Wednesday, December 16, 2015

Safety at Home

We all know that things go better at work when we’re not worried about our families and things at home. This is why we do our annual safety-at-home issue of the newsletter, and we hope it will help give you and yours peace of mind during the holidays and beyond. Share this information with your employees and co-workers.

With these nine tips, you can ensure the safety of what matters most to you. (Item #1)   Here are some preparedness tips from the Red Cross to help prevent holiday fires. (Item #2)   If you are prepared for the hazards of winter, you will be more likely to stay safe and healthy when temperatures start to fall. (Item #3)

Injuries at home are common, especially among children. (Item #4)   Making preparations before attending mass events as well as taking notice of safety features once you arrive can make a difference. (Item #5)   An expert explains the spectrum of cold illness which begins with frostbite and moves to hypothermia.  (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, December 9, 2015

Testing and Training

When’s the last time you tested your business continuity plan? If you answered “never,” you’re not alone. And, if you tested your plan and you had problems, you’re among the majority. In spite of this, many companies do not test or exercise their plans regularly. People move on, processes change, vendors come and go... all of these changes should prompt updating and testing. Perhaps an exercise would be a good way to start off 2016. Our articles below could be of help.

There are many different types of plan 'test' or 'exercise', so it is important to choose the type of approach that works best for your organization. (Item #1)   Successful tests do not prove that a disaster recovery plan will succeed, but failed tests do prove that plan will fail, and that is what makes testing so important. (Item #2)   Here are suggestions for three things you can consistently do to ensure your Business Continuity Plan is tested and your organization is better prepared should disaster strike. (Item #3)

If your BC plan has been sitting on the shelf since it was completed, you’re likely to have trouble implementing it when it’s needed. (Item #4)   The truth is that you can’t really know if your plan works without running through a disaster simulation. (Item #5)   You should test your business continuity plan checklist at least twice a year and quarterly if possible. It might seem like a distraction and a disruption, but just remember that the future of your business is literally at stake. (Item #6)

Read more about Testing, Training and Exercises at

Wednesday, December 2, 2015

Winter Weather Preparedness

We’ve already seen winter weather hit some parts of the country, and things are bound to get snowier and icier before we see the end of it. Have you prepared a plan for the continuity of your business operations during winter storms... and also in the aftermath? If not, don’t wait until the blizzard hits to think about this important topic. Use this issue to focus your efforts on making it through with the least impact.

This article looks at some things to consider when your office building is forced to close down due to the weather conditions. (Item #1)   Advance preparation can help to mitigate winter weather impacts on your operations and business continuity. (Item #2)   Ultimately, building a culture of preparedness within the public arena and getting them to accept that prediction is not possible to the extent of 100 percent accuracy can be the intangible asset that reduces public angst regarding things that did not happen as predicted. (Item #3)

The key to reducing the risks of a large-scale work disruption caused by a winter storm is business continuity planning in order to minimize downtime caused by extreme weather. (Item #4)   Should you make your employees come to work in bad weather? (Item #5)   Measuring the economic effects of snow is more an art than science. (Item #6) 

Read or search past issues of the NewsBriefs at

Wednesday, November 18, 2015

After the Disaster...

These days, most people have business continuity plans. They spend a lot of time and resources on learning what could go wrong and how to prevent and mitigate those possibilities as well as getting through disruptions and disasters. Many companies, however, fail to spend sufficient time on what to do AFTER the disaster. This week’s articles focus on those concerns; review these with your team and see if your recovery plan is sufficient for your needs.

Here are the steps to take immediately following a disaster. (Item #1)   These steps will help you return to normal, or to the new normal. (Item #2)   There are many sources of assistance available to businesses after a disaster. (Item #3)

A business disaster is not just about dollars and cents or profit and loss; it is also about the human capital invested in the company. (Item #4)   How can you help your employees get back to work after a disaster? (Item #5)   Here are the five key weaknesses with most businesses’ recovery plans. (Item #6) 

Past issues of the NewsBriefs are available at

Wednesday, November 11, 2015

Holiday Issues

The stores are decorated, holiday movies are showing and it's the season to be jolly. Is your organization having a holiday party to celebrate? If so, you might want to check out our articles this week so you can avoid the things that could create liability for you. Share item #4 with your coworkers. Also, there are some tips for continuity over the holidays, and, finally, can you identify with these risks that are unique to Santa's efforts?

When it comes to holiday parties, businesses should take reasonable precautions to prevent any risks and financially protect themselves by making sure they have the proper insurance. (Item #1)   With all the goodwill and celebration of the holiday season, it can be easy to forget to take the necessary precautions to protect both your employees and your business. (Item #2)   Here are some tips to help keep the holiday season festive and safe, at home and at work. (Item #3)

Is the upcoming holiday office party stressing you out? (Item #4)   To help protect your business over the festive season here are eight tips for good Christmas continuity planning. (Item #5)   Risky Thinking identified a number of risks unique to Santa's organization. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, November 4, 2015

Business Continuity Planning

There are lots of reasons organizations don't have business continuity plans or don't have working business continuity plans. Maybe the senior leadership isn't interested in putting much money into what they view as a cost center. Perhaps they are suffering from "it-won't-happen-here" syndrome. It's possible that no one has really sat down and identified the potential for disruptions or simply hasn't time or resources to figure out how to recover from those disruptions. Whatever the reason, it's definitely time to correct the situation. This week's articles can help you begin, refine, improve or rethink your plan... read on.

When it comes to a business continuity program, make sure you understand what BC is not. (Item #1)  Assumptions are the IED's (Improvised Explosive Devices) of Business Continuity. (Item #2)   Here are the top ten mistakes IT managers make when performing business impact analyses. (Item #3)

Right-sizing your business continuity capability is a juggling act between allocating enough resources to plan, to respond and recover effectively when your business is struck by disaster. (Item #4)   What are the 10 things you need to know when developing your business continuity plan? (Item #5)   If your smaller company needs to get started on a business continuity plan, here's a handy business continuity checklist designed specifically for smaller organizations. (Item #6)

Subscribe or read past issues of the NewsBriefs at

Wednesday, October 28, 2015

Risk Management

Who is in charge of managing risk in your organization? Or perhaps we should ask who’s responsible… who’s going to get the blame if things go wrong? The best approach to risk management is to develop an integrated program to which all parts of the organization – not just the C-suite, not only the risk management committee – contribute. The best results occur when everyone, from the Board of Directors on down, steps up and helps ensure that nothing falls through the cracks. Perhaps this week’s articles can help you begin to put such a process in place.

