Spring World 2017

Conference & Exhibit

Attend The #1 BC/DR Event!

Spring Journal

Volume 30, Issue 1

Full Contents Now Available!

Industry Hot News

Industry Hot News (7039)

Thursday, 11 February 2016 00:00

Dealing with the Complexity of Cloud Storage

Storage has long been the main draw of the cloud, both for consumer and professional enterprise users. But there is a big difference between bulk storage and the kinds of advanced architectures required of complex data environments. So the question many organizations face these days is not whether to store data in the cloud, but how.

By all indications, the public cloud will continue to gain more of the storage load as enterprises look to cut costs and provide greater access for both traditional workloads and emerging Big Data and mobile-facing applications. According to 451 Research, spending on public cloud storage is on pace to double by 2017, from just 8 percent of the total spend today to more than 17 percent. This will come at the expense of traditional, on-premise infrastructure, which will decline from 70 percent of the total to about 58 percent.  This is still the majority of storage budgets worldwide, but the trend lines are clear: more data heading to the cloud and less to the local storage array.

But simply using the cloud as a giant storage farm fails to capitalize on its true potential – kind of like driving a Ferrari to the local supermarket each week. The cloud is at its best when coupled with advanced capabilities like Storage as a Service (STaaS), which enables everything from remote access to full disaster recovery. Technavio has the STaaS market gaining at an annual rate of nearly 38 percent for the rest of the decade as top enterprises look to reduce costs and gain the kind of flexibility and reliability that can make or break critical business functions going forward.



Combined heat and power (CHP), also known as cogeneration, is the simultaneous production of heat and electric power from the same source of fuel. From data centers to universities, interest in CHP systems as sustainable standby power supply is rising.

Historically, CHP was reserved for very large installations. For example, waste heat from a coal-fired power plant could be used for greenhouses or large apartment complexes. Today, significantly smaller facilities, such as hospitals, hotels, commercial buildings, and some data centers are reaping the benefits of utilizing heat that would otherwise be wasted from the production of electricity. Because CHP systems require less fuel than separate heat and power systems, a reduction in operating cost, despite rising energy cost, is guaranteed. Over the long term, CHP can significantly reduce energy expenditures that can be applied to the bottom line—as long as there is a simultaneous need for electric power and heating (or cooling) for most of the year.



Thursday, 11 February 2016 00:00

Zika Virus Comes to Ohio by Way of Haiti

(TNS) - Two Northeast Ohio residents who visited Haiti on unrelated trips brought home the same unwanted souvenir in January: Zika virus.

State health officials Tuesday said a 30-year-old Cuyahoga County woman and a 21-year-old Stark County man have the first confirmed cases of Zika in Ohio. They did not disclose the names of the woman or man, but said their contraction of Zika is not related.

The woman’s symptoms appeared at the end of January, the man’s occurred earlier in that month, officials said.



Thursday, 11 February 2016 00:00

Don’t Look Now … But Your Skype is Showing

Skype for Business is growing at a trajectory few solutions have seen before and bringing with it massive gains in efficiency and productivity.

But these gains, as you may have read in Part 1 of this blog series, bring with them new concerns for security and data protection.

Now, there are several ways you can approach security with Skype for Business. The “Tools – Options” tab has a subset of about 15 categories, each with options that can be enabled or disabled, changing the security level within Skype.



The modern data center has evolved into an engine that drives the entire business, and the pressure to maintain uptime is greater than ever. Since companies rely more and more on their data centers, are there better, more resilient mission critical support systems?

At Data Center World this March, Justin Jurek, regional sales manager at Pillar USA, will talk about the applicability of microgrids in the mission critical market and an elegant approach to microgrid systems that has been adopted by multiple end users.

Remember, we’re seeing an evolution taking place in the business and in the data center. Market strategies are now built around the capabilities of your facility. Changes around governance, uptime classification, and even weather patterns are all impacting facility uptime:



What should a managed service provider include in a disaster recovery (DR) checklist?

How an MSP protects its customers' sensitive data as well as its own remains paramount for service providers of all sizes. 

Ellen Rubin, CEO of network storage provider ClearSky Data, told MSPmentor she believes DR planning for MSPs requires "complex preparation and flawless execution."



Wednesday, 10 February 2016 00:00

CDC: Preparedness Love for Valentine’s Day

conversation hearts

Whether it’s your sweetheart, your children, or your favorite furry friend, Valentine’s Day is a great time to show that someone special that you care! This Valentine’s Day, remind your loved ones to be ready for emergencies. Nothing says I love you quite like “I have made you my emergency contact person.”  Even Sheldon Cooper agrees that emergency contact information is quite the romantic notion.

Both the Centers for Disease Control and Prevention and the American Public Health Association have humorous, love-themed preparedness e-Cards you can share. It’s Valentine’s Day, so the cheesier the better, right?

If you’re struggling with what to give your Valentine, check out this video from the Office of Emergency Management in Fairfax County, Virginia. They offer Sweet Emergency Preparedness Valentine’s Day Gift Ideas.

While an emergency kit may not be the first thing that springs to mind when you’re thinking flowers and boxes of chocolates, it could end up being the most important gift you give your loved ones this year.  Most of us would love to be a little more prepared but don’t know where to start. Gift loved ones with a starter emergency kit for the home or the road, and don’t forget to include your kids and pets in your emergency planning!

The Starter Kit

To get started, pack a few items in a small plastic storage container or water-proof bags that can be stored easily. You can include:

  • First aid kit (You can get a pre-made kit at most of your local drug stores or pharmacies)
  • Flashlight and extra batteries
  • Portable phone charger (also sometimes known as a portable battery. This charger should be rechargeable and have the ability to charge a phone without being plugged into a power source)
  • Manual can openers (and a reminder that every emergency kit should include a three-day supply of food and water)

Most of us spend a lot of time in our cars. Consider putting together a kit of emergency supplies that your loved one can keep in their car. Plan your gift based on local hazards. If you live in an area that gets significant amounts of snow, you may consider including a windshield scraper, extra hats, coats, mittens, and blankets. For any emergency, your car kit include these basic items:

  • Basic tool kit with pliers, a wrench, and screwdriver
  • Jumper cables (you may consider purchasing a “roadside emergency kit” from your local auto shop that also includes reflective triangle markers, gloves, and a flashlight)
  • First aid kit
  • Cellphone charger (either a car charger or rechargeable portable charger)

Emergency Prep for Kids

Girl cutting out paper heart, selective focus

Your kids are probably going to surprise you with a sweet Valentine’s card or even a decorated shoebox, so return the favor! Get kids excited and interested in emergency preparedness with CDC’s Ready Wrigley activity books. You can print coloring books for disasters including, extreme heat, tornadoes, hurricanes, earthquakes, and winter weather.  Help kids check-off items on Ready Wrigley’s emergency kit list with some of the following items:

  • Flashlight and extra batteries
  • A battery-powered or crank weather radio
  • Small and portable games or activities that can entertain kids if they have to shelter in place or evacuate to a shelter. (Small board games, playing cards, books, or stuffed animals are good items to consider).Your pets provide unconditional love year-round, so don’t leave them out of your emergency plans! Even though they may never know what you’ve done for them, you can pull together a few items for your pet in case of an emergency. Think about how to transport your pet safely – a crate or harness, perhaps – and also think about their comfort in a scary situation by keeping a few toys and a pet bed in case you are forced to evacuate.
  • All of these emergency packages are great gifts to help friends, family, or yourself start an emergency kit. Check out CDC’s Emergency Preparedness and You page for more tips on how to be prepared for any emergency.

Pets and Pet Lovers

Dog with Valentines day look

Your pets provide unconditional love year-round, so don’t leave them out of your emergency plans! Even though they may never know what you’ve done for them, you can pull together a few items for your pet in case of an emergency. Think about how to transport your pet safely – a crate or harness, perhaps – and also think about their comfort in a scary situation by keeping a few toys and a pet bed in case you are forced to evacuate.

All of these emergency packages are great gifts to help friends, family, or yourself start an emergency kit. Check out CDC’s Emergency Preparedness and You page for more tips on how to be prepared for any emergency.

Happy Valentine’s Day!

Following is a summary of key federal disaster aid programs that can be made available as needed and warranted under President Obama's disaster declaration issued for the State of Texas.

Assistance for the State and Affected Local Governments Can Include as Required:

  • Payment of not less than 75 percent of the eligible costs for debris removal and emergency protective measures taken to save lives and protect property and public health.  Emergency protective measures assistance is available to state and eligible local governments on a cost-sharing basis (Source: FEMA funded, state administered.)
  • Payment of not less than 75 percent of the eligible costs for repairing or replacing damaged public facilities, such as roads, bridges, utilities, buildings, schools, recreational areas, and similar publicly owned property, as well as certain private non-profit organizations engaged in community service activities. (Source: FEMA funded, state administered.)
  • Payment of not more than 75 percent of the approved costs for hazard mitigation projects undertaken by state and local governments to prevent or reduce long-term risk to life and property from natural or technological disasters.  (Source: FEMA funded, state administered.)

How to Apply for Assistance:

  • Application procedures for state and local governments will be explained at a series of federal/state applicant briefings with locations to be announced in the affected area by recovery officials. Approved public repair projects are paid through the state from funding provided by FEMA and other participating federal agencies.

FEMA’s mission is to support our citizens and first responders and ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Stay informed of FEMA’s activities online: videos and podcasts available at http://www.fema.gov/medialibrary">www.fema.gov/medialibrary and http://www.youtube.com/fema">www.youtube.com/fema; follow us on Twitter at www.twitter.com/fema and on Facebook at www.facebook.com/fema.

State/Tribal Government or Region: 
Wednesday, 10 February 2016 00:00

Embrace, Don’t Fight, Digital Transformation

By now, the phrase “digital transformation” has made its way into the c-suite conversations at most enterprises. The idea is that emerging digital infrastructure, apps, services and other advancements will produce changes not only to the technical aspects of modern commerce but the processes, business models and even the very markets that drive economic activity.

According to IDC, spending on technologies aimed at producing digital transformation (DX) will top $2 billion by 2019, providing a healthy 16.8 percent annual growth rate between now and then. The aim is not only to adapt but to drive the kinds of disruptive change that will tear down old economies and build new ones.

Most savvy observers are already keenly aware of how Uber is disrupting not only the taxi industry but the entire automobile industry with nothing more than a mobile app, so the current thinking is that it’s better to remake your own business before someone does it for you. IDC’s take is that more than half of the DX spend will go toward redefining the business process by forging tighter links between products, services, digital assets and people.



(TNS) - On March 1, the Nixle alert system to which thousands of area residents, along with schools and businesses, subscribe, will disappear.

It will be replaced by Smart911, a service that allows users to create a “safety profile” for their homes that provides 911 dispatchers information that can be critical in an emergency. The service works on land lines and cellphones.

Through the service, fire departments can know how many people live in a home, and where the home’s bedrooms are located, Sheriff Mike Nielsen said in a news release. Emergency medical personnel can know of a patient’s allergies or specific medical conditions. Photos of missing children or adults will be available in seconds, rather than minutes or hours. Responders can also be told of people who need help exiting a home or who rely on power for medical equipment.



(TNS) - There is a chronic shortage of municipal officials temporarily dispatched to help with administrative services in regions affected by the Great East Japan Earthquake - about 200 government workers are needed in these areas, according to the Internal Affairs and Communications Ministry, but local governments cannot afford to send them.

Nearly five years have passed since the disaster on March 11, 2011, and restoration projects are in full swing. More support staff are needed, but municipalities that are asked to dispatch their officials also suffer from personnel distribution problems due to staff reductions and other reasons. As a result, they cannot meet the demands of local governments in disaster-hit regions.

In January, Internal Affairs and Communications Minister Sanae Takaichi asked municipalities nationwide to dispatch their workers, sending them a statement calling for cooperation.



If you work around data centers every day, things like exponential growth of data, hybrid cloud, and the growth in outsourcing to third-party data center operators are old news.

But the large publicly traded Real Estate Investment Trusts that own and operate big fleets of wholesale and retail data centers are just beginning to develop a broader audience on Wall Street.

Back in October 2013, San Francisco-based data center REIT Digital Realty Trust (DLR) was a trail blazer when it entered into an 80/20 joint venture valued at $366 million, or $346 per square foot, with a Prudential Financial real estate fund. PREI senior portfolio manager Cathy Marcus said at the time, “The long lease terms and contractual rental rate increases on these Powered Base Building data centers provide a stable income stream…”



Wednesday, 10 February 2016 00:00

Education IT: Hot Tech Trends To Watch

Cloud, big data, and security are all big factors in education IT this year. At the same time, there is a cultural shift taking place not only among the student body, but within the demographics of the IT departments themselves.

Education is all about looking into the future -- at least in preparing young people to create a new and better world. Whether the educational system enlightens grade school kids or university students, the knowledge imparted needs to encompass technology -- both its use and the resources it provides. As a result, educational IT departments have challenges that don't precisely match those in typical enterprise computing departments.

One notable difference between corporate IT and educational IT in the public school systems is that technology budgets for education are constrained by factors outside the typical decision-making processes of "the business." As with government IT, the public school bills are paid by taxpayers who'd prefer the money stayed in their own pockets. Public schools have to "make do" all over, but the rapid pace of technological change underscores how quickly educational institutions can fall behind in process, as well as in geeky tools.



Cybersecurity challenges facing the nation were the topic of much discussion on the morning of Monday, Feb. 8, following the dedication of the new and expanded 60,000 square-foot National Cybersecurity Center of Excellence (NCCoE) facility in Maryland that is working to accelerate the development and use of secure, standards-based technology in the private sector.

During dedication remarks, attended by state and federal leaders and private-sector officials, Sen. Barbara Mikulski (D-Maryland) said the center would play a vital role in providing the foundation for improved cybersecurity standing in the United States.

“There is no part of our economy that does not face cyber threats; whether it’s the government that has been hacked or the private sector, big or small,” she said. “We’ve got to be able to protect ourselves.”



I spend most of my time looking at how individuals access data, information, and knowledge in ways that allow them to make better decisions and to enjoy themselves. With that in mind, here are a few thoughts about some trends that I think will push demands on corporate IT departments and the IT industry broadly: wearables, machine intelligence, and data visualization.



Wednesday, 10 February 2016 00:00

Agile in 2016: Party out of Bounds

For Agilists, 2016 will be a celebratory year. Not only has Agile enjoyed mainstream status for several years now, its success has allowed Agile to become a laboratory for other innovations, from new techniques for ­customer insights to delivery of software as fast as you can produce it.

When you join a party where everyone is having the best time imaginable, the last thing on your mind is how annoyed the people next door are, and how happy the people paying for it are. Those are two major considerations for Agile in 2016, which will appear as the not-too-subtle subtext for several ongoing developments.



Wednesday, 10 February 2016 00:00

HIPAA Compliance Can Increase Revenue

If you are a managed service provider (MSP) and you are not helping your clients learn about and comply with HIPAA, you may be missing out on a very profitable trend. Recently, many MSP’s have been using HIPAA assessments to gain business and engage their prospects more efficiently and thoroughly. The fact is, many of the companies you work with may want to comply with HIPAA yet have no real idea how to go about doing it. That’s where you can be an invaluable assistant. If you are interested in making this trend work for you and your patients, read on.

Let’s say, for example, that one of your clients is a data center that handles electronic Protected Health Information (ePHI) for thousands of patients. EPHI is private patient-related information that is created, stored and often shared by and among healthcare professionals. Recent data breaches affecting retail, governmental and healthcare agencies have reinforced the importance of keeping all information about a person’s medical history, diagnosis, prognosis, medications and correspondence among physicians confidential. HIPAA’s security rule focuses on safeguarding the confidentiality, availability and integrity of this sensitive patient information. In light of the 2013 Omnibus rule, it is especially important that you, as a MSP, do all you can to tutor data centers such as this in obeying all aspects of HIPAA.



Wednesday, 10 February 2016 00:00

FEMA: Disaster Recovery Progress at Pine Ridge

PINE RIDGE, S.D. – Recovery efforts continue in the aftermath of severe storms and flooding that struck the Pine Ridge Indian Reservation last spring.  In the six months since President Obama’s disaster declaration, hundreds of households have received assistance funds and FEMA and the Oglala Sioux Tribe have engaged in the largest housing effort in the tribe’s history.  To support this effort, FEMA has established offices on the reservation, as well as in Hot Springs and Rapid City.

To address the severe housing need on the reservation following the disaster, FEMA initiated a program used for the first time in the continental United States.  Under the effort, more than 300 households have been identified as eligible for either repairs to their damaged home, or replacement with a new manufactured home. As of Feb. 5, 40 new homes have been provided on the reservation, and another 10 homes have been repaired. The program will continue until an expected completion date in mid-summer.  The manufactured homes are being staged at Ellsworth Air Force Base prior to their final delivery to the reservation.

In addition to the housing construction program, FEMA has provided more than $380,000 in financial aid to tribal members.  Of that, more than $170,000 was for home repairs and $210,000 was for personal property and other emergency needs.  The U.S. Small Business Administration (SBA) has approved $943,000 in low-interest loans to 58 tribal residents and businesses.

A federal interagency disaster recovery coordination team is also partnering with the OST Government to support longer term Tribal priorities such as improving housing and roads, enhancing self-governance capacity, and reducing home and business energy bills.  In addition to FEMA and the Tribal Departments, federal agencies involved in this effort include the Department of Housing and Urban Development (HUD), the Department of Agriculture Rural Development, the U.S. Army Corps of Engineers, the National Renewable Energy Laboratory, and the Federal Highways Administration Tribal Transportation Program.

HUD and Oglala Lakota Sioux Housing are co-leading a Tribal Housing Task Force to support the “One Nation One Number” initiative that will assess housing conditions and housing needs on the Pine Ridge Reservation. The OST Department of Transportation is co-leading a Tribal Roads Task Force with the US Army Corps of Engineers to perform similar assessments and recommend solutions for addressing issues related to Tribal roads.

State/Tribal Government or Region: 

With the rise of in-memory computing it turns out that eight-socket x86 servers are now one of the fastest growing classes of infrastructure technologies in the data center. Big Data analytics applications that need to be processed in real time in particular lend themselves well to eight-socket servers that allow applications to more economically scale up.

With that in mind Hewlett-Packard Enterprise today unveiled a new eight-socket x86 server based on Intel Xeon E7-8800 v3 series processors. Dubbed the HPE Integrity MC990 X Server, it can be configured with up to 6TB of memory. The HPE Integrity MC990 X Server makes all that memory addressable using SGI interconnect technology that HPE has licensed to provide a coherent shared memory architecture that makes it possible for as many as 144 processors in the system to access memory directly.



Tuesday, 09 February 2016 00:00

Data Privacy in the Post Safe Harbor Era

Since the invalidation of the Safe Harbor agreement in October—the agreement that allowed the transfer of data to and from the European Union to the U.S. under EU privacy laws—governments, organizations and individuals have been waiting to hear about the potential alternative framework. This week, U.S. and European officials have jointly agreed to a new framework dubbed the EU-U.S. Privacy Shield.

The challenge has been whether the U.S. and EU officials can come up with a comprehensive agreement that both parties will be happy with. That’s why it’s taken almost two years to get to where we are today and why it might have taken longer, had the European high court not struck down the original Safe Harbor agreement late last year.

The good news is that we are finally receiving direction after being left in limbo for several months now. This week’s data pact deal was a significant milestone in the negotiations; though there are still some hurdles to overcome, it’s a start down a meaningful path.



Films like Star Wars, Mission Impossible or Matrix, to mention the most famous, have always showed us scenes where personal identification, especially to access reserved areas, is verified by means of voice or some other physical traits. Science fiction? Not always.

Biometric identification, this is its name, is a computer-controlled analysis that identifies an individual by measuring some biological traits scanned by sensors and by matching them with the data stored in a database.

Historically, biometric identification dates back to 1870 when a Frenchman, Alphonse Bertillon, started to use it in a Paris prison for registering and identifying all detainees. Today, biometrics is strongly increasing and the integration of biometric technologies in mobile devices is helping this sector significantly. According to a study by Acuity Market Intelligence, mobile biometric systems’ turnover will reach in 2020 33.3 billion USD, with 4.76 billion of mobile devices enabled to biometric detections. This technology is now used to control physical and logical access and, since 9/11 2001, has been increasingly used also in police checks (e.g. airports).



Launch of a new Business Continuity Institute India Chapter

The Business Continuity Institute is delighted to announce that the board has just approved the formation of a new BCI India Chapter which becomes the 10th BCI chapter worldwide. The formation of this chapter builds on the work of the existing Indian BCI forums in Chennai, Mumbai, Bangalore and New Delhi, and will create new opportunities to raise the awareness of business continuity and resilience in the region.

The chapter informally has been working over the last year towards setting up existing forums and hosting knowledge sharing sessions. Now they have exciting plans for this year and the future, with a series of professional development and networking events, webinars, annual conference and an awareness raising programme around the importance of BCI certification for aspiring professionals.

R Vaidhyanathan (popularly known as RV) MBCI, President of the new BCI India Chapter, commented: “There can be no better time for the formal launch of the BCI India Chapter as the importance of BCM and visibility has been increasing since the recent Deluge in Chennai. We have been working hard to setup this chapter since late 2014 and now we are there. This is an exciting development and a step forward in the maturity of the BCM and BCI in India. I am delighted that the BCI is showing this commitment to the region which will allow us to really enhance the level of importance of BCM while sensitizing the leadership of organizations in different domains through various BCI activities in India. This will help in growing the number of BCI members who take their professional development seriously, thereby raising the standards of business continuity management and resilience in India. It may not be complete if I don't thank David West of the BCI, who has been with us to extend his support right through the journey and Vaidy Chandramouli AMBCI, Secretary of the BCI Chennai Forum, now the Secretary of the BCI India Chapter, for doing all the leg work and coordination.

BCI Membership Support Manager, David West CBCI, said: “This is a fantastic achievement by the BCI volunteers based in India and will really help to boost the BCI’s profile and the importance of BCM in the country. I am really looking forward to working with the chapter and helping to increase the level of support available to business continuity professionals in India.

Chief compliance officers and senior executives wrestle with strategies to spread and embed important compliance messages. A CEO and senior executives can spread a compliance message but they are always battling competing priorities in the overall direction and operation of the company. Nonetheless, we all have seen senior managers who are dedicated to promoting a compliance program, particularly in these days of aggressive enforcement.

CCOs have to be realistic and have to develop their own “ground” game (I know a political term in this political season). The best way to bring the compliance message out and embed it in a company is to work with middle managers to spread the compliance message. A CCO would be well advised to spend time on this important issue.

First, the CCO has to develop a target list of middle managers keyed to risk areas. For example, a manager of a sales force in Asia or China specifically is a prime target for enlisting in the compliance program messaging effort. The targeted middle managers should reflect key areas of risk such as sales/marketing, business development, procurement, vendor onboarding, and invoice review, approval and payment.



On a weekly basis, I get asked, “Should we continue with or expand our corporate data center, or should we move to a colocation facility or move to the cloud?” My response is always an emphatic “yes!”

It might seem like a flippant response to such a big question, but the best solution is likely a combination of these options. The data center strategy question really becomes: “How to analyze, rationalize and leverage all three alternatives for the best outcome.” The reality is that every business is different and a one-size fits all approach (build a data center, co-locate or go to the cloud) rarely is the right answer for all of a company’s applications.

When our team is engaged with a new client to develop their data center strategy, we begin with a front-end assessment to determine their company goals, objectives and reliability needs. We then look closely where they are today and where they are going in the future. This requires working with multiple groups from facilities, IT and executives to really understand their data center requirements. To gain clarity on objectives, align solutions with a mission critical data center strategy, and ensure the client is investing their money wisely, it is critical to begin with the assessment.



(TNS) - The first case of Ebola diagnosed in the United States was in Dallas. The biggest outbreak of West Nile virus in the country was in Dallas. And now one of the first cases of sexually transmitted Zika virus has been reported. In Dallas.

Why is the bull’s-eye on Dallas?

City leaders boast of attracting businesses and people from all over the world. Dallas is well-connected and has a booming economy, a growing population and one of the busiest airports on the planet.

It seems multiple microbes got that memo. What makes Dallas appealing to people also attracts diseases.



(TNS) - In the wake of the mass shootings in places like Aurora, Colo., and San Bernadino, Calif., a growing number of businesses are hiring security experts to train employees on how to respond to a workplace attack.

