robust protection from cyberattacks and data breaches. And, along with all of this, companies are under increased competitive pressure from more digitized competitors.

Despite an increased focus on these new challenges, assurance functions are faced with stagnant resources, having to provide more comprehensive assurance with less. Most organizations’ assurance functions tend to work independently, which adversely affects operations and strategy by lengthening decision-making, slowing down corporate clock speed and increasing the procedural burden. According to research from CEB, now Gartner, 43 percent of compliance executives report that internal partners sometimes avoid the compliance process and 77 percent of business leaders have indicated becoming more risk averse. This leads to a 48 percent reduction in potential top-line growth from foregone corporate opportunities and new projects.

Having separate groups report independently to the board and senior management also means they get an incomplete or, at worst, contradictory picture of the risk landscape. In order to provide comprehensive risk guidance to the business, assurance functions must increase their efforts at aligning their work.



Friday, 13 October 2017 16:22

Audit’s Increasingly Critical Role In GRC




Disasters affect children differently than they do adults. Learn more about the unique needs of children during and after disasters. Just with all of the disasters in the United States alone, this issue is especially critical to help young ones cope.  The CDC has several great recommendations for the care of children at time of disaster.

Another organization, the Shenandoah Valley Project Impact, the Central Shenandoah Valley’s regional disaster preparedness and mitigation program developed a great set of children’s books both in English and Spanish to help families and their kids cope. You can download them here.



  • Children’s bodies are different from adults’ bodies.
    • They are more likely to get sick or severely injured.
      • They breathe in more air per pound of body weight than adults do.
      • They have thinner skin, and more of it per pound of body weight (higher surface-to-mass ratio).
      • Fluid loss (e.g. dehydration, blood loss) can have a bigger effect on children because they have less fluid in their bodies.
    • They are more likely to lose too much body heat.
    • They spend more time outside and on the ground. They also put their hands in their mouths more often than adults do.
  • Children need help from adults in an emergency.
    • They don’t fully understand how to keep themselves safe.
      • Older children and adolescents may take their cues from others.
      • Young children may freeze, cry, or scream.
    • They may not be able to explain what hurts or bothers them.
    • They are more likely to get the care they need when they have parents or other caregivers around.
    • Laws require an adult to make medical decisions for a child.
    • There is limited information on the ways some illnesses and medicines affect children. Sometimes adults will have to make decisions with the information they have.
  • Mental stress from a disaster can be harder on children.
    • They feel less of a sense of control.
    • They understand less about the situation.
    • They have fewer experiences bouncing back from hard situations.


(TNS) - The catastrophic fires that have ravaged Wine Country this week may be unprecedented in their toll, but they’re only the latest in a wave of infernos that have blasted through the hills and valleys north of San Francisco in recent years. And the trend is likely to worsen.

As temperatures climb across the West and as a sprawling Bay Area expands development into increasingly rural reaches, Northern California is becoming more akin to Southern California, where warm weather and people staking trophy homes along far-flung cliffs and canyons have set the stage for chronic burning, fire experts say.

“I can’t imagine how there isn’t going to be more of this in the future,” said Hugh Safford, an ecologist for the U.S. Forest Service’s Pacific Southwest Region. “It’s shocking what’s happened, but it really isn’t necessarily all that surprising.”



(TNS) - The Memphis Police Department is working to build up a short-staffed police force, and in the meantime, the department's director of emergency communications hopes that a new dispatch system will help police answer calls more quickly.

The new dispatch system, Intergraph Mobile for Public Safety, is being installed on laptop computers in police cars.

The system uses global positioning system technology to show dispatchers and police officers exactly where squad cars are located and what kind of calls they're handling.



Sometimes in business continuity we end up with such a fierce focus on actions inside the enterprise that we neglect actions directed towards the outside world, and specifically towards our customers.

In the logistics sector for example, among third-party logistics service providers (3PLs), business continuity has not always been a strong point. However, the smarter ones (often the larger ones) have developed a tactic that helps them ride out the rollercoaster conditions of the economy and different natural, political, social, technological, and regulatory upsets.

By getting and staying close to their large customers, 3PLs can gain important visibility into business trends. Some 3PLs take things even further and in concertation with the customer embed part of their personnel into the customer’s organisation.



You’ve convinced management to do a business impact analysis (BIA), and now it’s time to jump in. But, wait! A proper business impact analysis requires some preparation. You don’t jump into the water without looking at it first and changing into swim trunks or at least taking everything out of your pockets. Otherwise, you might hit a rock or damage the phone in your pocket. The same logic applies to a BIA.

Here, we’ll outline the prep work required to conduct a solid BIA; one that is worth your while and creates tangible results. In the following, we assume an understanding of what a BIA is and the components of the BIA.



You won’t likely be duped into sending money to an overseas bank account anytime soon. But phishing scams and malware-laced communications are constantly evolving. As we’ve seen with NotPetya this year, cyberattacks are becoming more sophisticated, and yet they can still find their way into systems through phishing emails—right under our noses, with our permission. They may pose as a new business lead, a security update, or a request from your bank. They may even come with a very convincing email.

These sneak attacks have some telltale signs, however. Shortened URLs, unfamiliar senders and urgent demands to CLICK NOW are just a few. Make sure your employees look out for these, conduct regular educational sessions to keep your team aware of the latest attacks, and let them know how one click could jeopardize your entire network.

Perpetrators cast a wide net, and they will get a few bites, even from those who know better. While being the target of a cyberattack is nearly inevitable—and your DR plan should account for this—exercising caution and training employees can head off many incidents before they become disasters.

Hack attack

This year’s hurricane season is like nothing in recent memory. With the country still reeling from Harvey, Irma, and Maria, everyone held their breath as Hurricane Nate headed toward states along the Gulf Coast this weekend. Those of us at IWCO Direct and Mail-Gard were especially anxious as a number of our colleagues and clients were making their way to New Orleans for the DMA’s &THEN Conference. Thankfully, Nate lost steam before hitting the mainland, but our team at Mail-Gard was prepared to help clients manage the print-to-mail operations of their critical communications at the drop of a hat if necessary. Today we wanted to briefly share how we prepare for a disaster declaration in advance of severe storms and natural disasters.

We start by doing our best to become meteorologists. We have a system in place to closely monitor weather patterns in regions where our clients are located in order to determine which ones may be in the path of a severe storm. We contact those clients well in advance to ensure they have our emergency declaration hotline information readily available. We also make sure our team is fully prepared to spring into action by alerting them to which clients may need to make a disaster declaration, so they can review those specific client requirements in advance. We also analyze our testing schedule to “clear the decks” so that we can devote our full energy to impacted clients.



So you’re the DR guy and you have: setup different replication layers and technologies between datacenters, redundant telecom links, off-site backup solutions, VPN connections over the internet, several layers or power redundancy on some of your facilities; you name it. You have even made your homework and have successfully audited all of these solutions, policies and processes.  

Everything is great... Is it? 

Here are just some surprises:



(TNS) - As the number of people confirmed dead in Northern California fires rose to 15, officials warned Tuesday that the toll could rise as multiple fires scorched upward of 100,000 acres.

Sonoma County alone has received about 200 reports of missing people since Sunday night, and sherriff’s officials have located 45 of those people, said Sonoma County spokeswoman Maggie Fleming.

The majority of the fatalities are from Sonoma County, where huge swaths of the city of Santa Rosa were leveled in flames from the Tubbs fire. Nine people have died in Sonoma County as of 11 a.m. Tuesday, Fleming said. Two people have died in Napa County, three in Mendocino County and one in Yuba County, Cal Fire officials said.



More than a dozen fires have burned more than 1,500 structures in Northern California, with more than a dozen dead as of Tuesday afternoon.

CNN lays down the facts:

  • More than 119,000 acres burned, much of it in wine country – Napa and Sonoma counties.
  • Fires surged behind hurricane force winds (79 mph gusts) – about the same speed as Hurricane Nate at its landfall a few days ago.
  • Nearly 35,000 are without power.
  • No rain is forecast for the next seven days.

Cat modeling firm RMS notes that the fires, taken together, are already the fifth most destructive in state history, as measured in the number of homes destroyed.

The Insurance Information Institute has background information on wildfires here.



Wednesday, 11 October 2017 14:54



  • Do file a claim with your insurance company.
  • Do register for FEMA disaster assistance. The quickest way to apply is online at DisasterAsistance.gov or through the FEMA mobile app. You may also apply by phone at 800-621-3362 (voice, 711, VRS or 800-462-7585 TTY).  Because of high demand, lines may be busy.  Please be patient and try calling in the morning or evening when call volume may be lower.
  • Do return a completed application for a low-interest disaster loan if you have been referred to the U.S. Small Business Administration (SBA). Returning the application
    is necessary for FEMA to consider you for certain grants.  Applicants may apply
    online using the Electronic Loan Application (ELA) via SBA’s secure website at https://disasterloan.sba.gov/el.  Additional information on the disaster loan program
    may be obtained by calling SBA’s Customer Service Center at 800-659-2955
    (800-877-8339 for the deaf and hard-of-hearing) or by sending an email to This email address is being protected from spambots. You need JavaScript enabled to view it..
  • Do know that FEMA grants may help pay for a temporary place to stay, make essential repairs or replace certain damaged contents.
  • Do inspect for structural damage before entering your home.
  • Do throw away wet contents such as bedding, carpeting and furniture. These items may be a health hazard due to mold.
  • Do take photographs of hurricane damage. FEMA or the insurance company may
    want to see these.
  • Do keep recovery-related receipts. FEMA or the insurance company may want to
    see these.
  • Do remember that FEMA grants do not need to be repaid, are not taxed and do not affect other government benefits.
  • Do go to a Disaster Recovery Center if you have questions about your FEMA assistance, a letter from FEMA, or your SBA home or business loan application.   Locate the nearest center with the FEMA mobile app or at FEMA.gov/DRC.


  • Don’t submit more than one registration per household.
  • Don’t wait for visits from FEMA or insurance adjusters before cleaning up flood damage and starting repairs.
  • Don’t wait for an insurance settlement to register with FEMA.
  • Don’t wait for an insurance settlement to apply for an SBA low interest disaster loan.
  • Don’t worry that federal disaster assistance is taking money away from someone else. FEMA provides assistance to all eligible applicants.
  • Don’t assume only homeowners can apply for help. Renters may qualify for assistance too.


Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). For TTY call 800-462-7585.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards. Follow us on Twitter at https://twitter.com/femaregion4 and the FEMA Blog at http://blog.fema.gov.

The U.S. Small Business Administration (SBA) is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. SBA helps homeowners, renters, businesses of all sizes, and private non-profit organizations fund repairs or rebuilding efforts and cover the cost of replacing lost or disaster-damaged personal property. These disaster loans cover losses not fully compensated by insurance or other recoveries and do not duplicate benefits of other agencies or organizations. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing This email address is being protected from spambots. You need JavaScript enabled to view it. or visiting SBA’s Web site at www.sba.gov/disaster. Deaf and hard-of-hearing individuals may call 800-877-8339.

(TNS) - Long before Florida entered the deadliest hurricane season in a decade, auditors at the state’s Division of Emergency Management warned what the state was ill-prepared for a major disaster.

An annual audit completed in December 2016 by the agency’s inspector general detailed a lengthy list of deficiencies needed to prepare and respond to a hurricane. Among them:

–– Food and water supplies at the distribution center in Orlando were inadequate.

–– Contracts with companies that would supply cots to shelters had expired.

–– The agreements many trucking companies had signed with the state’s emergency management agency to distribute supplies had lapsed.

–– The agency was using “a spreadsheet created in the 1980s to help predict the amount of supplies and equipment that may be needed after a storm makes landfall,” as the state’s giant storage facility remained half empty.



What are companies doing to protect employees against harassment? This question has added weight after the October 8 firing of Harvey Weinstein by the board of Weinstein Co. following reports of sexual harassment complaints against him. Earlier firings at Fox News and Uber have also brought the issue into focus.

From MarketWatch: “Companies are increasingly buying insurance, including employment practices insurance to cover costs associated with employment lawsuits,” said David Yamada, a professor of law and the director of the New Workplace Institute at Suffolk University.”

Some insurers are also providing training materials for companies to teach their employees about sexual harassment in hope of avoiding it, Yamada added.



Wednesday, 11 October 2017 14:50


By Pete Benoit, Enterprise Solutions Architect, iland

For veterans of the IT services industry, DR has always been a popular topic of conversation with potential clients. Those that have been around long enough will certainly remember how many of those conversations progressed.

Typically, it went something like this.

Potential Client: We’ve determined that our current IT infrastructure DR plan puts our business at risk and we are interviewing service providers to assess potential solutions.

IT Services Vendor: What are your infrastructure RPO and RTO targets?

Potential Client: Our CIO wants us to maintain a RPO/RTO of 4 hours or less.

It wasn’t that long ago that everyone in this conversation would have understood that the quote from the service provider was going to be well beyond what the client intended to spend as part of the overall IT budget. This was typical for both small and large environments. Inevitably, the parties would work backwards by decreasing the expected deliverables for the solution until an acceptable price point could be reached. Sometimes the solution met so few of the organization’s requirements, that the conversation would be abandoned with no action.

