Wednesday, December 14, 2016

Holiday Safety for Home and Family

As we approach Christmas and the start of another new year, it's important to do what we can to ensure that our holidays are happy and our families are safe. This week we offer a number of tips about safety for travel, shopping, decorating and more. Take a look through these articles for your own peace of mind and your family's safety. Don't be the family that's featured in the news over Christmas because a holiday fire destroyed their home or some other disaster befell them.

Help to Make Safety a Tradition for your family this holiday season.  (Item #1)   The CDC offers 12 ways to health during the holidays (and all year). (Item #2)   This fact sheet from the American Red Cross offers good tips on holiday fire safety. (Item #3)

Travelers Insurance offers five simple tips for your holiday safety. (Item #4)   If you're traveling, here are some safety tips to keep in mind before you leave. (Item #5)   Don't let your sense of caution fall by the wayside in the rush of holiday shopping. (Item #6)

For the full issue, click here.

Wednesday, December 7, 2016

Testing & Training

Having a business continuity plan that has not been tested might do you more harm than good. Everything can fall apart if people don't know what they are supposed to do or elements of the plan don't work. Soooo... we really cannot say this enough: Test your plan and train your people so everyone will have confidence that the plan will work.

Having a team well versed in the initial steps of the BC/DR plan will help to ensure an effective and early response. (Item #1)   A plan is not a plan until it has been tested; it is only theory. (Item #2)   Here are six BC/DR best practices from the trenches that will keep you moving forward no matter what outage, incident, or disaster may strike. (Item #3)

Are you part of the 70% of companies that do NOT test their business continuity plans? It's time, then. (Item #4)   Business continuity drills are the key to detect, address, and strengthen that weakest link. (Item #5)   Here's how to put your plan to the test. (Item #6)

For the full issue, click here.

Wednesday, November 30, 2016

Winter Weather

Whether you're in the northeast, the midwest or the south, winter weather of one kind or another can disable your business, costing you money and lost productivity. Planning now will help you weather the storms of winter that we know are just ahead (some places already have experienced heavy snow and ice). This week's articles will show you how planning helped last winter and some of the things to think about for the upcoming winter.

Public and private sector players had detailed plans in place, optimized from lessons learned in past storms which helped to minimize the disruption to the more than 50 million people in Winter Storm Jonas' path. (Item #1)   Now is the ideal time to create a weather contingency plan to prevent next year's weather from affecting your bottom line. (Item #2)   Severe winter storms serve as an important reminder for businesses to evaluate how they can achieve business continuity when extreme winter weather renders their primary facilities inaccessible. (Item #3)

Even if your office building is open during winter storms, can your employees get there? (Item #4)   If telecommuting is part of your winter weather preparedness plan, make sure you have a program in place and employees know what is expected of them. (Item #5)   Make sure all of your building's systems are ready and able to handle winter weather. (Item #6)

For the full issue, click here.

Wednesday, November 16, 2016

The Flu and Your Business

According to the CDC, it's not possible to predict what this flu season will be like. While flu spreads every year, they say, the timing, severity, and length of the season varies from one year to another. Flu season starts around this time of year and peaks from December to March, but now, while there is no serious epidemic, is the time to do something about it. The National Institutes of Health estimates that the flu costs $7 billion per year in sick days and lost productivity. And workers report their productivity decreases by half when powering through the flu at work. This week's articles are aimed at helping prevent infection and spreading the flu.

Getting an annual flu vaccine is the first and best way to protect yourself and your family from the flu. (Item #1)   Here are 10 steps you can take to help prevent the spread of flu where you work. (Item #2)   No matter what your role, you can pitch in to keep the flu on permanent vacation this season by doing these things. (Item #3)

Take these steps now to keep your office running during a flu outbreak.  (Item #4)   Preventing or mitigating the risk of a flu outbreak in your office mission-critical. (Item #5)   Can an employer adopt a mandatory flu vaccine policy and fire employees who don't get a flu shot? (Item #6)

For the full issue, click here.

Wednesday, November 9, 2016

Holiday Issues

Don't panic, but Christmas is only 46 days away, and it's likely your holiday party or other activities will occur during that time. Are you having a party? Sponsoring some sort of charity activity? Whatever you do, you certainly don't want anything that happens to result in legal actions against the organization. This week's articles provide answers to how to handle various aspects of the holiday gathering and how to avoid problems.

Here are some simple things your company can do to foster a warm and friendly culture between coworkers all while contributing positively to people in need. (Item #1)   As a result of a lot of research, specific low-risk drinking guidelines have been created to minimize the negative impact of alcohol use. (Item #2)   The following article offers some guidelines from the Society for Human Resource Management for safe company holiday parties. (Item #3)

Here are the top four reasons you should consider having a holiday party this year.  (Item #4)   To avoid or mitigate the risks associated with holiday parties, you should give some thoughtful consideration to your office holiday party plans. (Item #5)   Here are some top tips for avoiding a New Years' headache from your holiday party. (Item #6)

For the full issue, click here.

Wednesday, November 2, 2016

After a Disaster...

We talk a lot about preparing for disruptions and disasters, but sometimes we don’t talk enough about what to do after something happens. Perhaps these steps should be included in your business continuity plan. This week’s articles can help you figure out what after disaster should strikes.

Here’s information to help small business owners make post-disaster business decisions. (Item #1)   Chubb offers tips on what to do after a disaster. (Item #2)   Find out what steps you can take to help minimize business losses after a natural disaster.  (Item #3)

Check out these 10 recovery actions you must take after a disaster. (Item #4)   In the wake of a natural disaster, having a business continuity plan and handling your employees with compassion can make the transition back to work much easier and quicker for everyone. (Item #5)   Here are some steps you can take to help you recover and rebuild your business. (Item #6)

For the full issue, click here.