While the concept of risk assessment may seem daunting, especially to an organization without a formal ERM program in place, a recent report points out that the process has many positives. (Item #1)   Proper risk management will reduce not only the likelihood of an event occurring, but also the magnitude of its impact. (Item #2)   The next level of risk management requires the organization to embrace a culture of disaster preparedness. (Item #3)

Most big hits to shareholder value result from strategic and operating risks. (Item #4)   Risk planning is critical, but it won't safeguard your project or your data or your customer from everything. (Item #5)   You need to have the entire board responsible for risk management instead of just delegating this to an audit or a risk committee. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, October 21, 2015

Business Interruption Insurance

By now, we all know how important it is to be able to get up and running as soon as possible after a business interruption. And it’s obvious that part of that recovery is having funds available to restore operations. You no doubt have business insurance, but how good is your business interruption coverage? And are you aware that there’s contingent BI in case the problem is not on your premises but on that of a customer and supplier? And what about cyber insurance? You can find more information about all these topics in this week’s articles.

Business interruption insurance can be as vital to your survival as a business as fire insurance. (Item #1)   In order to better understand business income insurance let’s explore three terms you need to know. (Item #2)   Are you familiar with the top five business interruption issues? (Item #3)

There are very few businesses in the modern world that would not be severely crippled if their network were unavailable. (Item #4)   How much of your company’s operations rely on another entity? (Item #5)   The core purpose of Business Interruption insurance, of course, is to offer funding to help cover lost revenue or increased expenses because of the disruption, including short-term financial impacts, but this insurance will only respond if the cause of the disruption is covered within the scope of the policy coverage. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, October 14, 2015

Crisis Communication

Crisis communication has been an important topic for a dozen years or more, yet we still see companies/organizations failing to follow the basic rules for communicating in a crisis. They either don't make plans or they fail to carry them out. You simply cannot plan for or respond to a crisis once you're in it; you must have done this work prior to its onset so you can hit the ground running. Have you factored in the effect of social media on your crisis response? Who are your spokespeople? If you can't answer these questions, and your crisis communication plan is a work in progress, read on.

Social media adds an overwhelming complexity to crisis communication. (Item #1)   Poor crisis communication can have devastating effects on a company's customer and shareholder relationships, brand perception and, ultimately, bottom line. (Item #2)   Swiftly respond to emergencies and help prevent future problems by having a solid crisis communication strategy. (Item #3)

In a crisis, human resources plays a critical role in getting workers the information they need when they need it. (Item #4)   Because the first two days following a crisis are the most critical, preparation is a key factor to ensure the situation is dealt with as quickly and efficiently as possible. (Item #5)   It's impossible to prepare for and manage a crisis concurrently. (Item #6)

Past issues of the NewsBriefs are available at

Tuesday, October 6, 2015

Meeting and Event Safety and Security

Attendee and employee safety and information security may be the most important concerns you have for every meeting/conference you sponsor, but there are hundreds of other details to consider as well. There's no doubt you have a plan to cover all these concerns, but this week's articles might provide some additional information you can use to tweak your current plan.

If not handled deftly, security issues could lead to incidents that prove both embarrassing and costly to the hosting company. (Item #1)   Maintaining security and privacy for high profile meetings is vital whether it is a shareholder meeting, political fundraiser or internal executive meeting. (Item #2)   The level of security you impose at any conference is parallel to the sensitivity of the information presented. (Item #3)

From ensuring safety of attendees to protecting personal and group property to safeguarding an organization's reputation, risk management of host venues takes many forms for planners, whose job is to think of everything. (Item #4)   Consider these 7 ways to keep your employees safe – before, during and after your corporate event. (Item #5)   Here's a checklist to implement, well in advance of your event, which will aid in effective planning and the achievement of an acceptable level of risk reduction. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, September 30, 2015

Recovering from a Data Breach

According to the latest Verizon Data Breach report, 85 percent of organizations breached did not realize they had been compromised, sometimes for weeks or months. Often they only found out when alerted by a third party. So cyberhackers can be at work in compromised networks -- as we've seen in many recent situations -- for weeks or months. The question, then, is what do you do once you find out your data has been compromised? This issue provides the answers.

Given the near-certainty that some form an attack or data breach will happen in your organization, it makes sense to consider scenarios and plan for them when it happens. (Item #1)   What's the most important next step you should take following a data breach? (Item #2)   Security analysts are saying that it's not IF you are the victim of a data breach but WHEN. (Item #3)

Responders need a plan of action going into a breach and tools to support those actions. (Item #4)   Cost estimations provide a new perspective on the severity of IT security incidents. (Item #5)   Why are you often the last to know that your data has been breached? (Item #6)

Check out back issues of the NewsBriefs at

Wednesday, September 23, 2015

Fire Preparedness/Safety

Since October is National Fire Prevention Month, this week we take a look at mitigating, preparing for and staying safe in a fire. According to the Bureau of Labor Statistics fires and explosions accounted for 109 fatalities in the workplace in 2010, and, even though that’s only 4% of workplace fatalities, many of them are avoidable. If your fire preparedness plan isn’t up-to-date, this week’s articles can help you improve on it.

Use this fire safety checklist to see how prepared your business is for a fire. (Item #1)    Here’s information for small businesses to facilitate fire prevention planning. (Item #2)    Everything you need to know about choosing and using fire extinguishers. (Item #3)

Keeping employees safe in a fire or other emergency may require that they evacuate. (Item #4)    HR has an important role to play in workplace fire safety. (Item #5)    Don’t forget safety at home... here are 10 simple tips to help you avoid fires and reduce the risk of injury should one occur. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, September 9, 2015

Employee Issues

Your employees, which are a critical resource, also can become a source of difficult problems if you're not careful. What they say and do online, how well they protect their passwords, and how they act with other employees can cause you trouble when you least expect it. So how do you handle these potential difficulties? If you haven't addressed these issues in your plan, check out this week's articles, which can help you develop or refine policies to prevent future problems.

