Fall World 2017

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 30, Issue 2

Full Contents Now Available!

Industry Hot News

Industry Hot News (589)

Jargon crops up everywhere, and business continuity is no exception. RTO, RPO, BIA, and others are often sprinkled liberally into conversations, plans, and reports.

Sometimes expanding the abbreviation makes things clearer to the uninitiated: for example, the terms “recovery time objective” (RTO) for an IT system and “business impact analysis” for BC planning give some hint of what lies behind them.

But what about “recovery point objective” (RPO), also one of the commonest terms used in defining a suitable disaster recovery/business continuity plan? Would we be better off if we banned the use of such jargon?

Banning probably wouldn’t work. For one thing, it would be the curtailing of free speech, and for another, like weeds, jargon would spring up again anyway. We need a better way of managing business continuity jargon, recognizing that it also has its uses.

...

http://www.opscentre.com/business-continuity-jargon/

We all want to know something others don’t know. People have long sought “local knowledge,” “the inside scoop” or “a heads up” – the restaurant not in the guidebook, the real version of the story, or some advanced warning. What they really want is an advantage over common knowledge – and the unique information source that delivers it. They’re looking for alternative data – or “alt-data.”

From the information age where everyone took advantage of easy access to information, we are now entering an age where everyone seeks alternatives: new sources of information and innovative ways of deriving unique insights.  This is the “Age of Alt.”

We know that business leaders want to better leverage data and analytics in their decision-making. But more importantly most decision-makers want to supplement their own data with external data; 81% tell us they want to expand their ability to source new external data.  Demand for data is exploding.

...

http://blogs.forrester.com/jennifer_belissent/17-06-22-the_age_of_alt_data_commercialization_brings_alternative_data_to_market

Many technologies are billed as hot, exciting and revolutionary. But which ones are really deserving of that moniker? Which ones are destined to change — or are changing — the storage universe?

Enterprise Storage Forum asked the experts.

...

http://www.enterprisestorageforum.com/storage-technology/5-hot-storage-technologies-to-watch.html

Friday, 23 June 2017 15:35

5 Hot Storage Technologies to Watch

What comes to mind when you hear the word “compliance”? Do you shiver, sigh, break out into hives, or all three? Believe it or not, your compliance colleagues are crucial to your social marketing success. This is especially true for marketers in regulated spaces such as financial services, healthcare, and pharmaceuticals. I can share from personal experience that my social marketing success at American Express was in part due to the relationships I fostered with compliance, legal, and even outside legal counsel — in fact, I’m still in touch with those former colleagues. Given the importance of breaking down the marketing compliance silo, I partnered with my colleague Nick Hayes on a new report, . And though the intention of this report is to help marketers in regulated industries, Nick and I both agree that all marketers can benefit from it.

...

http://blogs.forrester.com/erna_alfred_liousas/17-06-22-start_silo_busting_strengthen_your_relationship_with_compliance

We all make mistakes, and CCOs are no exception. While CCOs are a creative and dedicated bunch, they are often susceptible to these five common mistakes. Probably unsurprisingly, the cure for these ills is more due diligence and more relationship building.

Chief Compliance Officers are fallible – I know that is not a controversial statement. To err is human, and CCOs are members of the human species.

With the enormous expectations placed on CCOs’ shoulders, they are bound to make some mistakes. I have seen CCOs who have run into difficulties, and occasionally they have contributed to the problem through their own behaviors.

I thought I would identify some of the common mistakes I have seen. It is hard to generalize, but I have observed some common themes.

...

http://www.corporatecomplianceinsights.com/top-5-common-mistakes-made-ccos/

The Business Continuity Institute

One in ten small business owners and employees are regularly putting the security of their data at risk by sharing confidential files on personal devices, or sending documents to personal rather than work emails. This demonstrates a significant lapse in data security among the UK’s five million plus small businesses.

The study by Reckon also found that a quarter of small business owners (25%) and their teams save documents onto their desktops rather than a central server. This also means there is less likelihood of the data being backed up, so should a computer failure occur then the data could be lost. These statistics were just as prevalent in larger SMEs, those with a turnover of £10 million or more, as the findings showed that the same 10% of these larger businesses sent documents to personal devices and a third saved documents on desktops rather than central servers.

"We believe the reasons behind these data breaches may include ease of access when working remotely, and keeping documents to hand rather than sorting through mismanaged folders," said Mark Woolley, Commercial Director at Reckon.

Sending and saving documents incorrectly and to personal devices breaches basic data security guidelines and could even put employers and employees at risk of breaching data protection laws. Such practices also place confidential information at risk of hacks or unauthorised use, and also mean that employers cannot provide complete audit trails of documents within their own business.

It’s concerning that so many SMEs in the UK are ignoring basic data protection rules. The findings are especially worrying where SME owners are involved, as they are placing their own organization’s sensitive information at risk. Incorrectly managing data and information in this way can pose financial, reputational and security issues to a business, something that no business owner wants to have to deal with.

Cyber security is as much of an issue for SMEs as it is for larger organizations according to the Business Continuity Institute's latest Horizon Scan Report which showed that organizations of all sizes share the same concerns. A global survey identified the top three concerns for both SMEs and large organizations as cyber attack, data breach and unplanned network outage.

“Bad habits can easily stick, particularly amongst teams within businesses where there aren’t clear policies around data security,” added Mark Woolley. “I’d urge new businesses to set guidelines around working with documents and emails at the outset in order to give themselves a head start when it comes to keeping information safe. Businesses should also consider that new legislation such as the General Data Production Regulation will incorporate additional data security into law, making adhering to basic practices of vital importance."