Was the CIO delusional for requesting such aggressive (for the time) SLAs? Of course not. The importance of the data and the underlying applications and infrastructure was self-evident. The reality was that, not only were the options to meet those goals extremely expensive, there was very little guarantee that it would work as planned when it came down to crunch time.

The reason for the expense was that each production resource had to be duplicated, to a certain extent, at the remote site. This infrastructure would need to be purchased or leased, co-located, upgraded and required experienced technicians to maintain. All of this in hope that it would never have to be used in a live situation.

Fast forward to the present and with the evolution of virtualized workloads, resource pools, metered billing and any to any replication technology, those RPO/RTO targets are now achievable and at a fraction of the cost. The underlying services billing model that makes this a reality consists of a reserved billing storage component for data replication and burstable billing compute resources that can be deployed on demand and be billed per hour of use.

Reserved storage provides a target storage repository sized to handle all replicated workloads plus potential growth dependent on changes in the production environment. Reserved storage is billed on a per GB per month basis. The storage reservation quantity can be increased at any time to mirror changes in the production environment.

Burst compute refers to on-demand CPU and RAM which are necessary to operate the virtual workloads during production failover or testing. Because replication is accomplished without live workloads, the burst compute resources are available on demand and no charges are incurred until the workloads are powered on. CPU is metered on average GHz of CPU used per hour. RAM is metered as average gigabytes (GB) consumed per hour. These burst compute charges are tallied and billed monthly. When testing or failback is complete, the resources are returned and the burst charges are no longer accrued.

While cost is still top of mind for IT Directors and CIOs, the conversations around solutions for IT's data protection and DR needs are drastically different. Reserved storage plus burst compute pricing for DRaaS allows IT organizations to execute a robust disaster recovery plan without having to pay for live compute resources waiting for use. The major obstacles to a credible DR solution, even for small businesses, have been mitigated by technology advances and wide spread adoption of said advances.

Once the question of cost has been addressed, the discussion moves to more important issues. How do end users connect to the DR environment once failover is complete? Does the recovery site adhere to the same security standards as my production environment? How is failback accomplished? These are just a few of many important questions not related to cost.

In conclusion, the reserved plus burst model allows customers to apply the advantages of two pricing models where it makes the most sense thereby protecting critical data without the burden of barely used, monthly infrastructure costs at the service provider location. A comprehensive solution will also provide assisted initial setup, volume discounts for storage, simplified day-to-day operations via a self-service console, straightforward network configuration, the option for customer initiated failover, as well as detailed billing, monitoring and compliance reporting.

Benoit PetePete Benoit is an Enterprise Solutions Architect at iland, currently based out of Dallas with over 20 years of experience in the IT Services industry including time with hardware vendors, VARs and IaaS providers. His career began in the US Air Force as a Communication-Computer Systems Operator before joining the private sector and moving to Texas in 1996. Pete has a wide range of industry experience as a technician, support engineer and solutions engineer and excels at customer service. A proud graduate of the University of Louisiana at Lafayette, Pete is a husband and father of two and enjoys golf and spending time with family and friends.

(TNS) - The flood maps that help determine where homes are built in Texas, how much insurance costs and which areas would benefit from flood control projects are based on rainfall data that hasn't been updated for as long as a half-century, meaning that development has expanded here for decades without a complete understanding of the flood risks.

Those risks have come into sharp focus following the record-setting rainfall of Hurricane Harvey, which inundated areas never touched by floodwaters before, and growing expectations among climate scientists that powerful storms will not only happen more frequently, but also pack more rain as global and ocean temperatures rise. Of the 39 Texas counties that experienced flooding during Hurricane Harvey, fewer than 10, including Harris County, have flood maps based on precipitation data from this century.

And even that data, from 2001, is more than 15 years old and doesn't capture severe storms that included Hurricane Ike in 2008, the Memorial Day floods in 2015 and the Tax Day floods of 2016.



Tuesday, 10 October 2017 16:29

Explore Harvey's Broad Reach

(TNS) - As the number of mass shootings continues to climb across the United States, emergency medical workers in central Ohio are among those nationwide seeking to arm bystanders with the knowledge, equipment and confidence needed to save lives during bleeding emergencies.

"A person with a severe enough injury to an artery can bleed to death in three to five minutes, so the regular public needs to know how to stop bleeding, whether it's by applying pressure or a tourniquet" said Jodi Keller, who oversees disaster preparedness for the Central Ohio Area Trauma System.

The network of health-care professionals has been participating in the national Stop the Bleed campaign for about a year, she said. The campaign was launched by the White House in October 2015.



Investigators: Don’t Lose Sight of the Basics

These days, attorneys and in-house legal departments can easily get caught up in the electronic evidence frenzy and in their rush to embrace the ever-evolving world of electronic evidence, they may find themselves expending significant resources on digital collection and authentication procedures. They’d do well to remember that many of the challenges attorneys and courts have faced with respect to old-fashioned physical evidence are no different from those they face with electronic evidence.

These days, many attorneys and in-house legal departments are finding themselves ensnared in the electronic evidence frenzy. And in their rush to stay abreast of the ever-evolving world of electronic evidence, these legal professionals often expend significant time, resources and money on digital collection and authentication procedures — measures that often prove entirely unnecessary. Because while there is undoubtedly a unique set of issues associated with electronic evidence (Where do you collect it from? How do you collect?), at the end of the day, electronic evidence is still evidence. Accordingly, many of the concerns associated with electronic evidence (How do you ensure it is admissible? Is there any way to keep it out of a case?) are no different than the challenges attorneys and courts have tackled for years with respect to old-fashioned physical evidence. Indeed, as one court aptly remarked in addressing electronic communication authentication concerns, “the same uncertainties exist with traditional written documents. A signature can be forged; a letter can be typed on another’s typewriter; distinct letterhead stationary can be copied or stolen.” In re F.P., 878 A.2d 91, 95 (Pa. Super. Ct. 2005). So while legal professionals cannot simply ignore the onslaught of electronic evidence issues, they should not lose sight of the basics in navigating them.

Perhaps the most challenging issue associated with electronic evidence is identifying the variety of sources from where it can be obtained. For example, beyond the more traditional e-mails, text messages and social media accounts, attorneys must now also consider those less-trodden electronic sources (at least in the world of litigation) that might contain useful information, such as voice-activated products (Siri, Google Home) and activity trackers (Fitbits). That said, while seeking Fitbit data may be valuable in defending against a plaintiff’s claim of severe disability, the same data would likely have no relevance in defending a gender discrimination claim. And given that irrelevant evidence — electronic or otherwise — generally will not be admissible in court, attorneys should carefully evaluate all of the claims in a case to determine whether seeking these less traditional (and less accessible) types of electronic evidence would be a waste of unnecessary resources and costs.



What Compliance Professionals Need to Know About Employee Data

The deadline for the General Data Protection Regulation (GDPR) is on the horizon, and a customer’s information is not the only thing that should be on a compliance practitioner’s radar. After all, the mishandling of an employee’s information can pose as much financial risk – therefore, it is important to understand the potential GDPR issues from extended rights and burden of proof to social media snafus and the need for defined policies.

Heads up: There’s more to the General Data Protection Regulation (GDPR) and GDPR compliance than meets the eye. That’s because the regulation — which takes effect on May 25, 2018 — doesn’t simply cover personally identifiable information (PII) belonging to the customers of corporate and government entities that are headquartered and/or do business in the European Union (EU). It also applies to employee PII which, as with customer PII, encompasses everything from telephone numbers to gender preferences.

Neglecting to address the employee PII aspect of the GDPR is not simply foolhardy; it puts organizations at risk for financial repercussions. EU authorities have a record of imposing penalties for noncompliance with mandates, as well as for doing so early on. Their approach to the GDPR will be no exception. But just as significant, in today’s economic climate, PII is increasingly viewed as a valuable commodity and as individuals’ personal property. Employees and former employees want control over this property and will undoubtedly capitalize on opportunities to gain it as afforded by the GDPR. Accordingly, it’s important to clarify key issues surrounding the GDPR and employee data.



Friday, 06 October 2017 17:15

Don’t Overlook This Aspect Of The GDPR

Despite the continual emergence of new malware, hackers, and data breaches, people continue to ignore security warnings. Researchers have suggested this all comes down to our brains.

With most successful cybersecurity attacks, we are constantly seeing it come down to basic human errors. From opening phishing emails to using weak passwords to running outdated software, people have long been compromising their own – or their employers’ – security. Cyber-criminals are always looking to exploit this flaw.

Most People Are Ignoring Cyber Security Warnings

We tend to blame people for clicking on links to malware or not following policies or training. Unfortunately, we are training people to ignore warnings. Think about your own experience – how often do you ignore a security warning that a website is not secure? We often believe, correctly, that it is an expired certificate and nothing is wrong. Also, with all the scam security warnings that pop up, we have allowed people to become accustomed to believing that the warnings are not valid.



(TNS) — A week after the first travel trailers to house displaced hurricane victims arrived in the Keys, they remain in storage in Key West with no apparent immediate plan to get people in them.

The Florida Division of Emergency Management said in a statement Tuesday that “the temporary housing units in Monroe County are staged in Key West for just-in-time delivery to ensure that empty units are not sitting in the public eye. As for a timetable, it is ongoing. As pads become available and survivors are approved by FEMA, we are then able to match them.”

On Sept. 18, Gov. Rick Scott, speaking in Marathon, estimated that about 10,000 of the Keys’ 75,000 or so residents were left homeless by Hurricane Irma, which hit the islands as a Category 4 Sept. 9 into 10.



You may find this blog article mind-expanding – especially if your natural reaction is to think about its title in two dimensions, rather than three. To set things straight, we’re not talking about paper printouts of Business Continuity Plans that by definition are out of date the moment they are distributed.

We’re talking instead about 3D printing, which has become a practical reality.

Businesses are finding all sorts of uses for it, including the creation on demand and on location of machine spare parts for maintenance and repair, and therefore increased uptime and greater continuity.

In a recent article on the web, consultancy firm PwC suggests several reasons why enterprises can improve their business continuity by using 3D printing. Suppliers of spare parts can look forward to cost savings: the article suggests that within 10 years, German spare parts suppliers will save 3 billion euros annually by using 3D printing.



(TNS) — Even before Sunday's mass shooting in Las Vegas, emergency management officials in Massachusetts and on the Cape and Islands were preparing for a similar tragedy here, including plans for how to get information to the families of the dead and injured.

"A lesson learned from the events in Orlando and other mass casualties, including San Bernardino and the Boston Marathon, is it's necessary that incident commanders set up a family assistance center," Kurt Schwartz, director of the Massachusetts Emergency Management Agency, said during an interview with the Times last month after he spoke at a meeting of the Barnstable County Regional Emergency Planning Committee.

A formal state-operated family and survivor assistance plan is in the final stages of development, according to Schwartz.

Initial responsibility for meeting the needs of survivors and family members falls to local authorities where the incident occurs, but state-level assistance can be quickly activated if requested.



Case Study

OVERVIEW: Since 1933, the Jericho Fire Department has been charged with protecting its Long Island, New York community residents from the perils of fire and other emergency situations. The Department proudly provides Fire Prevention and Safety Education, Fire Suppression, Emergency Medical Services and Hazardous Materials response. Its staff of 36 dedicated employees and 94 volunteers valiantly serve the residents and businesses of the Jericho Fire District and, since its inception, the department has evolved into an all-risks emergency response agency, currently responding to about 1000 alarms each year. Together as a team they save lives, reduce property loss, and improve emergency services to meet the evolving life safety needs of citizens.

CHALLENGE/OBJECTIVE: As is the case with so many Fire Departments, maintaining control over the myriad keys kept at a firehouse can be challenging. It's critical to be able to have quick, but at the same time, controlled access to some of the keys. John O'Brien, Jericho Fire District Supervisor, chose to demo the MedixSafe Key Care Cabinet to determine if it would meet the Department's key control needs. The Department already had a MedixSafe Narcotics Cabinet/Safe in their ambulances and firehouse, which has been instrumental in securing their emergency response narcotics and making them available only to the advanced life support personnel authorized to administer them in an emergency. "It's been great," O'Brien notes. "There is no key to override it, and it provides an audit trail of who has accessed the safe and when. So when the Key Care Cabinet became available, we were eager to demo it."

KeyBox6SOLUTION: O'Brien reports that "We loved what we saw, because key control was an issue, and knowing who is in the key cabinet and when is so important. The Key Care Cabinet gives us the ability to track that, as well as the capability to restrict access to those not of the rank to have access." The MedixSafe Key Care Cabinet is electronically controlled and allows the user to not only organize their access keys, but to control them, as well. A 'key' feature that differentiates the MedixSafe Key Care Cabinet from low-end key cabinets is that it enables more secure access.

