Wednesday, October 26, 2016

Business Continuity Planning

When's the last time you dusted off, reviewed and updated your business continuity plan? Many of you will answer never or several years ago. If you haven't done so in the last year, you definitely need to be doing it now so you can be confident in it if you have to use it. Do all your employees know about it and what their roles are, even the new employees? We thought not. Soon we will turn back the clocks and we should be tuning up our plans as well.

Creating, updating, and testing your plan are all critical to responding successfully to a natural disaster or other business disruption. (Item #1)   A common cause of failure to implement BCM successfully is a lack of people with the right level of knowledge and skills, and the purpose of planning and delivering a business continuity training and awareness campaign is to avoid that pitfall. (Item #2)   Lack of water could present serious challenges to an organization, especially one that operates in an area where access is scarce. (Item #3)

These seven elements are essential parts of any effective business continuity strategy. (Item #4)   If you set aside time once or twice a year to review your plans, you can identify new risks and monitor the effectiveness of your current risk management strategies. (Item #5)   Institute a prep-at-home program at work… ensure your employees are personally prepared at home for a crisis. (Item #6)

For the full issue, click here.

Wednesday, October 19, 2016

Risk Management

Everything we do has a certain level of risk. It’s the way you manage those risks that could spell the difference between success and failure. This week’s articles can help identify the potential risks you face and how to accept them, mitigate them or avoid them.

One of the most important tests of true risk management effectiveness is the level of risk management integration into decision making. (Item #1)    This guide will help you to identify potential risks, make preparations for emergencies and test how your business is likely to cope in a disaster. (Item #2)    Proper risk management implies control of possible future events and is proactive rather than reactive. (Item #3)

Risk is all about uncertainty. (Item #4)    Your risk management plan should detail your strategy for dealing with risks specific to your business. (Item #5)    Here’s an explanation of risk, uncertainty and business strategy. (Item #6)

For the full issue, click here.

Wednesday, October 12, 2016

Crisis Communication

Winston Churchill once said that a lie gets halfway around the world before the truth has a chance to get its pants on. This is also true of news about a crisis and your response to it. You have to be ready to talk to all stakeholders when a crisis occurs, as soon as it occurs -- to get out in front of it. The first response does not have to be definitive, because you will need to refine the message as you learn more about the situation. But you do have to respond. This issue can help with your response... and check out the worst crisis communications mistakes in Item #5.

The basic steps of effective crisis communications are not difficult, but they require advance work in order to minimize damage. (Item #1)   Let’s take a look at who’s done crisis communication poorly, who’s done it well, and finally, how user experience professionals can lead the charge within their teams to champion a proactive crisis communication plan. (Item #2)   Dealing with a technical crisis can be a major support headache; here’s what to do when things go wrong. (Item #3)

If there’s one area where organizations stumble when responding to breaches, it’s in keeping stakeholders informed, and doing that job well requires having plans in place long before cyber-criminals come calling. (Item #4)   There are 13 key elements to creating a successful crisis communications strategy; check these tongue-in-cheek examples of how companies continue to get even the basics wrong. (Item #5)   This article provides some of the best examples of crisis communication. (Item #6)

For the full issue, click here.

Wednesday, October 5, 2016

Cyber Security Awareness

Because October is Cyber Security Awareness Month, we thought we would take a look at how organizations can raise awareness of cyber security among their own employees. Many studies have shown that employees are the usually the weakest link in the cyber security chain and all could benefit from more frequent, consistent training. This is not to say that they are the only firewall against cyber attacks (see article #3), but the more they know the more they can be helpful in shoring up your cyber security efforts.

Employees are the weakest links when it comes to the security of an organization. (Item #1)   This slide show identifies 10 tips that can help you educate your employees and develop policies that will help mitigate ever-growing cybersecurity risks. (Item #2)   Expecting non-security professionals to be able to identify and stop the intrusion methodologies of today’s cyber adversaries is unrealistic, costly and provides little benefit for the effort required. (Item #3)

The first step in reducing the role of human error in cyber security incidents is to establish a cyber security policy for your employees that states the do’s and don'ts of cyber security. (Item #4)   Even the most knowledgeable workers take big risks with company data. (Item #5)   Small businesses need a cybersecurity strategy to protect their own business, their customers, and their data from growing cybersecurity threats. (Item #6) 

For the full issue, click here.