The Business Continuity Institute

Cyber attackers are relying more than ever on exploiting people instead of software flaws to install malware, steal credentials/confidential information, and transfer funds. A study by Proofpoint found that more than 90% of malicious email messages featuring nefarious URLs led users to credential phishing pages, and almost all (99%) email-based financial fraud attacks relied on human clicks rather than automated exploits to install malware.

The Human Factor Report found that business email compromise (BEC) attack message volume rose from 1% in 2015 to 42% by the end of 2016 relative to emails bearing banking Trojans. BEC attacks, which have cost organizations more than $5 billion worldwide, use malware-free messages to trick recipients into sending confidential information or funds to cyber criminals. BEC is the fastest growing category of email-based attacks.

“Accelerating a shift that began in 2015, cyber criminals are aggressively using attacks that depend on clicks by humans rather than vulnerable software exploits - tricking victims into carrying out the attack themselves,” said Kevin Epstein, vice president of Proofpoint’s Threat Operations Center. “It’s critical that organizations deploy advanced protection that stops attackers before they have a chance to reach potential victims. The earlier in the attack chain you can detect malicious content, the easier it is to block, contain, and resolve.”

Someone will always click, and fast. Nearly 90% of clicks on malicious URLs occur within the first 24 hours of delivery with 25% of those occurring in just ten minutes, and nearly 50% of clicks occur within an hour. The median time-to-click (the time between arrival and click) is shortest during business hours from 8am to 3pm EDT in the US and Canada, a pattern that generally holds for the UK and Europe as well.

Watch your inbox closely on Thursdays. Malicious email attachment message volume spikes more than 38% on Thursdays over the average weekday volume. Ransomware attackers in particular favor sending malicious messages Tuesday through Thursday. On the other hand, Wednesday is the peak day for banking Trojans. Point-of-sale (POS) campaigns are sent almost exclusively on Thursday and Friday, while keyloggers and backdoors favour Mondays.

Attackers understand email habits and send most email messages in the 4-5 hours after the start of the business day, peaking around lunchtime. Users in the US, Canada, and Australia tend to do most of their clicking during this time period, while French clicking peaks around 1pm. Swiss and German users don’t wait for lunch to click, their clicks peak in the first hours of the working day. UK workers pace their clicking evenly over the course of the day, with a clear drop in activity after 2pm.

The Business Continuity Institute

The United Nations Office for Disaster Risk Reduction has claimed that climate change is greatly increasing the likelihood of devastating wildfires, such as the one that burned its way across Portugal last weekend but is now reported to be under control.

More than 60 fires broke out in a densely forested area near the small town of Pedrógão Grande, 200km north-east of Lisbon, killing more than 60 people, in what Portuguese Prime Minister Antonio Costa described as the country’s “greatest human tragedy in living memory."

Dr Robert Glasser, the United Nations Special Representative of the Secretary-General for Disaster Risk Reduction, urged countries to integrate climate change risk in their fire prevention and response planning, commenting that "the fire highlights the urgency of global efforts to reduce greenhouse gases as quickly as possible."

Organizations in regions where wildfires are a possibility need to consider how they would respond to such an incident, or any incident that could result in the loss of facilities, danger to staff, or the evacuation of people from the region. Actions that need to be thought through are how to communicate with staff, or other stakeholders, during the event, primarily to ensure their safety, but also to liaise with them about alternative work arrangements . If facilities have been damaged then they will need to consider where staff can work both in the short-term and the long-term, bearing in mind that staff may not want to work in the short-term as the organization is unlikely to be their top priority.

Adverse weather, which can lead to the conditions that cause and spread wildfires, such as no rainfall, high temperatures and strong winds, featured fifth in the list of concerns that business continuity professionals have, as identified in the Business Continuity Institute's latest Horizon Scan Report. Climate change is not yet considered an issue however, as only 23% of respondents to a global survey considered it necessary to evaluate climate change for its business continuity implications. given this latest statement from UNISDR, perhaps now is the time to start giving it greater consideration.

A new study published in Nature Climate Change found that 30% of the world’s population is currently exposed to potentially deadly heat for 20 days per year or more.

Heavy rainfall due to Tropical Storm Cindy is expected to produce flash flooding across parts of southern Louisiana, Mississippi, Alabama, and the Florida Panhandle, according to the National Hurricane Center (NHC).

Total rain accumulations of 6 to 9 inches with isolated maximum amounts of 12 inches are expected in those areas, the NHC says.

On Tuesday, Alabama Governor Kay Ivey declared a statewide state of emergency in preparation for severe weather and warned residents to be prepared for potential flood conditions.

FEMA flood safety and preparation tips are here.

...

http://www.iii.org/insuranceindustryblog/?p=5112

MSPs know that customers expect both scale and economics when it comes to the cloud.

For most, this means public cloud options like AWS, Google and Azure.

The subtitle for RightScale’s “2017 State of the Cloud Report” says it all: “Public cloud adoption grows as private cloud wanes.”

Public cloud services dominate news cycles for enterprise IT, and on the surface, the numbers seem to align with this narrative: organizations are increasingly leveraging public and hybrid cloud, while private cloud use feels like part of a forgotten era.

...

http://mspmentor.net/cloud-computing/3-reasons-why-private-cloud-here-stay

Page 1 of 3