Because a single PIN can be easily compromised, dual, triple or biometric authentication credentials are required before access to the Key Care Cabinet is granted. Users can opt to go with a fingerprint and PIN combination, key card and PIN combination, or a key fob and PIN combination.

It accommodates over 1,000 individual users and provides an audit trail history of up to 50,000 events. The Key Care Cabinet is accessible via a remote Ethernet network and also has a manual key override. This ensures that the cabinet can still be accessed via a single key in the event of an electronic failure.

KeyBox3BENEFITS: The ability to control access to crucial keys is among the most significant benefits the Jericho Fire Department is reaping from the MedixSafe Key Care Cabinet. Certain keys are especially important to store, O'Brien points out, including the Department's radio keys, auxiliary vehicle keys as well as keys to the fuel pumps. "Probably the most important," he says, "Are the keys for the sirens, which always need to be found quickly." There are also outside vendors the Department works with, and some of them need access to keys, as well. "My radio repairman, for instance, needs access," he adds. "We operate the radios, but he repairs them!" O'Brien adds that the software is very easy to operate, and the overall operation is extremely user-friendly. "It's really just some data entry, and our system is wireless, which made it easy to install. All we needed was a power outlet."

"The Key Care Cabinet would benefit firehouses everywhere," he says. "It ensures the security of the most important keys, and gives you the ability to control and track who's accessed those keys. I highly recommend it."

ABOUT MEDIXSAFE: A leader in the access control cabinet market, MedixSafe began designing and manufacturing narcotics control cabinets in 2008. The first narcotics control cabinets were designed for the EMS market to be used in ambulances. Based on customer requests, MedixSafe designed and built different sized cabinets to meet their varying needs. MedixSafe caters to the key control needs of doctors, dentists, veterinarians, university research departments and schools of medicine, hospitals, the U.S. Army, U.S. Navy, pharmacies, and more. For more information, visit http://medixsafe.com/

It's sometimes billed as "America's playground," but most of America doesn't live within four highway hours (much less if you speed) from downtown Las Vegas.

Which partly explains why the deadliest mass shooting in modern U.S. history – a Sunday night rampage near the Las Vegas Strip that left at least 59 dead and more than 500 wounded or injured – feels like a local crime.

Though hard numbers aren't known, a huge chunk of the estimated 22,000 people on hand when Jason Aldean's performance was halted by the crackle of an automatic weapon, came from Los Angeles, Orange, Riverside and San Bernardino counties. Even the name of the three-day country music event – the Route 91 Harvest festival – refers to the former name of the stretch of freeway and highway that connects Long Beach to Las Vegas.



The number of valid certificates to ISO management system standards (MSS) rose 8 % in 2016 compared to 2015, according to latest figures of the ISO Survey.

The ISO Survey is an annual survey of valid certifications to ISO management system standards issued by accredited certification bodies worldwide. It is the most comprehensive overview of certifications to these standards currently available.

A total of 1 643 523 valid certificates were recorded across nine standards compared to 1 520 368 in 2015 (an increase of 8 %), with a further 834 certificates across two new additions to the survey bringing the 2016 total to 1 644 357.

The ever-popular ISO 9001, Quality management systems – Requirements, and ISO 14001, Environmental management systems – Requirements with guidance for use, were up 7 % and 8 % respectively, with 1 106 356 and 346 189 certificates issued, while more recent additions to the survey, such as ISO 50001 for energy management and ISO/IEC 27001 for information security, rose by 69 % and 21 % respectively, amassing 20 216 and 33 290 certificates worldwide.



The Need for Regulatory Support

Financial institutions and federal bank regulators can integrate location intelligence as a regulatory technology (Regtech) solution to ensure compliance with anti-money laundering (AML) standards, financial inclusion requirements, and fair lending regulations. This article outlines the key benefits for banks and regulatory authorities of integrating geospatial technology.

Geospatial technology — or technology focused on the collection, analysis and visualization of location data — has a variety of uses across different industries. For instance, this technology can be used by law enforcement to track criminal activity or by retail companies to monitor customer behavior. While some financial institutions use geospatial tools to gather customer data and manage risk, this technology has not been widely adopted due to concerns from regulatory authorities regarding aspects of its functionality and credibility. If integrated properly, geospatial technology can enhance anti-money laundering (AML) practices, bolster financial inclusion and refine fair lending compliance in financial services.



Wednesday, 04 October 2017 14:56

Minimizing Risk through Geospatial Technology

The cloud industry is loosely defined, unregulated, and quickly evolving. The typical cloud service provider (CSP) business model is very uniform. It looks the same across all industries — there’s no per-tenant service customization, CSPs don’t offer one-off contracts, and they don’t bend their terms and conditions for customers in any specific industries.

So can you use a CSP if your organization is in a highly-regulated industry? Steve Chambers, a Cutter Consortium Senior Consultant and expert on the CSP industry, explains:

Some CSPs enthusiastically embrace industry regulators as they see it as a competitive advantage. These CSPs build their own assurance programs that any customer can audit, effectively meeting an industry regulator halfway by supporting the regulated organization.”

According to Chambers, a review of public CSPs shows that the oldest, largest, and most mature CSPs have the most comprehensive set of assurance programs:



(TNS) - Sunday's mass shooting on the Las Vegas Strip might not have been preventable from a security standpoint, but lessons learned from it figure to alter how authorities prepare for major events and respond to potential tragedies, experts said.

“The sad fact is we will never prevent these,” said emergency management consultant Michael DeCapua, an adjunct professor at Concordia University's Department of Homeland Security and Emergency Preparedness in Portland, Ore.

“Each incident changes how we plan and how we react,” DeCapua said. “It's a constant process of analysis, looking at the plans, training and exercising.”

The Las Vegas massacre that left at least 58 dead and more than 500 people injured could result in increased emphasis on ensuring that the environment surrounding an event venue is secure, said Laura Dugan, a professor of criminology and criminal justice at the University of Maryland.



Rethinking Independence in Internal Investigations

Demonstrating and ensuring independence in internal investigations is a critical issue for corporate counsel to consider, especially when facing or anticipating parallel regulatory probes. How to properly do so is a nuanced process: as this piece explores, it is not as simple as the binary question of whether counsel conducting an internal investigation had a previous working relationship with the company.

For a company under actual or potential government scrutiny, an independent internal investigation performed by outside counsel, sometimes coupled with cooperation with the government, can mean the difference between indictment and a much more palatable result. Often, outside counsel’s “independence” is conflated with “absolutely no prior work done for the subject company.” Indeed, some companies and boards categorically refuse to hire outside counsel to handle internal investigations if the firm has previously performed work for the company; this is out of concern that the government will assume that such counsel cannot conduct an “independent” investigation.

Although there are circumstances in which an entirely new firm should be hired for an internal investigation, imposing this sort of bright-line rule in every case may risk disqualifying a firm that is otherwise best equipped to handle a particular investigation, driving up costs and reducing efficiency while failing to increase credibility. In many situations, investigative counsel can be diligent, objective and independent despite having done some prior work for the client.  Investigative counsel that are familiar with the inner workings of a company from a prior relationship can bring enhanced efficiency and understanding to the investigation that can be extremely beneficial to the truth-finding process, as well as to cost-control efforts. The point at which a prior counsel relationship may defeat independence must be considered on a spectrum.  While hiring a firm with no prior relationship may be useful or even necessary for some types of investigations, in other circumstances, an existing or previous counsel relationship can enhance effectiveness with minimal – if any – threat to the investigation’s credibility.



What’s more important in IT Service Management, the management or the service?

In the past, the management element tended to get more attention, and the services were simply the IT systems, networks, and applications, with availability, integrity, reliability, and security added in.

Now, there is a trend towards a greater customer orientation, listening to business requirements, stakeholder expectations, and understanding that simply meeting an SLA may no longer be enough.

If this trend continues, could the IT department shift entirely from technical expertise to marketing and customer service knowhow?

For IT geeks tucked away in cubicles and glued to their screens, contact with other human beings is sometimes a stretch.



BRUNSWICK, Ga. — If you are a disaster survivor in Georgia applying for assistance with the Federal Emergency Management Agency and are referred to the U. S. Small Business Administration, it’s important to submit a low-interest disaster loan application. This will ensure that the federal disaster recovery process continues and you keep your options open. The SBA offers federal disaster loans for businesses of all sizes, homeowners and renters.

Next to insurance, an SBA low-interest disaster loan is the primary source of funds in Georgia for real estate property repairs and for replacing contents destroyed in the wake of Hurricane Irma.

FEMA and SBA encourage homeowners, renters and businesses to apply for low-interest disaster loans to help fund their recovery and to ensure the federal disaster recovery process continues.

  • Many survivors who register with FEMA will be contacted by SBA. Those who are contacted should advise SBA how they will be submitting their loan application.
  • There are three ways to submit an SBA loan application: online at https://disasterloan.sba.gov/ela/; in person at a Disaster Recovery Center (DRC); or by mail. To find the nearest location, use the FEMA Mobile app or visit www.FEMA.gov/DRC.
  • Do not wait on an insurance settlement before submitting an SBA loan application. You can begin your recovery immediately with a low-interest SBA disaster loan. The loan balance will be reduced by your insurance settlement if you receive one. SBA loans may be available for losses not covered by insurance or other sources.
  • You should complete and return an SBA application as soon as possible. Failure to complete and submit the home disaster loan application may stop the FEMA grant process. Homeowners and renters who submit an SBA application and are not approved for a loan may be considered for certain other FEMA grants and programs that could include assistance for disaster-related car repairs, clothing, household items and other expenses.
  • Homeowners may be eligible for home disaster loans up to $200,000 for primary residence structural repairs or rebuilding.
  • SBA may be able to help homeowners and renters replace important personal property including automobiles damaged or destroyed in the disaster, up to $40,000. 
  • SBA can help businesses and private nonprofit organizations with up to $2 million to repair or replace disaster-damaged real estate and other business assets. Eligible small businesses and nonprofits can apply for economic injury disaster loans to help meet working capital needs caused by the disaster.
  • SBA has staff at all DRCs to provide one-on-one assistance to homeowners, renters and businesses of all sizes in submitting their application.
  • Applicants may be eligible for a loan amount increase up to 20 percent of their physical damages, as verified by SBA for mitigation purposes. Eligible mitigation improvements may now include a safe room or storm shelter to help protect property and occupants from future damaged caused by a similar disaster.
  • SBA Business Recovery Centers (BRCs) help businesses get back on their feet from damage they sustained during the storms. The BRCs are a resource where businesses can meet face-to-face with SBA representatives to learn how a low-interest disaster loan can help them recover.


Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). For TTY call 800-462-7585.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards. Follow us on Twitter at https://twitter.com/femaregion4 and the FEMA Blog at http://blog.fema.gov.

The U.S. Small Business Administration (SBA) is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. SBA helps homeowners, renters, businesses of all sizes, and private non-profit organizations fund repairs or rebuilding efforts and cover the cost of replacing lost or disaster-damaged personal property. These disaster loans cover losses not fully compensated by insurance or other recoveries and do not duplicate benefits of other agencies or organizations. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing This email address is being protected from spambots. You need JavaScript enabled to view it. or visiting SBA’s Web site at www.sba.gov/disaster. Deaf and hard-of-hearing individuals may call 800-877-8339.

(TNS) - Las Vegas police have long feared an attack by a shooter, said former Boston Police Commissioner Edward Davis, who touched down in the city last night ahead of a crisis-planning meeting today with hotel security chiefs, before a sniper carried out the deadliest mass shooting in modern U.S. history from his 32nd-floor Mandalay Bay Resort hotel room.

"There's always been a fear - not so much among the security chiefs, but by the police out here - that there would be an attack. It is is their worst fear coming true," Davis told the Herald in a phone interview from Vegas this morning.

"This is, just on its face, a big glaring target for Islamic terrorists. And now you've got a yahoo with a machine gun firing at people from a hotel window. It's terrible times," he said.



Avoiding Blind Spots, Groupthink and Other Issues

Though virtually every involved party was at fault to some degree, bias on multiple fronts was largely the cause of the 2008 financial crisis. Given that bias in risk management can result in a disastrous event such as this one, protecting against biases is critical. Jim DeLoach presents several strategies to overcome these blind spots and effectively address operational risks.

Few would argue that the 2008 financial crisis was likely the most spectacular failure in risk management recorded to date. There are so many causal factors and culpable parties, we cannot possibly cover them all. One of my favorite books on the subject is All the Devils Are Here: The Hidden History of the Financial Crisis. The promo for this outstanding, highly readable book reads as follows:

As soon as the financial crisis erupted, the finger-pointing began. Should the blame fall on Wall Street, Main Street or Pennsylvania Avenue? On greedy traders, misguided regulators, sleazy subprime companies, cowardly legislators or clueless homebuyers? According to [the authors], the real answer is all of the above – and more. Many devils helped bring hell to the economy. And the full story, in all of its complexity and detail, is like the legend of the blind men and the elephant. Almost everyone has missed the big picture. Almost no one has put all the pieces together.