Wednesday, October 26, 2016

Business Continuity Planning

When's the last time you dusted off, reviewed and updated your business continuity plan? Many of you will answer never or several years ago. If you haven't done so in the last year, you definitely need to be doing it now so you can be confident in it if you have to use it. Do all your employees know about it and what their roles are, even the new employees? We thought not. Soon we will turn back the clocks and we should be tuning up our plans as well.

Creating, updating, and testing your plan are all critical to responding successfully to a natural disaster or other business disruption. (Item #1)   A common cause of failure to implement BCM successfully is a lack of people with the right level of knowledge and skills, and the purpose of planning and delivering a business continuity training and awareness campaign is to avoid that pitfall. (Item #2)   Lack of water could present serious challenges to an organization, especially one that operates in an area where access is scarce. (Item #3)

These seven elements are essential parts of any effective business continuity strategy. (Item #4)   If you set aside time once or twice a year to review your plans, you can identify new risks and monitor the effectiveness of your current risk management strategies. (Item #5)   Institute a prep-at-home program at work… ensure your employees are personally prepared at home for a crisis. (Item #6)

For the full issue, click here.

Wednesday, October 19, 2016

Risk Management

Everything we do has a certain level of risk. It’s the way you manage those risks that could spell the difference between success and failure. This week’s articles can help identify the potential risks you face and how to accept them, mitigate them or avoid them.

One of the most important tests of true risk management effectiveness is the level of risk management integration into decision making. (Item #1)    This guide will help you to identify potential risks, make preparations for emergencies and test how your business is likely to cope in a disaster. (Item #2)    Proper risk management implies control of possible future events and is proactive rather than reactive. (Item #3)

Risk is all about uncertainty. (Item #4)    Your risk management plan should detail your strategy for dealing with risks specific to your business. (Item #5)    Here’s an explanation of risk, uncertainty and business strategy. (Item #6)

For the full issue, click here.

Wednesday, October 12, 2016

Crisis Communication

Winston Churchill once said that a lie gets halfway around the world before the truth has a chance to get its pants on. This is also true of news about a crisis and your response to it. You have to be ready to talk to all stakeholders when a crisis occurs, as soon as it occurs -- to get out in front of it. The first response does not have to be definitive, because you will need to refine the message as you learn more about the situation. But you do have to respond. This issue can help with your response... and check out the worst crisis communications mistakes in Item #5.

The basic steps of effective crisis communications are not difficult, but they require advance work in order to minimize damage. (Item #1)   Let’s take a look at who’s done crisis communication poorly, who’s done it well, and finally, how user experience professionals can lead the charge within their teams to champion a proactive crisis communication plan. (Item #2)   Dealing with a technical crisis can be a major support headache; here’s what to do when things go wrong. (Item #3)

If there’s one area where organizations stumble when responding to breaches, it’s in keeping stakeholders informed, and doing that job well requires having plans in place long before cyber-criminals come calling. (Item #4)   There are 13 key elements to creating a successful crisis communications strategy; check these tongue-in-cheek examples of how companies continue to get even the basics wrong. (Item #5)   This article provides some of the best examples of crisis communication. (Item #6)

For the full issue, click here.

Wednesday, October 5, 2016

Cyber Security Awareness

Because October is Cyber Security Awareness Month, we thought we would take a look at how organizations can raise awareness of cyber security among their own employees. Many studies have shown that employees are the usually the weakest link in the cyber security chain and all could benefit from more frequent, consistent training. This is not to say that they are the only firewall against cyber attacks (see article #3), but the more they know the more they can be helpful in shoring up your cyber security efforts.

Employees are the weakest links when it comes to the security of an organization. (Item #1)   This slide show identifies 10 tips that can help you educate your employees and develop policies that will help mitigate ever-growing cybersecurity risks. (Item #2)   Expecting non-security professionals to be able to identify and stop the intrusion methodologies of today’s cyber adversaries is unrealistic, costly and provides little benefit for the effort required. (Item #3)

The first step in reducing the role of human error in cyber security incidents is to establish a cyber security policy for your employees that states the do’s and don'ts of cyber security. (Item #4)   Even the most knowledgeable workers take big risks with company data. (Item #5)   Small businesses need a cybersecurity strategy to protect their own business, their customers, and their data from growing cybersecurity threats. (Item #6) 

For the full issue, click here.

Wednesday, September 28, 2016

Meetings and Events

If you run events and have not had any incidents that made you wonder why you do it, then you must be one of the luckiest people on the planet. And in today’s world, there are more possible disruptions and potential crises than ever before because our increased use of technology has made us more vulnerable to hacking and other incidents. So remember that, where crises are concerned, it’s not if you’ll be a victim but when. This issue can help you be better prepared to avoid these risks.

The author provides some general guidelines for meeting security. (Item #1)   Here are five things to look out for when planning for event app security. (Item #2)   To protect your meetings, your organization and your attendees you have to be vigilant and you have to stop sharing passwords.  (Item #3)

This brief video provides some security tips. (Item #4)   Corporate espionage puts meeting, conference, and event planners on the front line when it comes to protecting the sensitive information assets of those participating in your meetings, conferences, and events. (Item #5)   Covering everything from pre-event to on-site, this checklist will be helpful to you. (Item #6)

For the full issue, click here.

Wednesday, September 21, 2016

Fire Prevention and Preparedness

October is Fire Prevention Month and October 9-15 is Fire Prevention Week. Fire Prevention Week was established to commemorate the Great Chicago Fire, the notorious blaze that killed more than 250 people, left 100,000 homeless, destroyed more than 17,400 structures, and burned more than 2,000 acres on October 8th and 9th, 1871. It has since been expanded to Fire Prevention Month. This is the time of year when we need to ensure that we are prepared for the potential of fires and the dangers they present. The articles below can help you with your preparations and planning.

Do you know what to do to lessen the likelihood of an office fire breaking out -- and how to react if one does? (Item #1)   The Triangle Shirtwaist Factory fire in New York City became the benchmark for what employers should NOT do in their facilities if they want to protect their employees and property. (Item #2)   While many people look at the fire- and life-safety inspection process negatively, these inspections benefit the building/business owners, as well as those who use the building. (Item #3)

Small business fire and safety training is necessary for companies of every size. (Item #4)   Fire drills should take place at least once a year. (Item #5)   Regardless of the location of a fire, once people are aware of it, they should be able to proceed safely along a recognizable escape route, to a place of safety. (Item #6) 

For the full issue, click here.