Such shootings often occur in businesses. A 2014 FBI study outlined 160 active shooter incidents across the country between 2000 and 2013, and 46 percent of them occurred at a business.

John Davis, Centerville Police Community Relations Officer, said his office has received an increased number of requests for training presentations developed by the Miami Valley Crime Prevention Association.



(TNS) - The threat of domestic Islamic terrorism is a political issue wielded by political candidates and debated hotly in Congress. But how serious is the threat?

A documentary premiering on HBO, “Homegrown: The Counter-Terror Dilemma” by Greg Barker, and a related book, Peter Bergen’s “United States of Jihad,” seek to answer that question.

The film’s release comes as presidential candidates, particularly those in the Republican field, are warning of the problem.



Tuesday, 09 February 2016 00:00

Weathering the Storm

Two weeks ago, the Blizzard of 2016, named Jonas, hit the East Coast.  The news media had forecast a large amount of snow fall a week prior to the storm.  Many people still did not want to believe a big snow storm was coming. The East Coast had enjoyed a very mild winter up until mid-January. In the days before the storm, the weather forecasters began predicting snow accumulation ranging from 12 inches to 36 inches from Tennessee to Connecticut. This really started to get everyone’s attention.  People were starting to think “what if a blizzard impacted where I live and work?”

The expected blizzard made me think about Business Continuity Plans for all the businesses along the East Coast.  Both work and personal events were impacted due to storm disruptions i.e. – loss of power, snow removal and overall safety. What if an incident happened where there was little to no advanced warning? Would you and your business be prepared?



Recently, I wrote about cloud security and research by the Cloud Security Alliance (CSA) that found that IT professionals are becoming more comfortable with cloud security, but that the one concern that still looms over cloud security – and all security, for that matter – is the lack of qualified security professionals on hand.

That this lack of security professionals remains a problem hints that the real threat to better cybersecurity is people, and this is especially true when it comes to cloud security.

A new survey from Alien Vault finds that not only will it take time to close the skills gap, companies are having a tough time retaining the security professionals on their staff. The research found:



Physical security a growing threat to organizations

Physical security is seen as growing concern for business continuity professionals, according to the fifth annual Horizon Scan Report published by the Business Continuity Institute, in association with BSI. Among the ranks of potential threats that organizations face, acts of terrorism gained six places from 10th in 2015 to 4th this year, while security incidents moved from 6th place to 5th place.

55% of respondents to the global survey expressed concern about the possibility of both an act of terrorism or a security incident such as vandalism, theft or fraud disrupting their organization, compared to 42% and 48% respectively the previous year. Whether these concerns are justified is another matter, but the incidents in Paris are still fresh in the mind, not to mention the many other events from across the world that constantly fill our news channels.

While security incidents of a physical nature make up the 4th and 5th greatest threats, it is incidents belonging to the virtual world that once again make up the top three. For the second year running, cyber attack comes in at number one with 85% of respondents expressing concern (2015: 82%). The attack on BBC over the new year period is a reminder of the danger this kind of threat poses when it suffered what was reputed to be the largest DDoS attack in history at 600 GBps, enough to bring down its website and most of its online services for some considerable time.

Data breach has climbed from 3rd place in 2015 to 2nd place this year with 80% of respondents expressing concern about the prospect of this type of threat materialising (2015: 74%). Not only are data breaches damaging reputationally, they can be expensive in terms of any fines imposed as result.

Unplanned telecoms and IT outage may have dropped from 1st place in 2014 to 2nd place in 2015 and now 3rd place in 2016, but it is still a very real threat with 77% of respondents expressing concern (2015:81%). Offices, shops, factories and warehouses are all heavily reliant on IT infrastructures and when those infrastructures fail it can cause severe disruption.

This year’s global top ten threats to organizations are:

  1. Cyber-attack – static
  2. Data breach – up 1
  3. Unplanned IT and telecoms outages – down 1
  4. Acts of terrorism – up 6
  5. Security incidents – up 1
  6. Interruption to utility supply – down 2
  7. Supply chain disruption – down 2
  8. Adverse weather – up1
  9. Availability of talents/key skills – up 5
  10. Health and safety incident – up 1

David James-Brown FBCI, Chairman of the Business Continuity Institute, commented: “The need perceived by organizations to identify and build resilience to this range of threats reveals the importance of this survey for business continuity professionals, the Horizon Scan’s reputation and reliability make it one of the most popular reports in the industry on a global scale. It is indeed crucial for practitioners to advise organizations on what to prepare for and adjust their recovery plans accordingly.

"The industry landscape is rapidly changing, and so should our discipline in order to keep up with both traditional and modern challenges. At the top of the list this year we continue to see threats such as cyber-attack, data breach and unplanned IT outages. More traditional threats such as terrorism continue to be ’front-of-mind’ for organizations. Given the rise of new challenges and the fact that old ones remain, horizon scanning techniques are even more valuable in assisting organizations to be prepared to the best of their potential.

Howard Kerr, Chief Executive at BSI, commented: “2015 saw a number of high profile businesses across the world hit by cyber attacks, so it’s reassuring to see that so many are aware of the threat it poses. Our research finds it to be the top concern in six out of the eight regions surveyed.

However, we remain concerned to see that businesses are still not fully utilizing the information available to them to identify and remedy weaknesses in their organizational resilience.

The report concludes that horizon scanning impacts on overall resilience as it provides an objective basis for assessing near-term threats that lead to disruption. The Horizon Scan Report, as a global study aggregating practitioner input across industry sectors and regions, complements in-house analysis and provides useful input for strategic decisions.

Download your free copy of the Horizon Scan Report here. If you have any questions, or would like to find out more, join us for our webinar on the 25th February when we will be discussing some of the findings and answering any of your questions.

Low-quality big data assets can lead to incredibly costly marketing mistakes. Research by Experian indicates that low data quality has a direct impact on revenue for 88% of modern organizations. Average losses are approximately 12% of revenue. For organizations who are shifting towards data-driven marketing and customer experiences, low-quality data can lead to costly mistakes.

How Bad is the Average Marketing Big Data?
Per eConsultancy, 22% of information on contacts, leads, and customers contains inaccuracies. Perhaps most concerning, the average organization’s quality index is headed in the wrong direction. Twelve months ago, the average inaccuracy rate was just 17%. Incorrect data can have a real impact on your team’s ability to build segments, understand behavioral triggers and preferences.



Ted Koppel’s book – ‘Lights Out: A Cyberattack, A Nation Unprepared, Surviving the Aftermath‘ – published in October, 2015 – spells out what may be our nation’s greatest risk – a catastrophic shutdown of one or more U.S. power grids.

In his New York Times bestselling investigation, Koppel reveals that a major cyberattack on America’s power grid is not only possible but likely, that it would be devastating, and that the United States is shockingly unprepared.

U.S. investigators recently found proof that a cyber attack can take down a power grid. A destructive malware app known as ‘BlackEnergy’ caused a power outage on the Ukranian power grid this past December, resulting in a blackout for hundreds of thousands of people. Ukranian officials have blamed Russia for the cyber attack. A CNN article states that U.S. systems aren’t any more protected than those breached in Ukraine.



Monday, 08 February 2016 00:00

Future Still Bright for Hardware

A lot of people are keenly interested in the future of data hardware markets, for good reason. The lifeblood of the IT industry has long been the deployment of sophisticated hardware platforms packed with advanced software, but that cozy little business model is under increasing pressure and everyone from top vendors to channel providers to independent consultants and integrators are scrambling to fit into the new world of software-defined infrastructure.

So it is probably comforting – small comfort, perhaps, but comforting nonetheless – that, so far at least, the precipitous decline in enterprise hardware spending has not materialized, even though the form and function of that hardware is changing.

According to the latest report from 451 Research, 2016 is shaping up to be a banner year for hardware, as both converged infrastructure (CI) solutions and traditional storage and server deployments contribute to a major overhaul of the data center. The company reports that 60 percent of the enterprise industry is planning to increase spending on servers in the coming year, with nearly a third aiming for a major refresh, while nearly 80 percent are looking to boost their reliance on CI and even more ambitious hyper-converged solutions. But the largesse from all this activity is not expected to benefit the vendor community equally. Cisco had the largest share of customers planning for an upgrade, while HP, IBM and Oracle customers were more muted in their expectations.



(TNS) - The potential of a Zika virus outbreak in United States has been a moving target, with federal health officials describing it initially as not likely, then maybe, then oops there are several cases, then issuing travel advisories and now, recommending condoms for some pregnant women during sex.

The increasing uncertainty stems not only because of the first case reported in Minnesota but also because a Texas case was attributed to sexual contact, amid previous assertions that only infected Aedes aegypti species of mosquitoes spread the disease, which presents the greatest risk to fetuses.

“There is a lot we don’t understand about the virus and exactly how it is transmitted,” said Dr. David McNamara, an infectious disease specialist at Gundersen Health System in La Crosse.



Despite the fact that we are seeing more extreme weather across the United States and increases in the costs of natural disasters, our research shows that fewer than half of Americans have developed and discussed an emergency plan with their household.

One of the ways to protect your family and prepare for an emergency is to start with good communication. A family emergency communication plan is critical to making sure the entire family knows who to contact, how to reach each other, and where to meet up in an emergency.

America’s PrepareAthon is a campaign to get people better prepared for disasters through hazard-specific group discussions, drills, and exercises. As part of the campaign and National Preparedness Month this September, we are encouraging families to take a few minutes to talk through and practice their emergency plan.



So, you’ve decided to ditch your old PBX phone system and enter the world of Unified Communications. Good for you. Now, here’s what you should know to keep your Skype data safe from cyber pirates and more … because it’s not just your fingerprints you leave on your tablet.

Whether you made your decision to go UC based on employee productivity gains, time savings or converging networks, you may still have questions on which UC solution is best for you. This may be an easier decision than you realize, as you likely already own the leading solution and not even know it.



IBM says its new "Open for data" slogan encompasses a slew of new cloud data services and analytics offerings designed to make it easy for enterprises to quickly get started with big data in the cloud, even if their workloads require secure on-premises implementations.

Digital natives have led the way in pioneering big data open source production projects, but that doesn't mean that enterprises aren't interested in implementing and getting business value out of these technologies, too.

The need to move faster and be more agile is often one of the big drivers for traditional enterprises looking to implement these technologies.



The Zika virus, a mosquito-borne virus linked to neurological birth disorders, is becoming a problem worldwide. In fact, the World Health Organization recently announced that the outbreak was a “public health emergency of international concern.” [1] Zika has already spread to “25 countries and territories in Latin America and the Caribbean” and “more than 30 Americans have been diagnosed with Zika after returning from visits to countries with Zika outbreaks.” [1]

With Zika dominating the headlines recently, we wanted to take a look back at our previous Influenza and Pandemic Preparedness panel webinar.  Our expert panelists brought us through the steps that organization leaders in the public, private, and healthcare sectors are doing to keep their staff, employees, and residents safe.



SAP's Fan Energy Zone in San Francisco's Super Bowl 50 celebrations is a giant test case in how users create, share, and process data in real-time.

Super Bowl City is part of the festivities going on in the San Francisco Bay area for Super Bowl 50 this week, and a major part of the exhibition is an SAP-sponsored area called the Fan Energy Zone, which features multiple games using motion capture and VR.

Not only does the Fan Energy Zone offers some free fun for fans and families, it also serves as a showcase for SAP's data visualization and emphasis on user experience. SAP says it hopes to take the experience it gains from the exhibit and take it right back to its enterprise products.



Pacific research goal is to improve accuracy of weather forecasts and models
N49RF -- Scientists aboard NOAA's Gulfstream IV aircraft are dropping weather instruments and using Doppler radar in the aircraft's tail during flights over the Pacific in research designed to improve the accuracy of weather forecasts and models. (Credit: NOAA)

Scientists aboard NOAA's Gulfstream IV aircraft are dropping weather instruments and using Doppler radar in the aircraft's tail during flights over the Pacific in research designed to improve the accuracy of weather forecasts and models. (Credit: NOAA)

NOAA scientists and partners have embarked on a land, sea, and air campaign in the tropical Pacific to study the current El Niño and gather data in an effort to improve weather forecasts thousands of miles away.

The El Niño Rapid Response Field Campaign will deploy NOAA’s Gulfstream IV research plane and NOAA Ship Ronald H. Brown, NASA’s Global Hawk unmanned aircraft equipped with specialized sensors, and researchers stationed on Kiritimati (Christmas) Island in the Republic of Kiribati, approximately 1,340 miles south of Honolulu. Together, scientists will collect atmospheric data from this vast and remote expanse of the tropical Pacific where El Niño-driven weather systems are spawned.

“The rapid response field campaign will give us an unprecedented look at how the warm ocean is influencing the atmosphere at the heart of this very strong El Niño,” said Craig McLean, assistant NOAA administrator for NOAA Research. “This research will help us understand the first link in the chain that produces, among many other weather impacts, extreme precipitation events on the West Coast.”

Scientists on NOAA Ship Ronald H. Brown will launch weather balloons up to eight times a day in the eastern tropical Pacific to help study the current El Niño. (Credit: NOAA).

Scientists on NOAA Ship Ronald H. Brown will launch weather balloons up to eight times a day in the eastern tropical Pacific to help study the current El Niño. (Credit: NOAA)

El Niño is a recurring climate phenomenon, characterized by unusually warm ocean temperatures in the equatorial Pacific, that increases the odds for warm and dry winters across the northern United States and cool, wet winters across the south. El Niño is the warm phase of the ocean cycle known as El Niño-Southern Oscillation, or ENSO for short. La Niña is the cool phase. The pattern can shift back and forth every two to seven years, disrupting weather patterns across the globe.

During the two strongest El Niños before this, California has been soaked by intense rainstorms causing flooding, landslides and other property damage. NOAA scientists say this event is among the strongest El Niños on record, comparable to the last major event in 1997-98. How much precipitation this El Niño will deliver to California is a subject of intense interest to a region struggling to manage the effects of an historic drought.

NOAA researchers anticipate that the data gathered by weather balloons and instruments dropped from aircraft will help improve the models that are used to support weather forecasts. The data will also provide insights that researchers hope will improve year-to-year ENSO forecasts, as well as the accuracy of models predicting longer-term effects of climate change.

NASA's Global Hawk unmanned aircraft is equipped with sensors to gather weather information over the Pacific as part of the NOAA and partner campaign. (Credit: Gijs de Boer, CIRES)

NASA's Global Hawk unmanned aircraft is equipped with sensors to gather weather information over the Pacific as part of the NOAA and partner campaign. (Credit: Gijs de Boer, CIRES)

“This has never been done with a major El Niño,” said Randall Dole, a senior scientist with NOAA’s Earth Sciences Research Lab in Boulder, Colorado. “A field campaign ordinarily takes years to plan and execute. But we recognized what an important opportunity we had and everyone worked hard to pull this mission together.”

Here is a list of NOAA and partner assets deployed to support the El Niño Rapid Response Field Campaign:

  • NOAA’s Gulfstream IV (G-IV) aircraft is flying out of Honolulu International Airport carrying a suite of meteorological sensors on an estimated 20 research flights in the central Pacific from late January to early March. The G-IV will be dropping weather instrumentation and using Doppler radar located in the aircraft’s tail to gather weather data.

  • NOAA Ship Ronald H. Brown will launch weather balloons up to eight times a day during the Tropical Atmosphere Ocean (TAO) survey cruise in the eastern tropical Pacific. The ship will depart Honolulu on Feb. 16 and arrive in port in San Diego on March 18.

  • NASA’s Global Hawk unmanned aircraft will carry a suite of meteorological sensors and drop parachuted weather instruments during four research flights in February in the eastern Pacific, near the U.S. West Coast. The Global Hawk is a key asset for the Sensing Hazards with Operational Unmanned Technology (SHOUT) project led by the NOAA Unmanned Aircraft System Program. The aircraft is based at the NASA Armstrong Flight Research Center at Edwards Air Force Base.

  • Twice-a-day weather balloons are being launched from Kiritimati through March.

  • Scanning X-Band Radar has been temporarily installed in the south San Francisco Bay to fill coverage gaps in the existing radar array and provide more accurate rainfall estimates for the region to better manage potential heavy precipitation and associated negative impacts from El Niño storms.

To learn more about El Niño and its impacts, visit: https://www.climate.gov/enso

To learn more about NOAA’s El Niño Rapid Response Field Campaign visit: http://www.esrl.noaa.gov/psd/enso/rapid_response/

Follow along with researchers in the field here: https://medium.com/el-ni%C3%B1o-rapid-response-blog

NOAA’s mission is to understand and predict changes in the Earth's environment, from the depths of the ocean to the surface of the sun, and to conserve and manage our coastal and marine resources. Join us on FacebookTwitterInstagram and our other social media channels.

One of the most common forms of hybrid cloud computing is VMWare running on premise and the flavor of virtual machines that Amazon Web Services (AWS) makes available using open source Xen hypervisors. Because both environments build on fundamentally different virtual machine architectures, using AWS as an extension of a VMware environment has until recently been a challenge.

But now that AWS has opened up more of the application programming interfaces (APIs) surrounding its virtual machine, that’s about to change. One of the first vendors to take advantage of this change is Druva, a provider of backup and recovery services hosted on AWS that is now extending that capability to add support for VMware.

Druva CEO Jaspreet Singh says that rather than having to back up files locally and then move them into the cloud, the Druva Phoenix service is designed to continuously stream data from VMware or a physical server directly into AWS. In the event of a disaster, IT organizations can spin up AWS virtual machines to provide access to that data in a matter of minutes.



Friday, 05 February 2016 00:00

Tackling Event Risk, Scoring High in Safety

Major events like Sunday’s championship Super Bowl game and business functions go hand-in-hand. With the Big Game just around the corner, the San Francisco Bay Area has seen an uptick in events throughout the week, often consisting of lavish private parties and public gatherings. Companies in the area, as well as those from out of town, are taking this opportunity to conduct business and send their employees and clients to experience all the Golden Gate City has to offer.

Attending the Big Game, or any major event, cannot be all play and no work, especially for those – such as risk professional and business leaders – concerned about the legal, reputational, financial, and people-related risks surrounding such a high-profile and highly-populated event. Any company with employees or clients planning to attend the game and/or related festivities should keep a few things in mind to best protect them and their business in the event of a crisis. Before kickoff, here are a few tips to guide risk managers and business leaders when considering the potential risks surrounding major events like this Sunday’s game.



Symantec Corp., the world’s largest security software company according to Gartner IT -0.55%, announced yesterday a $500 million strategic investment from Silver Lake, a global leader in technology investing.

Michael A. Brown, Symantec SYMC +0.00% president and CEO, said, “Silver Lake’s investment in Symantec validates the significant progress we’ve made in our transformation and is a tremendous vote of confidence in the Company. The transformation that Brown is referring to, is Symantec’s shift from PC tools, backup software, and other utilities, to an exclusive focus on its largest market opportunity – cybersecurity.

Symantec, long synonymous with anti-virus software for PCs, the (Peter) Norton line of PC utilities, and the Veritas backup business, has turned itself into a pure-play cybersecurity company. Go to their homepage and now it’s all about threat and information protection, data loss prevention, email security, endpoint and cloud security, cybersecurity services, and other security catchphrases.



Friday, 05 February 2016 00:00

Snow Emergency? We Have an App for That

(TNS) - They are the words that can strike a panic for anybody who parks on the street in Minneapolis or St. Paul: “Snow Emergency.”

Suddenly vehicle owners must scramble to find a safe haven for their wheels. Fortunately, both cites have an app for that.

We put them to the test to see if they really can help drivers avoid a ticket, tow and trip to the impound lot.

Both apps feature maps that show city streets colored green where it’s legal to park and red where it’s not. But don’t totally trust them. Be sure to click on the tabs for parking rules that apply to each day of the snow emergency.

That’s easy to do using Minneapolis’ app. The home page tells a user that a snow emergency is in effect, whether it’s Day 1, Day 2 or Day 3. Links below outline specifics for each day, with details on which side of the street to park on. There’s even a diagram for those who are picture-oriented.



Friday, 05 February 2016 00:00

Time To Invest In Cyber? Ask The "HACK"

The worldwide cybersecurity industry is defined by market sizing estimates that range from $75 billion in 2015 to $170 billion by 2020.

Cyber crime will arguably push the cybersecurity market projections for the next five years further up into the stratosphere. Last year, the British insurance company Lloyd’s estimated that cyber attacks cost businesses as much as $450 billion a year, which includes direct damage plus post-attack disruption to the normal course of business. Some vendor and media forecasts put the cybercrime figure as high as $500 billion and more. Juniper research recently predicted that the rapid digitization of consumers’ lives and enterprise records will increase the cost of data breaches to $2.1 trillion globally by 2019, increasing to almost four times the estimated cost of breaches in 2015.

Is it time to invest some of your money into cybersecurity, or double-down if you already have? For starters, you can look at the world’s first Cyber Security ETF, the PureFunds ISE Cyber Security ETF (HACK) – which was created to provide the market with a transparent vehicle to invest in the increasingly important Cyber Security industry. The Street’s Jim Cramer says “HACK is a smart, long-term bet on the unstoppable trend of cybersecurity.”



As any city hosting a major event would, the San Francisco Bay Area sees hosting Super Bowl 50 as a chance to show off what makes the city great. To that end, San Francisco has branded itself as Super Bowl City and opened Market Street as a family-friendly fan village full of activities and local fare. More than 1 million people are expected to visit during the week, generating income for businesses and raising the city’s profile as another more than 100 million people are expected to watch football’s biggest game of the year from afar.

Super Bowl week also coincides with two major tech announcements for the city — a new data sharing partnership with traffic monitoring service Waze, and an expansion of #SFWiFi, a free Wi-Fi network that has crept across the city since its initial launch in 2013. San Francisco CIO Miguel Gamiño said the Super Bowl tech announcements afford the city a chance to show off their tech, stress test it against a large influx of visitors, and ultimately produce a stronger infrastructure for citizens in the long-term.

The Waze partnership, announced Jan. 28 by the office of Mayor Edwin Lee, establishes a two-way data-sharing channel between the city and the popular traffic monitoring app. Waze will assist the city by publishing free, anonymous user data on the city’s open data portal. The city can use this data to re-gear its transportation management during events and road closures, and evaluate its overall transportation strategy. The city will share its data with Waze every two weeks in alignment with its street closure approval process. Gamiño’s office also reported plans to have Waze share pothole reports with the city in real-time via the city’s Open311 API. San Francisco is now conducting cross-agency workshops to find effective uses of the agreement.



What is Machine Learning? Machine Learning can be described as the study and construction of algorithms that can learn from and make predictions on data, rather than follow programmed instructions. IoT and Machine Learning are said to go hand in hand.

IoT promotes the data that can help cities predict accidents, give doctors real-time insight into information from bio-chips and pacemakers, and enable optimized productivity across industries through predictive maintenance on equipment and machinery. The possibilities that IoT bring are endless.

The problem is finding ways to analyze the deluge of performance data and information that all these devices create. It’s impossible for humans to review and understand all this data. We need to improve the speed and accuracy of big data analysis in order for IoT to live up to its promise. The only way to keep up with this IoT-generated data and gain the hidden insight it holds is with Machine Learning.



To be sustainable, organizations must prepare for crises that occur or risks that crystalize. General responses to those threats include alternative office sites, IT back-ups and communication protocols. As reality demonstrates over and over, it is critically important to have a strong leader in a crisis situation, be it the captain of a ship in a storm, the commanding officer of a platoon under fire or the CEO of a company in turmoil. A cacophony of contradicting orders or disintegration in the line of command is the surest way to increase a disaster’s impact and the time needed to recover.

Instead of creating a strong BCP landscape with clear lines of command and control, however, we more often see “balkanization,” or fragmentation of responsibilities. Business continuity planning, environmental health and safety, operational risk and IT disaster recovery are different teams with overlapping roles and responsibilities for crisis management.

The newest buzzword is resilience, which is discussed in a growing number of articles and lectures and defined as the “ability to bounce back to a normal operating status after a state of crisis.” There are also a number of overlapping areas with the aforementioned functions—and that is just on an intra-company level. The OECD has issued Guidelines for Resilience System Analysis, urging member states to set up resilience management on a country level basis.



Improved regional preparation, response to coastal hazards top goal

Each project selected in the National Ocean Service's Coastal Resilience Grants Program reflects NOAA's commitment to building coastal resilience using science-based solutions and collaborative partnerships. (Credit: Think Stock Photos.com).

