Are rules to tighten over data protection and Business Continuity?

In a move that may well impact on all Business Continuity and IT Security departments the European Vice President responsible for Justice is calling for the introduction of rules forcing banks, e.commerce businesses, social networking sites and others who hold confidential data to tell customers as soon as there has been a data security breach.
Viviane Reding was previously responsible as an EU member for Information, Society and Media before taking the role of Vice-President of the European Commission, responsible for Justice, Fundamental Rights and Citizenship in February 2010.
In a speech centred on the need to bolster online privacy she said "trust in an 'information society' has been damaged by the recent events such as the Sony data breach". Her initiative comes at the end of a long line of data breaches that have affected not just many businesses, but also government departments, including health services and tax offices, around Europe. 
Viviane Reding, EU Vice President JusticeTo address the concerns raised by these events the Justice Minister is looking at toughening up data protection rules that are already in place for the telecommunications industry to include immediate notification to the regulator when Data has been compromised.
The Commissioner is also reviewing the possibility of introducing an enforcement arm that would be responsible for ensuring compliance with the regulations.   
Reding is championing the need for plans to address the digital world and the increasing reliance and embedding if technology into everyday activities. The Minister outlined 5 pillars that were needed to build proper data protection. These are: the right to have data forgotten, transparency, 'privacy by design', making firms and authorities responsible for they handle all data and independent oversight and monitoring.
The responsibility to protect data is already enshrined under the EU Charter of Fundamental Rights, but Reding stressed the need for this Charter principles to be supported as the pace of technology change and use brings new risks. 
Previous attempts to increase the regulation of Data Protection in business have failed due to the added cost burden and a lack of industry consistency on methods with the result that compliance has been been somewhat watered down. 
This time around it may well be different though with the challenge of ensuring business continuity, security and compliance becoming much more important for all organisations.   




Former FEMA Exec advocates all hazards approach to Business Continuity in wake of tornados

The dozens of tornadoes that ripped through the Southern States of the US in 2011 left 340 people dead and hundreds unaccounted for, according to the latest reports from the Associated Press.
In what is one of the worst natural disasters to hit the region since Hurricane Katrina in 2005, the storms have people and businesses scrambling to recover from the incredible devastation. But is it even possible for businesses and employees to prepare for a catastrophe of this scale? 

ISO announce new ICT security standard to improve Business Continuity resilience

ISO security standards and Business Continuity
The International Standards Organisation (ISO) has released a new set of international guidelines to help protect and ensure the security of information and communication technologies and boost Business Continuity capabilities.
ISO/IEC 27031:2011 is aimed at all organisations regardless of their type, size and complexity and it is hoped that through the adoption of the standard greater resilience against hacking, denial of service and malware attacks will be seen.

Obama orders new review of US national preparedness

Obama signs policy directive for Resilience review
President Barack Obama has signed a new presidential policy directive (PPD-8) thataims  to deliver a full review and consequently a more streamlined approach national preparedness policy in the US in the wake of Katrina, H1N1 and the Japan Earthquake.

Brian Kamoie, senior director for preparedness policy on the White House National Security Staff, states that many incidents were examined during the directive’s development, including the 2009 H1N1 pandemic, the Gulf of Mexico oil spill in 2010 as well as Hurricane Katrina. The federal government included 24 national associations representing a range of stakeholders and disciplines in the review of the national preparedness policy.

Project Argus across the UK


Project Argus is a National Counter Terrorism Security Office (NaCTSO) initiative that explores ways of helping business to prevent, handle and recover from a terrorist attack.
Project Argus is a three hour event that utilises multimedia presentations of a simulated terrorist attack and a series of questions and hands on challenges that help participants detail ways in which the organisation could have coped better or indeed have identified the threat earlier.

Introducing the Vulnerability Self-Assessment toolkit - VSAT

The Business Continuity Forum, National Counter Terrorism Security Office and VSAT
VSAT - Vulnerability Self Assessment Toolkit
In February, the Continuity Forum and the National Counter Terrorism Security Office (NACTSO) launched a major new tool to help organisations simply and quickly assess and understand the vulnerabilities of their organisations.
In front of an audience of very nearly 250 people Lord Reid, former Home and Foreign Secretary and one of the most distinguished parliamentarians of recent generations, the Deputy Mayor, Richard Barnes, who chaired the London Assembly 7/7 report and Sir David Veness, one of the most distinguished counterterrorism experts in the world stood alongside the National Counter Terrorism Security Office and Russell Price of the Continuity Forum to launch VSAT, the latest resource designed to help build resilience and create continuity.