Wednesday, September 14, 2016

Recovering from a Data Breach

Many experts believe that you don’t always know that your data has been breached and only learn about it after the fact, often from a third party. When you do find out about a breach, do you know what to do to recover from it? This week’s articles provide some insights on the steps to take to save your reputation.

Legal and technology experts shared their insights on how to best recover from a small business data breach. (Item #1)   What should you do if your business experiences a data breach? (Item #2)   are some ways to deal with the different aspects of a data breach and how a company can recover.  (Item #3)

Security experts share the steps that CIOs and CISOs should take in the hours and days after a breach. (Item #4)   You already know a data breach is bad news for everyone, consumers and the breached business alike, but you might be shocked to learn just how severe the reputational impact can be for businesses. (Item #5)   The hours, days, weeks and even months after your organization has been the target of a data breach can feel like the company’s darkest time. (Item #6)

For the full issue, click here.

Wednesday, September 7, 2016

Terrorism and How It's Changing

Terrorism is a fact of life in the 21st century, and we have all spent time ensuring we are prepared in the event it strikes our workplace or home. And terrorism is changing... we're not just worried about bombs anymore but also about lone actors whose actions we can't predict. This means we have to review our business continuity plans and ensure that we have included all potential risks that we may not have considered when bombs were our main concern.

What should you do to protect your employees, your organization, and its stakeholders from a terrorist attack? (Item #1)   Though global terrorism has been increasing over the recent history, properly understanding and preparing for its effects will minimize negative impacts. (Item #2)   In the U.S., most acts of domestic terrorism have focused on the workplace, and this makes workplace safety a priority, but it's important to plan without inciting unnecessary fear. (Item #3)

According to several security experts, most instances of workplace violence are committed by one person acting alone. (Item #4)   Should terrorism awareness be included in induction training? The answer is, yes. (Item #5)   You must remember that for some people the effects of terrorism may not be felt immediately but, instead, arise months later. (Item #6)

For the full issue, click here.

Wednesday, August 31, 2016

Employee Issues

Your employees are a valuable resource and contribute mightily to your bottom line. There always are some employees, however, and some issues that can cause problems that might disrupt your business and adversely affect the bottom line. This week’s articles focus on how to deal with those employees and how to avoid situations that could compromise your business.

Problem employees comprise a very small portion of the workforce yet manage to consume a disproportionate amount of HR and management’s time and attention. (Item #1)   Here are some examples of employee relations issues that could lead to problems. (Item #2)   How can small businesses and HR professionals deal with employee personal issues? (Item #3)

These undesirable employees- and their antics - can hurt your small business… there are ways of dealing with these difficult employees. (Item #4)   Here are 10 surefire ways to mess with your CISO and put your company’s important information at risk! (Item #5)   There are some mistakes employers make that increase the odds of being subjected to employment-related lawsuits. (Item #6)

For the full issue, click here.

Wednesday, August 24, 2016

National Preparedness Month

The theme of this September’s National Preparedness Month is once again “Don’t Wait, Communicate. Make Your Emergency Plan Today.” NPM reminds us to prepare for emergencies that could affect us at work, at home, and on travel or vacation. This week’s articles focus on how you can plan for and deal with disasters and other disruptions to your business.

Disaster recovery begins before a disaster is on the radar. (Item #1)   Emergency preparedness involves more than crossing your fingers. (Item #2)   It is vital that to consider the needs of all employees, including those with disabilities, in preparedness plans. (Item #3)

The challenge is for public sector organizations, private sector businesses and nonprofit groups to plan ahead for operational and employee resilience. (Item #4)   Smaller companies often struggle, not knowing where to turn or having the budget to develop a robust business continuity plan. (Item #5)   This toolkit will help you prepare your business for the unexpected. (Item #6)

For the full issue, click here.

Wednesday, August 17, 2016

Online Reputation Management

Think BP, Toyota, Tylenol, Red Cross -- all brands that suffered serious damage to their brands and reputation yet have survived. While your business or organization may not be on that scale, you could suffer reputation damage from which it could take years to recover. What’s your online reputation management plan? The articles below offer some tips on how to manage your reputation online and how to assess reputation risks.

This article describes a process that will help managers do a better job of assessing existing and potential threats to their companies’ reputations and deciding whether to accept a given risk or to take actions to avoid or mitigate it. (Item #1)   Online reputation can have much broader impact than your reviews in Yelp and Google. (Item #2)   When UCDavis hired two ORM firms, the results were unexpected. (Item #3)

Here’s what a small business needs to know about how to assess, build, track and monitor its online reputation. (Item #4)   Which reputation management tool(s) do you need? (Item #5)   Patrick Ambron of shares his thoughts on how the reputation management industry is changing and what you need to know about the changes. (Item #6)

For the full issue, click here.

Wednesday, August 10, 2016

Business Continuity Planning

It's important that you review and update your business continuity plan in order to cover all the possible risks -- everything from acts of terrorism to the zika virus. What's particularly important is ensuring that your current plan addresses all the risks that could affect your organization; readiness to respond is the goal. This week's articles cover what your plan should include, how to help your employees plan at home and what you should know about the zika virus.

Creating, updating, and testing your plan are all critical to responding successfully to a natural disaster or other business disruption. (Item #1)   You need to ensure that your business continuity plan completely documents all facets of the recovery process, and then (of course) regularly exercise it in practice.  (Item #2)   Here are 10 things a good BCP includes. (Item #3)

Institute a prep-at-home program at work to ensure your employees are personally prepared at home for a crisis. (Item #4)   If business continuity planning has taken a back seat in your business and you need some motivation for digging out, dusting off and updating your plan, let's not forget that it comes with a number of advantages. (Item #5)   Although predicting exactly how the outbreak may impact your business is difficult, you can better prepare for Zika's impact on your company with these five tips. (Item #6)

For the full issue, click here.