Each project selected in the National Ocean Service's Coastal Resilience Grants Program reflects NOAA's commitment to building coastal resilience using science-based solutions and collaborative partnerships. (Credit: Think Stock Photos.com)

NOAA’s National Ocean Service will award today $4.5 million in coastal resilience grants, with plans to award another $4.5 million in grants later this year. The local community grant recipients are required to add an additional $2.4 million in matching funds.

The projects selected are designed to help coastal communities improve their resilience to adverse events by improving their ability to prepare for and respond to a variety of coastal threats, including extreme weather events, climate hazards, and changing ocean conditions.

“We know that continued sea level rise and the storm surges associated with potential changes in hurricanes combined with increased coastal storm activity threaten to cause $35 billion annually in damages within the next 15 years,” said Kathryn D. Sullivan, Ph.D., under secretary of commerce for oceans and atmosphere and NOAA administrator. “We need to reduce these impacts through better application of science-based knowledge. The six projects receiving funds today are designed to serve as models of the way forward to increasing the resilience of our coastal communities.”

The projects will address evolving economic, environmental, and social pressures on our ocean and coasts through approaches that cover land and ocean use, disaster preparedness, environmental restoration, hazard mitigation, and regional, state, and community planning efforts. (Credit: Think Stock Photos.com).

The projects will address evolving economic, environmental, and social pressures on our ocean and coasts through approaches that cover land and ocean use, disaster preparedness, environmental restoration, hazard mitigation, and regional, state, and community planning efforts. (Credit: Think Stock Photos.com)

The selected projects reflect the program’s regional focus — more than 100 communities are participating in these six projects. In response to its call for proposals last year, NOAA received 132 applications requesting more than $100 million. The proposals were reviewed by a panel of coastal management experts from around the United States that included representatives of government, academia and private industry.

NOAA is taking a multifaceted approach to building coastal resilience through two grant programs. NOAA National Ocean Service’s grant program, the Regional Coastal Resilience Grants, focuses on regional-scale projects that enhance the resilience of coastal communities and economies. Activities may include improving coastal risk assessment and communication, promoting collaborative approaches to resilience planning, and better informing science based decision making.

NOAA defines resilience as the ability of an ecosystem or community to absorb, recover from, and more successfully adapt to adverse events such as extreme weather or long-term changing environmental conditions, such as sea level rise. (Credit: Think Stock Photos.com).

NOAA defines resilience as the ability of an ecosystem or community to absorb, recover from, and more successfully adapt to adverse events such as extreme weather or long-term changing environmental conditions, such as sea level rise. (Credit: Think Stock Photos.com)

“We are all connected by the watershed we live in,” said Jeff Payne, Ph.D., acting director of NOAA’s Office for Coastal Management. “What happens in one community affects those downstream. It can be wide spread on regional and local infrastructure, economies and ecosystems. A piecemeal approach will not be effective. Only by working together can we solve these complex problems.”

NOAA Fisheries’ Coastal Ecosystem Resiliency Grants program, a complementary resilience grant program, announced its FY 2015 grant awards December 1. The NOAA Fisheries program is focused on the development of healthy and sustainable coastal ecosystems through habitat restoration.

NOAA’s mission is to understand and predict changes in the Earth's environment, from the depths of the ocean to the surface of the sun, and to conserve and manage our coastal and marine resources. Join us on FacebookTwitterInstagram and our other social media channels.

Chris Selland is VP of Business Development, Big Data Platform, at Hewlett Packard Enterprise.

The act of publishing source code, in and of itself, doesn’t necessarily make a platform more useful. Making that source code extensible matters at least as much, especially in the era of open application programming interfaces (APIs), where many of the most useful apps are made so by other apps. Modern enterprises need both open source software and open architectures to take full advantage of Big Data.

This article will focus on how we reached this point, and provide a blueprint for CIOs who are evaluating open source and Big Data tools.



Thursday, 04 February 2016 00:00

DDoS Attacks Surging

HSBC UK’s online banking system was hit with a DDoS attack at the end of January. As of the writing of this blog post, officials didn’t know who was responsible or the reasons behind the attack. The bank’s mobile app was not technically hit by the DDoS attack, but because so many users turned to the app when the website went down, the volume overwhelmed the connection.

DDoS attacks happen all the time, with varying levels of damage, yet they are sometimes overshadowed by breaches and other types of cyberattacks. I mention the HSBC DDoS attack in part because of its scale (HSBC is one of the largest banks in the world) and in part as a segue to discuss the changing scale of DDoS attacks.

According to Kaspersky Lab’s 2015 4th Quarter Report, the bad guys are finding new channels to conduct DDoS attacks:



Observations from the National Capital Region


Emergency managers and public information officers across the Mid-Atlantic and Northeast proactively informed their communities as Winter Storm Jonas covered many areas with record-setting snowfall. In the National Capital Region, where eighteen counties, cities, and the District of Columbia are using Everbridge’s mass notification platform, the highest recorded snowfall was 34.2 inches (reported in Leesburg, Virginia).

Across the region, government officials sent 12,261 notifications to residents and government employees over a 7-day period—an average of one notification every 1.2 minutes. Many residents and employees received numerous notifications via multiple methods (e.g., email, SMS text messages, phone calls, the mobile app), which totaled 16.1 million messages sent to the region.

“People in this region regularly travel across jurisdictional boundaries, and regardless of where they are or where they’re going, all jurisdictions try to ensure our communities get timely and accurate information in ways that are convenient for them—email, text, the ContactBridge app, phone calls and more,” explained Sulayman Brown, Assistant Coordinator and Manager of Operations and Outreach at Fairfax County Office of Emergency Management. “We coordinate messages with neighboring jurisdictions to ensure consistency and deliver sound advice to the public. For example, several jurisdictions sent the same ‘stay off the roads’ notice to their residents to make it clear that it was unsafe to drive,”



In many engagements, upper and middle management ask: “How do we fix our testing (QC) process? The team is just not catching the defects.”

When managers ask this question I usually asked these managers a question in return: “Why focus on fixing your testing processes first; shouldn’t you first focus on fixing the development process, since they write the code?”

This usually starts a vigorous discussion about where the problem really lies in the organization, which is exactly the kind of soul searching an organization needs to do when they ask to fix the testing.



Just like IT systems are moving away from monolithic big-bang style releases to agile increments, so it seems is life in related areas. Business continuity, enterprise computing, information security, and the major business systems that are affected by them – notably supply chains – seemed to have less thunder and lightning in 2015, and more trending cloudiness (or was it cloudy trendiness?).

Granted, there were a few exceptions, even in the continually spreading, scaling world of cloud computing. AWS (Amazon Web Services) reputedly became profitable. This was an interesting development for a group (Amazon) as a whole that has spent years navigating through negative results. Meanwhile, Google suffered two outages of its public cloud services, one from lightning (yes, really) and one from DNS changes. Otherwise, cloud continued to score points for resilience and associated aspects such as disaster recovery and DRaaS. Overall, cloud computing seemed to be stabilizing into an oligopoly, a little like the mainframe market of 50 years ago. Maybe history, like the weather, really does repeat itself.



A big driving factor in the search for the perfect biometric security app is the wish to stop using current user ID and password access methods. The biometric body-part solutions typically have the advantage of being unique (unforgettable) and impossible for a user to forget, because of course his or her fingerprints, etc. are always to hand. Here’s a rundown of some of the contenders:



I do enjoy the (sometimes irreverent!) perspectives of some articles on data center in the UK publication “The Register“, and the story of how a data center change went wrong made me laugh, cringe and cry at the same time – the change being when an electrician cut the wrong wire and brought down a 25,000 square feet data center!!!

Let’s have a look at what went wrong here, and then I’ll relate this to one of our more fundamental services, that of “change support”. Some may call this a “boring” service option, however “fundamental” is much more appropriate, as the following story will show.  Finally, I’ll point you to a free white paper to illustrate the cost benefits.

If you’ve worked in IT for any length of time, you’ll know that configuration changes and (incorrect) cable cuts are some of the biggest sources of network and data center unplanned downtime – that is, outages.  However, even in 2016, it’s amazing  how the lack of stringent change control processes is all too common a source of outages and service downtime.  Let’s look at a real life example.



AUSTIN, Texas – So, you and your family survived the big storm.

The water has been pumped out of your basement. Your walls and floors are dry. Your roof seems to be intact. Your electrical appliances are working fine. And your flood-soaked refuse has been removed to the landfill. You are grateful it’s all over. But is it really? Ask yourself, “Are my house and property ready for the next big one? Will my family be safe the next time we flood?”

Mitigation experts at the Federal Emergency Management Agency (FEMA) say there is no better time than now for homeowners to start thinking about what can be done to prepare for the next flood.

For the big jobs, homeowners will want to hire a reputable licensed contractor. FEMA mitigation officials suggest getting bids from two or three contractors. And ask for references. Many other repairs may be easy work for handy do-it-yourselfers. Tasks like relocating basement or first floor electrical equipment and appliances, however, may require the help of a professional.

Start with the main circuit breaker or fuse box. Move it up to at least 12 inches above the Base Flood Elevation (BFE) for your home or building. Your insurance agent or local flood plain administrator will be able to tell you what that number is.

Check with your local building department. If the electrical code allows, raise electrical outlets and switches above flood level.                                                                                                                                

If you need to replace a flood-damaged furnace, water heater or air conditioner, have the new one installed on a higher floor. If your air conditioner or heat pump is outdoors, install it on a raised platform. Place washers and dryers on blocks, making sure they will not vibrate off the blocks during use. A 1- or 2-foot waterproof floodwall around appliances will protect them from shallow flooding.

More do-it-yourself tips for repairing flood-damaged buildings:

  • Walls. If the wallboard and insulation were removed, wash and disinfect the exposed vertical wooden studs, and the horizontal wooden sills at their base. If rebuilding, consider metal studs and sills as they are less damaged by water than wooden ones.

  • Wallboard. If you install the wall board horizontally (4 feet high), you’ll only have to replace half the wall if the next flood is less than 4 feet deep. Leave the wall open 1 inch above the sill. The baseboards will hide the gap, and all you have to do after the next flood is remove the baseboard and the wall cavity will drain freely and air will circulate better.
  • Floors. Particle board or plywood fall apart when wet for lengthy periods. Floor joists and some wood floors regain their shape when naturally dried. Use screws or screw nails on floors and stairs to minimize warping. Completely dry subflooring before laying new flooring or carpeting. Renail, then sand or place a new underlayment for a new floor.

  • Paints. Completely dry the surface before painting. This may take several weeks, but paint will peel if applied over a damp surface. Coat concrete surfaces with penetrating sealer for easier future cleanup.

  • Windows and Doors. When appropriate, replace flood damaged windows with vinyl or metal framed windows. Hollow core or polysty­rene foam filled metal doors are water resistant.

Despite all that you have done, natural disasters are unpredictable, and even the best preparations may not hold up in the next flood.

The first step in moving on after a flood is getting rid of damaged or destroyed personal property that can’t or should not be saved. FEMA mitigation experts tell flood survivors to always throw out flood-dirtied cosmetics, medicines, stuffed animals, baby toys and food that may be spoiled. It’s also a good idea to get rid of mattresses, pillows, rugs, books and other paper products. Should you throw away this or that? Good advice from one FEMA mitigation specialist: If you have to ask, throw it away.

Next, dry out your house – lower the humidity. Open doors and windows to let fresh air circulate. Open closet and cabinet doors; remove drawers from their cabinets. Run dehumidifiers and fans. Give your housed plenty of time to dry. The rule of thumb is, if it takes one week for visible moisture to disappear, it will take at least another week for unseen parts to dry.

Alternatively, you may want to turn the job over to a flooding and storm damage professional. Go online to search “water damage restoration” or “dehumidifying.”

For more ideas on reducing flood loss, view FEMA’s booklet, “Protecting Your Home and Family From Flood Damage,” at https://www.fema.gov/media-library/assets/documents/21471  .

Texas homeowners and renters who have registered for disaster assistance with FEMA are encouraged by recovery officials to “stay in touch.” Applicants changing their address or phone numbers should update that information with FEMA. Missing or erroneous information could result in delays getting a home inspection or in receiving assistance.

Survivors with questions regarding their application for disaster assistance, or a pending appeal, should visit DisasterAssistance.gov or call the FEMA Helpline (voice, 711 or relay service) at 800-621-3362. (TTY users should call 800-462-7585.) The toll-free lines are open 7 a.m. to 10 p.m. seven days a week. Multilingual operators are available.

For more information on Texas recovery, visit the disaster web page at www.fema.gov/disaster/4245, Twitter at https://www.twitter.com/femaregion6 and the Texas Division of Emergency Management website, https://www.txdps.state.tx.us/dem.                            

                                                                                     # # #

All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD).

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards. 

Visit www.fema.gov/texas-disaster-mitigation for publications and reference material on rebuilding and repairing safer and stronger.

State/Tribal Government or Region: 

The Super Bowl is an event that millions of Americans look forward to every year. This year, San Francisco hosts Super Bowl 50 at Levi’s Stadium in Santa Clara on February 7th, 2016. Local law enforcement and public safety agencies are expecting over 1 million fans to visit the Bay Area.[1]

The City of Santa Clara Police Department, operating the Joint Information Center (JIC), alongside several other local agencies, are leveraging Nixle to keep residents informed about safety updates and other important information during the Super Bowl. Visitors, fans and local residents can simply text the keyword ‘SB50’ to 888-777 to receive updates directly to their cell phone.[2] Road closures, transit and safety information are just a few of the potential use cases that could result in a text alert.

Social media played a significant role in raising awareness about signing up to receive SB50 alerts. Several agencies used Twitter and other social media sites to promote the keyword seen in the example below:



The cloud is a common facet of virtually every enterprise on the planet these days, but the overriding perception is that it should be kept away from mission-critical functions.

So it came as a surprise late last year when Verizon issued a report on the state of the cloud market indicating that 87 percent of enterprises are running mission-critical apps in the cloud, up from 60 percent two years ago. More than half of this group uses up to four cloud providers to support these functions, while a quarter are porting them over 10 or more. And the trend is particularly pronounced among start-ups, many of which are eschewing internal infrastructure for an all-cloud approach that drives high degrees of flexibility, if not entire transformations of existing business models.

But is this wise? Does the cloud, even at this stage of its development, really have the chops to support critical workloads and applications? Or are early adopters merely setting themselves up for failure when their plans fall victim to poor reliability, availability and security?



(TNS) - Buoyed by recent advances in technology, the federal government announced Tuesday that it is expanding its commitment to earthquake warning systems because they will save lives.

"The technology is ready today," said Richard Allen, director of Berkeley's seismological laboratory, at a White House Summit on Earthquake Resilience in Washington, D.C. "Hopefully we can move to a full-blown public warning system over the next few years."

Also on Tuesday, President Barack Obama signed an executive order to institute seismic safety codes for all federal buildings, similar to the executive order issued last year requiring flood protection for federal buildings near bodies of water.

Through the "ShakeAlert" early warning system, alerts can be sent at the speed of light -- 100,000 times faster than seismic waves travel through rock.



Thursday, 04 February 2016 00:00

Red Cross Declares Emergency Need for Blood

(TNS) - The American Red Cross has an emergency need for blood.

The winter weather has caused more than 300 blood drives to be canceled in 20 states since Jan. 1, the organization said in a statement. That resulted in more than 9,000 donations being uncollected, the Red Cross said. In the Northeastern Pennsylvania Region, which includes Schuylkill County and five other counties, six blood drives were canceled since Jan. 23.

One of those blood drives was in Schuylkill County.

“Due to the safety of the donors and the staff, we had to cancel the drive,” Karen Barton, account manager Schuylkill County blood donor division, said Tuesday about a drive that was scheduled from 10 a.m. to 3 p.m. Jan. 23 at the Grace Free Evangelical Church in Cressona.



One could argue the purpose of data analytics has always been to achieve business outcomes. Yet, enterprises still struggle to realize the potential business value of their investments. Despite the availability of a wide array of improved technologies, it's easy for company cultures, organizational structures, and even problem-solving approaches to get in the way.

"The fundamental premise is it's a technology problem. It reminds me of the early Internet days [when people said] 'We have this capability, what problem can we solve?'" said Jeff McMillan, managing director at Credit Suisse. "That's not how it works. You have a business issue and need to bring a set of capabilities to bear."

Departmental barriers continue to impede progress. Some companies are restructuring to compete more effectively in the digital economy, but the expanding C-suite may frustrate the ability to drive business outcomes.



Thursday, 04 February 2016 00:00

Alerting You to Earthquakes… and Insurance

Earthquake resilience was in the spotlight as the Obama administration gave its support for an earthquake-alert system on the West Coast at a White House summit Tuesday.

President Obama also signed an executive order establishing a federal earthquake risk management standard which will improve the capability of federal buildings to function after a quake.

The order requires federal agencies to ensure that federal buildings are constructed or altered using earthquake-resistant design provisions in the most current building codes.



Thursday, 04 February 2016 00:00

Setting the Stage for Storage Innovation

When I started to write this article, I expected to launch immediately into innovative products and vendors because innovation, like adventure, is out there. But the deeper I got, the more I realized that innovation is very much in the eye of the beholder, and I was going to have to define my terms and assumptions.

Any storage company that is still in business is trying to innovate. If innovation means a new and improved approach to a problem, then very few storage vendors are stuck in place just waiting for the market to pass them by.

Sure, the start-ups define themselves as innovators – some may even be innovative. They are looking to create a market and ride that momentum. But the established vendors are busy innovating too, and they have a customer base to sell to that the startups do not.



Thursday, 04 February 2016 00:00

Where to go During a Communications Shutdown

If you’ve been in meetings and exercises that simulate a total communications loss, you’ve likely wondered what you would do in the event of a catastrophic failure that takes down cellular, Internet, power, and even your own systems.
Haiti, Jan. 12, 2010. Within a few days after the quake, a team of amateur radio operators from WX4NHC at the National Hurricane Center was called upon to serve as the main source of medical communications. Over the next five weeks, the team manned a 24-hour net connecting Haiti field hospitals, the University of Miami Medical Center and the U.S. Navy hospital ship Comfort, relaying on-the-spot medical advice from stateside doctors, relaying medical supplies, charter airplane flight schedules and helping coordinate emergency helicopter and fast boat evacuations.

In Joplin, Mo., May 22, 2011. The hospital, two local fire stations and the town took a direct hit by an F5 tornado. All normal communications were down for weeks. Regional amateur radio operators were called in to help establish communications.



(TNS) —  Public health officials are considering steps to protect the blood supply from contamination with Zika virus, including barring patients who have traveled to affected areas from donating blood for up to 28 days.

Discussions of blood donations and other questions swirling around Zika took on new urgency Monday as the World Health Organization declared the virus and its complications a public health emergency. Dr. Margaret Chan, the organization's director general, said the cluster of Zika-linked birth defects, known as microcephaly, "constitute an extraordinary event and a public health threat to other parts of the world."

Chan called for an international response to minimize the threat in infected countries and reduce the risk of international spread. In addition to highlighting the seriousness of the problem, the emergency declaration can trigger action and funding from governments and nonprofits around the world, the New York Times reported. It elevates the WHO to the position of global coordinator and gives its decisions the force of international law.



(TNS) - Eastern Kentucky University began seeing the benefits of its new LiveSafe mobile app even before it was launched, free for anyone to download, on Monday.

The app was introduced by the university’s Student Government Association (SGA). It is available for download on both the Apple and Android platforms and puts various services at the fingertips of users, who can now more easily:



Previous efforts are languishing in limbo.

As the growth in the capability and sophistication of cyber bad actors continues to threaten national and economic security in the United States, confusion reigns and a lack of clarity exists as to who is in charge and how to deal with a significant cyber event that could become an incident of national or even global consequence. No strategic blueprint provides high level direction, nor do any operational plans articulate roles and responsibilities for government, industry and other stakeholders during various thresholds of escalation throughout a significant cyber event. To this day, the United States does not have an approved national cyber incident response plan that provides documented, predictable and sustainable procedures and protocols for addressing what is characterized as one of the most serious threats facing the safety and security of our nation. It is more than a fair question to ask: How can that be and what are we doing about it?

Many working in the cybersecurity realm today are not aware that efforts actually began in 2008, when industry leaders in the private sector critical infrastructure community learned the Bush Administration was considering the creation of such a plan but wholly within government. Given the fact that approximately of 80 percent of the nation’s critical infrastructure is owned, operated or controlled by the private sector, a number of industry leaders objected to the notion of a government-only effort and instead advocated for a collaborative approach between government, industry, and other stakeholders.

- See more at: http://www.afcea.org/content/?q=Blog-when-will-united-states-have-national-cyber-incident-response-plan#sthash.tDeQRlDE.dpuf
Previous efforts are languishing in limbo.

As the growth in the capability and sophistication of cyber bad actors continues to threaten national and economic security in the United States, confusion reigns and a lack of clarity exists as to who is in charge and how to deal with a significant cyber event that could become an incident of national or even global consequence. No strategic blueprint provides high level direction, nor do any operational plans articulate roles and responsibilities for government, industry and other stakeholders during various thresholds of escalation throughout a significant cyber event. To this day, the United States does not have an approved national cyber incident response plan that provides documented, predictable and sustainable procedures and protocols for addressing what is characterized as one of the most serious threats facing the safety and security of our nation. It is more than a fair question to ask: How can that be and what are we doing about it?

Many working in the cybersecurity realm today are not aware that efforts actually began in 2008, when industry leaders in the private sector critical infrastructure community learned the Bush Administration was considering the creation of such a plan but wholly within government. Given the fact that approximately of 80 percent of the nation’s critical infrastructure is owned, operated or controlled by the private sector, a number of industry leaders objected to the notion of a government-only effort and instead advocated for a collaborative approach between government, industry, and other stakeholders.

- See more at: http://www.afcea.org/content/?q=Blog-when-will-united-states-have-national-cyber-incident-response-plan#sthash.tDeQRlDE.dpuf

Robert Reynolds, a former environmental consultant at a chemical distributor was sentenced to three years’ probation and fined $10,000 for a 2014 chemical spill in West Virginia that polluted the drinking water supply of 300,000 people. Reynolds was the first of six former Freedom Industries officials to be sentenced, the Associated Press reported.

The incident began on Jan. 9, 2014 when authorities discovered that 7,500 gallons of chemicals—mostly 4-methylcyclohexane methanol (MCHM) and PPH (polyglycol ethers), both used to clean coal—had leaked from an aging storage tank owned by Freedom Industries into the nearby Elk River.

Questions arose concerning the tank’s close proximity to a water treatment plant and, after the West Virginia American Water Company reported that its water supply had become contaminated, Gov. Earl Ray Tomblin issued a State of Emergency for Boone, Cabell, Clay, Jackson, Kanawha, Lincoln, Logan, Putnam and Roane counties. “West Virginians in the affected service areas are urged NOT to use tap water for drinking, cooking, washing or bathing,” Tomblin said in a statement.



COEUR D’ALENE, Idaho – Local crews worked around the clock to restore power and clear roads after severe winter storms in December brought heavy snow and frigid temperatures to northern Idaho. As a result of President Obama’s February 1 disaster declaration, the Idaho Bureau of Homeland Security (IBHS) and the Federal Emergency Management Agency (FEMA) will be working to reimburse eligible applicants for costs incurred in keeping citizens safe and in cleaning up and repairing afterward.

State agencies, local governments and certain private nonprofit utilities in Benewah, Bonner and Kootenai counties may be eligible for funding from FEMA’s Public Assistance (PA) program as a result of the declaration for the Dec. 16-27, 2015, storms.

This is the second federal disaster declaration for northern Idaho in about six weeks. On Dec. 23, 2015, the president issued a major disaster declaration making federal Public Assistance available to eligible applicants in Benewah, Bonner, Boundary and Kootenai counties and the Coeur d’Alene Tribe. That declaration was the result of the severe storm and straight-line winds in the area on Nov. 17, 2015.

“Our first responders and utilities worked day and night, and at great expense, to keep folks safe during those back-to-back storms late last year,” said IBHS Director Brad Richy. “We are working closely with FEMA to help reimburse applicants for their costs for the November storm, and we will do the same for the December events.”

Under the Public Assistance program FEMA reimburses applicants for 75 percent of their eligible expenses, while the other 25 percent is the nonfederal share. The federal portion is paid directly to the state, which then makes disbursements to the local and tribal jurisdictions and nonprofit organizations that incurred costs.

