article

Recognising threat - the importance of pre-incident surveillance

The attacks in Paris on 13th November and London on 7/7 show the planning and preparation spent by terrorists and other groups in gathering information to assist with the target selection and operational planning. Any thought that these events occur by chance or on a whim should be banished.

Internet of Things | What does it mean?

 
Internet of Things – What does it mean and how to embrace it?   
 
Sentronex Article | Internet of Things | Continuity Forum Partner
At this year’s Consumer Electronics Show in Las Vegas, IoT, or the ‘Internet of Things’, was the trending buzzword. Samsung CEO BK Yoon even went so far as to boldly state that in five years all Samsung hardware devices will be IoT ready, with televisions connected by 2017.
 
On top of this, Gartner predicts that by 2020 a staggering 26 billion objects will be IoT connected; in other words, IP-enabled, interactive, and ‘smart’. In fact, this growing global market could hit a worth of $7.1 trillion by that date.  
 

What about Resilience?

Risk, Business Continuity and Resilience - are we getting the landscape right?
 
Business Continuity, Resilience and the Rhinos ear
 
Imagine trying to describe or just outline what a Rhinoceros looks like to someone when you have only have seen a small part of the whole animal yourself, perhaps just a foot or an ear.
 
Three toed camel or a resilient  Rhino? When you haven't seen the whole thing it makes it awkward at best, perhaps even impossible. Its certainly rather tricky eh?  You could end up with a Donkey, a three toed Camel or indeed a host of bizarre critters. To describe a Rhino properly you have got to step back and get the whole picture. (We know this is usually done with elephants, but we prefer a rhino for this analogy...  its an ear thing!)  
 
We’re using this example to illustrate one of the most interesting topics emerging across the Risk and Business Continuity Sectors  - Organizational Resilience! 
A lot of people are talking about it and the discussion underway is really interesting. 
 

The Ups and Downs of BC Management

 
Ups and downs of BC article by Ann Pickren, MIR3 COO.You’d think that with the right intentions and a careful, attentive execution, your business continuity plan would be a success, wouldn’t you?
 
Unfortunately, that’s not always the case. Often the smartest professionals prepare a perfect program, but for unforeseen reasons the outcome is less than ideal.
 
What went wrong?
 

Climate adaptation measures and our BCM approach - a user perspective

Business Continuity at Dentons - IntroductionDentons - Global Law firm - creating positive change
 
Dentons is a global law firm driven to provide clients a competitive edge in an increasingly complex and interconnected world. A top 20 firm on the Acritas 2013 Global Elite Brand Index, Dentons' clients benefit from approximately 2,600 lawyers and professionals in more than 75 locations spanning 50-plus countries across Africa, Asia Pacific, Canada, Central Asia, Europe, the Middle East, Russia and the CIS, the UK and the US.
 
The Firm serves the local, regional and global needs of a broad spectrum of clients, including private and public corporations; governments and government agencies; small businesses and start-ups; entrepreneurs; and individuals.
 

Cyber | There's a good time coming...

 
...but it's a good time in coming.
 
‘solitary, poor, nasty, brutish, and short; is not a description of the career of the average cyber security officer. It’s a treatise on a life in a constant state of war by Thomas Hobbes (1588 – 1679).
 

Resilient Cities | What makes a ‘Resilient City’ and why are they so important?

The terms ‘resilience’ and ‘cities’ are becoming synonymous with one another. Issues and concerns surrounding operational continuity and resilience and how we can better prepare urban landscapes around the world for the future are now widely debated topics, gaining air time and frequently covered in the press.

Before assessing the actions we can take to improve how our cities fare over the next 50 years, it is important to look at what actually makes a Resilient City and what will impact its ability to stand up to a future of unknown factors.

Why only grown-ups should be allowed to use computers.

Cyber Security and SME Business

The risks of doing nothing and the problem with SME's

The response received from most small businesses when we talk about the threat that they expose themselves to simply by connecting to the Internet, is normally along the lines of, “Oh we’ve got that covered”.  When we’re met with such a blasé attitude, we sense some sport and probe a little further.
 
The term ‘covered’ turns out to be an interesting phenomenon, as connecting to the Internet can be likened to waking up one morning and finding a rabid dog sitting on your bed - if you’re lucky you’ll be fine, but there’s a very strong probability of things going horribly wrong, resulting in a potentially deadly infection. For most, a more technical definition of ‘covered’ is probably the router provided by their Internet service provider (ISP) and some free antivirus software.
 