If you have homeowners or flood insurance, you can still register with FEMA for assistance for an eligible need not covered. However, survivors must take care not to accept the same benefits from more than one source, also known as the duplication of benefits.

Duplication of Benefits   

• Duplication of benefits occurs when an individual or family receives an identical item or service from more than one source.
• Federal and state agencies responding to disasters are prohibited from duplicating the benefits of insurance companies or other public or private entities.

Insurance Companies

• FEMA cannot legally provide disaster assistance for items or services already covered by flood insurance.
• When insured survivors apply for FEMA assistance, they must submit copies of their flood insurance settlements.
• Survivors who have flood insurance that covers structure and/or contents may receive little to no disaster assistance from FEMA.

Public or Private Organizations

• FEMA also cannot provide disaster assistance for items or services that survivors have received through donation.
  o For example, if a public or private organization provides donated appliances, bathroom fixtures or medical equipment to a survivor, that survivor cannot receive FEMA assistance to replace those items.

Duplicating Benefits Violates FEMA-Survivor Agreement

• Survivors who receive disaster assistance sign a form agreeing to use all awarded funds in the manner specified by FEMA.


Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). For TTY call 800-462-7585.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards. Follow us on Twitter at https://twitter.com/femaregion3 and the FEMA Blog at http://blog.fema.gov.

The U.S. Small Business Administration (SBA) is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. SBA helps homeowners, renters, businesses of all sizes, and private non-profit organizations fund repairs or rebuilding efforts and cover the cost of replacing lost or disaster-damaged personal property. These disaster loans cover losses not fully compensated by insurance or other recoveries and do not duplicate benefits of other agencies or organizations. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling (800) 659-2955, emailing This email address is being protected from spambots. You need JavaScript enabled to view it., or visiting SBA’s Web site at www.sba.gov/disaster. Deaf and hard-of-hearing individuals may call (800) 877-8339.

(TNS) — Miami-Dade government employs the second-largest workforce in the county. Why couldn’t it find enough people to open hurricane shelters on time?

That’s one of the topics likely to be broached Thursday when the County Commission convenes a meeting at 1 p.m. to examine Miami-Dade’s response to Hurricane Irma, which sparked the largest evacuation in the county’s history as well as complaints that the government wasn’t ready for the logistical demands of a major storm.

The most visible challenges came in the increasingly frantic days before Irma’s projected landfall in south Florida. Until the Friday before Irma hit on Sunday, Sept. 10, forecasts had the Category 5 storm as one of the most threatening ever for Miami, with the possibility of the eye crossing the city’s downtown. Miami-Dade Mayor Carlos Gimenez issued unprecedented evacuation orders for more than 600,000 residents.



Cybercrime damage costs are projected to hit $6 trillion annually by 2021. And it’s not just the big guys that are getting hit – 43 percent of cyber attacks specifically target small businesses. Cyber attacks are clearly here to stay, which is why it’s become vital to the survival of your business to prepare for them.

Here are five solid tips that should help you protect yourself against these malicious digital threats.



Friday, 29 September 2017 15:35

5 Solid Cybersecurity Tips for Your Business

A law firm’s livelihood depends upon its reputation among clients. However, this reputation is at risk when client confidence is diminished—whether this be as a result of failed expectations or inadequate due diligence. For this reason, and the rise of a more modern threat landscape, law firms are prioritizing the protection of sensitive information and prevention of downtime now more than ever.

69% of legal professionals rated “Data Security” as the top challenge for their firms*

Most firms are investing heavily in preventative IT security by implementing tools and strategies to ensure no one gets unwarranted access to data. However, many of those firms have not modernized the restorative side of their IT security strategy, the portion that ensures you can recover from an incident.



Friday, 29 September 2017 15:30

Protecting Your Firm’s Reputation

When you look at something, you have an impact on it. That’s the observer effect.

Cited in quantum physics, the effect can have a major impact when you try to look at very small particles, because the photons (the light) required to see the particles are of a comparable size.

Bouncing photons off those particles will therefore have an impact on them, what they do, and what you finally observe.



Thursday, 28 September 2017 14:56

The Observer Effect in Business Continuity

Security software vendors are furiously introducing new products with increasingly sophisticated machine learning algorithms that can detect phishing scams and quarantine a message before it ever gets in front of a vulnerable end user to be clicked upon.

But a ransomware campaign launched Sept. 18 features a sophisticated new wrinkle to the phishing technique, enabling it to slip past many of the machine learning algorithm-based software sold by some of the industry’s most popular vendors, according to research by security firm Comodo.



If you're an MSP, you might have noticed something a little unfair about the tech world today: Software developers get most of the glory, but it's the people who maintain software -- including MSPs -- that do a lot of the hard work to keep systems running smoothly.

I was thinking about the importance of software maintenance recently after reading an op-ed encouraging readers to "get excited about maintenance."

The piece focused primarily on industries like transportation.

But the authors noted that in the software industry, maintenance accounts for well over half of costs and labor.




Hackers prey on complacency like thieves checking cars in a parking lot: They don’t have to break windows if you leave the doors unlocked.

They bet organizations won’t make simple software updates, and they’re often right.

Just look at the WannaCry attacks earlier this year. The ransomware was designed to exploit a known weak spot in Windows—one for which Microsoft had issued a patch months before. Thousands of victims, who didn’t install the updates, were left with a tough choice if they didn’t have backups in place: Either pay a Bitcoin ransom to unlock their data or say goodbye to that information.

Maybe we ignore regular updates because we’re too busy, or we don’t think they’re necessary. Or we see the pop-ups so often, we don’t give them a second look before we dismiss them.

But regular updates are a crucial part of your cyber security—well worth the 15 minutes it takes to install them. Taking the most basic precautions by making sure every system in your organization is up to date can’t prevent every cyberattack, but it’s often enough for hackers’ tools to skip your organization for one that’s less prepared.

Patch Updates FINAL100dpi

Taking the most basic precautions by making sure every system in your organization is up to date can’t prevent every cyberattack, but it’s often enough for hackers’ tools to skip your organization for one that’s less prepared.

Do you have plans in place for use when traditional communication methods are limited? Here’s why you should create and implement backup communications systems

In our blogs over the past several weeks, we have been discussing business continuity strategies and IT architecture. We have also talked about planning for hurricanes and other storms. As a follow up to both of those concepts, today’s blog is a bit more tactical and pointed. The recent storms and hurricanes have directed our attention back to natural disasters and our preparedness for them. One thing the devastation in Puerto Rico has made clear is how difficult it is to maintain communications when the underlying infrastructure has been destroyed or compromised. Internet and cell phone networks are out all over the island making communication with officials, friends, and relatives on the mainland almost impossible.

Here are some things to consider regarding communication (including contact with government officials and vendors; locating and accounting for staff, etc.) if your planned use of telephones (cell or otherwise), email, websites, messaging, and the like become unavailable.



Wednesday, 27 September 2017 14:31

What About When Communication Methods are Limited?

2016 was a record year for large HIPAA breaches, with covered U.S. healthcare entities reporting 133 cases that affected the private information of at least 500 individuals each.

This year is on pace to more than double that figure, with 221 major breaches reported to federal authorities already, as of Sept. 20, government records show.



If you’ve worked in IT development for hardware or software, or had dealings with that world, you may well have seen the statistics about the costs of fixing bugs.

In terms of “units” of cost, suppose catching a bug during the design phase costs one unit to fix it. Then catching it after module code has been written costs ten units, and catching it at final quality assurance testing costs 100 to fix it. Once the product has been released to market, the cost is 1,000 units.

A similar logic applies to IT security. If you try to stick it on as an afterthought, it gets expensive too. But what do you do with legacy systems that were built before these illuminating statistics were available?

The problem with bolted-on solutions in a digital world is not just the cost, although this mounts up rapidly in terms of effort to find a suitable solution, testing, and retrofitting (patching or upgrades). IT security is now an all or nothing situation.



Tuesday, 26 September 2017 15:03

When Bolted-On IT Security is the Only Option

When was the last time your organization conducted a mock disaster exercise? If you can’t think of a single instance (or if you’re taking too long to consider your answer), then your well-laid disaster recovery plans aren’t likely to be recovering anything anytime soon.

If you start performing those exercises now, however, there’s still time to turn things around.

What is a mock disaster exercise? It is a simulation of an unplanned disruption that requires participants to identify the actions and steps they would take to successfully respond, assess the impacts, activate resources, and recover in a timely matter.

Why is it so important? Because this type of “mock” testing validates your recovery plans and strategies (both of which are based on a formal business impact analysis that has been analyzed and shared with management). Having a set of written directions is only the first step in a two-part process of disaster response planning; the second step is testing those directions to see if people can actually put them to use. Could your team really respond, activate, and recover? You’ll never know unless you put them to the test.



Evacuteer checking someone in during 2017 full-scale city assisted evacuation exercise.

“I am a Katrina survivor.” These were the first words out of Joan Ellen’s mouth when I spoke with her. And she was one of the lucky ones. She made it out of New Orleans before Hurricane Katrina made landfall on August 29, 2005. But not everyone was so fortunate. One of Joan Ellen’s neighbors did not evacuate because she could not bring her old dog with her to a shelter and would not leave him behind. Her neighbor died in the flooding. Joan Ellen recalls, “If I had known I would have taken her with me.”

Evacuations are more common than you might think. Every year people across the United States are asked to evacuate their homes due to fires, floods, and hurricanes. However, there are many reasons people may not be able to evacuate– including issues that New Orleans’ residents face, like lack of transportation, financial need, homelessness, and medical or mobility issues.

No one left behindJoan Ellen returned to her home in New Orleans 48 days after Hurricane Katrina. She likes to tell people, “I only had a foot of water – but it was a foot over my roof.” The thing she remembers most vividly about going home was not the destruction, but the smell. When Joan Ellen heard a radio announcement that they were recruiting volunteers to help in a mandatory evacuation she signed up. She has been training other Evacuteers since she joined the organization in 2009. She loves the casual definition of family that keeps people together in the event of an evacuation. “Family is anybody we say is family, and we will keep everybody together. In New Orleans we are only two degrees of separation.”

According to FEMA’s Preparedness in America report, people in highly populated areas were more likely to rely on public transportation to evacuate in the event of a disaster. In the event of a mandatory evacuation, approximately 40,000 people living in New Orleans will need assistance to evacuate because they don’t have a safe or alternative option.

After learning from Hurricane Katrina, the City of New Orleans will now call a mandatory evacuation nearly three days in advance of a dangerous or severe storm making landfall on the Louisiana coast. Everyone must leave during a mandatory evacuation until officials declare the city safe for re-entry.

Mobilizing the Evacuteers

The City also started City Assisted Evacuation (CAE) to help people who are unable to evacuate on their own. Through this program, the city provides free transportation for residents, along with their pets, to a safe shelter. CAE counts on volunteers from Evacuteer.org, a local non-profit organization that recruits, trains, and manages 500 evacuation volunteers called “Evacuteers” in New Orleans. As the Executive Director of this organization I tell people, “We are a year-round public health preparedness agency that promotes outreach to members of the community that aren’t always easy to reach, nor trusting of government, about their options and the evacuation process. The goal is to make sure that everyone using CAE is treated with dignity throughout the entire process.”

Lit evacuspot in Arthur Center

Evacuteers receive a text message if the City of New Orleans calls for a mandatory evacuation. Teams are assigned to seventeen pickup points, called Evacuspots, placed in neighborhoods around the city. The Evacuteers help register people and provide information about the evacuation process. When residents go to an Evacuspot, Evacuteers will give every person a ticket, a wristband, and a luggage tag to help track their information and ensure that families stay together. After the paperwork is filled out, evacuees are transported to the downtown Union Passenger Terminal bus station where they will board a bus, and for a smaller percentage, a plane, to a state or regional shelter. When the city is re-opened after the storm passes, the process will bring residents back home to New Orleans.

An artistic approach to save lives

Each Evacuspot is marked by a statue of a stick figure with his arm in the air, and looks as though he is hailing a safe ride out of the city. Erected by international public artist, Douglas Kornfeld, the statues are a public art initiative led, and fundraised, by Evacuteer.org. Installed at each of the pick-up points in 2013, the stainless steel statues measure 14-feet tall, and stand as a reminder to residents year-round that there is a process to ensure everyone has the opportunity to safely evacuate.

Do you know what to do?
  1. Have a plan. Know where your family will meet, both within and outside of your neighborhood, before a disaster.
  2. Fill ‘er up. Make sure you have a half a tank of gas at all times in case of an unexpected evacuation. If an evacuation seems likely, make sure your tank is full.
  3. Keep your options open. Have alternative routes and other means of transportation out of your area. Choose several destinations in different directions you can go to evacuate.
  4. Leave early. Plan to take one car per family to reduce congestion and delay.
  5. Stay alert. Do NOT drive into flooded areas. Roads and bridges may be washed out and be careful of downed power lines.
Learn more
Read our other National Preparedness Month blogs:

Posted on by Kali Rapp Roy, Executive Director, Evacuteer.org

Tuesday, 26 September 2017 14:53

CDC: The Power of Us

F17 01

F17 02PHOENIX, Ariz. – Fall World 2017 was another great success for Disaster Recovery Journal, marking the 57th conference for the business continuity industry’s premier event.