“IBHS has been an outstanding partner in support of applicants in northern Idaho,” said Federal Coordinating Officer Dolph Diemont of FEMA. “With the personnel and processes already in place, we will be able build on those relationships and provide prompt assistance to all eligible applicants.”

In addition to Public Assistance grants, additional funds will be available in Idaho under FEMA’s Hazard Mitigation Grant Program (HMGP).

The HMGP, administered by the state, is also a cost-share program, with FEMA providing 75 percent of the funds. This program provides supplemental financial assistance to public entities and certain private nonprofits to reduce the risk to life and property in future disasters.

Additional information is available online at FEMA Public Assistance, PA in Idaho, Hazard Mitigation Grant Program-FEMA and  HMGP in Idaho.

Additional information for the December storms, including funds obligated to the state, is available at www.fema.gov/disaster4252. For the latest on the severe storms that occurred Nov.17, 2015 go to www.fema.gov/disaster/4246.

State/Tribal Government or Region: 
Related Disaster: 
Thursday, 04 February 2016 00:00

BCI: Flipping the economics of attacks

​Flipping the economics of attacks

Our news channels are constantly filled with stories of large organizations that have suffered the consequence of a cyber attack, either their networks are taken down or data stolen. The reputational damage is high and the fines are sometimes astronomical. Cyber attacks on Adobe, JP Morgan and Sony were all estimated to have cost the companies in excess of $1 billion and even the Business Continuity Institute's latest Horizon Scan Report identified cyber attack as the number threat according to business continuity professionals.

The costs may not be as high as first thought however, according to new study by the Ponemon Institute carried out on behalf of Palo Alto Networks which found that the average hacker makes only $15,000 on average per attack and generates an income of less than $29,000 per year, a quarter of what a cyber security professional could make during the same period.

Flipping the economics of attacks, the result of a survey carried out among the 'attacker community', found that 72% of respondents won’t waste time on an attack that will not quickly yield high-value information, and that a similar percentage of respondents believe attackers will stop their efforts when an organization presents a strong defence. The vast majority (73%) stated that attackers hunt for easy, cheap targets.

An increase of approximately two days (40 hours) in the time required to conduct successful cyber attacks can eliminate as much as 60% of all attacks. On average, a technically proficient attacker will quit an attack and move on to another target after spending approximately a week (209 hours) without success. It takes double the amount of time (147 hours) for a technically proficient cyber attacker to plan and execute an attack against an organization with an ‘excellent’ IT security infrastructure versus 70 hours for ‘typical’ security.

Davis Hake, director of cyber security strategy at Palo Alto Networks, commented: “As computing costs have declined, so too have the costs for cyber adversaries to infiltrate an organization, contributing to the growing volume of threats and data breaches. Understanding the costs, motivations, payouts, and finding ways to flip the cost scenario will be instrumental in reducing the number of breaches we read about almost daily and restoring trust in our digital age.

Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, added: “The survey illustrates the importance of threat prevention. By adopting next-generation security technologies and a breach prevention philosophy, organizations can lower the return on investment an adversary can expect from a cyberattack by such a degree that they abandon the attack before it’s completed.

The report presents a number of recommendations including that organizations should make themselves a 'hard target'. Adopting a security posture with a breach prevention-first mindset, instead of a detection and incident response approach, can slow down cyber attacker enough for them to abandon the attack in favour of an easier target.

Thursday, 04 February 2016 00:00

FEMA to Evaluate Readiness of Virginia

PHILADELPHIA - The Department of Homeland Security’s Federal Emergency Management Agency (FEMA) will evaluate a biennial Radiological Emergency Preparedness Exercise at the North Anna Power Station. The exercise will take place during the week of February 8, 2016 to assess the ability of the Commonwealth of Virginia to respond to an emergency at the nuclear facility.

“These drills are held every other year to evaluate government’s ability to protect public health and safety,” said MaryAnn Tierney, Regional Administrator for FEMA Region III.  “We will assess state and local emergency response capabilities within the 10-mile emergency-planning zone as well as the adjacent support jurisdictions within the Commonwealth of Virginia.”

Within 90 days, FEMA will send its evaluation to the Nuclear Regulatory Commission (NRC) for use in licensing decisions.  The final report will be available to the public approximately 120 days after the exercise.

FEMA will present preliminary findings of the exercise in a public meeting at 10:00 a.m. on

February 12th, 2016 at the Four Points by Sheraton, 9901 Midlothian Turnpike, Richmond, VA 23235.  Planned speakers include representatives from FEMA, the NRC, and the Commonwealth of Virginia.

At the public meeting, FEMA may request that questions or comments be submitted in writing for review and response. Written comments may also be submitted after the meeting by emailing This email address is being protected from spambots. You need JavaScript enabled to view it. or by mail to:

MaryAnn Tierney

Regional Administrator


615 Chestnut Street, 6th Floor

Philadelphia, PA 19106

FEMA created the Radiological Emergency Preparedness (REP) Program to (1) ensure the health and safety of citizens living around commercial nuclear power plants would be adequately protected in the event of a nuclear power plant accident, and (2) inform and educate the public about radiological emergency preparedness.

REP Program responsibilities cover only “offsite” activities, that is, state and local government emergency planning and preparedness activities that take place beyond the nuclear power plant boundaries. Onsite activities continue to be the responsibility of the NRC.

Additional information on FEMA’s REP Program is available online at FEMA.gov/Radiological-Emergency-Preparedness-Program.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards. FEMA Region III’s jurisdiction includes Delaware, the District of Columbia, Maryland, Pennsylvania, Virginia and West Virginia.  Stay informed of FEMA’s activities online: videos and podcasts are available at fema.gov/medialibrary and youtube.com/fema. Follow us on Twitter at twitter.com/femaregion3.

As part of an effort to make it simpler to identify illicit activities such as fraud, Hewlett-Packard Enterprise (HPE) unfurled today a hosted service that combines archiving, compliance, software and machine learning to automatically detect patterns and anomalies in structured and unstructured data.

Robert Patrick, director of product management for Big Data Advanced Analytics at HPE, says HPE Investigative Analytics, launched at the LegalTech 2016 conference, is specifically designed to reduce the number of false positives that other approaches to compliance typically generate. In fact, Patrick notes that the rate at which those false positives are generated by legacy approaches to compliance is one of the primary reasons such offerings have not thus far been widely deployed. While the risks associated with violating compliance regulations may be high, Patrick says most organizations can’t afford the paralysis associated with tracking down every alert generated about a potential infraction.

In contrast, Patrick says HPE Investigative Analytics first combs through historical data to determine what processes and conversations represent normal business as usual. It then only flags behavior that is anomalous to patterns that have been well-defined. Patrick says the end result is an approach to mitigating risks that is much more in tune with how the business actually functions.



NEW YORK – Hewlett Packard Enterprise (NYSE: HPE) today announced the availability of HPE Investigative Analytics, a new hosted software solution that enables financial institutions and other highly regulated organizations to identify and analyze risk events and to take action to prevent them.

Financial services organizations are under more regulatory pressure than ever before.  According to a new 2015 Morgan Stanley report, global financial institutions have paid $260 billion in fines since 2009.  Regulators are now on high alert and new compliance guidelines and directives are being imposed on organizations every day. Failure to meet these regulations can result in significant material damage to the firm, in the form of multibillion-dollar fines and potential criminal prosecution.

However, meeting compliance requirements and stopping fraud is no small task for today’s global organizations. Financial institutions process billions of transactions and communications daily, producing massive volumes of information that lives in silos throughout the company. Legacy analytics software is incapable of understanding and recognizing irregularities in data that is scattered across multiple data types.



Whether you turn on your television or read your iPad, smartphone or other mobile device, the cacophony of news around us has become more confusing and unsettling.  The never-ending wars in the Middle East, cybersecurity, global market rallies and capitulation, natural disaster, corporate layoffs… you get the picture!

If you are like me, you want nothing more than a return to a quieter time when things were better!  But the truth is, the past is seldom as we remember it or something we can return to.  We filter out the bad and remember the good.  Our ability to move forward in the face of uncertainty depends on our brain’s ability to discount the negative and remain optimistic for the future.

Welcome to the new world of Asymmetric Risks!



It’s cold and flu season, joy of joys. But still, flu and all, That Guy is in the office, sneezing and coughing all over everything and everybody, sharing his germs with the whole team. Ick. Don’t be That Guy.

That Guy should be working at home, hacking and spluttering away from other people. No one wants to catch his flu or live in a full-body shroud of Purell, but due to restrictive IT policies and a dearth of secure, remote work options, he can only complete his work from the PC in his cube.



Tuesday, 02 February 2016 00:00

Three Pillars of Modern Data Center Operations

Modern enterprise data centers are some of the most technically sophisticated business activities on earth. Ironically enough, they are also often bastions of inefficiency, with equipment utilization much below ten percent and 30 percent of the servers in those facilities being comatose (using electricity but performing no useful information services). The operators of these facilities also struggle to keep pace with rapid changes in deployments of computing equipment.

These problems have led to much attention being paid to improving data center management. While almost every enterprise data center has taken steps to improve its operations, virtually all are much less efficient, much more costly, and far less flexible than they could be. Those failings ultimately prevent data centers from delivering maximum business value to the companies that own them.

Well-managed data centers use what I call the three pillars of modern data center operations: tracking, procedures, and physical principles.



Doug Cutting, chief architect at Cloudera, and Mike Olsen, the company's chief strategic officer and cofounder, were having dinner with their families at a restaurant on Jan. 28, during which Cutting blew out a candle and shared some champagne in honor of Hadoop's 10th anniversary.

Cutting developed Hadoop with Mike Cafarella as the two worked on an open source Web crawler called Nutch, a project they started together in October 2002. In January 2006, Cutting started a sub-project by carving Hadoop code from Nutch. A few months later, in March 2006, Yahoo created its first Hadoop research cluster.

In the 10 years that followed, Hadoop has evolved into an open source ecosystem for handling and analyzing Big Data. The first Apache release of Hadoop came in September 2007, and it soon became a top-level Apache project. Cloudera, the first company to commercialize Hadoop, was founded in August 2008. That might seem like a speedy timeline, but, in fact, Hadoop's evolution was neither simple nor fast.



IT organizations are quickly moving to embrace the notion of having multiple cloud computing options. The challenge now is figuring out which application workload to run where, based on the actual costs of running a workload on a specific cloud platform.

To make that simpler to ascertain, Cloud Cruiser has unfurled a version of its cloud analytics software that can now be invoked as a software-as-a-service (SaaS) application. Rather than going to the trouble of setting up an application that is not going to be used every day, Andrew Atkinson, senior director for product marketing at Cloud Cruiser, says Cloud Cruiser now makes available version 16 of its namesake application as a service.

At present, Cloud Cruiser 16 is designed to make it simpler for IT organizations to identify the true costs of deploying application workloads on Amazon Web Services, Microsoft Azure and Google Cloud Compute. Atkinson says down the road, Cloud Cruiser might add support for other clouds, but right now these three represent the lion’s share of the demand for cloud services being generated by cloud customers.



Tuesday, 02 February 2016 00:00

Beefing Up Data Center Resilience

A data center is very much like a car – it needs maintenance to run smoothly and not break down in the middle of your journey. The measurement of how vulnerable your system is to failure determines the resilience of your facility. You can increase that resilience to boost your uptime.

Data Center Resilience (or Resiliency) as described by TechTarget is defined as: “the ability of a server, network, storage system, or an entire data center, to recover quickly and continue operating even when there has been an equipment failure, power outage or other disruption.”

Here are five ways data center operators can increase the resilience of their facility – and secure smooth operations without failure – by deploying the best-of-the-breed data center infrastructure management (DCIM) solutions.



Tuesday, 02 February 2016 00:00

The Data Center as a Commodity

There is a lot of talk about the commodity data center these days, but this usually refers to the type of hardware that goes into building it.

Increasingly though, as more of the data infrastructure becomes virtualized and portable and enterprises at large gravitate toward cloud and colocation solutions, we are starting to see the data center itself treated as a commodity; that is, a thing to be bought and sold, hopefully for a profit.

Verizon Communications recently embraced this new paradigm by putting its substantial data center assets on the market for an asking price of $2.5 billion. The move is part of a broader strategy to divest itself of its landline businesses and even a good number of its wireless towers to concentrate instead on communication services. The nearly 50 data centers up for sale produce estimated annual revenue of about $275 million (minus EBITDA), and include the collection acquired from Terremark for $1.4 billion several years ago. AT&T is said to be exploring the sale of its data center assets as well.



Tuesday, 02 February 2016 00:00

Women Warned About the Zika Virus

(TNS) - Pregnant women take heed: You may want to postpone that spring break trip to Mexico or summer getaway to the Caribbean.

Health officials are advising women who are pregnant or trying to become pregnant to avoid traveling to certain parts of Mexico, Central America, South America and the Caribbean due to mosquito transmission of a virus that has been linked to a serious birth defect of the brain.

The Centers for Disease Control and Prevention issued a travel alert two weeks ago after health officials in Brazil reported links between the Zika virus and microcephaly in babies of mothers who were infected with the virus while pregnant.



(TNS) - The World Health Organization declared Monday that explosive growth of the mosquito-borne Zika virus — which has been spreading rapidly in the Americas and may be linked to birth defects — constitutes an international public health emergency, signaling an new phase in the global effort to battle the virus.

The United Nations health agency made the decision after convening an panel of experts in Geneva amid reports from Brazil linking the virus to microcephaly, a birth defect of the brain in which babies are born with abnormally small heads.

The recent “cluster” of microcephaly cases and other neurological disorders reported in Brazil followed a similar “cluster” in French Polynesia in 2014, WHO Director-General Margaret Chan said in a statement.



As our global online world evolves before our eyes, the topic of cybersecurity seems overwhelming to most people. Just as new innovative opportunities are announced daily, emerging cyberthreats can undermine online progress in virtually every area of life.

The official numbers seem daunting from the U.S. CERT regarding cyberattacks, with incident numbers rising sharply in 2015 (see chart below).


So how can we get our arms around this problem of protecting the homeland from the bad actors in cyberspace? What issues are most pressing? How is the U.S. Department of Homeland Security addressing these challenges? What partnerships and new developments are important?



A study from Harvard released Monday largely refutes claims that wider use of encryption in software products will hamper investigations into terrorism and crime.

It predicts that the continued expansion of Internet-connected devices -- such as smart TVs and vehicles, IP video cameras and more -- will offer fresh opportunities for tracking targets. 

"Law enforcement or intelligence agencies may start to seek orders compelling Samsung, Google, Mattel, Nest or vendors of other networked devices to push an update or flip a digital switch to intercept the ambient communications of a target," it said. "These are real products now."



Tuesday, 02 February 2016 00:00

Small Business Fire Damage Recovery Plans

For many small business owners, their small business is their livelihood. Any disaster that happens to hurt the company can be detrimental the owner’s finances in a huge way. One of the most common issues that many business owners face is fire damage. There are many ways in which fire can affect your business. However, there are steps that a company can take both before and after fire damage occurs to mitigate any damage that a fire may cause.

Fire Prevention
Although it seems obvious, being able to prevent fire damage from occurring is the best defense against fire. There are many things that a business can do to increase their first line against fire issues. First of all, always use the highest quality building materials possible. Many new building materials are much more fire resistant and can end up saving a lot of money. They may be more expensive to put in, but if a fire does occur they can save thousands of dollars in repairs. Also, if you are in a facility with a lot of workers, be sure to talk about the ways in which they can reduce the likelihood that a fire takes place. For instance, always dispose of any cigarette in the proper way rather than throwing it on the ground or in a trash can. These simple steps can go a long way in reducing the likelihood that a fire takes place. However, at the end of the day even if a business takes all of the necessary precautions to prevent a fire one may still occur. It is important to have a plan in place for cleanup and to have a company that you trust to handle all of the fire damage issues you may have.



Piece by piece, IBM continues to add new units to its "Strategic Imperatives" program, this time announcing the purchase of Columbus, Ohio, based Resource/Ammirati, a digital marketing/creative agency. The firm will be melded into IBM Interactive Experience (iX), Big Blue's digital agency.

The price of the acquisition was not disclosed.

Resource/Ammirati, which has about 350 associates, will be folded into IBM iX, which fields a 10,000-strong workforce spread among 25 offices globally.

While IBM iX is identified as one of the world's largest digital ad agencies, it is, in fact, a multi-tasked unit offering advice on business strategy, design, systems integration, mobile, and technological implementation, explained Paul Papas, global leader for IBM iX. "It is a holistic set of people under one roof," he said in an interview with InformationWeek.



Monday, 01 February 2016 00:00

‘Show Me the Money,’ IT Pros Say

You can have a terrific corporate culture, focus on challenging projects, and provide the means for your employees to work with great technology. But if you’re not paying IT pros what they can find elsewhere, don’t expect job candidates to accept your offer, and don’t expect the talent you do have to stick around long.

That’s the conclusion that is drawn from the results of the 2016 Talent Acquisition & Retention Survey for the Information Technology Sector recently released by Harris Allied, an executive search firm in New York. The survey of 151 IT executives found that while offering an excellent compensation and benefits package topped the list of strategies companies use to attract IT talent, having a corporate culture that provides an attractive work/life balance edged out competitive compensation to top the list of strategies companies use to retain IT talent.

The former strategy is apparently on track: The survey found that better compensation offered elsewhere was far and away the top reason candidates cited for declining a job offer. But the latter strategy apparently needs to be tweaked: The respondents said the No. 1 reason people leave is that they’re not being paid enough.



For over a decade now, IBM has been promoting the adoption of Linux on mainframes. Most recently, it extended that effort by developing versions of mainframes that come loaded only with Linux. Now IBM is looking to expand the developer ecosystem surrounding those mainframe platforms.

In addition to updating the systems that make up the IBM LinuxONE portfolio, IBM has announced that it is optimizing both its StrongLoop framework for creating application programming interfaces and the Cloudant NoSQL database that it provides as a managed service to run on IBM Linux. It also announced that it is collaborating with SUSE to leverage OpenStack to manage instances of the Linux on a mainframe and that the Go programming language developed by Google is now available on IBM Linux mainframes.

Also, Kathryn Guarini, vice president of System z Growth Initiatives, says that the Ubuntu distribution of Linux from Canonical will soon be available on the IBM LinuxONE platform.



We are only a month into 2016 and it’s already shaping up to be a big year for data breaches. Of the many organizations facing increasing threats this coming year, the presidential candidates are also likely to be attractive targets for attacks. Recent cyberattacks targeting information from Hillary Clinton and Donald Trump are an indicator of how the threat landscape is changing with hacktivism making a comeback.

Beyond the candidates, companies also face hacktivism and several other new data breach threats in the coming year. While traditional threats will continue to make headlines, there are several emerging issues that need to be addressed in data breach preparedness plans. To help risk managers prepare for what lies ahead, outlined below are our top trends anticipated in 2016.



Up to 96% of customer contact data is partially inaccurate, according to the Sales and Marketing Institute and D&B. This is a shocking statistic. If you run a business, this figure alone should have you leaping from your seat in panic.

Can your data really be in that bad a state?

The short answer is yes. Over time, data decays at 2%, per month. So your database is never static; it is constantly degrading. Your customers are constantly changing job roles, phone numbers and email addresses. Your business is occasionally adding duplicates, spelling things wrong, and introducing bad data to the database. This situation is costing you money and time, and it’s a needless waste of resources.

It sounds obvious enough when written in black and white, but it’s alarming how many businesses are sitting back and doing nothing about it.



If it seems like businesses are fighting a losing battle against malware and other security threats, it could be because they are.

A new study conducted by ThreatTrack Security found that security professionals are losing ground in the battle against cybercriminals and other adversaries compared with a similar study conducted two years ago:

The study found organizations still struggle mightily with how to combat cybercrime, despite lessons learned from spectacular cyberattacks on Target, Sony and the U.S. government in the last couple of years. There seems to be a growing sense of realism regarding the difficulties of fighting cybercrime, and it’s clear that analyzing advanced malware still takes too long. For most companies, it takes anywhere from one to 24 hours, despite the availability of tools that enable them to analyze code and malicious behavior in minutes.

According to the study, only 20 percent of respondents to the study said they feel their security defenses have improved since the last study (that’s compared to nearly 40 percent who saw improvement two years ago).



Monday, 01 February 2016 00:00

The strategic value of resilience

When I started this series of blog posts about the future of resilience, I wanted to address its potential to add value by bridging the divide between risk management and performance improvement. My first resilience blog post introduced the topic and defined organizational resilience. This is the forth and final blog post in this series, which focuses on its strategic value.
If organizational resilience is to earn its place on the board’s agenda, it must demonstrate value in terms that the board understands and recognises as strategically important. Otherwise, Resilience Managers will find themselves, like Harry Potter and the Business Continuity Managers I described in my People Resilience post, consigned to the cupboard under the stairs only to be summoned in case of emergency. Resilience becomes strategically important when it demonstrably enables and facilitates achievement of the organization’s Strategic Objectives. Referring to the diagram above, the first step to operationalise resilience in The Organization Today and then embed resilience into the organization’s strategic Transformative Programmes that will deliver The Desired Future State. 
So how does this work in practice?

Sickweather, a disease surveillance company based in Baltimore, has made its illness data available to developers so they can create apps that present disease forecasts and outbreak maps. The company's Sickweather mobile app is already available for iTunes and Android users, touting itself as a Doppler radar for sickness.

In a phone interview, CEO Graham Dodge suggested that disease forecasts could become common conversational fodder alongside weather forecasts, thanks to social media, the source of the company's illness data. Already, AccuWeather has incorporated disease forecasts into its StoryTeller content platform. Meanwhile, Johnson & Johnson and thermometer-maker Swaive are using the company's data in their respective mobile apps.

Through Sickweather's API, developers can fetch JSON-formatted data about illness reports at specific map coordinates, disease forecasts for a given area, and contagion threat level scores for leading sources of illness. The API can also receive illness reports from developers' apps.



By now you’ve surely heard that moving forward, every company will be a software company, and that shift is happening now as companies large and small scramble to transform into digitally-driven organizations.

Wherever you turn, businesses are facing tremendous disruptive pressure. What’s interesting is that the theory about how firms should be dealing with this massive change is itself in flux, transforming if you will, as organizations come to grips with the idea that the most basic ways they do business are being called into question.

Just over a year ago when I researched this topic, I found that the general method for dealing with disruption was developing pockets of innovation inside a company using labs or incubators to prime the innovation pump. Today, when I explore the same issues, I’m finding that companies are taking a much more comprehensive approach that has to do with reviewing every department and business process in the organization.



There are one million cybersecurity job openings in 2016. Where are all of those jobs? This week we take a look at the cybersecurity job boom in the U.S. government sector.

The Office of Personnel Management (OPM) suffered the largest cyber attack over the past year, resulting in the theft of contact records on more than twenty million people including those who applied for government security clearances and went through background checks, and nearly two million spouses and domestic partners of those applicants. As the OPM hack news unraveled, it got worse — revealing that hackers stole the digital fingerprints of more than five million people employed by the U.S. federal government… the same fingerprints that are sometimes used for access to so-called locked down buildings and computers.

OPM recently announced it is hiring 1,000 new cybersecurity professionals, which have been approved by the U.S. Department of Homeland Security (DHS). Federal News Radio recently listed the duties the new cyber hires will carry out – which includes cyber risk and strategic analysis, incident handling and malware/vulnerability analysis, program management, distributed control systems security, cyber incident response, cyber exercise facilitation and management, cyber vulnerability detection and assessment, network and systems engineering, enterprise architecture, intelligence analysis, investigation, investigative analysis and cyber-related infrastructure interdependency analysis.



JEFFERSON CITY, Mo. – Missouri homeowners, renters and business owners are eligible and encouraged to purchase National Flood Insurance Program (NFIP) policies even if their home or business isn’t located in a flood plain or high-risk zone.

The NFIP aims to reduce the impact of flooding on private and public structures. It does so by providing affordable flood insurance and encouraging communities to adopt and enforce floodplain management regulations.

NFIP insurance is available to homeowners, renters, condo owners/renters, and commercial owners/renters. But in order to purchase a policy the residence or business must in a community that participates in the NFIP. Missouri communities in the program are listed here — http://www.fema.gov/cis/MO.html. Other communities can request to be added if they meet certain criteria.