Should employers monitor employees online? (Item #1)   Your business could be liable if employees misuse the Internet. (Item #2)   There is a vast difference between asking for employees to exercise good judgment and hovering over their Tweets like Big Brother. (Item #3)

Employees will never have good password hygiene if a company doesn't make it easier for them by providing better tools. (Item #4)   Here's how IT (working with HR) can help ensure the company's data doesn't walk out the front door. (Item #5)   If you don't deal the problem of difficult employees, it will only get worse. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, September 2, 2015

Online Reputation Management

It used to be said that if you make a customer/client happy she'll tell a friend, make her mad and she'll tell 10 friends. Well, today unhappy people can tell tens of thousands via the Internet and damage your business reputation in no time at all. If this happened to you, would you have the ability to manage your online reputation? Yes, you could hire an online reputation management company (and sometimes you might not have another choice if the damage is bad enough), but there are some steps you can take yourself to monitor and mend your reputation. This week's articles provide some good ideas to try.

We asked professionals in public relations and reputation management to share the biggest reputation mistakes they've seen businesses and individuals make. (Item #1)   There has been a dramatic increase in the number of ways a company's reputation can be damaged, but there's been no corresponding increase in the tools or efforts available to manage reputations. (Item #2)   In an environment where consumer confidence in a brand's digital presence can make or break business success, approaching online reputation management ethically is a core strategy. (Item #3)

Here are some of the most important steps you need to be taking to manage your online business reputation. (Item #4)   Your company's reputation is integral to revenue management strategies that will create robust profit margins. (Item #5)   Here are 10 online reputation management statistics that reinforce the importance of controlling--and improving--your digital image. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, August 26, 2015

National Preparedness Month

September 2015 is the 12th annual National Preparedness Month and a good time to determine if you're ready for the various disasters or disruptions that could occur. This year's theme is "Don't Wait. Communicate. Make Your Emergency Plan Today," and it's great advice. is urging everyone to make a plan including having an up-to-date contact list for everyone in your organization and establishing alternate methods of communication in case traditional methods are unavailable. And remember preparedness at home as well.

Ham radio might be a viable alternate communication system... check out this info. (Item #1)   The following information will help you better understand what happens to our communications systems during an emergency and how best to use our communications systems during a crisis or disaster. (Item #2)   Make emergency communications part of your plan to be prepared; it is likely that at some point you will need it. (Item #3)

This Ready Business Mentoring Guide: User Edition is designed to help small business owners and managers take action to reduce the impact of natural or man-made disasters. (Item #4)   A new report looks at the preparedness lessons that can be learned from Hurricane Katrina. (Item #5)   This checklist provides general guidance that can be useful in developing a checklist appropriate for your business. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, August 19, 2015

Business Continuity Planning

Some organizations seem to think that business continuity planning is asking for trouble... look for what might happen and it will. After all, “nothing has ever happened in all the years we’ve been in business.” But, as the Bob Dylan song says, "The Times They Are A-Changin.” We’ve seen too many disasters and disruptions not to be wary that these things can also happen to us. So, if you’ve been slow to start this planning project or just haven’t kept things up to date, this week’s articles should be helpful to you and your team as you build or refine your plan.

Most people aren’t reluctant to create a business continuity plan – they just aren’t aware of why they need one or what they are. (Item #1)   Consider how your current plan is equipped to address your company’s resilience to and recovery from disruptions and disasters in these nine critical areas. (Item #2)   Especially during a calamitous event, your business continuity strategy must factor in the emotional and physical impact on your workforce. (Item #3)

Companies that survive unexpected incidents are the ones that thought about their employees’ needs. (Item #4)   The business owner who said he didn’t need a BC plan was not getting the business benefits of establishing and maintaining a business continuity plan.  (Item #5)   Check out these 10 tips for business continuity planning. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, August 12, 2015

Cyber Issues

If you haven't gotten serious yet about preparing your organization for a cyber attack, now's the time. A recent survey from Juniper suggests that cybercrime may cost businesses more than $2 trillion in the next five years, citing the increasing professionalism of cyber crime. We've rounded up some articles this week that provide some insight on what's happening in cyber security and how you might prepare to respond to attacks. Talk with your team about policies and procedures you might put in place to protect your assets.

The best way to demonstrate the needs for cyber security policies and procedures is to perform a Cyber Security audit and implement the resulting recommendations. (Item #1)   It is absolutely critical to understand what kind of data a company collects, how the company uses, stores, shares, processes, protects, and disposes of information, and how to develop and evaluate a plan to respond to attacks that target these data. (Item #2)   This white paper provides essential insights for management to get the basics of cyber security right. (Item #3)

Organizations need to accept that an attack is not only possible but that it is likely: and that requires a mind-set shift. (Item #4)   It seems buying insurance against the financial consequences of cyberterrorism from Lloyds of London, the world's oldest insurance market, is easier and more palatable than tackling the underlying problem. (Item #5)   This cybersecurity controls checklist could be helpful in determining how prepared you are to meet the threat of cybercrime. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, August 5, 2015

Getting Management Buy-In

Over the years, we have talked about the importance of getting management buy-in for business continuity plans. Once again, we have collected some articles that can help you attain the buy-in you need as you develop and refine your plans. In addition, some of the needs of the C-suite have changed and article #2 talks about how to sell to the modern C-suite. Also, once the senior execs are on board, you do need to get middle management engaged and supportive (see item #6).

