Vol 673 – Supply Chain Resilience Standards Can Help Formulate Policy

September 21, 2023

Achieving resilient supply chains can be a complex process, especially if components in the supply chain are at risk. As chains get increasingly complex and further removed from the primary organization, a break in a supply chain may be almost impossible to predict and detect – until it occurs, and the domino effect is felt.

Paul Kirvan outlines several supply chain updates that provide insight and also guidance to assist in three important ways: formulate a policy on supply chain resilience, clarify procedures for analyzing supply chains and develop procedures for mitigating disruptions.

Vol 672 – Update on Cloud Standards & How to Use Them to Benefit Your Organization

September 7, 2023

When considering a cloud solution or even when examining options for expanding or reducing cloud investments, knowledge of standards, frameworks and practices addressing cloud technology can be very helpful. From an audit perspective, documented compliance with key cloud standards is essential during an audit. Prospective and existing customers will also appreciate that cloud services are being deployed in compliance with standards.

Paul Kirvan not only outlines a 2023 cloud standards update, he offers 17
recommended steps to take when applying for a standard to a specific activity. You won’t want to miss his expertise

Vol 671 – Enable Innovation by Transforming Business Cybersecurity

August 17, 2023

Delivering innovations and ensuring the organization stays safe are two of the biggest priorities for the modern company. Unfortunately, many see these two priorities as being at odds, with the ever-increasing number of cybersecurity requirements and regulations seeming to slow down and stifle work and innovation at every turn. But does that have to be the case? Research shows a link between cybersecurity and business success.

Zac Amos offers valuable thoughts and suggestions on balancing risk-taking with risk management and why maximizing cybersecurity can help rather than hinder your mission.

Vol 670 – 23 Business Continuity Statistics You Need to Know

August 3, 2023

By popular demand we are back to you with another practical and meaty article by Dale Shulmistra – this time on business continuity statistics.

Today’s stats reveal that small and mid-sized businesses (SMBs) have gotten better about embracing business continuity planning over the last few decades. Particularly following the attacks of September 11, 2001, and the ever-increasing reliance on business data, organizations have implemented stronger technologies and protocols to limit interruptions from unexpected disasters.

However, statistics suggest many organizations still face costly disruptions, due to a wide range of threats. Here’s a breakdown of the 23 most telling stats on business continuity and disaster recovery.

Vol 669 – 6 Reasons Not to Pay the Ransom in a Ransomware Attack

July 20, 2023

The ransomware threat is huge. By encrypting data, hackers effectively lock companies out of their computer systems, bringing operations to a halt and in some cases forcing businesses to shutter their doors permanently. Given these high stakes, it’s no surprise that many businesses are forced to consider giving hackers what they want — a ransom payment to decrypt the data. But should they? In most cases, the answer is no. Businesses should avoid paying the ransom unless they have no other viable options for survival. In this post, Dale Shulminstra explores the reasons.

Vol 668 Enhancing Digital Operational Resilience The PIE FARM Approach

July 6, 2023

Businesses are increasingly reliant on digital systems to operate efficiently. Technological advancements come with vulnerabilities that can disrupt operations. To mitigate these risks, organizations must develop robust digital operational resilience programs. New regulatory changes are in scope for some financial services institutions via the new European Union’s Digital Operational Resilience Act (EU DORA). Developing an effective approach has become increasingly important. Experts James Seaman and Michael Gioia explain how the PIE FARM approach can enhance the development of an effective “Digital Operational Resilience Program”.

Vol 667 – Understanding the Cost of Recovery: Lessons from a Category 4 Hurricane

June 22, 2023

The damages from Hurricane Ian remind us all too well of the potential costs associated with a major Category 4 Hurricane. How can you predict the cost of recovery and why does it seem to cost more than estimated property values?

Commercially speaking, estimating the cost of a future build can be quite different from calculating the cost of recovering a building given conditions may be worse and extremely difficult to manage. Recovery expert and veteran, Jim Wills, explains that circumstances in a recovery operation generally are met with obstacles beyond our control.

Vol 665 – Key Performance Indicators for Achieving Resilience

June 8, 2023

Perhaps the number one concern of resilience professionals is “How well will my resilience plan work when a real event occurs?” This is true for just about any plans or procedures that address disruptive events and how to respond to them.

One way – most likely the best way – to ensure that resilience plans will work as designed is to exercise them.

Another technique is to identify characteristics of the plan that can be measured in some way. Specifically, the goal is to examine and rate the performance of specific plan attributes. Industry veteran, Paul Kirvan, describes KPIs and provides examples of KPIs for resilience.

Vol 664 – Are Your Physical Security Systems Cyber Secure?

May 18, 2023

Physical security systems are often thought of as separate from cybersecurity systems. One protects an organization in the real world while the other protects it in the virtual world. However, physical security systems themselves need protection from cyber criminals, just like computer servers need physical protection. Physical security systems are highly appealing targets for hackers, especially today’s smart connected cameras. In March 2021, over 150,000 security cameras belonging to numerous organizations — including Tesla Motors and several jails and hospitals — were breached by a group of hacker activists. Zac Amos, tech features editor, outlines 5 steps you can take to build cyber-resilient physical security. 

Vol. 663 – Can We Break it? 9 Business Continuity Plan Testing Scenarios

May 4, 2023

Creating a business continuity plan (BCP) is only the first step toward implementing a rock-solid continuity strategy. The systems and protocols outlined in your plan might sound good in theory, but how do they hold up in a real-world disaster? There’s no way to know for sure without testing them. This is a critical component of continuity planning.

Dale Shulmistra outlines 9 Business Continuity plan testing scenarios that can ensure your technologies and teams are ready for anything.

Vol. 662 – Update on Cybersecurity Standards – 2023

April 20, 2023

Among the top five boardroom technology issues is cybersecurity – how to prevent cyberattacks, how to detect them and how to mitigate them. Reports in the media regularly cite examples of how these attacks penetrate even the most formidable corporate network perimeters.

And while professionals and perpetrators maintain a continuous cat-and-mouse game, the attacks still occur. Paul Kirvan provides an update on the most important cybersecurity standards, regulations and frameworks.

Vol. 661 – A New Outlook in Physical Infrastructure Threat Management for 2023 and Beyond

April 6, 2023

In recent years, the approach to physical infrastructure threat management has undergone a significant shift. With advances in technology and data analytics, organizations can take a more proactive and holistic approach to manage risks to their assets.

The integration of data analytics and artificial intelligence (AI) enables organizations to go beyond reactive measures and identify potential threats before they occur.

Our expert this week, Joseph Chukwube, explores these trends.