More than 70 private insurance agents or agencies in Missouri are certified to sell and service NFIP policies, including all of those listed on this link — http://www.fema.gov/wyo_company

Residents can also contact their own insurance agent or company to find out more about federal flood insurance or find an agent serving their area by filling out the One-Step Flood Risk Profile on the FloodSmart.gov home page (www.floodsmart.gov).

Costs vary depending on how much insurance is purchased, what is covered and the property's level of flood risk. Those in moderate- to low-risk areas can purchase a special Preferred Risk Policy (PRP) that provides building and contents coverage for one low-price. Typically, there's a 30-day waiting period from date of purchase before your policy goes into effect.

Why is an NFIP policy necessary if federal aid is available after a flood? Federal disaster assistance typically comes in the form of small grants or low-interest loans to help cover flood damage, not to fully compensate for losses. Even then, those grants and loans are only available if the president formally declares a disaster. NFIP policies are not dependent on a federal disaster declaration.

Flooding occurs in moderate- to low-risk areas as well as in high-risk areas due to factors like poor drainage systems, rapid accumulation of rainfall, snowmelt, and broken water mains. In addition to floods, NFIP policies also cover damage from mudflows. In fact, over 20-percent of all flood insurance claims come from areas outside of mapped high-risk flood zones.

NFIP policyholders who have questions about their flood insurance policy or the claims process, as well as disaster survivors who have general questions about the program, can contact the support hotline by calling toll-free 800-621-3362. For individuals who are deaf, hard of hearing or have a speech disability using 711 or VRS, please call 866-337-4262. For individuals using a TTY, please call 800-462-7585.


Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status.  If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). For TTY call 800-462-7585.

FEMA’s mission is to support our citizens and first responders and ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

For real-time disaster updates, follow us on Twitter at https://twitter.com/femaregion7 and turn on mobile notifications.

State/Tribal Government or Region: 

When you’re trying to determine your IT DRP strategy, you can have many options open to you and you can’t just dismiss them without good reason.  Identify the pros and cons of each solution and document them so you can see which option is best for you – or at least the top 3 solutions that work best for you and have the best bang for your buck. 

When you have met with the various vendors or partners – this means meeting with internal and external sources depending on the solution, and determined everything from resources needed (physical and financial) and the details of each option (documented), it’s then time to take it up the ladders.  You don’t just make the decisions on your own or with a small group of people; you’ve got to get approval from Senior Leadership, as ultimately, they are the ones who’ll be paying for everything.  They need to understand the how’s and why’s of doing what you propose so they can make the right decision based on need.  Remember, they might have other plans in the works that you aren’t privy too – yet – and might need to discuss amongst themselves and some of their team members which option is best based on information you may not have at your disposal.



The annual addresses delivered by governors around the country underscored policy priorities that routinely top the lists of state chief executives — education, economic vitality, health care and transportation. And while state-to-state differences are evident, what also comes through is that many elected leaders now see technology as an important tool that helps meet their policy objectives. And many of them are talking about it.

Data-Driven Dialog

The most viable solutions come from well-informed policymakers. This year’s speeches revealed that data-driven government is catching on. Many governors, including New Mexico’s Susana Martinez, talked about the role of data in powering more effective education policies. Martinez touted the role of data in reducing truancy and setting students on a path to success, while Washington Gov. Jay Inslee noted its importance in tackling the issue of gun violence. New Jersey Gov. Chris Christie spotlighted data analysis that found that more than 86 percent of the state’s costliest Medicaid users suffer from mental illness and/or substance abuse. That finding is fueling improvements to treatment options that can also help lower costs. 



Monday, 01 February 2016 00:00

Marsh launches new cyber risk facility

Insurance broker Marsh has launched a new global excess cyber risk facility, Cyber ECHO, which provides insurance coverage for organisations globally.

Following a series of high-profile cyber losses, underwriters have become more selective, according to Marsh, and in some cases are reducing the amount of capital they are willing to deploy on certain risks – especially those involving health care and payment card data.

This is particularly acute in the excess cyber market, where rates have more than doubled in the US over the last 12 months, said the firm.

“Cyber ECHO brings greater stability to the excess market with up to $50 million in ‘follow form’ coverage for clients of any industry sector and risk profile around the world,” said Marsh.



What if you were able to give everyone in your organization the flexibility and freedom to securely work anywhere in the world and on any device? What types of productivity gains would your company see as a result? What efficiencies or cost savings might your IT department receive from moving desktops to your datacenter and managing these virtual workstations through one single pane of glass?


Our Cisco UCS team is excited to present the new Maxwell generation NVIDIA Tesla M6 GPU for the Cisco UCS B200M4 Blade and the NVIDIA Tesla M60 GPU for Cisco 2U Rack Rack Servers. Cisco and NVIDIA have joined forces to deliver this new graphics solution.  Combining security, reliability and manageability from Cisco UCS and adding NVIDIA’s GRID technology, we’re able to deliver performance and speed needed to run high-end applications on virtual desktops. What’s better is that you have two form factor options to fit your organization’s’ data center footprint.



OXFORD, Miss. – Home and business owners looking for information on how to rebuild safer and stronger following the destructive December storms will find help this weekend at Lowe’s in Batesville.

Mitigation specialists from the Federal Emergency Management Agency will be at Lowe’s on Highway 6 East in Batesville this Saturday from 10 a.m. to 3 p.m. and on Sunday from 8 a.m. to 4 p.m.

The specialists will answer questions and offer advice on ways to repair or rebuild homes so they are more storm resistant. Free printed materials with additional information will also be available.

The FEMA specialists can also offer advice on dealing with contractors, in particular on how to avoid being scammed. The specialists will provide handouts on selecting and working with contractors.

Anyone interested is welcome whether or not they are receiving financial disaster assistance from FEMA.

For the latest information on Mississippi disaster recovery operations, visit msema.org and fema.gov/disaster/4248.


FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

State/Tribal Government or Region: 
Monday, 01 February 2016 00:00

Data Center Power Outage Brings Down GitHub

GitHub, the most popular online repository for open source code and hosting services, went down for two hours Thursday due to a power outage in its primary data center.

“A brief power disruption at our primary data center caused a cascading failure that impacted several services critical to GitHub.com’s operation,” Sam Lambert, GitHub’s director of systems, wrote in a status update on the company’s blog Friday morning. “While we worked to recover service, GitHub.com was unavailable for two hours and six minutes.”

Utility power outages do not bring down data centers in most cases, since these facilities are designed with UPS units, backup generators, and transfer systems that fail over to the generators automatically. When they do happen, power-related data center outages are caused by failure of those backup systems.



Monday, 01 February 2016 00:00

A New and Divergent SAN Market

New data has just come out on the Storage Area Network (SAN) market, and while the news is good, it nonetheless points to a sector in turmoil as the enterprise tries to figure out how to shift its storage footprint for the cloud and mobile era.

Technavio Research put the compound annual growth rate (CAGR) for SAN solutions at a healthy 22 percent for the remainder of the decade, the result of strong demand for improved storage utilization, greater flexibility and the need to ramp up performance for highly dynamic workloads. It is important to note that the SAN of today is very different from just a few years ago, when disk-based solutions dominated the market. These days, flash-based systems are gaining in popularity both in the enterprise and in the cloud, as are completely new iterations such as server-side SANs and fully virtualized platforms.



(TNS) - Georgia will almost certainly see cases of the Zika virus, health officials said Thursday. And experts warned the state may have a higher risk of the illness spreading due to its mild weather and busy airport.

Georgia currently has no documented case of the mosquito-transmitted virus, which presents little danger to most people but has been linked to thousands of birth defects in Brazil. Concern over the virus has been escalating as the cases, spreading rapidly through Latin America and the Caribbean, have made their way to the U.S.

The Atlanta-based Centers for Disease Control and Prevention is currently testing specimens from several Georgia residents with travel history to the affected areas.

Currently, there are some 31 confirmed cases in 11 states around the country.



(TNS) - On Wednesday, a year after the fire that turned their lives upside down, Fernando Bueno and Araceli Espinoza of Thalia’s Jewelry returned from an overnight trip to Los Angeles. Instead of gold bracelets and glittery earrings, their normal stock in trade, the jewelers’ truck was filled with stuffed bears they hope to sell on Valentine’s Day.

On Jan. 28, 2015, an inferno at 22nd and Mission streets destroyed the three-story building that housed Thalia’s Jewelry. One person was killed, more than 50 residents were left homeless and 33 businesses were shuttered. The fire also scattered a bustling commercial hub, leaving business owners like Bueno and Espinoza scrambling for ways to keep their businesses afloat.

Almost half of the enterprises have reopened in new locations; others have found themselves priced out of the neighborhood. City representatives say, too, that the fire has changed the way it plans to respond to disasters in the future.



(TNS) - The man in the eye of controversy in Allentown contends he made the right decision to force roughly 40 homeless people into a driving snowstorm, but he's anxious to devise a plan that can prevent him from doing it again.

Jack Felch Jr., executive director of the Lehigh Conference of Churches, said he plans to meet with city officials and homeless advocates to map out a plan to make sure the homeless aren't forced into dangerous weather such as the 30 mph winds and single-digit wind chills of last weekend.

But he's adamant that the answer is not letting people hunker down at the warming station on Martin Luther King Jr. Drive, where the homeless are allowed to take shelter from the cold from 5 p.m. to 7:30 a.m.



Monday, 01 February 2016 00:00

Attention MSPs: SMBs Need Your Help

We all know you must first recognize that a problem exists before you can solve it. This principle is particularly relevant when it comes to meeting the challenges of cybersecurity. We’re happy to note that the results of Webroot’s 2015 SMB Threat Report reflect growing concern by small and midsize businesses about potential weaknesses and vulnerabilities in their security strategies.

This candid self-awareness represents a marked change for many SMBs, who in the past downplayed security threats simply because they thought that “it won’t happen to me.” These SMBs believed they were too small for hackers to target, or that they had little of value to tempt cybercriminals. But, in today’s world, the automation, commoditization and low upfront costs of becoming a professional cybercriminal are such that it requires only minimal skill to set up a cybercrime business and start trawling the Internet for victims.

Not surprisingly, under-protected and under-funded SMBs make for attractive targets to these criminals. The good news is that many SMBs are waking up to the very real threats they now face, and to the fact that they are ill-equipped to handle those threats with their in-house IT resources.



For some organizations, conducting regular disaster preparedness exercises comes with the territory.  If you work with chemicals, in a manufacturing facility, or in an industry where your main function is to protect people and property, you’re probably well-versed in why preparation matters.  For many organizations, however, the potential dangers are not as obvious and safety exercises are relegated to the mandatory annual fire drill.  This approach may be setting your organization and your people up for real trouble. 

Why you should be doing more disaster preparedness exercises:



This month, we focus on data center design. We’ll look into design best practices, examine in depth some of the most interesting recent design trends, explore new ideas, and talk with leading data center design experts.


After years of designing data centers for customers around Europe, Theo Arendzen and his colleagues realized that no matter how much customization a customer wanted, the fundamental data center design elements just didn’t vary that much from one facility to another.

“Most of the topology is based on the same design principles,” he says. “You always come to a more or less standardized solution.”

Until about six years ago, ICTroom, the Netherlands-based company where Arendzen oversees engineering and design, built data centers within existing buildings. But when it started receiving its first orders for greenfield developments, the engineers started working on the idea of standardization and modularity.



For many years, OHSA regulations continue to assisted organizations worldwide in recognizing the need to control and improve health and safety performance for their workers.

Often that objective has been achieved by incorporating and implementing so called occupational health and safety management systems (OHSMS).

Very soon the final ISO 45001 standard will assist that process.

JEFFERSON CITY, Mo. – After the severe storms and flooding that occurred in Missouri between December 23, 2015 and January 9, 2016, residents in the 33 declared counties became eligible for federal assistance. People who suffered losses and damage in the wake of the disaster are urged to seek help from the Federal Emergency Management Agency (FEMA).

The eligible counties are Barry, Barton, Camden, Cape Girardeau, Cole, Crawford, Franklin, Gasconade, Greene, Hickory, Jasper, Jefferson, Laclede, Lawrence, Lincoln, Maries, McDonald, Morgan, Newton, Osage, Phelps, Polk, Pulaski, Scott, St. Charles, St. Francois, St. Louis, Ste. Genevieve, Stone, Taney, Texas, Webster and Wright.

There are many misconceptions about getting help from FEMA. Often, people who would qualify for assistance miss out on assistance because they don’t have access to correct information.

Commonly asked questions about disaster aid from FEMA:

Q: Who should apply for federal disaster assistance?
A: Missouri homeowners and renters in disaster-designated counties who sustained damage to their homes, vehicles or personal property as a result of the severe storms and flooding from December 23, 2015 through January 9, 2016 can apply for FEMA grants.

Q: How do I apply?
A: Residents who were affected can apply for assistance online at www.DisasterAssistance.gov or call 800-621-3362 or (TTY) 800-462-7585, 7 a.m. to 10 p.m. seven days a week.  Those who use 711-Relay or Video Relay Services can call 800-621-3362. The application deadline is March 21.

Q: What kinds of FEMA grants are available?
A: Disaster assistance may include grants to help pay for temporary housing, emergency home repairs, uninsured and underinsured personal property losses and medical, dental and funeral expenses caused by the disaster, along with other serious disaster-related expenses.

Q: What happens after I register?
A: You will receive a phone call from a FEMA inspector to arrange for a survey of the damages. This will come just days after you register. All FEMA inspectors will have official identification. They do not approve or deny claims or requests; those come after the inspection results are submitted. FEMA inspectors do not ask for money and do not recommend contractors to make repairs.

Q.  I’ve already cleaned up and made repairs to my property.  Am I still eligible to register with FEMA?
A.  Yes. You may be eligible for reimbursement of your clean-up and repair expenses. Before and after photos of the damaged property can help expedite your application for assistance.

Q: Does my income need to be under a certain dollar amount to qualify for disaster aid?
A: FEMA’s Housing Assistance program is available, regardless of income, to anyone who suffered damages or losses in disaster-declared counties. However, aid for other losses such as personal property, vehicle repair or replacement, and moving and storage expenses is income-dependent and officials make decisions on a case-by-case basis. To be considered for a grant for these types of losses, the applicant must complete an application for an SBA loan.  

Q.  I have flood insurance.  Should I still register with FEMA?
A.  Yes.  But please contact your insurance company first.

Q: Does the Small Business Administration (SBA) offer loans to homeowners and renters?
A: Yes. The SBA is the primary source of financial assistance following a disaster and provides low-interest disaster loans to homeowners and renters.

Q: Do I have to be turned down by my bank before I can apply for a disaster loan?
A: No. The SBA has its own criteria for determining each loan applicant’s eligibility.

Q: If I rent an apartment, can I get help to replace my damaged personal property?
A: Yes. Renters may qualify for a FEMA grant. Renters may also qualify for SBA disaster loans.

Q: Will FEMA pay for all home repairs or contract work?
A: No. FEMA does not pay to return your home to its pre-disaster condition. FEMA provides grants to qualified homeowners to repair damage not covered by insurance, but these grants may not pay for all the damage. However, an SBA disaster loan may return a home to its pre-disaster condition.

Q: Do I have to repay money I receive for disaster relief?
A: No. You do not have to repay grant money, however SBA disaster loans must be repaid.

Q: Do I have to be a legal U.S. resident to receive Individual Assistance?
No. If you have a child living at home who is a U.S. citizen or a qualified alien, you may apply for Individual Assistance on that child’s behalf and you may be eligible to receive Individual Assistance. FEMA may provide undocumented, eligible immigrants with short-term, non-cash emergency aid.

Q: How can I check the status of my case?
A: You may go online to www.DisasterAssistance.gov or call the toll-free FEMA Helpline at 800-621-3362 (FEMA) or (TTY) 1-800-462-7585. If you need face-to-face assistance, visit a Disaster Recovery Center (DRC) or speak with someone from one of FEMA’s Disaster Survivor Assistance (DSA) teams currently going door-to-door in Missouri’s disaster-declared counties. All DRCs are accessible and equipped with tools to accommodate disaster survivors who need disability related communication aids.


Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status.  If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). For TTY call 800-462-7585.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Follow us on Twitter at https://twitter.com/femaregion7.

The SBA is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. SBA helps businesses of all sizes, private non-profit organizations, homeowners and renters fund repairs or rebuilding efforts and cover the cost of replacing lost or disaster-damaged personal property. These disaster loans cover losses not fully compensated by insurance or other recoveries and do not duplicate benefits of other agencies or organizations. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing This email address is being protected from spambots. You need JavaScript enabled to view it., or visiting SBA’s website at www.sba.gov/disaster. Deaf and hard-of-hearing individuals may call 800-877-8339.

State/Tribal Government or Region: 

Over the last few years, the most important buzzword for MSPs has been “cloud.” However, if you asked 10 vendors what the cloud is, you may get 10 different answers. Many SMBs are super-confused about what the cloud means and how it can help them. In fact, in many cases they “only know it when they see it.” Providing practical solutions using cloud technologies is the best way to help your customers overcome some of the inherent fear of putting their technology in the cloud.

Before we try to help define what makes a service cloudy, we need to acknowledge that there is a huge opportunity for those MSPs who are getting involved. Both the types of services coming to the market and the number of users for these services are growing at a rapid rate. In particular, we at Acronis have seen a massive shift in customer behavior when offering cloud backup and cloud disaster recovery services. No longer are SMBs happy to backup only to a tape drive for offsite storage when they can get a service, more cheaply, in the cloud.



From snow and rain on the East Coast and across the Central Plains to the wild El Niño weather patterns out West, people all over the United States are bracing for what could be a tough winter. For businesses, especially, the winter months can be difficult. Hazardous road conditions make it hard to get to and from work, snow and ice can damage power lines and bring down technology infrastructure, and cold weather can lead to burst pipes and flooding, causing businesses to close for indefinite periods of time.

For MSPs or IT solution providers, now is a great time to check in with your customers and prospects in winter storm-prone areas. Start by asking them if they have any specific concerns about how the weather will affect their operations, and answer any questions that they may have. Be sure to let them know that you’re watching their backups closely and tracking all winter storm warnings. Having this conversation emphasizes the value you are bringing to the table. 

Hopefully, your customers have business continuity and disaster recovery (BCDR) plans in place. If they don’t, one of the areas where you can add strategic value, build recurring revenue streams, and drive profitability is by helping them put processes in place that safeguard their critical business data and infrastructure from winter storms. The same goes for prospects. When timed well, BCDR is a great “in” for new and incremental business.



The rate of change is accelerating in IT. The need to provide your enterprise with a competitive advantage and to leverage new technologies is driving the need for rapid change and constant improvement. IT organizations must deliver new business services consisting of new and enhanced applications faster while ensuring SLAs. This environment of frequent and rapid change is what analysts refer to as Mode 2. It requires adopting business practices where development and IT operations work more closely together and more processes are automated. These forces are driving the growing requirement for DevOps and composable infrastructure.

After watching the videos and reading the press reports from the recent HPE Synergy announcement, you’d think that transitioning to a DevOps and implementing composable infrastructure just requires purchasing the new hardware and launching HPE OneView. Some good marketing, but DevOps is a methodology, not a system. It is an ongoing journey of continuous improvement as well as continuous delivery. Adapting to a faster rate of change requires enhancing processes, better communication and tighter integration of tools as well as some new technology.

You can embrace the speed of change while minimizing the disruption and risk. We’ve developed a new brief that explains how you can make the transition to DevOps and composable infrastructure easier using your existing UCS systems, UCS management software and operations management tools.



In today’s world of virtualization and public and private clouds, there are more options than ever for infrastructure and operations teams. On the one hand, this degree of flexibility and choice gives IT professionals many more tools with which to build networks and address challenges. On the other hand, it can also lead to confusion with respect to when and where to use these options to best effect. While not definitive, the following tips – gleaned from real-world customer interactions – provide a starting point for understanding the pros and cons of five common traditional and virtual deployment models.


Traditional Bare Metal

Bare metal servers in enterprise owned and operated data centers have been around forever. While they no longer dominate the market, they remain a go-to-solution for business-critical applications that operate on a long-term time horizon, support a large volume of traffic and need a high degree of performance to ensure specified service level agreements (SLAs). Like any solution that is enterprise owned and operated, traditional bare-metal servers afford a greater degree of control and security, characteristics that lend well to environments where compliance is a key consideration.



(TNS) - The mosquito-borne Zika virus may infect up to 4 million people, the World Health Organization said, as the agency convened to decide if the outbreak should be declared an international health emergency.

Dr. Margaret Chan, WHO director-general, said in a statement on Thursday that the level of alarm was "extremely high".

"Last year, the virus was detected in the Americas, where it is now spreading explosively. As of today, cases have been reported in 23 countries and territories in the region," Chan said.



(TNS) - As tornado warning alerts pinged the cellphones of police and fire officials during a disaster information management class at a Deerfield Beach fire station, meteorologist Brad Huffines said he was shocked that drivers on Interstate 95 didn't stop and seek shelter Wednesday.

"As a meteorologist and someone who works in public notification, my biggest concern is we were under an active tornado warning and I was seeing traffic on I-95 continue as usual," said Huffines.

He works for the Federal Emergency Management Agency and was teaching public information officers from around Florida about releasing information during emergencies. "If [the motorists] had a newer smartphone, virtually all of them got the warning," he said.



Today is National Data Privacy Day. I swear, we have days for just about everything – January 28 is also National Kazoo Day and National Blueberry Pancake Day – but a day to focus on data privacy makes a lot of sense. There are a lot of dangers that could cause a lot of harm to your company’s data and your customers.

The National Cyber Security Alliance (NCSA) explained why focusing on and understanding data privacy is so important:

… 74 percent of Americans feel that it is not easy to understand how their personal information is being used by reading the privacy statements or policies on websites and apps, which ultimately prevents them from taking steps to protect their personal information.



About 50% of businesses that suffer from a major IT disaster without a disaster recovery plan in place never reopen for business, according to a recent American Marketing Association report. In fact, the Ponemon Institute estimates the cost of downtime to be $7,900 per minute and rising.

Disaster recovery plans using multiple, interconnected data centers can ensure your company has the operational redundancy to provide uninterrupted uptime in the event of man-made or natural disaster. More and more companies are choosing to offload IT production activities and data back-up initiatives to CyrusOne data centers.

Leverage the National Internet Exchange (IX) interconnection platform to implement a multi-site site failover strategy across geographic regions. CyrusOne also provides work area recovery space for your team in alternate locations on the same platform.



Many organizations think that effective business continuity planning is synonymous with great plan documentation.

It’s not.

Yes, plan documentation is extremely important. BUT… many organizations fail to recognize that effective business continuity plans – and truly prepared and resilient organizations – are the result of a larger business continuity planning lifecycle that begins with requirements setting and ends with practice (and of course, the process recycles on a continuous basis).

Bottom line – plans are just one key ingredient in the development of an effective business continuity program.



Connectivity is totally changing the way in which fleets operate. Real-time visibility on the likes of assets and remote equipment, wireless engine software revisions, instantaneous customer-service feedback, dynamic routing and scheduling is having a fundamental impact on how organizations drive efficiencies and deliver compelling customer experiences. And this is just the tip of the iceberg for what connectivity can bring.

At the centre of all this is the need to harness the data being created. Those embracing the power of data are gaining a competitive edge – they join the thousands of other fleets around the globe that are mining it for intel that will boost the bottom line of their business.

The challenge created by connectivity is no longer implementation of hardware and software that suits your fleet. Intuitive, platform-based approaches have made choosing, fitting and onboarding telematics and connected business intelligence systems easy.



If you’re not thinking about expanding your security services, you should be. At least, that’s the news from Kaseya’s 5th Annual Global MSP Pricing Survey*.  

"Heightened security risks" is the top IT problem or service need MSP respondents expect their clients to face in 2016. And it won by a mile, selected by more than a quarter of all respondents and receiving 40% more votes than the second-highest selection. This result isn’t a surprise given the unremitting flow of news on breaches and hacks.



Thursday, 28 January 2016 00:00

Data Center Colocation in 2016: What to Expect

Edge data center users and companies with Internet of Things applications may breathe new life into secondary data center colocation markets in 2016. However, when it comes to large-footprint deployments, it appears 2016 will unfold in a similar manner to last year.

That’s according to Bo Bond, a managing director at the commercial real estate firm Jones Lang LaSalle. JLL recently released its Winter 2016 North America Data Center Perspective report, which examines the leasing activity and sale-leasebacks by data center providers.