Paradoxically, support for BC/DR is just as unlikely to come from below—putting you in the awkward position of convincing the organization to value business continuity only after you help senior management see they need to find it valuable, too. (Item #1)   By showing the C-suite that BCP can help them meet their unique objectives, your organization as a whole can reap the benefits of having a plan. (Item #2)   Here are 10 tips for getting executive support for your BC program. (Item #3)

These brief videos can help you increase awareness and understanding of the importance of Business Continuity to your organization. (Item #4)   The information provided can very well be the organization's first steps of business continuity or a revitalization of an existing program that's become archaic or dysfunctional. (Item #5)   You've gotten the support of executive management; now how do you get middle management on board? (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, July 29, 2015

Workplace Violence

According to OSHA, murders in the workplace are the leading killer of female employees and the second-leading killer of males. But workplace violence isn't limited to murders. Our articles this week discuss the many faces of workplace violence and what steps you can take to prevent violence and how to recognize the potential for such violence. Is your team working on a workplace violence plan? This should be part of your business continuity efforts.

So many of us believe that we're immune to workplace violence, but this is primarily due to the fact that we just don't understand what workplace violence really is. (Item #1)   Workplace violence does not have to be horrific or "violent" but it can result in non-fatal acts of violence which are of an everyday workplace concern. (Item #2)   U.S. employers are obliged under the Occupational Safety and Health Act as well as its common-law duty to act reasonably in eliminating or reducing risk of injury to workers or patrons. (Item #3)

On top of the devastating physical and emotional costs, domestic violence affects the workplace in several other ways. (Item #4)   Here's what to do before, during and after an incident of workplace violence. (Item #5)   One critical strategy for preventing workplace violence is to review what is at the center of every workplace violence situation: employees. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, July 22, 2015

Testing and Training

Most of us make a resolution every year to exercise more, buy a membership in a gym, then get too busy to follow through. But don't let this be your approach to exercising your business continuity plans, because the future of your organization – not to mention the safety of your employees - could rest on those exercises getting done regularly. When's the last time you tested your plan? It's been a while? Well, read on and start planning your next exercise.

The key is to incorporate exercising as part of the overall business continuity management process. (Item #1)   If we told you that you could write a business continuity exercise for every plan and every team in your organization in the next three minutes, would you believe us? (Item #2)   The why-bother-to-exercise attitude is based on three assumptions that, to quote the old song, "ain't necessarily so." (Item #3)

Practice makes perfect - so put your BC/DR plans to the test. (Item #4)   If you use any of these 19 tips for your BCP exercise, the benefits of the exercise could increase. (Item #5)   There are several key benefits that your crisis management team (CMT) and your organization will realize by investing the time to practice what to do in the event of a disaster. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, July 15, 2015

Crisis Management and Business Continuity

Depending on which experts you consult, business continuity is part of an overall strategic crisis management plan, or crisis management is a component of a business continuity plan. Whichever you believe, the two are certainly intertwined and both are critical to an organization's resumption of operations after a disruption and to how well the organization makes that happen. This week's articles focus on crisis management and may provide you with some ideas on improving your crisis management plans.

The terms business continuity trends and crisis management are thrown around a lot, and many are under the mistaken impression that the two have the same meaning. (Item #1)   Preparing for the unseen calls for versatility; it is the very foundation of organizational crisis management. (Item #2)   Crisis management and business continuity plans must be expanded from isolated company-specific disasters to plans for massive regional damage. (Item #3)

Crisis management will get you through the initial impact of a disaster, but you need a comprehensive business continuity program to sustain you beyond 48 hours. (Item #4)   Major breaches will have a detrimental effect on a company. (Item #5)   Can military principles and processes really be applied to corporate crisis management? (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, July 8, 2015


There are many types of communication, and you most likely use most of them in your business endeavors – crisis or emergency communication, employee communication, social network communication, etc. You may even have plans for all of these. This week, we look at some of the important communication issues and we hope you’ll take a look at your plans and see how they might be improved.

How does a company actually communicate in 2015? Very, very carefully.  (Item #1)   Find out the proper steps business continuity planners need to take to develop and execute an emergency communications plan. (Item #2)   With all of the advancements in technology, it has become more difficult to justify poor communication. (Item #3)

Given its important role, crisis communication must be part of an effective business continuity plan, and not come as an improvised afterthought. (Item #4)   Remember that effective employee communication is a crucial component of any comprehensive crisis management strategy and indispensable to minimizing crisis-related damage. (Item #5)   Data security is not one size fits all, nor is a data security communication plan. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, June 24, 2015

Safety and Security

Most crime in the workplace, be it cyber or physical, occurs where there is a lack of security planning. Organizations need to ensure that their cyber security is the best possible, but they especially have to take steps to keep their physical locations security in order to keep employees safe. This week’s articles take a look at both these security needs. You and your team should take a look at these and see if your plans cover everything recommended by the experts.

As an entrepreneur, one of your priorities should be ensuring the safety of your employees; read these tips for creating a more secure and potentially more productive work environment. (Item #1)   Michael O'Neil, a founder of the NYPD Counterterrorism Division, weighs in on keeping employees safe. (Item #2)   What’s the difference between a safety program and a safety culture? (Item #3)

There are five steps to creating a good security plan. (Item #4)   Major breaches will have a detrimental effect on a company. (Item #5)   IT bosses say they struggle to convince companies of the value of implementing expensive security systems. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, June 17, 2015

National Special Security Event (NSSE)

An NSSE is a national or international event that has the potential to attract terrorists or other criminals. The upcoming visit of Pope Francis is such an event, as are presidential conventions and inaugurations, the Super Bowl, and other such activities. What does this have to do with you? Well, if you live or work in the region of such an event, your life and business can be impacted by things like traffic restrictions and security precautions. If you live or work in or near Philadelphia, New York or Washington, DC, it would be smart to start thinking about how your organization could be affected. And take the time to find out whether other NSSEs or just any major events in the upcoming year might require some planning on your part.  