Wednesday, August 3, 2016

Cyber Issues

Cyber hacking is always in the news. The recent hacking of the emails of the Democratic National Committee once again reminds us that cyber security should be a major concern for all of us. We have to continually update our security plans and processes – and our employee education -- so we can keep up with the advances made by hackers and other cyber criminals. This week’s articles may shed some light on how you can continue to protect your organization.

To close the gaps in their security, CEOs can take a cue from the U.S. military. (Item #1)   Former National Security Agency Director Gen. Keith Alexander speaks about cyber-security and the new threats posed to the U.S. economy and military. (Item #2)   Digital thieves’ most crucial adaptation in recent years has little to do with their technical tools and everything to do with their business model. (Item #3)

Is it conceivable to convey to machines a responsibility as complicated as cyber-security? (Item #4)   Here’s how company leaders can protect—and strengthen—the business with the right approach to information security. (Item #5)   IT and security experts discuss the leading causes of security breaches and what your organization can do to reduce them.  (Item #6)

For the full issue, click here.

Wednesday, July 27, 2016

Cloud Computing: Some things to consider

Today, many people have business continuity/disaster plans, but they may not review and update them on a regular basis, which can lead to serious problems. When you first wrote your plan, did you consider that one day much of your data would/might be in the cloud? Did you plan for what you would have to do in the event your cloud vendor went out of business? If not, and you have a private or public cloud vendor (or are thinking about going to the cloud), you may want to read on.

The best time to prepare for getting data out of the cloud is before you put it in there. (Item #1)   Before you move to an online storage provider, there are some things you should know (and ask) about cloud storage and recovery. (Item #2)    When you’re putting a lot of systems into the cloud, you should consider a number of things. (Item #3)

Here are some of the pros and cons of whether you should do all your computing in the cloud. (Item #4)   This article describes some of the risks and things that might go wrong with cloud computing. (Item #5)   Although the benefits of SaaS are hard to ignore, there are risks inherent in the cloud. (Item #6)

For the full issue, click here.

Thursday, July 21, 2016

Workplace Violence

Various types of workplace violence, including active shooters, have been on the rise in recent years and many end in fatalities. What have you done to prevent acts of workplace violence in your organization? Do you identify risks for violence on a regular basis? Do you have a policy for employees to report concerns about specific employees? Once you read this week's articles, you might want to look again at what you're doing and see where you might improve.

According to the Federal Occupational Safety and Health Administration, nearly 2 million workers count themselves as victims of workplace violence each year, with 403 Americans murdered at work in 2014 alone. (Item #1)   Employers can take steps to reduce the risk of violence and educate workers. (Item #2)   employers need to be extra-sensitive in handling certain employment decisions (like announcing layoffs, wage reductions or making changes to health care coverage) during an economic downturn. (Item #3)

An increase in workplace violence requires a proactive approach to reduce the risk. (Item #4)   Last year's shooting of two journalists by a former co-worker on live TV in Virginia is a stark reminder that a worker may become violent. (Item #5)   Workplace Violence Specialists will advise you that there are important steps organizations can take to improve their ability to predict workplace violence, but, in the end, you are faced with mitigating as many of the risks that you can identify and hoping you have done enough. (Item #6)

Click here for the entire issue...

Friday, July 15, 2016

Testing/Exercising Your Plan

We probably cannot count the number of times we have said that you cannot rely on a plan that hasn’t been tested – or asked if you want to use a plan for the first time in the midst of a disaster. This week’s articles echo those sentiments and can help you design and implement your own exercises for your various plans.

Just because all the relevant information has been catalogued doesn't mean you can actually recover whatever it is your Plan says you can. (Item #1)   Here’s some advice on how to set up convincing business continuity exercise scenarios. (Item #2)   The only way a company can assure that its BCM arrangements are validated is through exercises. (Item #3)

This article addresses some of the technical challenges faced in end-to-end disaster recovery exercises that attempt a full life cycle of transactions across disaster recovery applications and their dependencies and simulate business activities during the exercises. (Item #4)   Business continuity drills are the key to detect, address, and strengthen that weakest link. (Item #5)   Here are some tried-and-true procedures for business continuity exercises. (Item #6)

Wednesday, June 29, 2016


A comprehensive risk management strategy enables an organization to identify, assess, manage and/or mitigate various risks. It provides a method by which you can prioritize specific risks and determine how to allocate resources. As we all know, there are many types of risk, internal and external, that may impact operations. This week’s articles address ways to deal with these various types of risk.

The combination of risk management and business continuity provides the level of resiliency that most organizations must achieve in light of the uncertainty that exists today. (Item #1)   To mitigate risk --- the possibility that something unpleasant or unwelcome will happen --- it's important for entities to have a thorough risk management strategy in place. (Item #2)   Rules and compliance can mitigate some critical risks but not all of them; active and cost-effective risk management requires managers to think systematically about the multiple categories of risks they face so that they can institute appropriate processes for each.  (Item #3)

"Whistle blowing" has negative connotations in many organizations but, if encouraged by management and handled sensitively, it can be an important tool for business continuity and risk management. (Item #4)   Given the stakes, it makes sense for organizations to try and learn as much as they can about DDoS ransom demands: what do they look like, how can businesses work out if their site is at genuine risk and how can they protect their online presence? (Item #5)   The 10 keys to managing reputation risk and how a company or institution addresses them will help shape the company’s reputation over time. (Item #6)


Wednesday, June 22, 2016

Safety and Security in Emergency Situations

Most of us expect our workplaces to be safe and secure, and most of them are. There are some circumstances, however, when unexpected events may not have been sufficiently planned for. Our safety and security is the responsibility of the employer, but all employees also have some responsibility for their own and their co-workers’ safety. This week’s articles discuss a number of issues for which you might need additional planning.