Inconsistent understanding of organizational resilience

Two thirds (64%) of CEOs admit that the concept of organizational resilience is inconsistently understood across their business, despite 70% believing it to be vital to the long-term viability of their operation. This is according to research commissioned by BSI.

Encouragingly 28% of CEOs are confident they secure an advantage in the market from organizational resilience, almost half (49%) claiming it enhances their company’s reputation and 39% suggesting it has improved their organization’s competitiveness through quicker and better targeted responses to opportunities. The research also found that North American firms are more than twice as likely as European firms to have boosted the quality of their products and services through organizational resilience, something that is most commonly held back by short-term financial thinking, a lack of skills and a failure to focus on the management of resilience.

Howard Kerr, Chief Executive of BSI commented: “CEOs may become so risk averse that they’re not only missing out on opportunities, but potentially undermining the long-term resilience of their organizations. Leaders need to have confidence in the ability of their team to remain agile and adaptive, while maintaining robust processes in the face of uncertainty. Ultimately today’s challenging conditions offer an opportunity to forge stronger team dynamics and delivery.

Worldwide more than half of CEOs (52%) attributed failures in organizational resilience to a lack of skills amongst their workforce. In a signal as to the importance of the issue, more than half (57%) of CEOs take personal responsibility for driving organizational resilience across their business. Just a quarter (25%) entrusted responsibility to colleagues below C-level in their seniority.

Kerr concluded: “Change must be led from the top. Organizations can be surprisingly naive, ignoring advice and best practice until they experience a setback themselves. CEO resignations aren’t just token sacrifices; they are a symptom of a wider malaise. Adapting and coping with change is a team effort, based on a culture of excellence across people, products and processes. True leaders recognize that Organizational Resilience is a strategic imperative across the whole business.

Revelations of government snooping and pressure on cloud providers to provide customer data to authorities have led to new developments in the way encryption is applied. The problem came about because the providers did the encryption of the data, but also held the encryption keys. That meant that customer data was protected from everyone else, except from the provider itself. Of course, the option for customers to encrypt their data before sending it to the cloud for storage has always existed, but makes it more difficult to use the data for cloud-based applications. A recent twist to the encryption saga is BYOE, also known as BYOK (Bring Your Own Key). How well does this answer concerns about data privacy in the cloud?



OXFORD, Miss. – Home and business owners looking for information on how to rebuild safer and stronger following the destructive December storms will find help this week at local hardware stores in Ashland and Holly Springs.

Mitigation specialists from the Federal Emergency Management Agency will be at the Ashland Hardware store at 15800 Boundary Drive this Thursday and Friday from 9 a.m. to 6 p.m. and on Saturday from 10 a.m. to 3 p.m. They will be in Holly Springs at the Booker Hardware store at 119 South Market St. this Friday, 10 a.m. to 3 p.m. and Saturday from 10 a.m. to noon.

The specialists will answer questions and offer advice on ways to repair or rebuild homes so they are more storm resistant. Free printed materials with additional information will also be available.

The FEMA specialists can also offer advice on dealing with contractors, in particular on how to avoid being scammed. The specialists will provide handouts on selecting and working with contractors.

Anyone interested is welcome whether or not they are receiving financial disaster assistance from FEMA.

For the latest information on Mississippi disaster recovery operations, visit msema.org and fema.gov/disaster/4248.


FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

State/Tribal Government or Region: 
Thursday, 28 January 2016 00:00

Walmart Open Sources Cloud Management Platform

Walmart became the latest major business to embrace the open source cloud this week with the release on GitHub of OneOps, the company’s formerly closed-source cloud management and application lifecycle platform.

OneOps is a platform for building and launching cloud-based applications across varied and changing environments. It offers a way to deploy apps on different providers’ platforms, from Microsoft Azure, Rackspace and CenturyLink public clouds to private or hybrid environments built using OpenStack.

The main selling point of OneOps for businesses is that it lets organizations switch between different providers easily to take advantage of changes in pricing, features and scalability. Meanwhile, for developers, it makes it easier to build and deploy cloud apps in a vendor-agnostic way.



Thursday, 28 January 2016 00:00

Why Mobile Apps Are Not Getting More Secure

Last month, Veracode released a supplement to its 2015 security report that focused on application development. The report showed that four of five applications written in PHP, Classic ASP and ColdFusion failed at least one of The Open Web Application Security Project (OWASP) Top Ten, a list of security benchmark best practices. Put more simply, the research suggests that applications – many of them mobile – are awash in vulnerabilities.

The research found that one scripting language is riskier than two other common approaches.  “In the side-by-side comparison of programming languages, we found that PHP was far more vulnerable to the issues of cross-site scripting and SQL injection than Java and .NET,” Chris Wysopal, Veracode’s co-founder, CTO and CISO says.

The intricacies of which scripting languages are more vulnerable than others is very important to developers and security professionals. For others, however, the question is a bit simpler: Is there an epidemic of insecure applications running on the mobile devices, many of which handle corporate communications and data?



Colocation solutions are providing IT leaders with yet another way to streamline operations at the workplace. As more businesses aim to expand their ability to handle growing data and applications capacity, colocation has become the standard alternative to in-house data center investments.

Colocation providers help companies develop system architectures to support high density data center footprints associated with virtualization and consolidation efforts. If using an in-house data center, such activities often lead to significant heat generation and can necessitate significant investments in cooling infrastructure.

Data center colocation can also pay dividends by enabling organizations to mix and match facilities across one national platform. An interconnected multi-facility solution is ideal for providing the critical disaster recovery options.

Colocation solutions are providing IT leaders with an efficient way to streamline operations at the workplace. Read more in this Insights Blog >

The community can be law enforcement’s biggest resource when searching for suspects or gathering information. Agencies are able to leverage the eyes and ears of their residents when an emergency happens and more information is needed. But often citizens are not quick to report crimes or share information. They may be scared or possibly guilty of being involved in a situation. How do we remove the aspect of fear to utilize such a great resource when it comes to solving crimes and finding wanted suspects?

Anonymity is key to giving the community a safe place to share their information. In Texas, over 1.4 million anonymous tips have been submitted which resulted in 200,000 arrests and $1.4 billion of recovered property and narcotics since 1981[1]. Nixle Tip Watch allows residents to text information to law enforcement-anonymously. The Oakland Police Department was the one of the first city to adopt the anonymous tipping function with Nixle. As a current Nixle user, they needed to take another step towards “fuller and more protected citizen participation.[2]



Data center migrations aren’t something most people do every day. They’re typically a once-in-a-career event — twice if you’re lucky (or unlucky, depending on how you look at it). No matter which camp you’re in, moving networks, servers, data and applications from one location to another tends to elicit a string of four-letter words.

Slow. Pain. Ouch. Nope. (Not the words you were thinking?)

This is for good reason.

In helping hundreds of companies migrate everything from single applications to full data centers, we’ve identified seven common mistakes people make during data center migrations, and more importantly, how to avoid them.



EMC CEO Joe Tucci, responding to an analyst’s question on this morning’s earnings call about the status of the Dell deal, let it be known in no uncertain terms that the deal is going forward as planned.

Responding to a question (which starts at around the 39 minute mark) from Maynard Um of Wells Fargo, Tucci admitted that there has been a lot of noise about possible pitfalls in this deal, but he insisted the reports of problems have been largely based on bad information.

“This is a really big deal. And there is a lot of noise in the system. And there are a lot of people with lots of opinions. And a lot of them are not based on a lot of facts. As we are doing this, there’s a tremendously increased market volatility, and I think it’s really fair to say that this environment has not been kind to any security,” Tucci said in the call.



COLUMBIA, S.C. – The three remaining disaster recovery centers in South Carolina will close Friday, Jan. 29, at 6 p.m.:

  • Richland County Library Southeast, 7421 Garners Ferry Road, Columbia
  • Williamsburg Recreation Center, 2084 Thurgood Marshall Highway, Kingstree
  • Central Carolina Technical College, 853 Broad St., Sumter

Many services available at disaster recovery centers are also available by calling the FEMA helpline. Survivors of Oct. 1-23 storms and flooding can get help by calling 800-621-3362 or TTY 800-462-7585; those who use 711/VRS can call 800-621-3362. Lines are open 7 a.m. to 10 p.m. seven days a week until further notice.

Survivors can use the helpline to:

  • Ask questions about FEMA decision letters.
  • Learn how to appeal FEMA decision letters. All applicants may appeal.
  • Inquire about the status of a registration.
  • Provide change of address, telephone and bank account numbers and insurance information to avoid disaster assistance processing delays.
  • Receive information about FEMA home inspections.
  • Get other questions answered about federal disaster assistance.

Applicants should have their nine-digit FEMA registration number and ZIP code if they want to discuss their application.

For the latest information on South Carolina flood recovery operations, visit scemd.org and fema.gov/disaster/4241.

State/Tribal Government or Region: 
Thursday, 28 January 2016 00:00

Time for Post-Storm Claims Filing

Record-breaking Storm Jonas, which struck a large portion of the East Coast last weekend, was yet another reminder to have property insurance policies up to date and be familiar with claims procedures. To get the claims process moving, risk professionals whose business suffered damage should contact their insurer and broker as soon as possible.

According to the Insurance Information Institute, business owners need to:



OXFORD, Miss. – As the income tax season nears, December storm survivors don’t have to worry that the disaster assistance they received from the Mississippi Emergency Management Agency or from the Federal Emergency Management Agency will boost their tax bill or reduce their Social Security checks or any other federal benefits.

Disaster assistance for temporary housing, essential home repairs, replacement of personal property or for other serious needs does not count as income. Disaster relief payments from the government or donations from charitable organizations will not affect Social Security payments or Medicare benefits. And, disaster recovery grants will not affect any recipient’s eligibility for Medicaid, welfare assistance, food stamps or Aid to Families with Dependent Children. Grants for disaster recovery assistance are not counted as income in determining eligibility for any income-tested benefit programs that the U.S. government funds.

As of Jan. 25, FEMA has awarded nearly $2 million in disaster assistance to Mississippians affected by the December disaster. Storm survivors have until March 4, 2016, to register with FEMA for disaster assistance by using any of the following methods:

  • By phone, call 800-621-FEMA (3362) from 7 a.m. to 10 p.m. Assistance is available in most languages. People who are deaf, hard of hearing or speech impaired may call (TTY) 800-462-7585.
  • Online at DisasterAssistance.gov by computer, tablet, iPhone, Android or other mobile device.
  • By 711 or video relay services, call 800-621-3362.

Eligibility for FEMA assistance is not dependent on income. The amount of disaster assistance an eligible applicant receives is based on the amount of loss and damage incurred as a direct result of the recent storms and flooding and the amount of their insurance settlement, if any.

After registering with FEMA, some survivors receive a disaster loan application from the U.S. Small Business Administration. By submitting the SBA disaster loan application, survivors keep the full range of disaster assistance available as an option. SBA may refer applicants who do not qualify for a home loan to FEMA for grants to replace essential household items and replace or repair a damaged vehicle. But if survivors do not submit their disaster loan applications, further assistance may stop. Survivors are not required to accept a loan offer.


All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD).

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who receive SBA loan applications must submit them to SBA loan officers to be eligible for assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

State/Tribal Government or Region: 

One of the fundamental problems with IT security is that the IT environment is becoming more complex, while both the volume and types of attacks that IT organizations need to defend against continue to grow. All that complexity increases the overall attack surface to be defended, which by definition means more vulnerabilities than ever can be exploited.

To help IT organizations discover those vulnerabilities, SafeBreach this week launched a namesake platform that allows IT organizations to use an automated playbook to launch scripted attacks to discover where IT vulnerabilities lie. SafeBreach CEO Guy Bejerano says SafeBreach has taken years of security research and encapsulated it in the form of a playbook that allows its platforms to launch an artificial attack. The platform then discovers which vulnerabilities are being exploited in those attacks, which allows IT organizations to remediate those issues before they are exploited by real cybercriminals.

Bejerano says as new attacks are developed, SafeBreach will continue to update its platform. That in effect creates something of a spy versus spy cycle of updates between SafeBreach and the hacking community, says Bejerano.



Small businesses being affected by bad weather

Bad weather conditions are hitting the revenues of over two thirds (69%) of small to medium sized businesses in the UK according to new research from insurance broker Towergate. This is an increase of almost a quarter compared to last year when nearly half (46%) of businesses were affected.

The research found that SME finances are being hit by bad weather – with staff unable to travel to work (25%), reduced demand for goods or services (24%) and poor weather conditions preventing work (19%) topping the factors for lost earnings. This is compounded by the fact that over a third of SMEs (37%) don’t have a business continuity plan, and as a result lose two working days each year on average due to weather chaos.

The findings also reveal that over the past five years, more than a third (37%) of small businesses have experienced property damage from bad weather. Yet three in five aren’t insured against flooding, high winds, thunder and lightning, snow, ice or hail – risking footing the bill for £74,000 worth of property damage on average. With an estimated 5.4 million SMEs in the UK, the total bill from weather damage could be as high as £240 billion.

Adverse weather has consistently featured in the top ten of the Business Continuity Institute's Horizon Scan Report and in a global survey of business continuity professionals, more than half of respondents (52%) claimed they were concerned about the possibility of a weather related event disrupting their organization. 

Commenting on the findings, Drew Wotherspoon from Towergate, said: “Small businesses are the lifeblood of the UK economy and are responsible for livelihoods up and down the country. But too many firms are not protecting themselves against the erratic nature of British weather, leaving themselves open to footing the bill for substantial damages and losing out on business earnings.

It’s vital that small business owners take heed of weather warnings and take precautionary measures to allow them to weather the storm and get back to business as quickly as possible. There are few practical steps business owners can take to make sure they’re equipped - from putting a backup plan in place to taking out specific policies against the elements.”

As snow pounded the east coast of the United States this weekend, government entities rushed to do their part in helping citizens cope with the effects of the storm. And amid all those efforts were several jurisdictions that turned to a tool becoming more common in state and local government: maps.

“Unfortunately a lot of the best technology comes out of disasters or major events,” said Christopher Thomas, director of government markets for the geographic information systems (GIS) company Esri.

Among the mapping applications were internal dashboards, which government agencies used to coordinate snow plows and other crews and public-facing informational maps. Thomas said he sees increasing interest in use of GIS at all levels of government. In fact, he said, that's one of the biggest shifts in the field -- in the past, it used to be cities like Chicago and Los Angeles that paid attention to the latest trends in GIS.



While 91 percent of enterprises said they still worry about threats to data, many of them are still focusing on the wrong security priorities to best help protect themselves from data breaches and other attacks, according to a recent survey.

The 2016 Vormetric Data Threat Report—sponsored by security startup Vormetric and conducted by analyst firm 451 Research—found that compliance is the top area of focus for enterprises when it comes to security because they equate compliance with protecting critical data.

Common thinking among companies is that if they meet compliance requirements, it will be enough to keep data safe, according to the report, penned by 451 Research Senior Analyst Garrett Bekker. This is despite the fact that data breaches actually occur more often in organizations certified as compliant, he said.



Recent studies have shown that enterprises are embracing advanced analytics and big data projects. But are they getting real value out of these efforts? Or are we headed for a period of disillusionment? Newly private Informatica has refocused on a mission to help enterprises turn their data investments into projects that drive real business value and avoid the disillusionment pitfall.

CEO Anil Chakravarthy spoke with InformationWeek in an interview about the company's mission, and the trends and opportunities he sees ahead this year.

Informatica appointed Chakravarthy as CEO this month, almost six months after naming him as acting CEO in conjunction with the company's acquisition by two private equity firms. The acquisition by Permira funds and Canada Pension Plan Investment Board -- along with strategic investments from Microsoft and Salesforce -- was completed in August 2015. It took Informatica private and gave the company "more flexibility and more time to implement our transformative innovation roadmap and to evolve our business model," the company's chairman, Sohaib Abbasi, said in a prepared statement at the time.



It’s safe to say that enterprise cloud is here to stay. Cloud services have augmented the way we deliver resources, support new types of users, and create new types of business strategies. Today, organizations are looking at even more ways to leverage cloud computing environments to help their businesses become much more agile.

Spending on cloud infrastructure and platform could rise from $16 billion in 2014 to $43 billion by 2018, according to a recent Goldman Sachs report. The share of cloud infrastructure and platform in enterprise IT spending is forecast to increase from 5 percent in 2014 to 11 percent by 2018. This will be driven by the increasing shift of IT budget from traditional in-house delivery methods to various flavors of cloud computing as a means to cut cost and create new revenue streams.

All this in mind, let’s focus on one of the biggest questions facing enterprises when they look at the modern cloud ecosystem: “How do I create a good cloud connectivity strategy that will allow me to leverage my on-premise investment and a public cloud architecture?”

To answer it, let’s look at two leading public cloud providers and what they’re offering around enterprise cloud connectivity. But first, we’ll need some definitions.



Wednesday, 27 January 2016 00:00

How Secure Is Your Data Store?

In the business world today, the data held by a company can often be their most valuable asset. The value of the data is also dependent on its quality, so the more time you spend making sure that it is fit-for-purpose, the more value can be extracted. These values can be significant too, with the Verizon Data Breach Report reporting an average cost of $201 per lost record in 2014.

Therefore, keeping it safe and secure should be at the forefront of company strategies, but this is rarely the case. When this happens you have situations such as for Ashley Madison or Carphone Warehouse, whereby huge and valuable datasets are stolen or leaked. It is like having a car that you spend several thousand on, but leave it in a high crime rate area, most of the time it won't get stolen, but the chances of it being taken are much higher than they need to be.

One of the key reasons for this lapse in security is that many of the most popular platforms, like Hadoop, have in-built security. The danger here is that people think that their data is safe because of these systems, which is true to a degree, but having only these systems in place is like locking your car - it can still be broken into relatively easily.



Boards of directors lack understanding of the cyber risk

45% of cyber security professionals believe their board of directors has a major gap in its understanding of cyber risk, or simply don’t understand the risk at all. This is despite over half (54%) of boards being ultimately accountable for the cyber strategy, according to a new study by Harvey Nash and PGI Cyber.

The Cyber Security Survey also revealed that one third of cyber professionals (33%) believe their CEO has major knowledge gaps and almost half (49%) believe the same for their Chief Finance Officer. Chief Marketing Officers, many of whom have increasing responsibility for customer data and driving customer facing digital strategies, were also rated poorly, with 43% of cyber professionals believing they had major knowledge gaps, and one in ten (11%) believing they had no cyber risk awareness at all.

Whilst most cyber professionals feel their organisations have the basics covered, 85% still think there is more to do, and one quarter (26%) believe there is significantly more work to do. Unsurprisingly it is lack of finance that is holding cyber security back with 57% of respondents citing this as a reason for any gaps, while lack of security aware culture (49%) and a lack of understandings of the real threat (43%) were also highlighted.

Understanding of the threat is very high among business continuity professionals according to the latest Horizon Scan Report published by the Business Continuity Institute. 82% of respondents to a global survey expressed concern about the possibility of a cyber attack and 74% expressed concern about a data breach occurring.

Brian Lord, Managing Director, PGI Cyber commented: “Cyber security is as much about people as it is about technology. Whilst there is no doubt many boards are asking more questions about cyber security than they did five years ago, it is clear that there is much more to do to make organisations fully aware and prepared for the challenges of an increasingly global and digital world.

Businesses face significant challenges in applying the new EU Data Protection Regulation to paper records; Iron Mountain offers some advice.

At the end of last year, the European Parliament and Council reached agreement on the General Data Protection Regulation (GDPR) proposed by the European Commission. The new rules, which will come into force in early 2018, represent the greatest change to data protection legislation since the dawn of the Internet. They will affect any organization across the world that handles data of European origin.

According to information management and storage company Iron Mountain, the reforms, which aim to reflect the changing needs of the digital economy and champion the data privacy rights of the individual, could prove difficult to apply to paper-based information. To help companies ensure their paper records don’t fall foul of the regulations, Iron Mountain has prepared the following guidance on some of the key components of the GDPR: 



(TNS) - Early Sunday morning the ground started to rattle in Alaska, and those who didn’t sleep through the 7.1-magnitude earthquake reacted in many different ways.

Some people ran outside of their homes, while others pressed themselves into doorways. Some people hurried down the stairs of hotels in their underwear, while others squatted under kitchen tables.

But what’s the best thing to do when you feel the floors start to sway?

Emergency officials have a few tips and one of them is stay inside.



Wednesday, 27 January 2016 00:00

Tornadoes' Aftermath Puts Some at Risk for PTSD

(TNS) - A month after tornadoes ravaged North Texas, mental-health experts are warning survivors to be on the alert for another problem: post-traumatic stress disorder.

Though many people associate that syndrome with soldiers who have been through combat, PTSD can affect about a fifth of people who were directly affected by a natural disaster, medical studies show.

After an ordeal like a tornado or hurricane, people often have trouble sleeping and concentrating, feel jumpy and may be easily startled, or see the disaster replaying in their minds.



OXFORD, Miss. – State and federal disaster survivor assistance teams are now working in three more Mississippi counties, helping residents recover from destructive tornadoes, severe storms and flooding in late December.

The teams are made up of disaster specialists from the Mississippi Emergency Management Agency and the Federal Emergency Management Agency. They are canvassing neighborhoods in Monroe, Panola and Prentiss counties, which were designated for disaster assistance last week.

Affected survivors in Monroe and Prentiss counties can also visit applicant service centers now open at the:

  • Chancery Clerk Building (across from the courthouse), 110 N. Main St., Booneville, MS 38829;
  • The Becker Community Center, 52246 Highway 25 South, Amory, MS 38821.

Survivors in Panola County can visit the disaster recovery center in neighboring Quitman County, which is located at the Marks Fire Department, 108 W. Main St., Marks, MS 38646 or any other center in a county designated for assistance after the December storms.

The teams can register survivors and electronically submit a request for federal assistance. Team members can be easily identified by photo identification and FEMA or MEMA clothing. Mississippi residents are encouraged to ask for official identification before providing personal information.

Federal disaster assistance for qualified applicants may include:

  • Grants to rent a temporary place to live, as needed.
  • Grants for essential home repairs not covered by insurance.
  • Grants for disaster-related needs not covered by insurance — such as medical, dental, transportation, funeral expenses, moving and storage fees, personal property loss and child care.
  • Low-interest disaster loans from the U.S. Small Business Administration to homeowners, renters and businesses of all sizes to cover losses not fully compensated by insurance.

In addition to the registration opportunity offered by recovery teams, survivors can register for assistance by the following methods:

  • Visiting DisasterAssistance.gov with a computer, tablet, iPhone, Android or other mobile device.
  • Calling 800-621-3362 or (TTY) 800-462-7585 for those who are deaf, hard of hearing or speech impaired. Those who use 711 or Video Relay Services can call 800-621-3362 to register. 
  • Business owners can find an electronic loan application on the U.S. Small Business Administration’s secure website at disasterloan.sba.gov/ela. Questions can be answered by calling the SBA disaster customer service center at 800-659-2955/ (TTY) 800-877-8339 or visiting sba.gov.


All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD).

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who receive SBA loan applications must submit them to SBA loan officers to be eligible for assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

State/Tribal Government or Region: 

WASHINGTON – The U.S. Department of Homeland Security’s Federal Emergency Management Agency (FEMA) is seeking applicants for its Youth Preparedness Council. FEMA’s Youth Preparedness Council was formed in 2012 to bring together leaders from across the country who are interested and engaged in advocating youth preparedness. Council members are selected based on their dedication to public service, their efforts in making a difference in their communities, and their potential to expand their impact as national advocates for youth preparedness.

The Youth Preparedness Council offers an opportunity for youth leaders to serve on a distinguished national council and participate in the Youth Preparedness Council Summit. During their two-year term, the leaders will complete a national-level group project and share their opinions, experiences, ideas, solutions, and questions regarding youth disaster preparedness with the leadership of FEMA and national youth preparedness organizations.

Council activities and projects center around five areas of engagement: programs, partnerships, events, public speaking/outreach, and publishing. Members represent the youth perspective on emergency preparedness and share information with their communities. They also meet with FEMA on a regular basis to provide ongoing input on strategies, initiatives, and projects throughout the duration of their term.

Individuals in their freshman or sophomore year of high school that are engaged in individual and community preparedness, or have experienced a disaster that motivated him or her to make a positive difference in their community, may apply to serve on the Youth Preparedness Council. Adults working with youth or community preparedness are encouraged to share the application with youth who might be interested in applying.