The scope of the operations for the pope's visit addresses everything from crowd control, crisis response, air-space safety, fire and life safety, hazardous materials response to terrorism threats on down to first aid and heat exhaustion. (Item #1)   Pope Francis' visit to Philadelphia in September 2015, his first to the U.S. as pontiff, is expected to generate $418 million in economic benefits to the region. (Item #2)   The 2016 Republican National Convention will transform Cleveland and disrupt the everyday life of the city. (Item #3)

When Pope Francis comes to town in September, will Philadelphians still be able to make and receive calls on their cell phones? (Item #4)   Wisconsin businesses have experienced the impact of protestors twice in the past several years. (Item #5)   This UK guide to the risk of protests has good tips for everyone. (Item #6)

Past issues of the NewsBriefs are available at

Thursday, June 11, 2015

Identity Theft

Almost daily, there are news reports of identity theft victims. But don't assume that only individuals can be the targets of ID theft perpetrators. More and more ID theft is being aimed at businesses large and small, and sometimes the thieves are so good you may not know for days that you've been attacked. Is ID theft on your risk list? Do you have a plan to deal with it? If not, sit down with your team and discuss some of the info in this week's articles... you owe it to your organization to do so ASAP.

The rise in business identity theft puts your business at serious risk. (Item #1)   Business identity theft is the newest threat to small businesses all across America. (Item #2)   Business ID theft can turn your business dream into a personal nightmare. (Item #3)

Fraudsters are now obtaining information about companies and assuming their business identities in order to steal company assets, client lists and credit information or secure new business relationships and payments. (Item #4)   Since brand value accounts for nearly 75 percent of business value in the U.S., guarding against corporate identity theft is much more than a technology problem. (Item #5)   FTC website offers resources for ID theft victims. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, June 3, 2015

National Safety Month

Most employees feel safe at their place of work, but that is mostly because nothing has ever happened there. In workplaces where fires, accidents, violence and other disruptions have occurred, employees know that bad things can happen and are not complacent about their safety. This month, National Safety Month, is a good time to take a good look at your workplace to see exactly how safe you can make it. Get your team together to discuss this, and don’t forget to get employee input as well.

Workplace health and safety hazards can be costly (to lives and the bottom line), but the good news is that they are largely preventable if you take the right precautions. (Item #1)   Here are a few ways to make your office safer. (Item #2)   What should employers do to protect workers from fire hazards? (Item #3)

A company should provide employees with a safe parking lot as well as protection while getting to or from that lot. (Item #4)   Help keep your home office space secure for kids and pets by following these safety guidelines. (Item #5)   As a leader, you are responsible not only for your own safety, but for the security and safety of those you lead.  (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, May 27, 2015

Mass Communication Systems

Whether you require a mass communication system for use in an emergency or for use in event of other business disruptions, do you know what would work best for you? If not, take a look at this week's articles for some helpful information about the various types of systems and their uses, including integrating social media into your system.

A single timely notification can make the difference between an inconvenience and a disaster. (Item #1)   Mass notification systems are not only useful in emergencies. (Item #2)   Comprehensive notification coverage generally requires a variety of alerting methods to overcome obstacles that may prevent individuals from receiving an emergency alert. (Item #3)

Here's the latest breakdown of the more commonly used emergency alert systems. (Item #4)   Twitter offers access to an API that can easily integrate into notification systems. (Item #5)   This article lays out different messaging methods possible with mass notification systems. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, May 20, 2015

Hurricanes/Severe Weather

National Hurricane Week is May 24-30, with hurricane season beginning officially on June 1. It seems, however, that hurricane season can hardly wait to get here, if early May’s tropical storm Anna is any indication. Many people lack awareness and preparation for hurricanes, and this can cause problems for everyone. If you know what risks you face and what to do when a hurricane is on the way, you can mitigate the effects on your business and home.

In order to prevent your business from being another hurricane statistic, it is critical to prepare now. (Item #1)   Developing a written preparedness plan and training employees to implement it is critical. (Item #2)   This nonprofit advocates a public-private partnership to cope with woes from floods to pandemics. (Item #3)

Consider how employees will play a role in the business continuity planning process for hurricanes. (Item #4)   Some organizations may not anticipate or prepare for the extensive destruction and prolonged recovery period that can be the result of a hurricane; here are some lessons from Hurricane Katrina. (Item #5)   Prepare and recover using this information provided by the Insurance Institute for Business & Home Safety. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, May 13, 2015

Business Continuity Planning

How's your business continuity plan working for you? What happened when you tested it? If there were failures, are you fixing the cause? A BCP has to be a living thing... you can't write it down, put it on a shelf and expect it to adapt to a situation two years later. It requires updating, re-thinking, and, of course, testing. When's the last time you reviewed and updated it? Don't wait; do it now. Don't have a plan? Start one today.

You've been asked to formalize a business continuity program... now what? (Item #1)   Being prepared is the cornerstone of having a business continuity plan regardless of the size of a company. (Item #2)   This article explores the common business continuity-related mistakes and pitfalls that lead to wasting time, money, and effort and provides solutions. (Item #3)

Here are a few important components to include in your small business continuity planning program. (Item #4)   Business continuity planning is an area often neglected by technological innovation, but the resulting efficiencies may prove to be a life line and an investment that ultimately pays for itself.  (Item #5)   Here are 10 reasons why business continuity plans fail. (Item #6) 

Past issues of the NewsBriefs are available at

Wednesday, May 6, 2015

Records Management & Email Retention

Think of all the possible dangers of email communication -- copyright infringement, harassment, disclosure of confidential information, viruses, and others -- and you'll know that you need to have an email policy to prevent all kinds of legal liability and litigation. What's your organization's email and records retention policy? Is everyone aware of it and familiar with its contents? If not, it's certainly time to create a policy and discuss how it will be implemented and disseminated to everyone. You'll find some help in the articles linked below.

A well-managed records retention and destruction program can help support your company's efforts to face business challenges.  (Item #1)   Here are worst (and best) practices for securing data and documents. (Item #2)   Email archiving used to be a nice-to-have, but being able to save–and retrieve–email is now a must-have in today's environment. (Item #3)

Documents that are kept for too long risk breaching data privacy and protection laws; documents that are destroyed too soon could put you in breach of e-disclosure law. (Item #4)   Small businesses have the same level of responsibility as larger organizations in ensuring regulatory compliance, consistent retention and business continuity in the event of a disaster. (Item #5)   As many high-profile cases have shown, failure to comply with an e-discovery request for e-mail as part of the litigation process can have a tremendous impact on businesses. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, April 29, 2015

Testing Your Business Continuity Plan

A recent article stated -- sometimes failure is the best way to learn if your plan is working. You can't even fail, however, if you don't exercise the plan. When did you last test your business continuity plan? If you haven't done it in a year, you're definitely due. Take a look at this week's articles and sit down with your team to figure out when and how you'll put your plan to the test.