More than 700 attendees joined speakers, board members, and exhibitors from around the globe at the JW Marriott Desert Ridge Resort and Spa in Phoenix, Arizona, Sept. 17-20, 2017. The three-day event featured 62 sessions, a concurrent exhibit hall with almost 100 booths, and numerous networking events.

F17 03“The venue was just very well received again this year,” said DRJ President Bob Arnold, looking over attendee evaluations after the show. “The numerous networking opportunities seemed to be very popular with attendees too. Our topics always get very high marks but the food was at a higher level than we’ve seen. JW Marriott does a good job. It’s a great venue.”

The conference took place just days after two major hurricanes and days ahead of more earthquakes and hurricanes.

“In the wake of Hurricanes Harvey and Irma, the subject was a major topic of discussion among our speakers, vendors, and attendees,” said Arnold. “We plan on covering details as lessons learned come out of these events.”

The senior advanced track was very popular with practitioners as well. This special track allows the industry’s most advanced planners to interact with C-level personnel and other advanced practitioners.

“The senior advanced track is a good balance between IT and the organizational side,” said Arnold.

F17 04DRJ Fall World 2017 gold sponsor Fusion Risk Management hosted the Monday Night Hospitality event, featuring food, drinks, dancing, and giveaways. Silver sponsors included eBRP Solutions, Firestorm, IBM Resiliency Services, Onsolve, Regus, RSA, Strategic BCP, and SunGard Availability Services. Co-sponsors included Agility Recovery, AlertMedia, Avalution Consulting, BC in the Cloud, ContinuityLogic, Fairchild Consulting, Kingsbridge Disaster Recovery, Mail-Gard, Quantivate, Recovery Planner, Rentsys Recovery Services, RES-Q Services, Ripcord Solutions, and Virtual Corporation. Business partners include Business Continuity Institute (BCI), Forrester Research, International Consortium for Organizational Resilience (ICOR), and Public & Private Businesses Inc. (PPBI).

F17 05“I want to thank all of our sponsors and exhibitors for helping us provide so many networking opportunities with attendees and vendors,” said Arnold. “We were really happy with everyone who joined us for another great show in Phoenix.”

F17 08In addition to several individual vendor drawings, attendees raked in 18 of the hottest technology items at the DRJ booth as part of the exhibit hall raffle. Grand attendance prize drawings also went to Chuck Robertson, Donna Turner, and Melanie Lightfoot Wednesday morning before the final general session. All three attendees win a free pass to a future DRJ conference.

Check out the DRJ.com Live page for more photos, tweets, and other details from DRJ Fall World 2017.

F17 10DRJ is now preparing for its next conference, DRJ Spring World 2018, which will be held March 25-28, 2018, in Orlando. Potential speakers have until Sept. 29, 2017, to submit a Call For Papers presentation.

To attend DRJ Spring World 2018, visit https://www.drj.com/springworld/.

Hotels & Travel
Pre/Post Classes
Key Contacts
ROI Toolkit

F17 13

Monday, 25 September 2017 22:35

DRJ Fall World 2017 Another Great Success

SolarWinds this week launched a beta of a converged application performance monitoring (APM) and infrastructure monitoring tool.

AppOptics combines SolarWinds’ TraceView APM and Librato, a cloud infrastructure monitoring company it purchased in early 2015.

The unified platform is designed to make it easier to monitor complex modern applications and distributed infrastructure, while eliminating the need for multiple monitoring solutions.

“The era of cloud and digitalization is driving exponential application growth,” Christoph Pfister, executive vice president for products at SolarWinds, said in a statement. “Applications are now the prime medium by which customers experience a brand, making uptime and end-user experience more critical than ever.



Don’t be Caught Unprepared

An emergency is defined as “a serious, unexpected, and often dangerous situation requiring immediate action.” The key word here is “unexpected.” An emergency is an emergency because it is not predictable – but it can be planned for if you understand your most likely threats.

As we are in the heart of hurricane season and have witnessed perhaps two of the worst hurricanes on record, we can all agree Harvey and Irma presented urgent situations. The good news about hurricanes, however, is that they are rarely unexpected. Thanks to modern technology, we have time to plan. We may not know what to expect, we do have certain steps we can take to ensure we come out of it alive, if not well.

The same goes for organizations designing their emergency response strategy. Not every situation can be predicted, but it’s wise to assess your current risks and make plans on how you would respond.



A solid IT architecture keeps your business running efficiently, but what if you don’t have one? These are key indicators for when a rebuild is in order.

Many come into the planning of an IT infrastructure with the best intentions. But even with a solid plan in hand, mismanagement, departmental politics, and emphasis on expediency can morph your implementation into a series of case-by-case decisions and leave you with a structure that doesn’t reflect your original intentions.

How do you know if your organization has strayed from the path? Here are some indicators that the current IT architecture has taken your company hostage.



Monday, 25 September 2017 16:03

Signs of an Unreliable IT Architecture

How many times have you heard business people talk about their DNA – meaning their business culture or something similar?

It’s a little out of fashion now, kind of like SPIN selling, if you remember that. Corporate DNA or the enterprise double helix was supposed to be where business values lived, the “way we do things around here”, and so on.

Now, business DNA and its potential for harbouring business continuity may be set for a comeback, but not as an airy-fairy concept. This time, it really could be engrained in the business or rather in the people who represent the business.



Monday, 25 September 2017 16:02

Business Continuity? It’s in Our DNA, Right?

What’s the difference between a risk, a threat, and a vulnerability? This is worth knowing, because if you can spot the risks in your enterprise and mitigate or eliminate them, you might not have to worry about associated threats.

Proactive action like this can keep your enterprise safe and secure, without having to worry (unduly) about changes in finance, sales, production, IT, or others.

So, the first thing to understand is the definition of each term and how they relate to each other.

A handy way of understanding the relationship between risk, threat, and vulnerability is the following simple equation:

Risk = Threat x Vulnerability x Impact

Now, a threat is something you cannot control. Cyber criminals threaten the security of your systems, while a hurricane threatens power supplies, for example.



Is Your Company Prepared for a Pandemic?

Recent natural disasters such as Hurricanes Harvey and Irma have undoubtedly sparked a renewed interest in continuity planning among many business leaders. When compared with even large-scale weather events, however, a global crisis – particularly a pandemic – is exceedingly difficult to plan for. This article outlines risk mitigation strategies and steps companies can take to ensure business continuity in the event of a pandemic.

Every flu season, public health experts speculate about the likelihood of a future global pandemic and its possible costs to lives and livelihoods. No one doubts those costs will be high. In recent years, outbreaks of highly infectious diseases, though short of pandemic levels, have taken billions of dollars from the global economy and caused untold misery.

For example, the World Bank projected losses of $3.5 billion in Latin America and the Caribbean due to the 2016 Zika virus. The 2014 Ebola outbreak in Guinea, Liberia and Sierra Leone cost those countries an estimated $2.8 billion in overall economic impact through 2015. A study by scholars at Korea University and the Australian National University roughly estimated the global economic impact of the 2003 SARS epidemic at $40 billion.

While public health officials and medical professionals work to understand how to prevent or contain pandemics to save lives, less attention has been paid to containing the economic risks. A 2016 report by the National Academy of Medicine’s Commission on a Global Health Risk Framework for the Future estimates that an outbreak on the scale of the 1918 influenza pandemic would cost the global economy as much as $60 billion a year. Despite this and other frightening estimates, businesses today are unprepared for the revenue losses that will result from the disruption of commerce during a global or even a regional disease outbreak.



Monday, 25 September 2017 15:59

Managing Risk During a Global Crisis

Hurricanes, earthquakes, floods, wildfires and tornados devastate lives and companies. The companies that survive are led by those who invest in emergency plans

When natural disasters strike, four out of ten businesses never reopen, according to FEMA. Of those that do reopen, only 29 percent will be operating two years later.

The aftermath is overwhelming

If employers and company leaders don’t plan for emergencies and don’t plan for business continuity, they become overwhelmed with cascading problems concerning employees, property, logistics, customers, suppliers, investors and media.

Too many employers are in denial and don’t plan for foreseeable emergencies in their location.



Monday, 25 September 2017 15:44

How smart employers survive a natural disaster


Hurricane Maria hit the Caribbean on Monday causing widespread damage throughout the US Virgin Islands, Dominica and Puerto Rico. Communications prior to the storm appeared clear and concise. Residents were warned to prepare and take shelter however, considering the damage left by Hurricane Irma just two weeks ago, the risk to lives and infrastructure was even higher.

Whilst news reports are showing the destruction from afar, one of the problems being faced by those affected in the Caribbean is a wide-scale loss of communications, meaning rescue operations and external aid missions are hindered, and communities face periods of time where contact with relatives and friends is impossible.

During a crisis, what are the repercussions of limited communications? Some communication outages can be repaired reasonably quickly by fixing damaged phone lines or restoring power to servers, however the long-term effects can be much more severe. If cables are damaged, major repairs can be needed which could take weeks or months to facilitate. The human effects of communications outages can also be damaging to communities by heightening a sense of panic. Whilst it’s important that members of the community can contact their colleagues, friends and family; the relief effort of emergency services must be a priority and without consistent communications, these efforts can be negatively impacted or even made impossible.

In the business continuity and resilience sector, having back-up systems and data sets is one of our key drivers. By having multiple sources of communication, for example, wireless and cable, communities and organizations are more likely to maintain access to at least one source and reduce any backlog of communications, therefore increasing the speed and effectiveness of the response effort.

At present, disaster recovery efforts appear to be heavily focussed on organizations, human welfare and infrastructure. However, the loss of communications is a problem which could be avoided. With the emergence of new technologies and a deeper understanding of these technologies, it should be possible to safeguard communications against the effects of a disaster by prioritising the implementation of multiple communication methods before a disaster becomes a crisis. 

Download the attached files

PDF documents  

The Business Continuity Institute

Climate change is seen to be one of the main challenges for the future, with the consequences of extreme weather events ranked the number one cause of business disruption.

The BCI Long-Term Planning Report, sponsored by Siemens, explores the attitudes and behaviours linked to long-term planning in the Benelux region and beyond, and considers how organizations prepare for future challenges related to climate change as well as how to they perceive their impact.

The results show the outstanding importance of long-term planning, horizon-scanning, and collaboration, as key elements when preparing for, responding to, and recovering from weather related disruptions. Download the full report and discover all the results.

Monday, 25 September 2017 15:28

BCI Continuity Planning for Climate Change

The Business Continuity Institute

2017 marks the 16th anniversary of the 9/11 terror attack. On the 11th September, 2001, two planes flew into the Twin Towers in the centre of New York, a third targeted the Pentagon in Washington DC and a fourth plane crashed in a field in Pennsylvania. The ongoing impact of the attacks is still widely spoken about today, and they brought to light the importance of planning and business continuity.

We focus, as business continuity professionals, on the importance of a variety of factors and one of the keys to embedding business continuity in your organization is staff welfare.

Staff welfare is ensuring that your staff not only feel supported during a disruption, but that they understand their roles and responsibilities during a disaster. If employees and stakeholders aren’t supported and their needs not met, can an organization guarantee that they will respond proactively to a disaster? Following the 9/11 attacks, major organizations affected have incorporated welfare plans into their BC plans.

Morgan Stanley was one of the organization’s affected by the 9/11 attacks and in the years following, talked about how their staff welfare took precedence. Within 20 minutes of the attack, most members of staff had been evacuated and within one hour of the attack, staff were relocated and backup systems were operational.

Robert Scott, COO of Morgan Stanley at the time, credits this success to their plans, exercising programmes, and personnel. By training senior managers and staff to respond to disasters, they were indeed prepared. They put the welfare of their staff above financial security and as a result, were able to resume business as soon as possible.

In an interview with the Harvard Business School, the COO stated "I am most proud that the clear, collective, first priority of senior management was the well-being of the people who work for Morgan Stanley." The resumption of their business is testimony to this approach.

Although each organization works differently and prepares for disruption in different ways, many can learn from this approach. The responsibilities of preparedness lie not only with management, but with every stakeholder associated with an organization and it is vital that business continuity and resilience professionals continue to endorse the importance of planning by demonstrating improvement through lessons learned and vigilance during times of uncertainty. 

Download the attached files

PDF documents  

The Business Continuity Institute


Mexico is waking up to widespread disruption and damage following a 7.1 magnitude earthquake.

The country is prepared for this type of disaster. All across Mexico, regular drills are practiced to ensure people are prepared for natural disasters, however this time it wasn’t a drill. The widespread damage is yet to be fully reported on and it’s likely that we won’t know the extent for days, weeks and even months, however their initial response appears proactive and positive.

In August 2017, the U.S. Department of Defense undertook an exercise designed to prepare the military and residents for a possible 7.0 magnitude earthquake. They followed their plans to the letter; escalating the disaster from local to county authorities. Once these county authorities could no longer manage the exercise scenario, it was escalated to state authorities and as a final escalation, the federal government was involved. According to Army Col. Barry Graham; “… I think it has been a great exercise and everyone has gotten something out of this training. New Mexico is very prepared because of this exercise."