Youth interested in applying to the Council must submit a completed application form, two letters of recommendation, and academic records. Specific information about completing and submitting the application and attachments can be found in the application instructions. All applications and supporting materials must be received no later than March 1, 2016, 11:59 p.m. PST in order to be eligible. New Youth Preparedness Council members will be announced in May 2016.

For more information about the Youth Preparedness Council and to access the application materials, please visit www.ready.gov/youth-preparedness-council.


FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Follow FEMA online at www.fema.gov/blog, www.twitter.com/fema, www.facebook.com/fema and www.youtube.com/fema.  Also, follow Administrator Craig Fugate's activities at www.twitter.com/craigatfema.

The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.

Wednesday, 27 January 2016 00:00

EMC Extends Software-Defined Storage Reach

While the high drama surrounding the proposed acquisition of EMC by Dell continues, EMC’s technology advances continue. Today EMC rolled out an update to its Elastic Cloud Storage (ECS) platform that is at the core of the company’s software-defined storage (SDS) architecture.

Manuvir Das, senior vice president for the Advanced Software unit within EMC’s Emerging Technologies Division, says the latest update adds the ability to search petabytes of unstructured data stored in an object-based storage system using metadata that doesn’t have to be housed in a separate database. Instead, Das says, IT organizations can apply analytics directly against the metadata exposed via ECS.

In addition, DAS says ECS now supports multiple protocols, including AWS S3, OpenStack Swift, HDFS and NFS. That makes it possible for IT organizations to deploy an SDS environment capable of spanning both public and private clouds, Das says.



Wednesday, 27 January 2016 00:00

Chasing Black Swans Through The Snow

We had a little snow here in Washington, DC on Friday, and we’re still digging out. The great snowstorm of 2016, a.k.a. Snowzilla, was the kind of outlier event that even the most dysfunctional of local governments must be ready to handle. Even if you think that 2-3 feet of snow in a single day is a “black swan” event, you had better have the snow plows and dump trucks ready for that unlikely scenario.

Software innovators have a much different attitude about black swans. Rather than prepare their response for them, they usually act as though they will never occur. Sure, you might do everything you can to prevent, say, an unexpected architectural glitch to put a critical application into a death-spiral during a period of inconveniently high usage, but there’s only so much risk mitigation that smart design, thorough testing, and other preventive measures can do. The risk of a black swan swooping down to land on your head always exist. (Just look at the painful example of Knight Capital, or the software upgrade that caused a 4-hour outage for the New York Stock Exchange last year.) So what do we do to recover from these events?



Another massive weather system has impacted business operations in large parts of the country. Winter Storm Jonas dumped feet of snow across the northeast, shutting down travel and stalling commerce for days. The storm is considered a “top 10” in the continental U.S., driven by this year’s strong El Nino.

     --- See:  Godzilla Versus the Blob: How this Dynamic Duo will Impact Winter Weather in 2016 ---

From a business perspective, the storm illustrated the importance of rapid and accurate communications. Emergency or mass notification systems were used throughout the country to keep operations moving during this major disruption. Here are just a few of the ways organizations of all sizes utilized these mission critical systems:



Work & Hiring Arrangements
Telework & Emergency Preparedness

Telework is a work flexibility arrangement under which an employee performs the duties and responsibilities of such employee's position, and other authorized activities, from an approved worksite other than the location from which the employee would otherwise work.

All Federal agencies must have a telework policy as required by Public Law 106-346, § 359 and Public Law 111-292, § 6502, and must implement telework to the maximum extent possible for eligible employees.

By law, telework must be integrated into planning for Continuity of Operations (COOP), including a pandemic health crisis.

Agencies must designate a Telework Managing Officer (TMO) that is devoted to policy development and implementation related to agency telework programs. Agencies may also designate a telework coordinator to be responsible for overseeing the day-to-day implementation and operation of telework programs.

Agencies may, at their discretion and subject to agency telework policies, procedures, and provisions of collective bargaining agreements, define and use the types of telework that best fit their business needs.

The choice of how to equip teleworkers is left to agency discretion. Security concerns should be considered in making equipment choices; agencies may wish to avoid use of employees' personal computers and provide agency PCs or laptops as appropriate. In all cases, however, agencies must follow Office of Management and Budget (OMB) security guidelines as outlined in the Telework Enhancement Act of 2010 (external link), and should consider the provisions contained in OMB's June 23, 2006, memorandum, "Protection of Sensitive Agency Information."

Telework can be used as a reasonable accommodation for qualified individuals with medical conditions or other disabilities. At the discretion of an agency, telework can also help with employees who, because of physical injury, are temporarily unable to travel to the workplace. Telework provides an opportunity for agencies to hire qualified individuals (especially those who are mobility-impaired) who might otherwise not consider applying for positions.

All teleworkers and telework managers must receive telework and information security training. Telework training is available via the joint OPM/GSA Website (external link) or may be provided by the agency. Information security training must be provided to all employees by their agencies.

All teleworkers must have signed written agreements, even for ad-hoc, emergency telework arrangements, to provide structure and accountability. Key components of a telework agreement include the following: schedule; communication expectations with the employee's manager, workgroup, and customers; equipment; tasks; information security obligations; expectations for COOP, pandemic, or other emergency situations, including weather closures. Telework agreements should conform to any applicable negotiated agreements.

Managers may deny a telework request or terminate a telework agreement for business reasons. The denial or termination must be documented in writing and shared with the employee.

Teleworkers who work from home must provide an appropriate workspace and should certify that it is free from hazards. Government employees causing or suffering work-related injuries and/or damages at the alternative worksite (home, telework center, or other location) are covered by the Military Personnel and Civilian Employees Claims Act, the Federal Tort Claims Act, or the Federal Employees' Compensation Act (workers' compensation), as appropriate.

Employees who use computers and other information technology while teleworking need effective support during work hours; remote access presents some unique issues, and agencies should ensure tech support can meet these needs. These needs must also be taken into account in planning for using a distributed workforce during an emergency situation.

Employees designated to work from home during an emergency event should telework frequently enough to ensure all systems are working smoothly.

Jack Vonich is VP of Sales for Instor Solutions.

How to effectively balance the power load in data centers is an issue that every data center manager is familiar with. When done correctly, a properly balanced data center helps to secure uptime and is often an important avenue for the facility to utilize extra power capacity. When improperly balanced, available power can become stranded, and the chance of damage to vital infrastructure increases. Taking the time to optimize power distribution when installing or refitting a data center is well worth the effort and is another crucial step toward maximizing its performance.


To help avoid stranding power, we can look at the following example (power coming into data centers is measured as either X + Y + Z + Gr or X + Y + Z + Gr + N). In this simplified model (Fig. 1), we’re working with three-phase power which is broken into groups of two phases for each outlet powering the individual devises on the power strip.



Tuesday, 26 January 2016 00:00

Zika Throws a Travel Risk Curveball at 2016

It is understandable if you bade an enthusiastic farewell to 2015. International markets whipped up and down, ISIS’ terrorism campaign extended well beyond the Levant, South China Sea tensions escalated, and, of course, a historic refugee crisis consumed Europe (and the attention of much of the West). Oh, and 2015 was by far the warmest year on record.

The political risk consultancy Eurasia Group, headed by noted scholar and author Ian Bremmer, has weighed in on the risk outlook for 2016 and it isn’t pretty. In a nutshell, all of the problems of the past couple of years “will get worse.” The strategically critical countries of Russia, Turkey, and Saudi Arabia are all on a path of decreasing stability or increased international belligerence (or both), and this development is exacerbated by a U.S.- Western Europe alliance that is shrinking away from messy international situations.



Tuesday, 26 January 2016 00:00

Are you the target?

Do you know the basic principle of hunting? Always be vigilant — otherwise you could become the prey! The world of data is a jungle — you could do a lot of hunting, but you could just as easily get lost and become a more experienced hunter’s trophy kill. There are scavengers everywhere, and anyone could become their next target — for them your data is a tasty, tasty snack. So as we come to the end of this series, I will give you a few simple data security tips – I hope you find them useful.



Data breaches, IT incidents or any other corporate disasters have an impact on a company’s standing. Reputation management is a matter of protecting that standing or of keeping damage to minimal levels. In some instances, data breaches for instance may not need to be declared to the public. In other cases, when customer, medical or other personal data is compromised, a company has no choice but to advise consumers, patients and other individuals about the risks engendered. An interesting insight from MIT’s Sloan School of Management into how the public at large perceives enterprises and organisations suggests that trying to leverage feelings may be a bad move, when it comes to reputation management.



Cities on the north-eastern US coast are recovering from a massive weekend snowfall brought by Winter Storm Jonas, but the cloud infrastructure in the region powering websites and services appears to have been largely unaffected.

The service status pages for major cloud services including Microsoft Azure, Google Cloud Platfrom, and Amazon Web Services didn’t report any disruptions to facilities on the east coast.

Hurricane Sandy in 2012 caused several outages including flooding and generator fuel shortages at PEER 1’s facility and Internap’s Mahattan facility going down. In anticipation of winter storm Jonas, AWS has noted that this is unlikely to happen.



In the latest bout of alarmist frenzy to sweep the security world, researchers disclosed a vulnerability in the Linux kernel’s open source code last week. It turns out the vulnerability poses little real threat.

The flaw, which has existed in Linux since 2012 but remained unknown, was reported by the Israeli security company Perception Point. It allows attackers to gain root access to computers running affected versions of the kernel. With root access, they can do anything they want to the system.

Perception Point ominously warned that the vulnerability affects “tens of millions” of Linux PCs and servers, as well as some Android devices (since Android is based on a version of the Linux kernel). The company urged administrators and users to upgrade their systems as soon as possible in order to apply the fix that the Linux kernel developers created after Perception Point notified them of the flaw.



I’ve been writing about IT security for nearly a decade. I’ve seen the progression of cybersecurity problems and cybersecurity solutions. I remember the number of professionals I spoke with who shrugged off the need for security and the businesses who told me point blank that they’d never trust cloud computing because it will never have good enough security protections. I’ve seen the shift in attitudes (not to mention the number of other writers who have picked up the topic because it is “hot” and everybody wants to read about it now).

On one hand, we’ve come a long way in our knowledge and acceptance of cybersecurity needs. Yet, in these early days of 2016, I’m seeing a lot of conflicting reports. One day we are being told that businesses are doing more to increase their security budgets, for example, while the next day, a study is saying that businesses aren’t doing enough to secure their data. We’re seeing a lot of mixed signals – even within the same report.

Take Cisco’s 2016 Annual Security Report, for example. As TechRepublic reported:



Many enterprises are pondering the implications of the all-cloud data center when, in fact, a more immediate change is in the works. This would be the so-called “cloud-first” strategy, which seems to be playing out on the application layer rather than in end-to-end infrastructure deliberations.

The key difference between the two is that while all-cloud focuses largely on how the cloud is built, cloud-first looks at how the cloud is utilized. And in almost all cases, cloud-first offers a leaner, more efficient, and more manageable approach to enterprise functionality than legacy architecture.

According to IDC, cloud-first strategies are responsible for a good portion of the explosion in cloud services that is rocking the enterprise industry. Cloud services are set to increase by nearly 20 percent per year for the remainder of the decade, to top $141 billion by 2019. This will result in the average business spending six times more for cloud services than they do for overall information technology, with software-as-a-service taking the lion’s share of that spend. Ultimately, however, this will lead to broader adoption of cloud-based platform and infrastructure services (PaaS and IaaS), both of which are starting from smaller bases than services but are growing between 27 percent and 30 percent per year.



In my upcoming webinar, “Trends in Business Continuity: Recapping 2015 and Looking Ahead,” on January 27th, I will take a moment to look back at 2015 on the types of challenges that the continuity field experienced, and then gaze forward, contemplating what might be next. Once we know what we might likely face, I’ll explore eight ways to reimagine your program to meet the significant challenges ahead.  

One those eight ways is Number Five…“Work Out.” No, I’m not discussing aerobics or yoga (although that couldn’t hurt), I’m talking about the importance of exercises. Practice (aka exercises) breeds familiarity and “muscle memory,” which should be (and could be) the real measure of competence or capability.  The term “muscle memory” has been used synonymously with motor learning, which is a form of procedural memory involving the consolidation of a specific motor task into memory through repetition. When a movement is repeated over time, a long-term muscle memory is created for that task, eventually allowing it to be performed without conscious effort. That is what we want our teams to be able to do – perform their duties without conscious effort.



(TNS) - The inspector general’s office for the U.S. Department of Homeland Security is auditing how Long Beach City schools, the Town of North Hempstead and the Roman Catholic Diocese of Brooklyn are handling superstorm Sandy disaster recovery money.

Audits of the three entities have been ongoing since last year and were included in an end-of-year roundup of investigations and other projects undertaken by the inspector general’s office.

“We end up doing a lot of audits to see if the money is being spent consistent with policies and procedures,” said Homeland’s Assistant Inspector General John Kelly, whose division is emergency management oversight.



(TNS) - Around 8 a.m. Saturday, stiff from sleep and freezing temperatures, more than 150 volunteers formed human chains around five homes near Fenton and passed thousands of sandbags to the curb.

Some bags, dense with frozen floodwater, weighed as much as 50 pounds. “Now, they are sandbricks,” said Jakob Budge, 17, a volunteer from the Mormon congregation in Fenton.

At first, the youth said, his muscles ached from the repetition of lifting and passing. But determination took over. People along the chain peeled off their jackets and wiped sweat from their brows even in the frigid air. An hour and a half later, they cheered as the last of the bags from the back of one home left their hands.



As devastating severe winter weather continues to attack the Mid-Atlantic and Northeast, cities and counties work tirelessly to keep residents safe and return life to normalcy.   It was a historic storm, as snow totals “topped out near 42 inches in West Virginia and at least 14 states in total received more than a foot of snow from the storm.” 


During severe weather and emergency events, Everbridge and Nixle are committed to providing reliable communication channels between emergency managers, law enforcement and the residents they serve.  We are here to help.  Utilize our Emergency Live Operator phone line where a representative will assist you in sending an emergency notification. Or call our Everbridge Support Center, available 24×7 – details on how to reach us can be found here: http://www.everbridge.com/support.


Below are a few informative pieces to use in your emergency and severe weather preparation plans:



2015 was a tumultuous year for CISOs. Breaches affecting The Home Depot, Anthem Blue Cross Blue Shield, and T-Mobile dominated the headlines worldwide and left no industry, region, or CISO unscathed. These unfortunate spotlights created a slew of negative infosec publicity along with panicked demands from business leaders and customers alike. How secure are we? Ask the CISO. How did this breach occur? Ask the CISO. Why did this breach occur? Ask the CISO. Could we have prevented it? Ask the CISO. How could we let this happen? Ask the CISO.

Yet, CISOs continue to struggle to gain clout and influence with the rest of the C-suite and sometimes it can feel like a thankless role. There is little recognition when you’re doing your job right, but you face a whirlwind of pain and blame the second something goes wrong. The world’s growing emphasis and focus on cybersecurity should be running parallel with the capabilities and reputation of the CISO. Instead, CISOs see their responsibilities increasing with only modest funding increases, recognition, or support from their fellow colleagues.

Lucky for you, S&R’s favorite British analyst, Martin Whitworth, is a CISO and infosec expert. Martin continually writes numerous reports that analyze the evolution of the CISO as well as essentials, best practices, and tricks of the trade for thriving in today’s landscape. Prior to joining Forrester, Martin served as CISO and senior security leader for a number of blue chip organizations, including Coventry Building Society, Steria Group, UK Payments Council, British Energy/EDF Nuclear Generation, and GMAC.



rhizome (rī′zōm′) – a horizontal, usually underground stem that often sends out roots and shoots from its nodes.


Sometimes, people outside of a particular field get ideas for the field that are better than any insiders are capable of, being unencumbered by knowledge of what has and hasn’t worked in the past, or preconceptions about the “right” ways of doing things. Of course, lack of expertise makes them capable of coming up with some of the worst ideas too.

Founders of one European data center design startup aren’t sure at this point where on that continuum their ideas fall, and they don’t pretend to be. What they’re trying to do is envision people’s relationship with computing in the near future and the physical form that relationship will take.

The people behind Tallinn, Estonia-based Project Rhizome don’t all have background in data centers. Two of the three founders have backgrounds in design and architecture, and the third comes from the world of IT. But they believe their architecture sensibility brings a useful perspective to data center design, a perspective that will presumably grow in importance as more and more data storage and processing capacity moves into densely populated areas.



The practice of arguing over the validity of technology benchmark tests may be only about a day older than the existence of benchmark tests. It's a longstanding IT industry tradition to try to prove whose product is better with some kind of showdown and use the results to win customers. But organizations often disagree about what should be tested, who should test it, and plenty of other factors of testing in an effort to ensure the tests are fair (and that their own products come out on top and don't underperform).

One such battle has been brewing in big data recently between Informatica and Talend. It all started with a Talend-commissioned benchmark test conducted by MCG Global Services in October 2015 that said Talend Big Data Integration offered about 10 times faster performance than Informatica Big Data Edition.

Not surprisingly, Informatica objected to the validity of these results, saying the benchmark was not independent because it was commissioned by the winner, and Informatica wasn't consulted. Informatica also said in a blog post that the benchmark test pitted its two-year-old product against Talend's month-old product.



Gartner estimates that the Internet of Things (IoT) will include 26 billion devices by 2020. Organizations in virtually every industry are using IoT devices to drive higher levels of efficiency, reduce costs, generate new revenue, and understand customers at more granular levels. However, not all of these organizations are prepared to deal with the deluge of data these IoT devices will bring.

"IoT deployments will generate large quantities of data that will need to be processed and analyzed in real time," said Gartner research director Fabrizio Biscotti in a statement. "Processing large quantities of IoT data in real time will increase as a proportion of workloads of data centers, leaving providers facing new security, capacity, and analytics challenges."

One way of addressing these challenges is to put automated, intelligent analytics at the edge -- near where the data is generated -- to reduce the amount of data and networking communications overhead.



Monday, 25 January 2016 00:00

Who would James Bond be without his toys?

Total and unrecoverable annihilation of data isn’t easy these days, as the GCHQ agents who supervised the drilling through The Guardian’s hard drives knew all too well. The hard drives contained data stolen from the NSA by one Edward Snowden. Drilling is still a popular method of destroying data. But is it effective? Putting aside the fact that data can be easily copied and stored in an almost infinite amount of physical places (for example, when you upload or host it online), it’s actually disputable whether or not drilling through disks is effective. James Bond would surely have done that with more finesse, while ensuring that data is destroyed and unrecoverable (in style, of course). I’ll give you a couple of ideas for how he could do it — but let’s start from the beginning.

 Destroying the storage device physically is your best guarantee that the data won’t ever come back to haunt you. It eliminates the risk of a data leak that is technically possible when wiping a disk programmatically, or when highly sophisticated data recovery equipment is used on the drive (tools of this calibre are not commercially available, but we can’t rule out that they one day will be or that some institutions don’t already have them). There is a downside to this method though – you will not be able to use this storage device again. Unlike a hard drive wiped with data erasure software, a physically destroyed disk can only be recycled. In some cases this will be your best option though.



A new report published by the UK Government‘s Science and Technology Select Committee has found that the UK is not well-placed to respond to pandemics and novel epidemics.

As the title suggests, the report ‘Science in emergencies: UK lessons from Ebola’ looked at the lessons that can be learned from the Ebola crisis response. It found that, in a future global pandemic or in a UK epidemic outbreak, the country would be more vulnerable than in the past due to the degradation of the UK’s ability to manufacture enough vaccine to vaccinate UK citizens in an emergency. To respond to this vulnerability, the report recommends that the Government “acts now and negotiates with vaccine manufacturers to establish pre-agreed access to manufacturing capabilities that can be called upon quickly in an emergency.”

Other key points from the report include:

  • The UK Ebola response - like the international response - was undermined by systemic delay. The biggest lesson that must be learnt from this outbreak of Ebola is that even minor delays in responding cost lives. Rapid reaction is essential for any hope of success in containing an outbreak.
  • The UK and other countries were not ‘research ready’ when the outbreak began, prompting a less than optimal and uncoordinated research response.
  • Rapid and reliable communication is integral to delivering an effective response to a disease emergency but throughout the Ebola outbreak the systems to share advice, expertise, epidemiological and clinical data were inadequate.
  • The Government’s communications on Ebola with the UK public were accurate and balanced, but it was disappointing that the Government failed to explain why it went against guidance from the World Health Organization and Public Health England and introduced screening for Ebola at UK ports of entry.  The report recommends that “when interventions like screening are instigated during an emergency, the Government makes the evidential basis for the intervention explicit.”

Read the full report (PDF).

(TNS) - There seemed to be no stopping the snow in Baltimore this weekend, as a historic storm held the region in its icy, gusty grip.

But even as the winds picked up Saturday afternoon, and most people stayed at home with hot chocolate and movies, there were some who refused to be stopped.

On dog sleds, cross country skis and in good old-fashioned sneakers, people hit the nearly empty streets to take stock of the snowfall — more than 2 feet by Saturday evening in some places in Maryland. They were joined by emergency responders, snowplows, National Guard Humvees and others for whom the snow did not mean a day off from work.



(TNS) - The powerful blizzard that slammed the East Coast on Saturday quickly surpassed forecasters’ dire predictions, claiming at least 18 lives, flooding coasts, unleashing hurricane-force winds and paralyzing life for residents of at least 20 states from Georgia to Massachusetts.

The storm was well on its way to smashing snowfall records.

Mayors and governors said they did not expect their cities to be back in business until next week.

“Safety is our number one priority – and right now, it is not safe for the general public to travel,” New York Gov. Andrew Cuomo warned as the heart of the storm hit his state. Visibility was so low that those walking across the Brooklyn Bridge couldn't see the East River beneath or the Manhattan skyline soaring above. Since Thursday night, 25 inches had fallen in Central Park, nearing the city’s record of 26.9 inches, which fell over two days in 2006.



(TNS) - Southcentral Alaska was rocked by a strong and prolonged magnitude-7.1 earthquake early Sunday morning.

The quake struck 86 miles west-southwest of Anchor Point at 1:30 a.m. Alaska time, according to the U.S. Geological Survey.  The Alaska Earthquake Center said it hit on the west side of Cook Inlet, about 65 miles west of the Kenai Peninsula town of Homer and about 160 miles southwest of Anchorage.

The quake knocked items off shelves and walls and shook buildings throughout the region. A series of aftershocks followed, including a magnitude 4.5 that struck about two hours after the initial quake and could be felt again in Anchorage.



If the chatter is to be believed, identity theft tops the list of taxpayer concerns for 2016. And it’s not all in your head: a 2015 Identity Fraud Study, released by Javelin Strategy & Research, found that identity thieves stole $16 billion from 12.7 million U.S. consumers in 2014, a new victim every two seconds .

Those statistics are scary but there is some good news to be found in the report: the numbers are actually down from the previous year. The reason? It’s very likely the result of an increased awareness from consumers together with increased protections in place from industry and government. That includes efforts like the Internal Revenue Service (IRS) “Taxes. Security. Together.” campaign. The more you know about how to protect yourself, the better chance you have to not be a victim. Here are 11 tips help you protect yourself from identity theft and identity theft related tax fraud:



More than half of U.S. consumers think that storing their credit and banking information in the cloud is more risky than driving without a seat belt, according to a new report from Symantec. Those consumers are correct, and the other half of them need to change their thinking – or their wallets may take a hit. The Symantec report states that consumers globally lost $158 billion to cyber crime in the past year. In the U.S. alone, the figure is nearly $30 billion.

Director of the FBI, James Comey, called the Internet, “the most dangerous parking lot imaginable,” and warned people to be just as aware of scams, compromised websites, malware and other threats as they would be of a physical theft.

Symantec, the world’s largest security software company, advises consumers to ‘go boldly, not blindly’ onto the Internet. The company has opened up a lot of eyes to the cyber risks and consequences facing consumers globally in its 2016 Norton Cybersecurity Insights Report.



(TNS) - When officials with the city of Lubbock’s Emergency Operations Center gathered at 6 a.m. Sunday, Dec. 27, they had a prepared list of objectives from emergency management to deal with large snowstorms.

The first two objectives were related to first responders: to make sure they were prepared — and for public safety services to remain active throughout the city.

And while things like equipment, routes for snow plows, communication and employee shift operations are being audited in the storm’s aftermath, city officials say the first two objectives were on target.



JEFFERSON CITY, Mo. – Residents of 33 Missouri counties who have been affected by the recent severe storms and flooding may soon see Federal Emergency Management Agency (FEMA) Disaster Survivor Assistance (DSA) teams and home inspectors in their neighborhoods.