It's not rocket science but there is a skill to setting up and running a great exercise.  (Item #1)   Having a business continuity plan is good, but testing it regularly is equally important. (Item #2)   Risk monitoring and testing ensure that the institution's business continuity planning process remains viable. (Item #3)

Testing your plan is a critical step you should not skip. (Item #4)   The article identifies business continuity concepts that should be tested, training priorities, and exercise recommendations. (Item #5)   A comprehensive, multi-dimensional and ongoing BCP DRP testing program is the only way to achieve the level of confidence you and your senior executives expect. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, April 22, 2015

Getting Buy-in for Business Continuity Plans & Activities

We talk all the time about how to get buy-in for business continuity from top management and/or the board, but we also should consider the other stakeholders in the organization. What about getting buy-in from middle management and other staff? And, after you get the support you need, how do you get your project funded? These are some of the questions that this week’s articles answer. Perhaps it is time to assess your situation and do some thinking and brainstorming about how to handle these challenges.

What can you do to influence your C-Level team on Business Continuity? (Item #1)   It’s time for BC professionals to go the extra mile, reaching out to everyone in the organization. (Item #2)   A company has to be prepared to tackle political fall-out at all levels, so involvement of all levels of management is key in order to fully develop the Business Continuity plan. (Item #3)

You and your peers might take it for granted that senior management understands the need for disaster avoidance and recovery planning; this is not often the case. (Item #4)   Simulations can force top managers to identify their organization’s most important data assets for the first time, as well as consider the potential risks to those assets of cyber attack. (Item #5)   This FEMA video offers advice on how to communicate effectively about business continuity with senior leadership and gain their support. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, April 15, 2015

Social Media

Social media... to some it's an incredibly useful business continuity tool, but to others it's an area fraught with potential disaster. Both views are valid. If, however, you have a plan for using social media in a crisis and/or responding to social media crises, you can avoid, or at the very least, mitigate a catastrophe. Do you have someone who monitors social media? What happens if they find negative comments? Do you know how to respond? If not, it might be helpful to look over the articles below and meet with your team to come up with a plan for dealing with the negative and using social media to your benefit.

There are both positives and negatives about the use of social media as a business continuity tool. (Item #1)   Handling negative social media comments is the topic of this brief video. (Item #2)   What can you do to avoid costly mistakes in developing and implementing social media strategies geared toward improving your organization's crisis management? (Item #3)

We can all learn from the mistakes of others... (Item #4)   But we can also learn from their successes. (Item #5)   It is important to remember that stakeholder engagement via social media must be geared toward building social capital and stakeholder trust well before a crisis occurs. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, April 8, 2015

Crisis Communication

In today's world, with the eternal vigilance of social media and the 24-hour news cycle, almost anything can become a crisis to deal with. Are you prepared to respond to crisis situations? Have you sat down with your team and brainstormed about the kinds of things that could become a crisis for your organization? What if the CEO dies suddenly? Or one of your executives becomes involved in a scandal that starts a social media frenzy? Or lightning takes out both your data center and your back-up servers? No? Then perhaps you need to set up a meeting to do so ASAP. Your reputation and your survival could depend upon it.

Here are a few tips about how to brace for severe and volatile crises. (Item #1)   The crisis response is what management does and says after the crisis hits; research falls into two sections: the initial crisis response and reputation repair and behavioral intentions. (Item #2)   Instead of trying to create a locked-down plan, what you need is a process for quick decision-making. (Item #3)

It's important to understand that communication issues will arise, and that having a plan for addressing them will make life easier when they do. (Item #4)   Expect the unexpected, and then try to prepare for the most devastating possibilities. (Item #5)   The work of crisis communication is two-fold -- preparation and response. (Item #6)

Subscribe or read past issues of the NewsBriefs at

Wednesday, April 1, 2015

Workplace Violence

April is Workplace Violence Awareness Month, sponsored by the Alliance Against Workplace Violence. It is, therefore, a good time to revisit this topic and perhaps to rethink the policies you have in place for recognizing, preventing and dealing with workplace violence. How can violence in the workplace impact your business? What is its effect on productivity and your bottom line? The articles below can provide some food for discussions with your business continuity team.

This Workplace Violence website provides information on the extent of violence in the workplace, assessing the hazards in different settings and developing workplace violence prevention plans for individual worksites.  (Item #1)   Companies that recognize the potential for workplace violence are in the best position to prevent it.  (Item #2)   This brief video offers seven tips on how to prevent violence in the workplace. (Item #3)

It is crucial that domestic abuse be seen as a serious, recognizable, and preventable problem like thousands of other workplace health and safety issues that affect a business and its bottom line. (Item #4)   In today’s society no company is immune from the threat of workplace violence; prudent, proactive measures can reduce the likelihood of a tragedy and reduce the risk to your business. (Item #5)   Incidents of violence in the workplace highlight the need for business owners to take precautions and proactive measures to protect employees and coworkers and reduce the likelihood of an incident of violent crime. (Item #6)

Subscribe or read past issues of the NewsBriefs at

Wednesday, March 25, 2015

Meeting and Event Planning

Most meeting & event planners have seen more than their share of disasters and near-disasters in the years they have worked in this field. But, regardless how much you've been through, you've not seen every possible thing that can happen. This week, our articles focus on avoiding and handling disasters at events and meetings and steps you can take to help you do this. One important thing to remember is to do your research on the venue and its location so you’ll have a better idea of what types of disasters or disruptions could occur -- strikes, demonstrations, weather, etc. If you have a big event coming up, perhaps it would be a good idea to meet now with your team to brainstorm possible problems and solutions.