Here’s what to do if an active shooter enters your workplace. (Item #1)   When large crowds gather outside your work environment, individuals inside may be at risk if the event spirals out of control. (Item #2)   Here's what to do before and during a bomb threat. (Item #3)

Do you have a plan for when the power goes out unexpectedly? You should. (Item #4)   The key to a safe workplace is having effective safety and security policies in place and to communicate these policies to all employees. (Item #5)   It’s not necessarily the crisis, but how an organization responds that people will remember. (Item #6) 

Wednesday, June 15, 2016

Meetings and Events

If your corporate or nonprofit event is coming up soon, and you wake up in a cold sweat hoping the nightmare about a disaster doesn't come true, you're obviously worrying that things could go wrong. And, of course, they can. But the best antidote to worrying is to be as prepared as possible – this issue can help.

Effective event preparedness and planning often starts with identifying the threats and preparing for worst-case scenarios. (Item #1)   See what these event pros have to say about how they avoid disaster. (Item #2)   Being safe and keeping your guests safe while on-site is the number one most important job you have.  (Item #3)

Incidents like the Brussels and Paris terrorist attacks, the shooting in San Bernardino, CA, and the spread of the Zika virus have highlighted the need for meeting planners to review their organizations' risk management plans. (Item #4)  Joan Eisenstodt helps planners imagine the worst -- and shares five steps to making sure they are ready to handle it. (Item #5)   Almost all nonprofits have special events and anything can happen, but it's not necessarily the crisis, but how an organization responds that people will remember. (Item #6)

Thursday, June 9, 2016

Identity Theft

Identity theft of businesses, their customers and employees, is becoming more and more common as hackers seem to try to outdo each other. We hope you don't think that this won't happen to you, because you're just as likely to become a victim as any other business. No one is ever prepared for identity theft to happen to them, but now it's possible to do more to protect your business. In this week's articles, here are some things to consider.

Cyber thieves make millions every year by stealing identities -- and businesses aren't immune from the crime. (Item #1)   This article covers the various types of business data breaches, including ways to minimize your risks and -- if a breach has occurred -- how to respond. (Item #2)   Individual identity theft has received a lot of press in recent years, but what about the theft of a business' identity? (Item #3)

If you are a business owner, board member, or other key executive, you probably have greater exposure and risk from identity theft because your personal information, credit, and finances are closely intertwined with your business.  (Item #4) provides a list of the five best identity theft companies for business. (Item #5)   Due to a new IRS ruling, more employers are likely to provide data-breach monitoring and related services to employees. (Item #6)

Thursday, June 2, 2016

National Safety Month

National Safety Month, observed annually in June, focuses on reducing injuries and deaths at work, on the roads and in our homes. This is a good time to make sure that you are doing everything possible to keep your employees and your families safe. This issue can help you do that.

Have you done your safety housekeeping at the office? (Item #1)   To help you lead safely at work, here are seven very important thinking points. (Item #2)   This guide, although produced for Australian offices, can help employers and employees take a look at their workplace for safety. (Item #3)

Here are 25 steps you can take to reduce the risk of injury among your office staff. (Item #4)   This fact sheet from identifies electrical hazards and makes recommendations on how to avoid or fix them.  (Item #5)   Here are the 10 most common safety hazards in the home, along with things you can do to avoid injury and stay out of harm’s way. (Item #6)

Wednesday, May 25, 2016

Mass Communication Systems

What if you send out a mass notification and nobody gets it? This is the thing that nightmares are made of. Hopefully, this will never happen to any of us. To help ensure you know what you’re looking for, this week’s articles provide guidance on how to determine what you need and how to get it. Also, new technology means that these systems are much improved and are not just for emergencies any more.

Looks may not be everything when it comes to a mass notification solution, but the way an online solution feels and operates is nevertheless important: Lessons from The Bachelor. (Item #1)   Consider these seven key factors with emergency communication. (Item #2)   Here’s an analysis of current mass notification trends and how two-way listing, analog-to-digital and other factors will impact the future of MNEC. (Item #3)

Mass communication technologies are offering several new options and capabilities that go beyond the typical uses in traditional applications. (Item #4)   Mass communication is no longer just for emergencies.  (Item #5)   These 10 tips on evaluating mass notification vendors can help you avoid problems down the road. (Item #6)

ALL of our NewsBriefs can be found at

Wednesday, May 18, 2016

Email Retention and Records Management

If you're struggling with the need to develop an email and records retention policy, you're not alone. You have to know what and how you have to do it and understand your organization's specific needs. This week's articles should get you on your way to an effective retention policy.

This post explains how to begin addressing one of the thorniest issues of document management and information governance; email and electronic communication. (Item #1)   Have you read about a recent business litigation case that depended on email correspondence to win? Probably. (Item #2)   While there is no specific FFIEC regulatory mandate for archiving, there are three reasons why you might want to consider archiving. (Item #3)

States need to do a better job of preserving electronic communications, both for transparency and historical value. (Item #4)   It's important for employers to be familiar with all relevant federal and state record retention laws. (Item #5)   When the question of ROI for business continuity planning arises, keep in mind that it is the wrong question to ask. (Item #6)

Thursday, May 12, 2016

Hurricanes/Severe Weather

Hurricane Preparedness Week is May 15-21. NOAA says that this is your time to prepare for a potential land-falling tropical storm or hurricane. We only have to remember Hurricanes Katrina and Sandy to realize that one storm could shut down our organizations, possibly forever, but at least for years. With this in mind, isn’t it the smartest thing to prepare well ahead of time for the worst-case scenario? To help you do this, we’ve provided the articles to assist in your planning.