Residents across the US and Mexico are also exercised regularly, undertaking drills which educate them on how to respond to a variety of scenarios. During these exercises, a 30 second warning is given and they are instructed of where to go and what to do depending on the type of disaster being exercised. This time however, there was no warning. The first the residents felt was the tremor. 

As this disaster becomes a reality with uncanny resemblance to their most recent exercise, how are local, state and federal authorities responding? Alfredo del Mazo Maza, the State of Mexico’s governor has invoked their disaster response plan; ordering schools to close and public transport to operate free of charge to allow residents to travel safely. Emergency services and volunteers are also in place working around the clock, searching the rubble for survivors. The extent of the damage and the widespread panic may hinder the recovery process, however even in the first 24 hours following the disruption, it appears that their widespread preparedness and exercising schedule will play a vital role in their recovery as a whole. 

Download the attached files

PDF documents 

The Business Continuity Institute


Having related but different disciplines work together, such as information security and business continuity, is the key for building resilience at an organizational level

Caversham, 19rd September 2017 –The Business Continuity Institute (BCI), in association with Mimecast, have published the BCI Information Security Report 2017. Cyber-attacks, such as the recent WannaCry ransomware attack, cause great disruption and financial loss, meaning organizations need to focus on collaboration as a key driver for building information security which is an important component of organizational resilience. 

The BCI Information Security Report looks to benchmark how organizations handle sensitive data and how resilient they are when it comes to data protection. The survey assessed 369 organizations in 63 countries worldwide on the different solutions and key drivers on which they build information security. 75% of organizations report the use of internet-connected devices at least once daily which demonstrates the pervasiveness of technology and how crucial it is to keep these devices secure. The results also showed that, top management commitment is pivotal in building information security across the organization. Compliance with legislation alongside organizational policies – such as staff training, company regulation etc. – and financial investment in information security, were also key drivers for information security in organizations. 

What stands out the most from the report is the concept of collaboration. Indeed, having collaboration among management disciplines and teams plays an essential role in tackling information security challenges, but it also helps when building organizational resilience. Therefore, business continuity professionals, with their expertise in dealing with disruption, should engage with related disciplines. Collaboration involved organizational change and effort, but the benefits deriving from it should be the motivation behind taking action. 

Founded in 1994 with the aim of promoting a more resilient world, the Business Continuity Institute (BCI) has established itself as the world’s leading Institute for business continuity and resilience. The BCI has become the membership and certifying organization of choice for business continuity and resilience professionals globally with over 8,000 members in more than 100 countries, working in an estimated 3,000 organizations in the private, public and third sectors.

The vast experience of the Institute’s broad membership and partner network is built into its world class education, continuing professional development and networking activities. Every year, more than 1,500 people choose BCI training, with options ranging from short awareness raising tools to a full academic qualification, available online and in a classroom. The Institute stands for excellence in the resilience profession and its globally recognised Certified grades provide assurance of technical and professional competency. The BCI offers a wide range of resources for professionals seeking to raise their organization’s level of resilience, and its extensive thought leadership and research programme helps drive the industry forward. With approximately 120 Partners worldwide, the BCI Partnership offers organizations the opportunity to work with the BCI in promoting best practice in business continuity and resilience.

The BCI welcomes everyone with an interest in building resilient organizations from newcomers, experienced professionals and organizations. Further information about the BCI is available at www.thebci.org.

Wednesday, 20 September 2017 16:32

BCI Information Security Report

The Business Continuity Institute


In our globally connected world, most organizations have staff that travel overseas, making it more important than ever for those organizations to have an effective emergency communications plan in place in order to contact geographically dispersed staff during a crisis.

Our annual emergency communications survey, sponsored by Everbridge, aims to benchmark the emergency communication arrangements of organizations in different sectors worldwide. Please do support the valuable research work of the BCI by completing the survey which you can find by clicking here. As an added incentive, all respondents will be entered into a prize draw to win a £100 Amazon gift card.

Tuesday, 19 September 2017 19:22

BCI Emergency Communications Survey 2017

TALLAHASSEE, Fla. – As Floridians begin the cleanup process after Hurricane Irma, the Federal Emergency Management Agency (FEMA) urges everyone to know the best way to remove debris from their property.

Don’t wait to clean up storm damage. Document damage with photos or videos.

Take care when cleaning up. Dangling power lines, flooding and other hazards remain. If trees and other debris have fallen on your private property, be sure to check with your insurance agent to determine if tree damage is covered by your policy. As you clean up, be sure to keep in mind the following information:

  • Due to the magnitude of recent disaster events, residents can move debris from their private property to public rights-of-way for pick up and removal by local governments for a limited time. Debris removal from private property is generally the responsibility of the property owner, just as before the hurricane.
  • Follow guidance from your local officials when placing debris for collection. Separate debris into six categories when disposing along the curb:
    • Electronics, such as televisions, computers or phones;
    • Large appliances, such as refrigerators, washers, dryers, stoves or dishwashers.  Be sure to seal or secure the doors so that they are not accessible;
    • Hazardous waste, such as oil, batteries, pesticides, paint or cleaning supplies. If you suspect that materials contain lead-based paint, keep them moist or contain materials in plastic bags so that the paint does not become airborne;
    • Vegetative debris, such as tree branches, leaves or plants;
    • Construction debris, such as drywall, lumber, carpet or furniture; and
    • Household garbage, discarded food, paper or packaging.
  • Place debris away from trees, poles or structures including fire hydrants and meters.
  • Remove all water-damaged materials from your home and place curbside for pickup.
  • Debris should not block the roadway.

Hurricane Irma left behind fallen trees, limbs and trash from damaged buildings on private and public property. Workers have begun picking up the tons of debris dumped on streets, highways, curbsides and from private yards. Federal and state aid will help pay for removing debris from public property.

For more Hurricane Irma recovery information, visit www.fema.gov/hurricane-irma.


FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). For TTY call 800-462-7585.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who receive SBA loan applications must submit them to SBA loan officers to be eligible for assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

TALLAHASSEE, Fla. – If you live in one of the disaster-designated Florida counties and experienced property damage or loss directly caused by Hurricane Irma, register with the Federal Emergency Management Agency (FEMA) for disaster assistance – even if you have insurance. This can be an important step to begin the process of recovery.

You may register for assistance the following ways:

  • At www.DisasterAssistance.gov.
  • If you don’t have Internet access, you can call 800-621-3362.
  • People who have a speech disability or hearing loss and use TTY should call 800-462-7585.
  • For those who use 711 or Video Relay Service (VRS), call 800-621-3362.
  • These toll-free telephone numbers will operate from 7 a.m. to 11 p.m. (EST) seven days a week until further notice.

FEMA assistance for individuals may include grants for rent, temporary housing and home repairs to their primary residences, as well as funding for other serious disaster-related needs, such as medical, dental or funeral costs. If you have insurance, FEMA may still be able to assist with disaster-related expenses that were underinsured or not covered by your policy.

After you apply, a FEMA inspector will contact you to schedule an inspection. The inspection generally takes 30-40 minutes or less and consists of a general verification of your disaster-related losses and a review of ownership or residence records. There is no fee for the inspection.

When a FEMA housing inspector comes to visit your home, be sure they show you proper identification. All FEMA inspectors have prominent photo identification badges. If you suspect someone is posing as a FEMA housing inspector, call our toll-free Disaster Fraud Hotline at 866-720-5721, or call local law enforcement officials.

Once the inspection process is complete, your situation will be reviewed by FEMA. You will receive a letter by email or physical mail, depending on your preference, which outlines the decision about your claim. For more information about the inspection process, and documentation you will need to provide the inspector, visit the FEMA Individual Assistance Inspection Process page.

Know that you may receive a visit from more than one inspector throughout the recovery process. In addition to FEMA housing inspectors, representatives from the U.S. Small Business Administration, state and local officials and inspectors for private insurance coverage also visit neighborhoods in affected areas.

For more recovery information visit FEMA’s Hurricane Irma web page at www.fema.gov/hurricane-irma.

 A call from a FEMA inspector. A brief inspector's visit. A decision letter. If you receive a SBA loan application completing it is an important step in finding out what aid may be available to you.


FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). For TTY call 800-462-7585.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who receive SBA loan applications must submit them to SBA loan officers to be eligible for assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

FEMA has authorized Clean and Removal Assistance (CRA) for all designated counties in Texas for homeowners with disaster-related real property damage that do not qualify for Home Repair Assistance because the damage did not render the home uninhabitable.

This assistance is intended to prevent additional loss and potential health and safety concerns and reduce contamination from floodwater.

Clean and Removal Assistance is awarded as a one-time payment per household. This amount represents the average cost of cleaning, sanitizing and removing carpet in a flooded dwelling in the designated area. 

CRA payments are part of FEMA’s Other Needs Assistance program. Applicants must register with FEMA at DisasterAssistance.gov and meet all eligibility requirements. An inspector must verify that floodwater caused the damage to at least one item in the home.

Friday, 22 September 2017 18:54

Fact Sheet: FEMA Clean and Removal Assistance

WASHINGTON – The U.S. Department of Homeland Security's Federal Emergency Management Agency (FEMA) continues coordinating the efforts of the federal family, working alongside state, Commonwealth, tribal, territorial, and local emergency responders to help address the immediate needs of survivors following Hurricane Irma.

Tens of thousands of federal workers are supporting preparedness, response, and recovery to Hurricane Irma, including more than 3,200 FEMA staff, and more than 13,000 National Guard soldiers and airmen from 22 states, in rescue, evacuation, security and support operations.

three men on a boat repair a light

Crewmembers from Coast Guard Aids to Navigation Team Jacksonville Beach make repairs to a light damaged by Hurricane Irma, Friday, Sept. 15, 2017, in Brunswick, Georgia. The ANT Jacksonville Beach crew is responsible for over 950 aids to navigation throughout northeastern Florida and southeastern Georgia. (U.S. Coast Guard photo courtesy of Aids to Navigation Team Jacksonville Beach)

The Department of Energy is coordinating with its partners to facilitate communications, provide situational awareness, and expedite restoration efforts. More than 60,000 personnel are activated from more than 250 investor-owned electric companies, public power utilities, and electric cooperatives from all corners of the United States and Canada, to support power restoration. Private sector partners estimate that power should be returned to 95 percent of customers by September 17. Restoration to severely damaged areas will take additional time.

For those in designated areas in Florida, Puerto Rico, and the U.S. Virgin Islands, registering online at www.DisasterAssistance.gov is the quickest way to register for federal assistance, including FEMA assistance.  If survivors do not have access to the internet, they may register by calling 1-800-621-FEMA (3362) or 1-800-462-7585 (TTY). If survivors use 711 relay or Video Relay Service (VRS), they should call 800-621-3362 directly.

a woman wearing a FEMA vest stands in front of a flooded home with a clipboard

FEMA disaster assistance teams go door to door in Florida after Irma.

FEMA received more than 413,000 registrations to date and has already approved $92.8 million for Hurricane Irma survivors. As it becomes safe for people to return to their homes, FEMA expects registration numbers to increase.