Here are five potential conference fails you will want to avoid, and how you can prepare for them. (Item #1)   No matter what type of event trouble you’re facing, here’s how to get things back on track and avoid disaster.  (Item #2)   Vivid nightmares that often haunt a planner in the days prior to an event could become reality. (Item #3)

Failures in the planning and administration process also can derail an event. (Item #4)   Protect guests and crew by planning for any contingency in inclement weather at outdoor gatherings. (Item #5)   Here are five things meeting planners can do to make meetings safer; it’s not a comprehensive crisis preparedness plan, but it’s a start.  (Item #6)   Take a look at this checklist and list of resources for planners; you might find some good tips here. (Item #7)

Subscribe or read past issues of the NewsBriefs at

Wednesday, March 18, 2015

Reputation Management

Do you know what people think of your company or organization? If so, how do you know? If not, why don't you know? Your reputation is one of your most marketable assets, and it needs to be looked after the way you would any other valuable asset. So, what are you doing to take care of it? The authors of this week's articles have good advice on the subject. Why not convene a meeting of the executive team and/or the BC team and see what more you could be doing to protect your valuable reputation.

Search engine optimization experts share tips and tools to help you manage your company's online reputation. (Item #1)   Here are the five new reasons a CEO should care about their online reputations. (Item #2)   What people say about your company online has become the single most important reflection of your company's quality, reliability, and skill.  (Item #3)

Can you put a price tag on corporate reputation management? (Item #4)   These six tools can make managing your online reputation a breeze. (Item #5)   These essential ORM strategies & tactics can save your ASSets.  (Item #6)

Subscribe or read past issues of the NewsBriefs at

Wednesday, March 11, 2015

Business Continuity

Business Continuity Awareness Week begins March 16, and the theme for this year's observance is "Putting Your Plans to the Test." According to the Business Continuity Institute, they want to call attention to the importance of testing and exercising and of ensuring that all staff understand this importance and know what to do in the event of an actual disruption. Some studies have shown that many companies have not tested their plans in more than a year; have you tested yours? Perhaps now is a good time to plan -- and conduct -- an exercise.

You cannot stop every incident from affecting your business but you can put a business continuity plan in place to try and keep your business going. (Item #1)   Use any of these business disruption scenarios to test your plan.  (Item #2)   You can take actions to help protect emotional well-being during a shelter-in-place emergency.  (Item #3)

How often you test your plan depends on how well you want it to work. (Item #4)   Not having a plan, and not exercising the plan, is almost like making the same mistake twice -- and the result can be devastating to your business. (Item #5)   Support BC week by downloading these posters and sharing them within your organization or online using social media. (Item #6)

Subscribe or read past issues of the NewsBriefs at

Wednesday, March 4, 2015


What kind of a shelter-in-place plan does your organization have? Do you have a designated location, food, water, protective masks, etc.? Will your plan cover every possible reason to shelter in place? It’s probably not possible to prepare for anything that could possibly happen, but are you satisfied you’re ready for the most likely possible reasons? If you have not revisited your plan lately, it may be time to do so and make updates based on current threats in the world right now.

Shelter-in-place may not actually mean staying exactly where you are. (Item #1)   Shelter in Place is designed for those situations in which it is safer for employees to remain in the building than to evacuate. (Item #2)   You can take actions to help protect emotional well-being during a shelter-in-place emergency. (Item #3)

These links will take you to NICS documents and other information related to sheltering in place. (Item #4)   It's important for landlords to be familiar with their shelter-in-place obligations because providing shelter at a residential property requires the cooperation of employees, tenants, and any visitors who happen to be on the property at the time of the emergency. (Item #5)   There are legal issues with sheltering in place that can’t be ignored. (Item #6)

Subscribe or read past issues of the NewsBriefs at

Wednesday, February 25, 2015

Building Safety and Security

If you own your building, there are many concerns and regulations to consider. If you rent your space, many of the same issues are also important. As the quote implies, it's about the people first. So, while you want to protect the building and assure its longevity, you first need to have plans in place to get everyone safely out of the building and to keep them safe indoors if required. The concerns addressed in this issue -- civil unrest, for example -- might be good scenarios to test your plan against.

From bad building designs to management that ignores badge rules, here are the top building security mistakes. (Item #1)   An expert explains why smart buildings bring a new range of potential vulnerabilities that need management and mitigation. (Item #2)   Here are some actions that property owning organizations can take to better protect facilities, tenants and employees from civil unrest. (Item #3)

Managers in all settings can benefit from these tips on contingency plans for terrorist attacks. (Item #4)   Occupants can fill key roles in the process of clearing a building. (Item #5)   Making fire extinguishers available is not enough; people have to know how to use them; share this video with everyone. (Item #6)

Subscribe or read past issues of the NewsBriefs at

Wednesday, February 18, 2015

Exercising the Business Continuity Plan

If you're not buried under some of the historic inches/feet of snow that have fallen in various locations of the US, you likely feel sorry for the folks getting all that weather but you're also glad it's not you. But what if you pretend it is you? Wouldn't this winter weather (not to mention flooding and fires on the west coast) be a good scenario for testing your business continuity plan? What would you do if it was your business under all that snow or  in that flooding this week? Dust off your BC plan, take a look at this week's articles, and do a table-top simulation of how you would survive Mother Nature's wrath!

Exercises are used to testing emergency plans but they are also useful events to run when actually writing plans and procedures because they help generate discussions and stimulate thinking on what the contents of the plan could be. (Item #1)   A program of training, exercises, and tests moves plans beyond the concept stage, provides training opportunities for employees, and helps identify needed corrections in procedures and plans.  (Item #2)   Testing business recovery plans is an important step to validate and check its content and approaches, ensuring that plans are actionable before a possible real disruption.  (Item #3)

A TTX is a facilitated scenario-based discussion that tests a plan in a protected environment. (Item #4)   How can business continuity professionals conduct more effective exercises? (Item #5)   Download this free business continuity test template and guide to learn how to conduct a successful test.  (Item #6)

Past issues of the NewsBriefs are available at

Thursday, February 12, 2015

Cyber Security

Just when we thought we'd seen it all, SONY was hacked and forced to withdraw a movie from distribution. This week, Anthem announced its data had been compromised, affecting thousands. What would the impact on your business be if you were the victim of some sort of cyber crime? All organizations, no matter how small, are potential targets for cyber criminals and the results can be devastating to your reputation and your bottom line. As you scan the articles below, consider whether you have done everything possible to protect your organization and what you may still have left to do in this area.