Those counties are: Barry, Barton, Camden, Cape Girardeau, Cole, Crawford, Franklin, Gasconade, Greene, Hickory, Jasper, Jefferson, Laclede, Lawrence, Lincoln, Maries, McDonald, Morgan, Newton, Osage, Phelps, Polk, Pulaski, Scott, St. Charles, St. Francois, St. Louis, Ste. Genevieve, Stone, Taney, Texas, Webster, and Wright counties.

The DSA teams offer survivors registration assistance, up-to-date information on their application status, on-the-spot needs assessments and referrals to help fill any outstanding needs.  Following an individual assistance disaster declaration, FEMA provides this mobile resource to help connect homeowners, business owners and faith-based and community organizations with the necessary resources to start the recovery process.

Home inspectors will also be in the field verifying damages for those who have applied for federal assistance.  Inspectors will contact homeowners and renters to schedule a time to meet to verify flood damages that occurred December 23, 2015 through January 9, 2016.

Inspectors are contractors who will display official photo identification. If the photo identification is not displayed, it is important to ask to see it. This helps prevent fraudulent activities.

Individuals or business owners that apply for a disaster loan with the U.S. Small Business Administration (SBA) may also be contacted by a loss verifier who will inspect the damaged property. 

Residents who were affected can apply for assistance online at www.DisasterAssistance.gov or call 800-621-3362 or (TTY) 800-462-7585, from 7 a.m. to 10 p.m. seven days a week.  Those who use 711-Relay or Video Relay Services can call 800-621-3362.  The application deadline is March 21.


Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status.  If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). For TTY call 800-462-7585.


In October 2013, Affinity Gaming, a casino operator based in Nevada, heard from customers that their credit cards had been hacked. Before too long, the company’s IT department concluded it likely suffered a data breach.

Within days, professional forensic data security investigators from Chicago-based Trustwave Holdings Inc. were analyzing the company’s system, and suggesting remedial measures.

That account is taken from a federal lawsuit that Affinity filed in Las Vegas. It accuses the IT security company Trustwave it hired to conduct a forensic investigation of failing to proscribe appropriate remedial measures and not removing the malicious malware. The suit states that within three months, a second data breach occurred. Affinity is suing Trustwave for fraud, fraudulent inducement, constructive fraud, gross negligence, negligent misrepresentation, breach of contract and declaratory judgment.

The lawsuit, filed in late December and first noticed by Ars Technica, and poses an interesting test case of whether a security vendor can be held liable for not ensuring the complete safety of a company.



Fairfax County, Virginia is home to over 1 million residents across 390 square miles in the suburbs of Washington, D.C.. Since 2003, the county’s Community Emergency Response Team (CERT) has embraced the reality that residents need to be prepared for major emergencies.

“Widespread emergencies like the Derecho windstorm of 2012 and the “Snowmageddon” snowstorm of 2010 emphasize that emergency responders are not always the first responders—bystanders and neighbors are often relied upon during and after disaster,” explained Jeffrey Katz of Fairfax County Fire and Rescue.

Over 2,500 county residents have learned necessary skills for emergency situations. The 25-hour CERT course is delivered by the fire department and in coordination with the county’s Office of Emergency Management. CERT training is based on the national CERT program curriculum administered by the Federal Emergency Management Agency.



While the rain keeps falling in Northern California, the state’s water supply is nowhere near bouncing back from a shortage caused by years of severe drought, and data center cooling technology that doesn’t use water is one way data center operators in the state can be part of the solution.

Emerson Network Power claims data center operators that installed its pumped refrigerant-based cooling system in North America have saved more than 1.4 billion gallons of water in the last three years. A traditional chilled water-based system uses about 1 million gallons of water to cool 1 MW of IT capacity in a data center for one year, John Peter Valiulis, VP of marketing at Emerson, said.

The savings estimate comes from a process the company recently went through with the California Energy Commission to get pumped refrigerant-based systems approved as accepted form of economization, or free cooling, under the state’s Building Standards Code, known as Title 24. The code requires new data centers to use economizers but until recently only specified air-side and water-side economization systems as appropriate ways to satisfy the requirement.



Monday, 25 January 2016 00:00

The Cloud: A New Way to Conduct Business

At this point, it doesn’t make much sense to talk about whether IT infrastructure will change in the cloud, or even how it will change, but how data and business processes will change to suit the new reality.

Infrastructure, after all, is merely a means to an end, so the real measure of the cloud is how it will alter the things we do, not the resources we use to do them.

We are already seeing this effect in motion. Traditional applications like BI and CRM are not being ported directly to the cloud anymore, they are being recoded to suit the dynamic, resource-shifting realities that cloud computing brings to the table. At the same time, entirely new business processes are emerging to take advantage of new service- and application-layer flexibility to out-perform their legacy counterparts.



Monday, 25 January 2016 00:00

Another Day, Another Hack

As if we needed another reminder of the rising threat of cyber attacks, the estimated EUR 50 million ($55 million) loss arising from a cyber fraud incident targeting Austrian air parts supplier FACC AG made us sit up and take notice.

As Bloomberg reports here, if the damages do indeed amount to $55 million this would be one of the biggest hacking losses by size.

Bloomberg also points out that the incident is made more intriguing because FACC is 55 percent owned by China-based AVIC.



China has become an increasingly important market over the last several years for server technology providers, and leading vendors such as Hewlett-Packard HPE +0.00% Enterprise, IBM IBM +0.81% and Intel INTC +0.00% are all making significant investments to get more than their fair share of the pie. Earlier this week, Qualcomm QCOM -2.13% announced a joint venture in China that I believe could be a game-changer in the server space over the long term. If executed effectively, the joint venture could help China get closer to the locally-sourced datacenter infrastructure that they are demanding.

By some estimates, China is now the #2 country for server sales worldwide and has been growing at a rate much faster than the overall market. And despite the recent economic slowdown, many believe that the datacenter business in China will continue to flourish as demand to expand the capacity of the country’s datacenters doesn’t appear to be waning anytime soon. In an era where much of the world’s server hardware demand has stagnated, leading vendors are looking to opportunities like China to keep their businesses growing. But the Chinese government has made it clear that they want to move toward indigenous datacenter products and reduce their reliance on US and Western European vendors for long term advanced technologies.

In October 2015, Qualcomm publicly announced their plans to go after the server processor market—a market that is dominated today by Intel—and demonstrated their first pre-production server chip based on the low-power ARM architecture from ARM Holdings ARMH +2.33%. In that announcement, Qualcomm specifically mentioned China as a key target market for their server-focused efforts. Qualcomm’s announcement this week to create a joint venture agreement with the Chinese province of Guizou called Guizhou Huaxintong Semi-Conductor Technology Co. to locally design, develop and sell advanced server chipsets is a critical step that may help turn this vision into a reality. Both parties have invested $280 million in the joint venture, which will be 55% owned by Guizhou and 45% owned by a subsidiary of Qualcomm.



Following is a summary of key federal disaster aid programs that can be made available as needed and warranted under President Obama's disaster declaration issued for the State of Alabama.

Assistance for the Territory and Affected Local Governments Can Include as Required:

  • Payment of not less than 75 percent of the eligible costs for emergency work and repairing or replacing damaged public facilities, such as roads, bridges, utilities, buildings, schools, recreational areas and similar publicly owned property, as well as certain private non-profit organizations engaged in community service activities. (Source: FEMA funded, territory administered.)
  • Payment of not more than 75 percent of the approved costs for hazard mitigation projects undertaken by state, tribal, and local governments to prevent or reduce long-term risk to life and property from natural or technological disasters.  (Source: FEMA funded, territory administered.)

How to Apply for Assistance:

  • Application procedures for state, tribal, and local governments will be explained at a series of federal/state applicant briefings with locations to be announced in the affected area by recovery officials. Approved public repair projects are paid through the state from funding provided by FEMA and other participating federal agencies.

FEMA’s mission is to support our citizens and first responders and ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Stay informed of FEMA’s activities online: videos and podcasts available at http://www.fema.gov/medialibrary">www.fema.gov/media-library and http://www.youtube.com/fema">www.youtube.com/fema; follow us on Twitter at www.twitter.com/fema  and on Facebook at www.facebook.com/fema.

Friday, 22 January 2016 00:00

8 Ways To Monetize Data

Data is the new currency. Armed with it, new companies are disrupting established industries, and traditional businesses are transforming the way they operate. Not all organizations are equally adept at translating data into dollars, but their ability to do so is impacting their ability to compete.

"Where knowledge is power, data is wealth. It's not intrinsic in the data, it's what you do with it," said Bruce Daley, an analyst at market intelligence firm Tractica and author of Where Data Is Wealth: Profiting From Data Storage in a Digital Society. "The companies that are most progressive in thinking about data differently are the companies that are changing the economy, like Google and Uber. Most businesses lag way behind in terms of the idea that data could be their primary reason for being."

Some businesses, such as information service providers, have always been about deriving value from data. However, the ability to use and monetize data is now impacting almost every type of business. As a result, driving value from data must now be contemplated as part an overall business strategy.



As tech companies defend the use of encryption and users' privacy over governments' widening survelliance demands at the World Economic Forum in Davos this week, similar battles are brewing from New York to California that potentially carry a legislative bite.

In Davos-Klosters, Switzerland, the World Economic Forum on Thursday held a panel titled Privacy and Secrecy in the Digital Age that explored such issues as whether companies can artfully balance the need for secrecy and security held by consumers and governments. Concerns over privacy and security are increasingly becoming a global debate, as high-profile cases like the Paris attacks point to terrorists using online tools to communicate with each other and attract potential members. 

But as governments throughout the world call on tech companies to provide access to users' encrypted information and data, as well as other private information, those companies often contend that any encryption workaround could potentially weaken security and make it easier for hackers to infiltrate. This, in turn, would create a chilling effect on the use of such technology over of privacy concerns.



The term enterprise risk management (ERM) is now bandied around so widely in the business world it would seem reasonable to assume that everyone is doing it. The current reality is significantly different.

The AICPA’s 2015 Report on the Current State of Enterprise Risk Oversight provides some useful insights into where organizations actually are in their risk management practices.

Go back 30 years or so and the term was far from being in common use. The Harvard Business Review published an article in 1996 entitled “The New Religion of Risk Management,” focusing on probability theory, business complexity and the role of computer technology. Conceptually, this may well have had much in common with today’s context for risk management—but in practice, it was seen in a very different light as being more of a technique practiced by specialized statisticians and high-priced consultants.



After months of dismissing news reports that the company may be considering selling its data centers as rumors, Verizon Communications CFO Francis Shammo finally confirmed that the reports were true.

Speaking with analysts during the company’s fourth quarter 2015 earnings call Thursday, Shammo said the company was exploring opportunities to sell the assets. “We will always look for opportunities,” he said. “The data centers is an exploratory exercise to see if the asset is more valuable inside or outside the portfolio."

Last year, Verizon sold its wireless communications towers, switching from an ownership to a leasing model, and it views its data centers in a similar fashion. If it can sell its data centers in a way that will free up capital that can be used for higher-return investments, they will be sold.



OXFORD, Miss.Mississippi tornado survivors who do not submit their U.S. Small Business Administration low-interest disaster loan applications may be saying no to a primary source of federal disaster assistance.

After registering with the Federal Emergency Management Agency, some survivors receive a disaster loan application from SBA. By submitting the SBA disaster loan application, survivors keep the full range of disaster assistance available as an option. SBA may refer applicants who do not qualify for a home loan to FEMA for grants to replace essential household items and replace or repair a damaged vehicle. But if survivors do not submit their disaster loan applications, further assistance may stop. Survivors are not required to accept a loan offer.

Often, survivors think SBA disaster loans are only for businesses. Some may be counting on a future insurance settlement to cover rebuilding costs. They may not want to take out a loan or fear they cannot afford one. Others may simply need help completing the disaster loan application.

SBA offers disaster loans to businesses of all sizes, private nonprofit organizations, homeowners and renters, for physical damage from the severe storms, tornadoes and flooding which affected northern Mississippi in late December. To be eligible for these loans, damage must have occurred in the following counties: Benton, Coahoma, Marshall, Quitman or Tippah.

Economic injury disaster loans are available to provide working capital to eligible small businesses and nonprofit organizations located in the following Mississippi counties: Alcorn, Benton, Bolivar, Coahoma, DeSoto, Lafayette, Marshall, Panola, Prentiss, Quitman, Sunflower, Tallahatchie, Tate, Tippah, Tunica and Union.

There are several good reasons for FEMA applicants who have been contacted by SBA to submit a completed disaster loan application before the March 4, 2016, deadline. Some of the top reasons include:

  • Your insurance settlement may fall short. You may find out you are underinsured for the amount of work it takes to repair or replace a damaged home. An SBA low-interest loan can cover the uninsured costs. By submitting the loan application, survivors may have loan money available when it is needed. SBA can approve a loan for the repair or replacement of a home up to $200,000. The loan balance will be reduced by your insurance settlement. However, the opportunity for an SBA disaster loan may be lost if you wait until after the application deadline.
  • SBA can help renters repair or replace disaster-damaged personal property. Renters, as well as homeowners, may borrow up to $40,000 to repair or replace clothing, furniture, appliances and damaged vehicles.
  • Disaster loans offer low rates and long-term repayment plans. Interest rates are as low as 4 percent for businesses, 2.625 percent for nonprofit organizations and 1.813 percent for homeowners and renters with terms up to 30 years. The SBA sets loan amounts and terms based on each applicant’s financial condition.

For more information, homeowners, renters and businesses may call the SBA at 800-659-2955 (TTY 800-877-8339), send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. or visit SBA.gov/Disaster. Survivors can complete disaster loan applications online at https://DisasterLoan.SBA.gov/ELA.

Survivors can visit any of the five disaster recovery centers open in Mississippi to sit down and talk with an SBA representative in person. Disaster recovery center locations can be found by visiting FEMA.gov/DRC or by calling the FEMA helpline at 800-621-3362 (TTY 800-462-7585.)

Survivors who have not yet registered with FEMA can do so online at DisasterAssistance.gov, or by calling the FEMA helpline at 800-621-3362. Survivors who are deaf, hard of hearing or speech impaired can call TTY 800-462-7585.

For more information on Mississippi’s disaster recovery, visit fema.gov/disaster/4248 and msema.org.


All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD).

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who receive SBA loan applications must submit them to SBA loan officers to be eligible for assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

Last Updated: 
January 21, 2016 - 17:43
State/Tribal Government or Region: 

Switch has agreed to buy renewable energy for its future data center in Michigan.

The Las Vegas data center provider, known for its massive high-security campus in the Sin City, will start by procuring bundled energy and Renewable Energy Credits through the Green Generation program by Consumers Energy, the utility that serves the area in Michigan where the Switch data center will be built, Adam Kramer, the company’s executive VP of strategy, said. However, it is in negotiations with the utility about building a new utility-scale renewable generation project in the state.

“We will have a new generation resource in the market,” Kramer said. “In all likelihood it will be wind.”

The future renewable project will have enough capacity to offset the entire energy footprint of the future Switch data center, he said.



Google, in conjunction with Cloudera, Data Artisan, Cask and Talend, announced this week that the Dataflow programming model that Google created to develop streaming Big Data applications is now an open source Apache project.

Talend CTO Laurent Bride says this move is significant because it should give IT organizations more freedom to run their Big Data applications wherever they see fit.

Bride says Dataflow is gaining traction because it provides a programming model that enables developers to build Big Data applications that can run on multiple run-time engines. As a result, code developed using Dataflow can run on MapReduce, Apache Spark and Flink engines.



For a long time, security was one of the top reasons – if not the number one reason – why businesses shied away from using cloud computing.

That appears to be changing.

According to a new study from the Cloud Security Alliance (CSA), nearly 65 percent of IT professionals now say they trust the security of cloud computing as much as or more than their on-premise systems. The survey also found that the cloud isn’t the problem when it comes to securing data; instead, the absence of skilled cybersecurity professionals leads to cloud-based data loss.

As more IT and security professionals become familiar with cloud computing, it follows that there will be a greater comfort level with security within the cloud, Jim Reavis, CEO of the CSA, pointed out in a prepared release. For this reason, more are willing to take the chance to migrate more data to the cloud. Reavis added:



We are entering a digital revolution where more companies and users are utilizing even more data and applications. Cisco recently pointed out that annual global data center IP traffic will reach 10.4 zettabytes (863 exabytes per month) by the end of 2019, and that global data center IP traffic will grow three-fold over the next five years. This growth makes the data center an absolutely critical component for IT and the modern business. The challenge, however, becomes updating and integrating everything with modern data center architecture. Most of all, organizations are looking at ways they can optimize the delivery of their resources and create true efficiency.

In a new whitepaper sponsored by NTT, we learn about the next-generation systems that are impacting resource and environmental utilization within the modern data center. The paper outlines the critical points to consider when creating a data architecture that can align with market demands:



The ease of use of cloud-based collaboration and file sharing applications may be putting organizations at risk as they are unaware that 26 percent of documents stored in cloud apps are broadly shared – meaning any employee can access them, and in some cases are discoverable in a Google search.

This is according to the Q4 2015 Shadow Data Report released by Blue Coat’s Elastica Cloud Threat Labs team on Wednesday. The study is based on insights into 63 million enterprise documents within leading cloud applications including Office 365, Google Drive, and Salesforce.

The report identifies shadow data as any sensitive information that is uploaded and shared in cloud apps without the knowledge of IT security teams. This isn’t the first time Elastica has explored the risks of shadow IT, having investigated the risks to the healthcare industry in particular in its Q2 2015 report.



(TNS) - Those in the western half of Anson County may see up to three-quarters of an inch of ice Thursday night through Friday.

The National Weather Service issued an update at 6 a.m. Thursday saying that Anson County is expected to receive a quarter-inch to half-inch of ice, though the western part of the county could see a half-inch to three-quarter inches, from Thursday night until 6 p.m. Friday. The county is under both a winter storm warning and a hazardous weather outlook.

The NWS updated its winter storm warning at 10:44 a.m. Thursday, saying that the storm will likely affect the central part of the state from Thursday night until 6 p.m. Saturday.

The weather service warned that the county could see 1-4 inches of snow in addition to the ice, with snow and sleet beginning Thursday night into Friday morning. Thursday will have a low of 30 degrees while Friday’s high will be only 34 degrees, with a low of 31 degrees that night.



(TNS) - Although it appears that most of Connecticut will avoid a direct hit from the first major snowstorm of 2016, the rest of the East Coast may not be so lucky this weekend, and heavy snow totals expected in several major cities could affect travel throughout the region.

The storm's current track would bring snow to Connecticut early Saturday morning and persist throughout the day and into the overnight hours, according to the .

Fox 61 says the storm could bring "a coating to a few inches for most of the state with the least snow in far northern Connecticut. Higher amounts are possible in southern areas and especially along the shoreline where up to about six inches are possible."

New York City and Washington, D.C., will likely not fare as well, according to the weather service.



According to the latest predictions from analyst firm IDC, “more than 80% of enterprise IT organizations will commit to hybrid cloud by 2017.” That means that your organization is likely to evaluate an Infrastructure-as-a-Service (IaaS) solutions this year, if you haven’t chosen one already. As you consider options, it can be difficult to evaluate the different management platforms and sort through the vendor claims. A team of technical experts developed a list of evaluation criteria to make it easier. They have recently published a white paper that provides a clear comparison between Cisco UCS Director and HPE OneView.  The paper looks at three critical areas of IaaS functionality:

  • Orchestration and automation
  • Self-service provisioning
  • Heterogeneous provisioning and management

A concise side-by-side comparison is provided in a table on page 5 of the document with details provided in the other sections of the paper.



QTS Realty Trust has been one of the fastest-growing publicly traded data center REITs since its 2013 IPO, and its shares returned more than 80 percent price appreciation to shareholders for the last two years.

Can the company maintain this momentum going into 2016? That’s the question we asked its CIO Jeff Berson and COO Dan Bennewitz in a recent interview.

Last week, JP Morgan selected QTS as one of two data center REITs with an Overweight rating, along with sector peer CyrusOne.



Thursday, 21 January 2016 00:00

Slack space, or the devil is in the details

When I told you in my previous email that the only way to successfully erase a file is to COMPLETELY overwrite it, I wasn’t just trying to be dramatic. A few months ago, my friend had mistakenly deleted some photos from her SD card, so I encouraged her to try out some data recovery software. She was very surprised to find not only the pictures that she’d deleted, but also some very old ones — including her parents’ holiday pictures from when they used the SD card with their own camera.

I mentioned before that when a file is deleted, the physical slot in which it is stored becomes free, and new data can be saved there. So it might be tempting to leave things to run their course and wait for the file to be overwritten by another. Don’t give in to that temptation — waiting is not enough. Here’s why:



If you use a cloud service or let your employees access company systems from their own smartphones, you’ve probably already noticed how your IT security world has expanded. What used to be a tightly defined domain behind a firewall has morphed into something that now extends to the far confines of cyberspace. As a matter of principle, any business data that travels outside the company perimeter is automatically at greater risk, even if enterprises make great efforts to keep the risk delta as small as possible. However, the macro style solution of a bigger firewall no longer works when you have to deal with the Internet at large. Micro-oriented approaches offer another approach.

In essence, the idea is to equip each piece of data, each application, each system and each user with the security required to function autonomously and securely, whether inside or outside the traditional IT security perimeters. Instead of an external blanket approach to try to shield everything from harm, security is built in from the inside towards the outside.



The problem of e-waste, which has been growing for decades, shows no signs of receding in terms of the amount of retired products that are produced. The good news, however, is that the current focus on environmental issues appears to be creating an atmosphere in which more substantial actions are possible.

Curbed lays out the e-waste problem, which is pretty straightforward: People buy huge amounts of electronic equipment. Those numbers continue to grow. Two things are true of that equipment: Only a small portion gets recycled or carefully destroyed when its useful life ends and the vast majority of the equipment contains dangerous elements.

The numbers are staggering:



Thursday, 21 January 2016 00:00

Report: OpenStack Hampered by Skills Shortage

More than eighty percent of enterprises plan to adopt OpenStack as a cloud computing solution or already have. Yet, half of organizations that have tried to implement it have failed, hampered by lack of open source cloud computing skills. That’s according to a survey out this week from SUSE, the Linux vendor, which sheds vital light on current OpenStack adoption trends.

The survey results suggest strong enthusiasm for open source cloud computing, with ninety-six percent of respondents reporting they “believe there are business advantages to implementing an open source private cloud,” according to SUSE.

Strong interest in private clouds of the type OpenStack enables is also clear. Ninety percent of businesses surveyed have already implemented at least one private cloud, SUSE reported.



Thursday, 21 January 2016 00:00

New Thinking in Data Lake Design

The closer the enterprise gets to implementing Big Data analytics, the more daunting it appears. Even organizations that are well-versed in data warehousing realize that building infrastructure for the so-called “data lake” is a completely different ballgame.

Not only does the data lake require large amounts of computing power and storage access, it has to be integrated with cutting-edge analytics, automation, orchestration and machine intelligence. And ideally, this state-of-the-art infrastructure should be accessible to the average business executive who has little or no experience in the data sciences.

But as we’ve seen many times, things that seem impossible at the outset are often possible once you put your mind to it. And data lake technology is already starting to make its mark at the top end of the enterprise market and shows every indication of trickling down to the lower tiers.



In response to recommendations from the Government Accountability Office (GAO) and the Department of Homeland Security’s (DHS) Office of Inspector General, FEMA has posted a notice of proposed rulemaking in the Federal Register seeking comment on the concept of a disaster deductible for states and local governments in lieu of raising the threshold for disaster declarations.

The concept of the deductible would be tied to a predetermined “level of financial commitment” as a condition of eligibility for financial assistance under the Public Assistance Program made available through presidential disaster declarations.

The overall goal is to reduce the burden on taxpayers through mitigation incentives and risk-informed decisions that promote resilience.

Faced with the recommendations from the GAO and Office of the Inspector General that would raise the threshold for disaster declarations, which the agency thought would be regressive and put many states in a precarious position, FEMA staff came up with the deductible concept but is seeking details from state and local emergency managers. “This is not a done deal; this is a concept that we’re asking the state and local emergency managers to weigh in on,” said FEMA Administrator Craig Fugate. “We still have to respond back to the GAO and Inspector General about how we are going to address their concerns that the threshold for getting a declaration is too low.”