What Target teaches us

Learning from Targets experience 

Lessons from the Target Cyber Breach experience

In the run up to Christmas the US retailer Target (TGT) found itself victim of a data theft with some 70 million customers credit details involved and once the news was out the effect on the business was immediate. 

High profile negative media coverage on Target filled news pages just as it needed customers to open wallets and spend. 

Managing Cyber Risk from the top down

 

Connecting Cyber & Information Security with Business at the Top 

Each month seems to bring us a new report showing that business needs to be doing more on the threats to their IT.  Almost daily there are media reports of companies systems being breached by hackers, of data being lost and increasingly sophisticated criminal activity.  The Internet has become ever more part of our business processes around the world bringing new dimensions of communication, information sharing and performance. Our companies IT systems are critical, not just to business performance, but to organisational survival. 

So you think you're an auditor?

submitted article
 
Why BCM Audit need special consideration You are implementing a business continuity management system (BCMS) for the first time and you discover that one of the requirements is to conduct “internal audits”. What do you do? Who should be the auditor? Do they need to be trained? All valid questions (along with scores of others which you will doubtless ask yourself) which invariably will be rushed through without much thought into what is trying to be achieved (apart from a tick in the BCMS/certification box). 
 
Done well, audits are an excellent way for your business to learn what’s working and what needs to be improved but done badly they soon become robotic and worse, potentially divisive. Internal audits are a requirement of any management system standard so if you are committed to implementing a meaningful BCMS you might as well do it properly from the outset.
 
 

Business Continuity - BS 25999, ISO 22301 and ISO 22313

 
Click to visit the BSI
In May 2012, the International Standardization Organization (ISO) published ISO 22301 – Business continuity management systems – Requirements.  Although this standard was long in the making the response has been very positive - and with the promise of ISO 22313 – Business continuity management – Guidance – before the end of this year, it seems it was worth the wait.  
 
ISO 22301 blends the requirements from several national standards, including those from the USA, Japan, Singapore, Canada and Australia.  The similarity with BS 25999-2, however, is most evident.  A comparison of the BS and ISO standards reveals little difference in the requirements.  And in Clause 8 of the ISO, where the business continuity programme requirements reside, the text is identical in many places.
 

What is business continuity?

 
What is Business Continuity?
 
Business Continuity is defined by the International Standards Organization as the: 
"capability of the organization to continue delivery of services or products at acceptable predefined levels following disruptive incidents"*
*Source ISO 22300 Vocabulary 
Why is Business Continuity important?
 
Organizations of all types and sizes, public and private are effected all the time by "disruptive incidents'. These can be extreme, such as a natural disaster or more likely something mundane, such as a burst water pipe, the loss of power or other services, ICT issues and other forms of incident that disrupts the normal work of the organization.  The disruption caused usually impacts on the capability of the organization to perform its normal activities and as a consequence impacts on customers or other stakeholders, adding additional costs and creating the potential for losses in financial and even social terms.
 

ISO 22301 ... Business Continuity, Red Tape and Seat belts

 
ISO22301 Business ContinuityThere has been some fairly active discussion on a few of the industry forums recently about how standards such as BS25999 and ISO22301 are being seen as potentially even more 'red tape' by many businesses and SME companies in particular.
 
A key comment made was that many smaller organisations are under tremendous pressure at the moment, with more loaded on them by adding Business Continuity to the mix through the new ISO. It was summed up by the title … "It's unlikely that SME's will welcome the new standard with open arms".  
 
While I have great sympathy with the position taken about the plethora of regulations, legislation and other seemingly nonsense GUMPF* that surrounds us and eats away our time, I confess unsurprisingly though it's very hard to agree this is at all valid when it comes to Business Continuity.
 

Supply Chain questionnaire for Business Continuity

 
In August 2011, Gayle Hedgecock was the guest speaker at BANG!  During an entertaining evening, she posed the question: "Just how many Continuity questionnaires must I fill in each year?"
 
In her case, it was scores of the things; others were lucky and had fewer to do, but it became clear that ALL the questionnaires were different, even though in reality they were asking the same questions.   It was just that the questions were phrased slightly differently, or were in a different order.  In some cases, they were asking questions that had little relevance to Continuity...
 
Syndicate content

Business Continuity Forum creating Resilince and security

Creating Continuity... Building Resilience...