This hurricane preparedness checklist is a comprehensive list of what needs to be done before, during and after a storm. (Item #1)   The human factor in commercial hurricane readiness is critical, especially since damage from a hurricane may be widespread. (Item #2)   Here’s what you need to know to prepare your commercial building for a hurricane. (Item #3)

Businesses located within hurricane threat zones should have a hurricane preparedness plan. (Item #4)   Proper preparation can take great strides to reducing any worries you might face if a hurricane makes landfall near your small business. (Item #5)   Take the advice of these Louisiana IT leaders, who learned lessons the hard way about safeguarding infrastructure and equipment. (Item #6) 

ALL of our NewsBriefs can be found at

Wednesday, May 4, 2016

Business Continuity Awareness Week

This annual event, organized by the Business Continuity Institute, is designed to raise awareness of business continuity and resilience. This year it will be held May 16-23. The theme for the week is return on investment and it will look at the many advantages of business continuity. For example, your insurance premiums may be reduced (or not increased by as much!) if you an effective business continuity plan. Or possibly the analysis of you did of your organization has identified the potential for efficiency savings. Have you thought about what your business continuity ROI could be?

Here are three examples of potential ROI from taking a day-to-day resiliency approach. (Item #1)   Despite the clear and increasing risks, some companies do not implement business continuity solutions due to a lack of resources and the difficulty in determining the ROI. (Item #2)   This brief video discusses ROI and KPI measurement. (Item #3)

We don't have business continuity plans and BIA's for our personal lives.... so how, when knowing what you know about resiliency, risk, uncertainty, and recovery do you handle this away from the office? (Item #4)   How do you measure the unmeasurable? (Item #5)   When the question of ROI for business continuity planning arises, keep in mind that it is the wrong question to ask. (Item #6) 

ALL of the NewsBriefs can be found at

Wednesday, April 27, 2016

Testing & Training

We've probably all heard the phrase "fail early, fail cheap," but have we heeded its warning? When testing your business continuity plan, one of the most effective outcomes is learning where it failed -- before you need to use it. Early failure can be addressed and costs less -- in terms of money, manpower and business impact -- than failure when the plan is critically needed. If you think of testing and training as the keys to the continuity of operations, you’ll get busy now. This week's articles can provide some help.

Cyber scenarios have become much more common in business continuity exercises, due to the increasing concern about the impacts of information security threats. (Item #1)   These seven steps can help small businesses develop effective testing programs. (Item #2)   Disaster recovery testing is highly valued among standards and DR/BC organizations, but these tests are only effective if you perform them correctly. (Item #3)

This article looks at how Continuity 2.0 might be applied in practice. (Item #4)   Here are seven tips to think about to ensure that your next work area recovery test is successful. (Item #5)   Ideally all elements of business continuity plans should be exercised on regularly scheduled basis (at least annually). (Item #6)

The full library of NewsBriefs is also available at

Wednesday, April 20, 2016

Getting Buy-In

Most people understand the importance of getting management buy-in, but many don’t know how to go about it and succeeding. Also, many are not aware of how critical it is to get support throughout the organization in order to make things happen. This week, we have assembled some articles and a video that can provide some guidance on the best ways to get buy-in.

No matter what you want to sell to top management, this article can help you do it. (Item #1)   With these five steps, you can implement change and ensure a smooth transition with employees who are on board and will work hard because they want to. (Item #2)   what are the obstacles to implementing a successful organizational resilience plan? (Item #3)

No matter how good your ideas and plans, without buy-in for them, nothing will happen. (Item #4)   In some cases, getting management on board might be as simple as asking them what would happen if a database containing sales leads was deleted and it couldn’t be restored for 24 hours. (Item #5)   Watch this 10-minute video for some insight into how you can help your ideas survive. (Item #6) 

Would you like these NewsBriefs delivered directly to you via email? --

Thursday, April 14, 2016

Social Media

Since 2000, social media use by businesses has grown and is now standard fare for many organizations. Others just don't want anything to do with it, fearing the risks it presents. But social media can play a critical role in business continuity, and this week's articles discuss that role and how to manage and/or mitigate the risks prevented.

Social media can now affect business continuity planning in countless ways. (Item #1)   Social media can save lives, keeping communities in touch during disasters, as well as managing corporate reputations during a crisis. (Item #2)   You will find yourself doing social media crisis management sooner rather than later.  (Item #3)

There are many ways business continuity managers can leverage social media in a crisis, but to be effective requires forethought and training. (Item #4)   It stands to reason that if companies do
not have a broad enough understanding of social media risks, they are likely not to have in place a broad enough approach to managing social media risks. (Item #5)   Firms need to identify the risks of social media, develop comprehensive governance policies to mitigate risk and then deploy the right technology to reinforce those policies. (Item #6)

Would you like these NewsBriefs delivered directly to you via email? --

Wednesday, April 6, 2016

Crisis Communication

Crisis communication has been an evolving field for some years now. Most of us have learned that a prompt, well-considered response is critical in crisis situations. This week, not only can we learn what not to do, we can learn some specifics of what to do from the likes of Beyonce and the Somali pirates, as well as get some good tips from other experts. Read on...

Here’s what you need to do to ensure your crisis will flourish and grow (or how not to communicate in a crisis). (Item #1)   What do we know about crisis communication that can be applied reliably when a crisis occurs? (Item #2)   Crisis communication plans provide an organizational framework of who will be responsible for which specific task, when and if a crisis should occur. (Item #3)

The author of this article learned many things about crisis communications from a hijacking by Somali pirates. (Item #4)   Because the first two days following a crisis are the most critical, preparation is a key factor to ensure the situation is dealt with as quickly and efficiently as possible. (Item #5)   In one timely appearance, Beyonce essentially ran through the four key steps from the playbook of crisis communications and management. (Item #6)

Have our weekly NewsBriefs delivered to you via email at

Wednesday, March 30, 2016

Workplace Violence

The month of April is Workplace Violence Awareness Month and is commemorated nationally, for the fifth year, by the Alliance Against Workplace Violence (AAWPV). AAWPV intends to “highlight the preventable nature of most workplace violence incidents.” This issue reinforces their efforts... please take the time to read how you can recognize and help prevent violence in the workplace.

