Thursday, January 30, 2014


Can you identify the most serious risks to your organization? Did your risk analysis identify catastrophic risks like earthquakes, tornadoes, etc.? If so, you’re not alone. Most organizations focus more on natural disasters and other catastrophes but less so on the more common risks that can cause problems any day of the week. This week’s articles may help you better assess your actual risks and prioritize them as well.

Before they actually happen incidents are called threats and each is a type of risk with a likelihood of occurrence and a potential impact if it does. (Item #1) Effective risk assessment is increasingly important to the success of any business. (Item #2) Risk and emotion are inseparable. (Item #3)

In order to manage change, it is important to understand the key assumptions done when assessing risks.  (Item #4) Are you familiar with the various types of risks? (Item #5) In common with any risky situation normal risk assessment rules apply to managing social media - identify, record and mitigate risk. (Item #6)

Wednesday, January 22, 2014

Insider Threats to Business Continuity

Insiders are possibly the most dangerous threat to business continuity. Organizations today are more vulnerable to such attacks, which are more difficult to detect. It stands to reason, therefore, that your business continuity plan should look at the risks of insider threats and how to deal with them. This week’s articles can be helpful toward that end.

Ericka Chickowski named five lessons learned from an FBI presentation at this year’s RSA Conference, which gives us some sobering food for thought. (Item #1) Are you ready for the conscientious objector in your midst as well as wearable technology? (Item #2) While the motivations are usually the same, there are three distinct, but different, types of insiders that can pose a threat to your organization's security. (Item #3)

For more than a decade, researchers have studied the impact of malicious insiders; the unintentional insider threat has only recently come under scrutiny. (Item #4) The CERT top 10 list for winning the battle against insider threats offers insight into the issue. (Item #5) This report identifies widespread concerns and how they can be addressed. (Item #6)

Wednesday, January 15, 2014

Flu & Business Continuity

It’s flu season again, and across the country more and more cases are being reported. If you haven’t planned for how to deal with the absences flu can cause, there’s still time to figure out how you’ll deal with things as the flu season progresses. And it’s not too early to start planning for the 2014-15 flu season!

The Centers for Disease Control provides information on the flu season and more. (Item #1) This guidance for employers can help reduce employees’ exposure to flu. (Item #2)  Here are some tips to help in planning for a safer, flu-free workplace. (Item #3)

Don’t think flu can affect your business? Think again. (Item #4) This article offers employers best practices for preventing the spread of flu. (Item #5)  Plan for the impact of a flu pandemic or epidemic. (Item #6)

Wednesday, January 8, 2014

Business Continuity Trends for 2014

None of us knows what’s in store for 2014, but plenty of experts have identified trends that will affect business continuity and disaster recovery this year. If you’re contemplating updating or changing your plans, this week’s articles may provide insight into how to be better prepared.

The article describes six emerging technology trends that will need consideration during 2014. (Item #1) What changes do organizations see in the way they handle business continuity in 2014? (Item #2) For 2014, Control Risks has identified a number of factors that will cause concern for companies, no matter which continent they do business in. (Item #3)

Booz Allen has compiled areas of focus for its annual list of the “Top Financial Services Cyber Security Trends for 2014.” (Item #4) What challenges threaten to impact on the integrity of enterprise IT systems during the year ahead?  (Item #5) From increasingly sophisticated DDoS attacks to stuxnets to insider threats, companies have plenty to worry about when it comes to enterprise security in 2014. (Item #6)