What's on the cyber security front this year? (Item #1)   Cyber security incidents can have business continuity implications and impacts that extend far beyond IT. (Item #2)   Cyber Law arises because there's always the potential for legal problems, and lawmakers struggle to keep up with the fast and furious pace of today's technology. (Item #3)

Small businesses generally have fewer resources available to monitor and combat cyber threats, making them easy targets for expert criminals. (Item #4)   Data security is crucial for all small businesses; this FCC guide can help. (Item #5)   This article is mainly about cybercrime deterrence, not cybercrime prevention. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, February 4, 2015


Any organization that collects data on its customers, members, users, etc., has to be prepared to protect that data; failure to do so can be costly, in terms of operations, reputation, and the bottom line. Employers also must meet the challenge of balancing their right to secure their data and proprietary information with their need to protect an employee's right to privacy. In both cases, it's important to communicate what your privacy policy is and to make it easily accessible. Has your organization developed a privacy policy that clearly explains how data collected will be safeguarded and used? Do your employees and managers/supervisors understand your monitoring policies? If not, these activities should be part of your business continuity discussions as soon as possible. And, as we have pointed out in the past, if you have done so already, are you sure everything is up to date?

The potential cost of privacy issues should be a concern for most organizations. (Item #1)   Whether your organization has implemented a BYOD policy or is still struggling with the intermingling of personal and work-related communications on employer-issued devices, some best practices are starting to emerge. (Item #2)   Employer monitoring of its communication systems generally is considered to be a responsible business practice. (Item #3)

The privacy issue isn't going away any time soon, though the commercial social media sites have deftly surfed the edges of the wave. (Item #4)   Here are some steps toward balancing employer security with employee privacy. (Item #5)   An employer should establish and communicate clear written policies for employee monitoring and educate supervisors when monitoring is permissible. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, January 28, 2015

Risk and Business Continuity

How much effort does your organization put into risk management? Is it a prominent part of your business continuity plan? Does the BC team spend time identifying and attempting to mitigate risk? We hope your answers to these questions falls into the “lots of effort” and “yes we do” categories. If they don’t, it’s probably time to sit down and do some work in these areas. Even if you gave the right answers, have you yet thought about what new risks might turn up in 2015? We’d like to suggest that you schedule some time this week or next to consider the risks your organization might face and what you might do about them. You’ll probably be glad you did!

If you don’t think risk management is important for your organization, take a look at some of the many occurrences you could run into at any time. (Item #1)   Risk management has become more important today with most organizations requiring quicker recovery times than in the past. (Item #2) Spreadsheets should be banned from the risk management process. (Item #3)

This guide explains the methodologies behind risk management and where HR should make a contribution in planning and executing the resulting plans. (Item #4)   Here are some predictions for the biggest potential reputation-related crises for 2015; like all crises these days, they will play out online. (Item #5)   How do your employees add risk to IT and your business? (Item #6)

Get past issues of the NewsBriefs at

Wednesday, January 21, 2015

Insider Threats to Business Continuity

What do you think of when you hear the term "insider threats?" Snowden? WikiLeaks? Do you just know it can’t happen in your organization? Well, you may be right about those scenarios, but there are many types of insider threats that can happen to you. If you aren't already discussing what to do about insider threats, you may be missing the boat. Insider threats are yet one more aspect of business continuity that we have to take seriously and figure out how the organization can best work to mitigate the risk of these threats and what resources it’s going to take to do so. Perhaps you and your team can find 30 minutes this week to begin this discussion... or at least see if this week’s information can shed light on the subject.

Organizations still aren't taking the risk of insider threats seriously. (Item #1)   In order to be truly effective, insider threat management programs need to involve a broad understanding of the various types of attackers and motivations attached to insider threats. (Item #2)   insiders can pose a threat to more than just an organization’s data. (Item #3)

The threat of attack from insiders is real and substantial. (Item #4)   Are you spending enough on insider threat protection? (Item #5)   CERT provides some tips on winning the battle against insider threats. (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, January 14, 2015

The Flu and Business Continuity

As reported in the news, the flu this year got an early start and the season isn't half over yet. According to the CDC, the flu costs the United States more than $87 billion annually and is responsible for the loss of close to 17 million workdays each flu season. What can you do to mitigate the impact of the flu on your organization? The information below from the CDC and other experts provides guidance. After looking over these items, sit down with your BC team or senior execs and determine what steps you need to initiate in your workplace.

The CDC's BusinessPulse offers information on how to protect your employees' health and your profitability. (Item #1)   What are you doing to educate and protect your workforce? (Item #2)   All employers can implement a combination of controls to protect workers and reduce the transmission of the seasonal flu virus in the workplace. (Item #3)

If you're thinking of hosting an in-house vaccination clinic, check out this site. (Item #4)   Compared to recent years, this flu season is looking bad. (Item #5)   Should you mandate flu vaccines? (Item #6)

Past issues of the NewsBriefs are available at

Wednesday, January 7, 2015

Business Continuity Challenges in 2015

According to the experts, cybersecurity will be one of the top threats to business continuity in 2015, with cyber criminals deploying new tools to create havoc in our business lives. After you look through this week's articles, perhaps it would be a good idea to sit down with your BC team and think about possible new risks to your organization this year - and brainstorm about how to mitigate them.

McAfee Labs' predictions for cybersecurity threats are sobering. (Item #1)   The BCI reveals that IT-related threats are a major concern. (Item #2)   As hackers become more proficient, security threats grow in complexity and scope. Watch this video discussion or read the information at the included link. (Item #3)

The relationship of IT to business objectives is critical to successful business continuity.  (Item #4)   There are some small steps you can take to make your business more secure. (Item #5)   Take a look at these key risk areas for 2015 and think about how they might affect your organization. (Item #6)

Past issues of the NewsBriefs are available at