Employers need to be on the lookout for workers who display any of these eight warning signs of violent behavior. (Item #1)   Employers can’t prevent all workplace violence, but they can take steps to minimize the chances of workplace violence. (Item #2)   Not all measures will be practical in every workplace, but effective measures that could reduce the risk of violence may be found for any workplace. (Item #3)

Workplaces must stay vigilant by enforcing their own workplace human resources/security policies. (Item #4)   The moment of termination is often a crisis; if it's handled well, everything thereafter goes smoothly, but if it's handled poorly, anything can happen. (Item #5)   Whether or not an employer ignores complaint of workplace violence, minor or major, the employee should report all incidents in writing as soon as possible to a supervisor or manager and alert security to the situation. (Item #6) 

Past NewsBriefs are available at

Wednesday, March 23, 2016

Meetings & Events

At today's meetings and events, the security of your content is as important as the safety and security of your attendees. You still need to take all the usual steps of creating a plan, assessing the risks, and testing that plan. What's newer, however, is the critical need for security of any intellectual property at events. This issue provides valuable information on every type of security needed at your event.

Meeting planners for any kind of company or association can learn valuable lessons from their peers in the insurance business. (Item #1)   Here's a checklist detailing safety, contingency and disaster preparedness for the meetings, events, conferences and conventions. (Item #2)   Keeping attendees safe, and ensuring proprietary information stays out of the public domain must be part of any solid strategy for any meeting or event. (Item #3)

These five tips can improve event security and site protection and security's role in event planning. (Item #4)   Here are nine questions to ask with regard to risk management and planning for meetings and events. (Item #5)   With the right precautions and participation from attendees, planners can greatly reduce the threat of theft of intellectual property. (Item #6)

Past NewsBriefs are available at

Wednesday, March 16, 2016

Reputation Management

What value do you put on your organization's reputation? Is it a critical part of your business continuity plan? It certainly should be. In today's world, where almost no information remains “secret” for long, protecting your company's name should be at least as important as protecting its assets, because reputation is one asset that is easy to destroy... and difficult to rebuild. This week's articles provide information on this critical aspect of your organization.

Weber Shandwick shares research results on the evolution of brand and reputation. (Item #1)   Many organizations put the importance of a good reputation to the back of their minds while they attend to more hard-edged, day-to-day urgencies. (Item #2)   Here are several reasons why employees will become even more critical in managing an organization's reputation. (Item #3)

For many small businesses, the complete lack of proactive reputation management leaves them in the position of a sitting duck. (Item #4)   The essence of reputation building lies, not in posturing and spin doctoring, but in authentic communication internally and externally to stakeholders. (Item #5)   Online reputation management (ORM) services can help you stop, fix and prevent PR disasters, as well as protect and promote your brand. (Item #6)

Sign up for (or just peruse) the NewsBriefs at

Wednesday, March 9, 2016

Insider Threats to Business Continuity

If you looked around you, could you pick out which of your colleagues is an insider threat? Maybe, but probably not. And, if you could, what would/could you do about it? Sadly, most organizations do not have a much better chance of picking out the threats than you do and less of an idea on how to mitigate the risk they present. If you don’t know how to identify and deal with these human risks, however, your organization can suffer serious consequences. Take a look through this week’s articles to find some ideas on how to deal with insider threats.

Here’s why you need a proactive approach to protecting information assets from authorized users with malicious intent. (Item #1)   While the motivations are usually the same, there are three distinct, but different, types of insiders that can pose a threat to your organization's security. (Item #2)   Organizations can successfully mitigate insider threats using the measures outlined here. (Item #3)

In this article TK Keanini looks at the practical steps that organizations can take to protect data and systems from insider threats. (Item #4)   Teach your employees to keep a secret — after all, your company’s secrets are the treasures you’re trying to protect. (Item #5)   The answer to the question of why some companies would have no special protection against insider threats is an easy one: leaders and managers who make those decisions are people too and given to naturally positive human assumptions and ignorance. (Item #6)

Sign up for (or just peruse) the NewsBriefs at

Wednesday, March 2, 2016

Shelter in Place

Shelter-in-place orders are used more than you might think. Just last month, UMass Amherst (MA) and Gadsden State (AL) were on lockdown for various reasons. Chemical spills in your vicinity, fires, active shooter incidents and many other situations may required that you shelter in place for some period of time. We’re sure you know that you need water, medical supplies, foot, etc., in order to shelter in place. In this week’s articles are some things you may not have thought of.

When conditions outside get tough, where will building occupants go? (Item #1)   How do lockdown and shelter-in-place situations differ? (Item #2)   Remain calm and carry out the procedures in your plan in the event of any situation. (Item #3)

Temporary SIP is a public protection tool used by communities in the United States and around the world; this guidebook discusses the effective use of SIP in the event of a chemical hazard. (Item #4)    To best prepare your staff for an active shooter situation, create an Emergency Action Plan (EAP), and conduct training exercises. (Item #5)   Here is a general guide for preparing a shelter-in-place plan in the workplace. (Item #6)

Sign up for (or just peruse) the NewsBriefs at

Wednesday, February 10, 2016

Cyber Security

It's likely that most of the readers of this newsletter are aware of danger of cyber security threats. What we can't know, however, is whether all of you have incorporated cybersecurity into your business continuity and disaster recovery plans. It definitely should be a priority for organizations of all types. One attack could be severe enough to seriously damage or even close your business. Check this week's articles for more information on how to better prepare for and/or help prevent cybersecurity threats.

