Friday, June 25, 2010

Phishing and Identity Theft

More than 10 million Americans are victims of identity theft a year. A recent survey estimates that the dollar value of the crime was $52.6 billion in 2004. Individuals and businesses alike are at risk. This week’s articles can help you make your family and your business more secure against phishing and identity theft.

What does a phishing email look like? (Item #1) The stories keep coming about the growing number of large-scale security breaches. (Item #2) Identity theft has severe consequences to victims, their families, and employers. (Item #3)

Just a fisherman would use a spear to target a single fish, spear phishing targets individuals. (Item #4) The IRS urges consumers to avoid falling for these recent schemes. (Item #5) This report is intended for technically sophisticated readers such as security practitioners, executives, researchers, and others who wish to understand methods employed by online identity thieves and countermeasures that can prevent such crimes. (Item #6)

Get it all at

Wednesday, June 23, 2010

Business Continuity and the Economy

The current unsettled economy can impact business continuity in many ways. Even though there are signs that the economy is beginning to recover, businesses are still failing at a high rate. Organizations have been forced to adjust their business model and operating costs by reducing workforce, seeking other cost-saving opportunities, and developing business contingency plans for changing economic conditions. As the economy continues to stall, however, companies are now focused on managing emerging risks that could have an impact on long-term sustainability. It’s clear that mitigation or contingency plans need to be developed for their ongoing survival.

Traditional hazards certainly have not gone away in the current economic climate, but newer disruptions have gained prominence. (Item #1) In many businesses, managers are reluctant to release funding for this activity due, at least in part, to current economic difficulties. (Item #2) Recessions amplify risks; the absence of a tested plan is therefore much more dangerous in a recession. (Item #3)

Are you worried about the impact of the economy on your business? (Item #4) Until times are flush and money flows freely, it seems to be economically sound to maintain the business continuity function. (Item #5) Gone are the days when the days when an organization's business continuity planner could tick off a set of standard risks such as power failure, fire, flood, and perhaps vendor failure. (Item #6)

Read this issue, view past ones or even subscribe at

Wednesday, June 16, 2010

Compliance and Governance

Regulatory compliance and corporate governance many times go hand-in-hand, working together to keep organizations out of trouble with the government and, therefore, preventing disruptions that could damage reputation and the ability to continue operations. Every year, it seems, brings more concerns about compliance; regulators are now warning about social networking and its potential for problems. While it is important to ensure that compliance and governance are always on your radar, even 100% compliance isn’t the answer to keeping you 100% safe from disruptions.

Is management been placing too much emphasis on compliance? (Item #1) Businesses will not only have to monitor social networking communications, but they will have to capture the traffic, audit it and log it. (Item #2) Do you have all your corporate-governance ducks in a row? (Item #3)

Here are some steps that make the difference between a positive or negative audit experience. (Item #4) ISO 31000 is a standard to help public, private or community enterprises, associations, groups or individuals manage risk effectively. (Item #5) What do you know about the Red Flag Rule? (Item #6)

Read it all or subscribe to our Business Continuity NewsBriefs at

Tuesday, June 8, 2010

Plan Testing and Exercising

How often should you test your business continuity plan? As often as possible and as much of it as possible. Unless the plan is brought out and tested on a regular basis, there is the risk that some things won’t work if a real emergency does occur. If your plan needs testing, this week’s articles focus on the importance of testing and provide information on how to do it.

A large percentage of organizations do not test their business continuity plans. (Item #1) There’s nothing like a crisis to show you what’s not working. (Item #2) The key components of an effective exercise can be broken down into three simple activities. (Item #3)

You won’t know if your plan works unless you test it. (Item #4) Here are some sample table-top exercise scenarios to help you put your plans into action. (Item #5) Exercises and tests offer different ways of identifying deficiencies in IT plans, procedures, and training. (Item #6)

Get it all at

Wednesday, June 2, 2010

Hurricanes/Summer Weather

Summer is not far away – meteorological summer begins June 1 – and neither are the dangers of summer: hurricanes, floods, storm surge, lightning, high temperatures, humidity, water accidents. NOAA expects an active to extremely active hurricane season, and some areas of the country will experience extreme high temperatures and drought. All of these situations can threaten your business and your employees. Make sure you’re prepared to prevent as many disasters as possible and to recover in the event disaster strikes. The articles below offer some help in keeping your business operating.

Here are some tips to help you protect against hurricanes. (Item #1) This flood preparation guide can help you start or finish your plan and enhance your preparations. (Item #2) You can help yourself and others avoid experiencing heat disorders by following these safety rules. (Item #3)

Power failures, often the result of stormy weather, can mean data loss – and more. (Item #4) Lightning is a killer. (Item #5) If the worst does happen, this brochure can help you in your efforts to get back to normal. (Item #6)

Read the entire issue at