Federal Efforts Underway as of September 16, 2017   

  • The American Red Cross (ARC) is operationally focused on safety, shelter, food, which includes shelf-stable meals, and positioning personnel and supplies. More than 8,100 people were provided refuge from Hurricane Irma in more than 100 government and Red Cross evacuation centers across four states, Puerto Rico, and the U.S. Virgin Islands.  To date, the ARC served more than 380,000 meals and snacks. More than 3,000 Red Cross workers are responding to Irma now, with almost 350 more volunteers on the way.
  • The U.S. Army Corps of Engineers (USACE) currently have more than 350 personnel engaged and have received 35 FEMA Mission Assignments (MA). For Florida, USACE’s mission assignments include providing temporary power, temporary roofing, debris removal, and infrastructure assessment. For Puerto Rico and the U.S. Virgin Islands, USACE’s mission assignments include providing temporary power, temporary roofing, debris removal/technical assistance, infrastructure assessment, and a commodities management subject-matter expert.
  • The U.S. National Guard Bureau (NGB) is sending additional personnel to support law enforcement and security operations; they’re scheduled to arrive in the affected areas in the next four days. National Guard soldiers and airmen continue staffing critical points of distribution to deliver essential resources including food and water, and continue clearing debris to open roads in affected areas. The National Guard continues search and rescue efforts in the Keys, while route clearance, shelter operations, law enforcement support, communication restoration and essential resource distribution remain a priority as well.  The National Guard is augmenting civilian law enforcement in securing areas affected by Hurricane Irma and in helping citizens rebuild their communities.
  • U.S. Department of Energy (DOE) continues to work with its partners to ensure that fuel remains available in the areas impacted by Hurricanes Irma and Harvey. The fuel situation is stable, and DOE is working with its interagency and private sector partners to ensure that it remains available throughout the region. The Strategic Petroleum Reserve delivered 3.1 million barrels of crude, out of the 5.3 million authorized. A blog post about these efforts can be found here, and DOE continues to provide situational updates here.
  • The Federal Aviation Administration (FAA) is sending a large, mobile air traffic control tower to Key West to help increase the safety and number of operations at the damaged airport. The mobile tower is currently at Bradley Airport, Connecticut and will be en route soon to Key West, and operational mid-week.
  • U.S. Department of Health and Human Services (HHS) response coordinators are working with federal and U.S. Virgin Islands territory agencies to identify long-term solutions for health care in the U.S. Virgin Islands; the territory’s entire medical care system and public health system were hard hit by the storm. National Disaster Medical System and U.S. Public Health Service Commissioned Corps teams have seen more than 3,700 patients, including dialysis patients evacuated from the Caribbean islands to Puerto Rico, as well as at the St. Thomas hospital, Florida shelters, and two hospitals in the Florida Keys. The HHS continues to provide the Disaster Distress Helpline (1-800-985-5990), which remains open 24/7 for free help coping with the stress of the storm.
  • The Center for Disease Control and Prevention (CDC) continues to provide personnel to support the efforts in Florida and the U.S. Virgin Islands, and share information about carbon monoxide and generator safety: https://www.cdc.gov/disasters/co-materials.html. The agency is currently translating guidance material into more than ten languages for survivors.
  • The U.S. Coast Guard (USCG) is working with the U.S. Navy and the National Oceanic and Atmospheric Administration in Key West, Florida, to open the shipping channel from the sea buoy to the Mole Pier, to facilitate the safe movement of relief supply deliveries.  However, the port of Key West remains closed at this time. Since Sept. 12, sixteen (16) tank ships have been cleared to deliver their supplies of fuel to ports in Florida. Eight additional tank ships are expected to arrive in the coming days. Coast Guard National Strike Force crews are working with local, state and federal teams on 64 pollution cleanup responses across the storm-impacted areas.
  • The U.S. Department of Justice (DOJ) released a message from Attorney General Jeff Sessions to those impacted by Hurricanes Irma and Harvey. To view this release, click here or see the video. The NCDF Disaster Fraud Hotline is (866) 720-5721. The Bureau of Prisons is providing updates at www.bop.gov.
  • U.S. Environmental Protection Agency (EPA) continues to coordinate closely with local, state, tribal and federal partners, especially the Florida Department of Environmental Protection in response to Hurricane Irma. EPA deployed six National Priority List (NPL) Assessment Teams to Florida this week and over one third, and counting, of the NPL sites in Florida have been assessed. EPA is also exercising enforcement discretion for diesel fuel use by utility work vehicles and equipment.  Florida Governor Rick Scott issued a request that will go into effect immediately, and terminates when all diesel reserves have been used or by the end of the day on September 22, 2017, whichever comes first.
  • The U.S. Social Security Administration (SSA) is working with the United States Postal Service and the Department of Treasury regarding check payments to be delivered. Cycle 3 benefit payments will be delivered on September 20. They estimate approximately 5,700 checks will be issued in the areas affected by Irma. The SSA will continue to monitor the status of all check payments in affected areas.
  • The U.S. Postal Service (USPS) continues to restore all mail processing operations in the state of Florida, including the areas hardest hit. In the Florida Keys, delivery and retail operations have resumed today in Key Largo and Tavernier. All facilities in Puerto Rico are open except for one post office.

a photo collage of men holding the American flag

VATF1 and NYTF1 personnel w/ @forestservice force protection officers re-raised US flag above the old firehouse at Fort Christian. [U.S. Virgin Islands]

Sailors work with heavy equipment to remove debris from Naval Air Station Key West, Florida

Sailors work with heavy equipment to remove debris from Naval Air Station Key West, Florida, Sept. 15, 2017. Clean up efforts are in full swing across the Florida Keys after Hurricane Irma caused extensive damage across the state. (U.S. Coast Guard Petty Officer 2nd Class Dustin R. Williams) 


FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Follow FEMA online at www.fema.gov/blogwww.twitter.com/femawww.twitter.com/femaspoxwww.facebook.com/fema and www.youtube.com/fema.  Also, follow Administrator Brock Long’s activities at www.twitter.com/fema_brock

The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.

People who were affected by Hurricane Harvey and the subsequent floods and who live in the disaster-designated Texas counties should register for FEMA assistance even if they are covered by insurance or have registered with other agencies.

Under federal law, FEMA cannot duplicate insurance settlements or other benefits, but there are cases where insured survivors might still be eligible for FEMA help.

For example:

  • Your settlement was delayed longer than 30 days after you filed a claim.
  • The settlement does not fully cover all your losses and needs.
  • You exhausted the additional living expenses provided in your policy.
  • You cannot locate suitable rental resources in your community.

You should file your insurance claims, whether homeowner’s or flood or both, as soon as possible. And you have until Oct. 24 to register with FEMA for assistance. Here’s how:

  • Log onto DisasterAssistance.gov. Registering online is the quickest way to register for FEMA assistance.
  • Those without internet access can register by phone. Call 800-621-3362 (voice, 711 or video relay service) or 800-462-7585 (TTY). The toll-free lines remain open 6 a.m. to 10 p.m. local time seven days a week until further notice.
  • Via the FEMA app, available for Apple and Android mobile devices. To download, visit fema.gov/mobile-app.

Once you have registered, you have 12 months to let FEMA know if your insurance coverage was not enough and you want to be considered for help.

To apply for assistance, fax or mail a letter to FEMA explaining the circumstances:

FEMA Individuals and Households Program
National Processing Center
P.O. Box 10055
Hyattsville, MD 20702-8055
Fax: 800-827-8112

If you have registered with other organizations, you still need to register with FEMA if you want to be considered for FEMA assistance.

Homeowners, renters and businesses in Aransas, Bee, Brazoria, Calhoun, Chambers, Colorado, Fayette, Fort Bend, Galveston, Goliad, Hardin, Harris, Jackson, Jasper, Jefferson, Kleberg, Liberty, Matagorda, Montgomery,  Newton, Nueces, Orange, Polk, Sabine, San Jacinto, Refugio, San Patricio, Tyler, Victoria, Waller, Walker and Wharton counties may be eligible for help.

FEMA has authorized Critical Needs Assistance (CNA) for all designated counties in Texas for households with immediate or serious needs due to being displaced from their primary dwelling.

Critical needs are life-saving and life-sustaining items including, but not limited to: water, food, first aid, prescriptions, infant formula, diapers, consumable medical supplies, durable medical equipment, personal hygiene items and fuel for transportation.

To be eligible for CNA a survivor must:

  • Complete a registration with FEMA;
  • Verify identity;
  • Assert at the time of registration that they have critical needs and request financial assistance for those needs and expenses;
  • Have a pre-disaster primary residence located in a county designated for CNA; and
  • Be displaced from their pre-disaster primary residence as a result of the disaster.

CNA is currently available in the following counties: Austin, Aransas, Bastrop, Bee, Brazoria, Calhoun, Chambers, Colorado, DeWitt, Fayette, Fort Bend, Galveston, Goliad, Gonzales, Hardin, Harris, Jackson, Jasper, Jefferson, Karnes, Kleberg, Lavaca, Lee, Liberty, Matagorda, Montgomery, Newton, Nueces, Orange, Polk, Refugio, Sabine, San Jacinto, San Patricio, Tyler, Victoria, Walker, Waller, and Wharton.

Funds are delivered via direct deposit or paper check payable to the eligible applicant. Critical needs funding may take longer than usual due to the magnitude of this disaster. Once made, an eligibility determination is final.

Tuesday, 19 September 2017 18:51

FEMA Fact Sheet: Critical Needs Assistance

WASHINGTON—To support the ongoing disaster recovery, the Federal Emergency Management Agency’s (FEMA) National Flood Insurance Program (NFIP) is enhancing the flood insurance claims process, and extending the grace period for paying policy renewal premiums for insured survivors affected by Hurricane Irma.

Due to the wide-spread catastrophic damage caused by Hurricane Irma, FEMA implemented temporary changes to rush recovery money into the hands of NFIP policyholders, for repair and replacement of flood-damaged properties. FEMA also wants to ensure continuous flood insurance coverage for current NFIP policyholders affected by this storm, even if the renewed policy premium cannot be paid at this time. FEMA is directing all NFIP private insurance partners to:

  • Provide advance payments on flood claims, even before visits by an adjuster;
  • Increase the advance payment allowable for policyholders who provide photographs or video depicting flood  damage and expenses, or a contractor’s itemized estimate;
  • Waive use of the initial Proof of Loss (POL) form; and
  • Extend the grace period for payment of NFIP flood insurance policy renewal premiums to 120 days. This waiver applies to all NFIP policies, whether issued by the NFIP Servicing Agent or a Write Your Own Company, written for properties in areas in the U.S. Virgin Islands, Puerto Rico, and counties in Florida that have received a Major Disaster Declaration for Individual Assistance (IA) under the Stafford Act.

Advance Payments 

The NFIP is making it easier for policyholders to receive an advance payment for their flood claim to help them begin the process of recovery as quickly as possible. After filing a flood insurance claim, the policyholder can discuss advance payment with the insurer:

  • When a policyholder contacts his/her insurer and verifies his/her identity, he/she can receive an advance payment for up to $5,000 on a flood claim without an adjuster visit or additional documentation.  When the advance payment is issued, a letter is sent to the policyholder which explains that by accepting this payment the policyholder is certifying the damage.
  • Up to $20,000 may be advanced to a policyholder who provides photos and/or videos depicting damage, and receipts validating out-of-pocket expenses related to flood loss or a contractor’s itemized estimate. Policyholders with significant damage who have a contractor’s itemized estimate may be eligible for a larger advance payment and should discuss this with the adjuster.

Advance payments are deducted from a policyholder’s final claim settlement amount. Advance payments may only be used according to the terms of the policy. For example, if a policyholder has a building/structure flood insurance policy, the advance payment must be used to repair or rebuild the structure. Or if a policyholder has contents coverage, the advance payment must be used to repair or replace contents that were within the structure. Advance payments may not be used for temporary housing and living expenses.

If a policyholder’s property is mortgaged, the lender will also be named on the advance payment issued for a building/structure flood insurance policy. In this case, the policyholder and lender will both be required to sign the advance payment check. 

Proof of Loss Waiver

To expedite processing of NFIP claims for Hurricane Irma, the NFIP is waiving the requirement for a policyholder to submit an initial Proof of Loss (POL) document. Here’s how the expedited process will work:

  • After a policyholder files a claim, a time is set up for the adjuster to inspect the flood damaged property. The adjuster will document the damage and submit a report to the policyholder’s insurance company.
  • If additional damage is discovered or a policyholder does not agree with the payment amount, a policyholder can seek additional payment if the policy’s coverage limits have not been met. A POL will be required to seek a supplemental payment on the claim. If payment is issued based upon the adjuster’s initial report and an additional proof of loss is not submitted by the policyholder, the insurer will close the file.

If a policyholder decides to request an additional payment, which must be done by completing a POL, the policyholder will have one year from the date of filing the initial claim to submit the request to the insurance company. FEMA has informed all of its NFIP insurance partners about this process and how it will work.  NFIP policyholders are encouraged to work closely with an adjuster on this expedited process.

Grace Period Extension for Policy Renewals

To ensure that policyholders affected by Hurricane Irma can focus on recovery and continue to have flood insurance coverage, FEMA is extending the current 30-day grace period of continual flood insurance coverage to 120 days, for policies in Florida, Puerto Rico, and the U.S. Virgin Islands, that were set for renewal during the immediate response to Hurricane Irma.

Policies with an expiration date of August 7, 2017, through October 6, 2017, are eligible for the grace period extension.  Payment for those policies must be received within 120 days of the policy expiration.

The NFIP cannot pay a claim for a flood loss that occurs after a policy expiration date unless the policyholder’s insurance company receives the payment in full for renewal on or before the last day of the grace period. 

The grace period extension applies to NFIP policies covering properties in Puerto RicoU.S. Virgin Islands, and Florida counties designated under the Presidential Disaster Declaration. NFIP policyholders are encouraged to contact their insurance company and report a flood claim as soon as possible.  For any policy with a renewal date on or after October 7, 2017, the normal 30-day grace period will apply.


FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Follow FEMA online at www.fema.gov/blogwww.twitter.com/femawww.twitter.com/femaspoxwww.facebook.com/fema and www.youtube.com/fema.  Also, follow Administrator Brock Long’s activities at www.twitter.com/fema_brock

The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.

MIDLAND, Mich. — Michigan homeowners, landlords and business owners are reminded to check with local government building officials regarding permits before repairing or rebuilding a structure damaged by June storms and flooding.

Many building owners have already received disaster assistance grants, settled their insurance claims, or are preparing to dip into their savings to repair or rebuild their homes. Before beginning any work, state law requires you check with local officials to make sure that you have the proper permits. Repairs or rebuilding should not begin until issuance of appropriate permits.