Do businesses understand that cybersecurity is the lynchpin for safeguarding their most precious assets -- intellectual property, customer information, financial data, employee records, and much more? (Item #1)   Here are five major trends in cybersecurity that you should have in mind when updating your InfoSec plans for 2016. (Item #2)   This article is meant to be a Panama Canal of sorts... a link between the two disciplines of BCP and cyber security, or cyber for short. (Item #3)

The mounting threat of cyber attack should be a driving force for more enterprises to place it firmly within the context of business continuity planning. (Item #4)   Effectively managing cyber risk means putting in place the right governance and the right supporting processes, along with the right enabling technology.  (Item #5)   It is imperative that you protect your systems from cyber threats -- the lifeblood of your organization depends on it. (Item #6) 

Sign up for (or just peruse) the NewsBriefs at

Wednesday, February 3, 2016

Privacy Issues

Many of us -- maybe most of us -- have been affected by data breaches in the past year. Perhaps your organization is one whose data has been breached by hackers. But your data could have been exposed or stolen in other ways in the workplace, during the data recovery process for example. What controls do you have in place to prevent your disaster recovery process from becoming part of the problem? A newer privacy risk is the proliferation of wearable technology in the workplace. Also of concern is the monitoring of computer/social networking activity by employers. If you have not thought about how some of these issues might impact you, this week’s articles should be of interest.

Disaster plans often address speed to recovery with often overlooked information privacy issues leaving real vulnerabilities to the protection of personally identifiable information. (Item #1)   disaster plans often address speed to recovery, overlooking information security and privacy issues; this results in significant risks to PII. (Item #2)   There are enormous benefits from Big Data analytics, but also massive potential for exposure that could result in anything from embarrassment to outright discrimination. Here's what to look out for - and how to protect yourself and your employees. (Item #3)

Here is a brief explanation of the types of issues that can arise when managing employees and attempting to stay within the bounds of privacy laws. (Item #4)  The impact of wearable technology is ringing alarm bells among privacy advocates. (Item #5)  Employees should therefore be conscious of what information they display on social media websites. (Item #6)

Sign up for (or just peruse) the NewsBriefs at

Wednesday, January 27, 2016


The potential for risk is everywhere around us... how are you planning to mitigate, avoid or transfer the potential risks to your organization? Before you do anything else, you must identify those risks. The New Year brings new sources of risk as well, and each organization needs to do whatever it can to figure out where trouble might lurk. Read this week's articles for clues and suggested mitigation activities.

KPMG has identified seven key strategic, operational and external risk areas that should top CROs' risk management agendas this year. (Item #1)    Technologies and security issues need to be considered for remote access. (Item #2)   The combination of risk management and business continuity provides the level of resiliency that most organizations must achieve in light of the uncertainty that exists today. (Item #3)

Many companies are concerned that business interruption losses, which usually result from property damage, will increasingly be driven by cyber-attacks, technical failure or geo-political instability as new non-physical damage causes of disruption. (Item #4)    Here's some help to fill out a risk assessment template. (Item #5)   The author believes that, without a business continuity plan in place, the basic survival of a company over the medium to long term is severely at risk. (Item #6)

Back issues are available at

Wednesday, January 20, 2016

Business Continuity and the Cloud

Cloud computing -- or SaaS -- is a very much talked about today. Some of the talk is about its benefits (scalability, reliability, accessibility, etc.) but some of the talk is about its drawbacks (complexity, cost, security, etc.).  Whatever your point of view, it seems that the cloud is here to stay, so we all should be considering how and if we can use it effectively and strategically to achieve our disaster recovery and business continuity goals. This week’s articles could prove helpful toward making that decision.

As the cloud matures and continues to provide cost-efficient and scalable methods of computing for infrastructure, applications, and data, it’s likely to become an increasingly popular option for enterprise disaster recovery. (Item #1)   Clouds are here to stay and an increasingly important aspect of how organizations achieve their goals with technology. (Item #2)   There are specific cloud technologies that have become driving factors for better business IT redundancy. (Item #3)

Why is the cloud such a powerful choice for companies' BC and DR requirements? (Item #4)   The jury is still out on whether using cloud-based services increases or decreases the likelihood of business interruptions. (Item #5)   What information do you need to obtain from your cloud provider when it comes to the protection of business-critical data? (Item #6)

Sign up for (or just peruse) the NewsBriefs at

Wednesday, January 13, 2016

Flu and Business Continuity

Although flu season, according to the experts, is starting later this year, we can still expect flu outbreaks over the winter and, like last year, they could be significant. If you haven't planned for flu yet this year, it's not too late to save you and your employees from the effects of this year's flu season. This week's articles provide insight and information to help your organization get through with the least impact.

In addition to preparing for the impact of a flu outbreak, you should consider what you will do to help your employees stay healthy. (Item #1)   The "Mobilizing Against Pandemic" study outlines five simple steps organizations can take to support a mobile workforce in the event of a serious flu outbreak. (Item #2)   Learn what two strategies are recommended to businesses and employers this flu season. (Item #3)

Proper planning will allow employers in the public and private sectors to better protect their employees and lessen the impact of a pandemic or seasonal flu outbreak on society and the economy. (Item #4)   In non-medical terms the flu is explained, followed by how it is spread and then how all executives and facility management in any organization can prepare. (Item #5)   From a numbers standpoint, the flu ravages a business much like it does the human body. (Item #6)

Sign up for (or peruse) past issues of the NewsBriefs at

Wednesday, January 6, 2016

Challenges and Trends for 2016

With every new year, and increasing, changing resources, come the predictions of changes in business continuity and disaster recovery. Many experts and surveys have predicted and/or identified the trends and challenges for BC for 2016. As you look over these articles, consider whether these newest predictions impact your organization and what you should be doing or thinking about to improve your BC/DR situation.

The majority (55.72 percent) of respondents to a Continuity Central survey expect to see small changes, whilst almost a third (30.35 percent) is anticipating large changes in Business Continuity. (Item #1)   Cloud-based disaster recovery and compliance concerns are chief challenges in 2016. (Item #2)   As the growth in data presents new challenges at a range of levels, organizations can take advantage of newer cloud resources, ensuring they make the most of the data explosion. (Item #3)

New technologies are likely to be targets for cyber-criminals, who will try to exploit inherent weaknesses, lack of user experience, or both. (Item #4)   The cloud changes the nature of recovery, because recovery and production no longer have to be treated as two separate entities. (Item #5)   BC has a clear role in embedding resilience in the organization. (Item #6)

Sign up for or peruse past issues of the NewsBriefs at