Murphy's Law ... Defensive design little light reading

Something to think about for all Business Continuity professionals ...
Murphys Law
Murphy's law (distinct from, and often confused with Finagle's law or Sod's law) is a popular adage in Western culture, which broadly states that things will go wrong in any given situation in which error is possible. "If there's more than one way to do a job, and one of those ways will result in disaster, then somebody will do it that way."
It is most commonly formulated as "Anything that can go wrong will go wrong" and is something we have become all too familiar with in the Business Continuity Field!
Technically speaking, this latter definition is incorrect, given that it refers more accurately to the law of pessimism, Finagle's Law.

Security and CT Portal

Security and Counter Terrorism information Portal
Through this portal page we provide information covering a range of topics that relate to Security and Counter Terrorism information news and advice and connect with your resilience planning  
For nearly a decade the Continuity Forum has been working alongside the National Counter Terrorism Security Office, Police, Home Office and others to bring awareness and advice to organisations on what they can do to better secure and protect not only their organisations, but our communities. 
Here you will find links and information on various resources that will enable you to build your organisations resilience and create continuity. 

Consultation for BS31000 Risk Management Code of Practice starts


BSI are publishing today the revised BS standard 31100 Risk Management Code of Practice as a Draft for Public comment. 


Your assistance in reviewing the Code of Practice and providing feedback would be much appreciated. 

ICM's latest version of Emergency Office now includes Voice and Apple

ICM has launched a new version of their Emergency Office Remote Working Solution with upgraded features that extend the capabilities of the service and raises the bar across the sector by adding voice capabilities.  
The Emergency Office is a remote working solution offering corporate data and now new telephony services from any PC over standard home broadband connection.

ANSI approve ASIS/BSI BCM.01 standard


The American National Standards Institute (ANSI) has approved the ASIS/BSI BCM.01 2010 standard for Business Continuity Management. 


The full name for the standard is ANSI/ASIS/BSI BCM.01:2010, Business Continuity

Dr Marc Siegel

Management Systems - Requirements with Guidance for Use (Joint ASIS International and British Standards Institute (BSI) Standard) and whilst a mouthful it reflects the very close collaboration throughout the whole development process between ASIS and the BSI.  This approach led to a multi-national team being involved with committee formed responsible for the development being co-chaired by Dr Marc Siegel (US) and Kevin Brear (UK) and that also included Russell Price from the Continuity Forum.


GovNet Communications partner with the Continuity Forum for Civil Contingencies 2011

The Continuity Forum is pleased to announce a new partnership with GovNet Communications, one of the leading Public Sector publishers and Events organisers in the UK.  

*** Survey on BS25999 Usage ***

business continuity

This Business Continuity Survey is now closed.

The summary report will be issued in the 1st Qtr of 2011. If you would like more information please contact us directly.

Survey on BS25999 Usage

Some working in the field of Business Continuity may not remember a time before standards, but for many of us in the field for longer, the work of the BCM Committee of the BSI to create the world's first BCM standard was instrumental in developing much-needed consistency and credibility across the sector. The outcome of this work, BS25999, has been at the heart of much of the subsequent development in the discipline, and the BSI has one of the most successful Management Standards ever issued.

As BS25999 approaches its fourth birthday, the BSI BCM/1 committee, is looking to assess the experience and opinions of hundreds of practitioners and BCM managers all around the world on how they are applying BS25999 and its family of related standards and Published Documents in their organisations.

Consequently, the BCM/1 committee has developed the BS25999 2010 Survey, in conjunction with the Business Continuity Institute and the Continuity Forum, which they hope you will find the time to contribute to.

What does the UK Spending Review mean to you! - Survey

With the biggest review of UK PLC public finances for decades and cutbacks predicted across the whole of the Sector, we ask what does this mean for those working in governments  Business Continuity and Emergency Planning areas?

The Continuity Forum is asking those with frontline responsibility for Emergency Planning and Business Continuity what they think the future holds?

Continuity Forum UK Public Sector Spending Review Survey



Click on the link above to contribute your thoughts and views on the impact of the changes.

All contributions are confidential and the report of findings will be available for download in the next few weeks.

We also have a number of other Research studies underway that can be accessed by clicking Research on the Headline Tab above.


New National Security Strategy Launched ... What does it mean for BCM and EP

The UK government has published its revised National Security Strategy entitled “a strong Britain in an age of uncertainty" and within its pages are a number of interesting details that point towards an evolving future for Business Continuity.

The new strategy delivers the coalition governments view on the emerging and current threats to the UK. Closely linked to the recently announced spending review affecting the Armed Forces the national strategy document and other dimensions that are highly relevant to us all and positions the thinking on both risks and importantly responsibilities for them.

Syndicate content

Business Continuity Forum creating Resilince and security

Creating Continuity... Building Resilience...