Local governments keep track of construction activity in their areas. City inspectors make sure that the buildings being repaired or constructed meet the minimum requirements of the state building code, thereby providing safe buildings in their community.

Community building officials require you to meet current building code standards. If a home or business is located in a Special Flood Hazard Area - the 100 year flood plain - there are local ordinances that will affect how dwellings are repaired, renovated, or reconstructed. A community must enforce these regulations so that federally-backed flood insurance and most forms of disaster assistance continue to be available to local residents and property owners.

Upon final inspection of the completed project, a Certificate of Occupancy is issued to the project’s owner. At this point the building or structure is available to be used or occupied by the public.  Be sure to keep receipts for materials used or contracted work.

Once the job is complete, the insurance company will inspect the property to verify work that was done. Permits that were issued will prove the work was done by an accredited contractor.


FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

English: https://www.fema.gov/disaster/4326

Spanish: https://www.fema.gov/es/disaster/4326


All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD).

While natural disasters have the unique ability to unify people, it is important to stay cognizant of scams and fraud that follow.

PropertyCasualty360 addressed potential scams in this article, noting that hurricane relief fraudsters are some of the first to appear after a storm. One way to avoid scams is to donate strictly to well-known reputable organizations such as the Red Cross or Direct Relief.  The Insurance Industry Charitable Foundation has a Hurricane Harvey disaster relief fund as well.

Affected homeowners should be wary of who they let into their home for repairs. Regulators in Florida are warning consumers not to sign Assignment of Benefits (AOB) forms to get repair work started.



Thursday, 21 September 2017 18:45


It’s easy to assume that data loss will never happen to your business. 

You’re not on the Fortune 500, so who’d want your data? And you’re not in the path of major natural disasters, so what’s the big deal? 

As far as you’re concerned, nothing is getting between you and your data — because why would it? 

Unfortunately, though, hackers and Mother Nature aren’t the only threats to your data. In fact, those are — by far — the least of your worries, and here are just a few of the reasons why.



Sunday, 17 September 2017 18:44

The top 5 leading causes of data loss

The issue of causation, especially when there may be multiple causes of loss, can be a tricky one for both insureds and insurers. It comes down to what caused the loss – and in what order.

Take the example of a major catastrophe, like a hurricane, where there may be property claims arising from both wind and water. Determining the cause of loss is key to determining whether there is coverage under the terms of an insurance policy because there are two policies in play, one for wind damage and one for flood damage.

Some jurisdictions subscribe to the “efficient proximate cause doctrine” while others subscribe to the “concurrent causation doctrine”.

What’s that?



Wednesday, 20 September 2017 18:43


Given modern technology demands, any form of downtime now presents problems for ongoing revenue generation. This places additional pressure on business leaders and IT departments in proving their IT disaster recovery (DR) plan’s effectiveness. In many industries, sensitive information has become increasingly regulated due to the importance in maintaining constant availability. For this reason, securing proper documentation to verify recoverability a priority.

Trouble is, not every DR solution is equal. In some scenarios, IT teams and third-party providers will take shortcuts in IT resiliency, which does nothing to truly protect technology operations. For this reason, Disaster Recovery-as-a-Service (DRaaS) has emerged as a viable option for reliable business continuity.



Sunday, 17 September 2017 18:41

Proving IT Disaster Recovery to Constituents

As a business continuity manager, you are likely to be involved in getting your colleagues to take business continuity seriously and ensure that their own departments will continue to function even in adverse conditions.

Those names in a list might make a group of people to work with, but that doesn’t necessarily mean collaboration is part of the package.

If collaboration is missing, then so the “act of working together to produce or create something” will be missing too.

Which could all too easily mean one department “ticking the box” for business continuity for itself, yet neglecting to plan to give vital support to others.



You may have noticed that it isn’t 2009 anymore, and the factors that define different cloud providers are more difficult to spot than they used to be.

All offer basic computing, networking and storage options.

They all also have derivative services like load balancers, databases, and queuing that allow them to sell more computing, networking and storage at a premium – and common application components you no longer have to manage.

All even have next-wave functionality built around IoT, voice-to-text (and back), AI and serverless computing.

With all that common core technology, how do you differentiate among them?



Monday, 18 September 2017 18:38

Factors That Define Different Cloud Providers

WASHINGTON – The Department of Homeland Security’s (DHS) Federal Emergency Management Agency (FEMA) is raising awareness that Hurricane Irma disaster survivors, and their friends and family, should be alert for false rumors, scams, identity theft, and fraud. Although many Americans are working hard to help their neighbors now, during chaotic times, some will always try to take advantage of the most vulnerable.

To dispel some of the false rumors circulating on the internet and social media, FEMA has a dedicated website to address some of the most common themes. Remember, if it sounds too good to be true, it probably is. Visit FEMA's Hurricane Rumor Control page to get the most accurate information from trusted sources.

Here are a few guidelines to protect yourself, or someone you care about, from disaster fraud:

Hurricane survivors are also encouraged to notify local authorities to cases of lawlessness or violence, especially in hurricane shelters. In an emergency, call 9-1-1. For other cases:

  • In Florida, report suspicious/criminal activity to 1-855-352-7233.
  • In Puerto Rico, report suspicious/criminal activity to the Puerto Rico Police by calling 787-343-2020, or by calling your local FBI office at 787-754-6000.
  • In the U.S. Virgin Islands, report suspicious/criminal activity to:
    • St. Thomas - 519-631-1224
    • St. John - 340-693-8880
    • St. Croix - 340-778-4950


FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Follow FEMA online at www.fema.gov/blogwww.twitter.com/femawww.twitter.com/femaspoxwww.facebook.com/fema and www.youtube.com/fema.  Also, follow Administrator Brock Long’s activities at www.twitter.com/fema_brock

The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.

t seems clear that business architecture, as a discipline, is rapidly growing worldwide. Cutter Consortium’s business architecture experts William Ulrich and Whynde Kuehn are seeing the sophistication of how people are using business architecture expanding. They’re witnessing an escalation in both the depth and quality of how people are using business architecture and a shift in focus from how to just build a business architecture practice to how to strategically leverage business architecture to transform the business and launch it forward. Organizations are realizing that business architecture is a critical for translating strategy into execution for large scopes. Business architecture is the bridge between business direction and a coordinated set of downstream actions for business and IT required to make it real.



Our Communications department has received questions from Canadian news outlets on behalf of Canadian citizens who own homes in areas affected by either Hurricane Harvey or Irma. Here are some of their questions and the answers we found.  Of course, the answers below also apply to other non-citizens who own property in the U.S.

Q: Can Canadians qualify for a Federal Emergency Management Agency (FEMA) grant?

A:  It depends. To be eligible for assistance from FEMA, at least one person in the household must be a U.S. citizen, Qualified Alien or noncitizen national with a U.S. Social Security number.



Wednesday, 20 September 2017 18:34


What Technology Are You Using?

What system do you use to send mass messaging to your employees? If you’re like most organizations, you probably use email. According to The Internal Communication and Technology Survey of 500 respondents from SMB to global enterprises, 68 percent communicate via email with at least 80 percent of their employees, mostly for events, pulse surveys, leadership communications, employee newsletters, change communications, and HR/rewards/pension communications. Many also utilize their company intranet site, often sending an email to direct employees to the intranet site.

While these technologies can be effective, they also have plenty of drawbacks. The survey  lends us some insight into the types of challenges internal communication leaders face with email:



Sunday, 17 September 2017 18:32


The prevailing wisdom is that if you back up your data you can recover from a ransomware attack. While this premise generally holds true, simply backing up your data no longer provides an absolute guarantee that you can recover from a ransomware attack. Here are three techniques that ransomware may use to circumvent existing backups and make your “good” backups bad.

Ransomware hackers attack corporate data by infiltrating and/or bypassing corporate firewalls with viruses that encrypt corporate data. Once encrypted, they then charge a fee for the key or keys to decrypt it. Fail to pay and corporate data may become unrecoverable.

To recover from ransomware attacks, organizations have one of two choices. Pay the fee (or ransom) or take steps to recover from an existing backup. In circumstances where an organization does not have a reliable backup and needs to recover, it has little choice but to pay the ransom and hope that the key supplied by the attacker enables them to recover. The best case scenario is that the organization has a good backup and can recover without having to pay any ransom.



In recent months and years, many have come to question VMware’s commitment to public clouds and containers used by enterprise data centers (EDCs). No one disputes that VMware has a solid footprint in EDCs and that it is in no immediate danger of being displaced. However, many have wondered how or if it will engage with public cloud providers such as Amazon as well as how it would address threats posed by Docker.

Public cloud offerings such as are available from Amazon and container technologies such as what Docker offers have captured the fancy of enterprise organizations and for good reasons. Public clouds provide an ideal means for organizations of all size to practically create hybrid private-public clouds for disaster recovery and failover. Similarly, container technologies expedite and simplify application testing and development as well as provide organizations new options to deploy applications into production with even fewer resources and overhead than what virtual machines require.

However, the rapid adoption and growth of these two technologies in the last few years among enterprises had left VMware somewhat on the outside looking in. While VMware had its own public cloud offering, vCloud Air, it did not compete very well with the likes of Amazon Web Services (AWS) and Microsoft Azure as vCloud Air was primarily a virtualization platform. This feature gap probably led to VMware’s decision to create a strategic alliance with Amazon in October 2016 to run its vSphere-based cloud services on AWS and its subsequent decision in May 2017 to divest itself of vCloud Air altogether and sell it to OVH.



With the two recent hurricanes that have devastated the Gulf states area, especially Texas and Florida, at MHA we add our thoughts and prayers to those who are displaced and experiencing loss as a result.

When water, wind, and rain become overwhelming, it illustrates exactly how fragile the works of man – including businesses – truly are. Many businesses impacted by natural disasters are small and only carry minimum – or not enough – insurance to cover property damage and business interruption. Due to this and many other factors, small businesses have a challenging time recovering from natural disasters such as hurricanes.

Because of the long-lasting and sometimes terminal effect major natural disasters like hurricanes can have on businesses, this guide is intended to assist small business owners in planning and preparing for the recovery phase of natural disasters, and for use if their business is damaged during an event. By breaking the process down into simple steps, we hope we can relieve some of the stress and uncertainty. It is important that these steps and preparations be in place before the event occurs or is bearing down.



As Texans begin to recover from Hurricane Harvey and Floridians survey the destruction from Irma, the question looms: How do major urban centers and small communities rebuild after a catastrophic natural disaster?

To recover from a such a disaster requires a massive coordinated effort. Federal, state and local governments must lead. Philanthropy, nonprofits and the private sector will be key partners. Residents will voice their views, through community planning meetings and other venues, on how best to spend disaster-recovery dollars. With so many stakeholders and rebuilding needs, the process of restoring neighborhoods and economic activity will become emotionally and politically charged. As Brock Long, administrator of the Federal Emergency Management Agency, has already warned in Texas: "This is going to be a frustrating and painful process."

For public officials to effectively steer a recovery process and for citizens to trust in the effort, reliable, transparent information will be essential. Leaders and the public need a shared understanding of the scale and extent of the damage and which households, businesses and neighborhoods have been affected. This is not a one-time effort. Data must be collected and issued regularly over months and years to match the duration of the rebuilding effort.



What Technology Are You Using?

What system do you use to send mass messaging to your employees? If you’re like most organizations, you probably use email. According to The Internal Communication and Technology Survey of 500 respondents from SMB to global enterprises, 68 percent communicate via email with at least 80 percent of their employees, mostly for events, pulse surveys, leadership communications, employee newsletters, change communications, and HR/rewards/pension communications. Many also utilize their company intranet site, often sending an email to direct employees to the intranet site.

While these technologies can be effective, they also have plenty of drawbacks. The survey  lends us some insight into the types of challenges internal communication leaders face with email:



Wednesday, 13 September 2017 14:59

5 Signs You Need a Mass Notification System

An Effective Business Continuity Program can Enhance Your Emergency Management Capabilities and Drive Higher Levels of Preparedness Across the Organization

Many organizations that we encounter have an obligation to support the community in time of crisis, including hospitals and utilities, for example. These organizations place a heavy emphasis on emergency management, and in recent years, we’ve seen increased implementation of the standardized Incident Command System (ICS) framework, or in the case of hospitals, the Hospital Incident Command System (HICS). There are many benefits to adopting ICS or HICS, but, most importantly, it allows organizations (both government and non-government) to operate and collaborate more effectively during emergencies. Common terms, roles, and responsibilities remove barriers to cooperation, ultimately benefiting the community.

When a community is impacted by a natural or manmade crisis, we are all better off thanks to ICS and HICS. However, many organizations are discovering that these systems may fall short when it comes to an incident that does not directly impact the communities in which they operate. While placing a heavy focus on emergency management is great (and many organizations are already mature in this space), it may not prepare an organization for unplanned resource interruptions, such as IT downtime or an unexpected facility closure. So how can an organization ensure the performance of social or community responsibilities, while protecting its own operations in the event of a more isolated disruption? Enter business continuity.



Page 1 of 2