Must-Have Business Skills for a Security Risk Management Program
On May 29, 2019, I performed a Google search for the words “Business Risk Management Approach” in news headlines. I got close to 5,000 results from just the previous 24 hours. I am sure I [...]
Effective Business Continuity: Program vs Plan
Many organizations think that effective business continuity planning is synonymous with great plan documentation. It’s not. Yes, plan documentation is extremely important. BUT… many organizations fail to recognize that effective business continuity plans – and [...]
NFPA 1600 2019 Edition: A Resource for Every Practitioner’s and Auditor’s Toolbox
The 2019 edition of the American National Standard, “NFPA 1600 Standard on Continuity, Emergency, and Crisis Management” has been published by the USA-based National Fire Protection Association. This standard, which is the most mature standard [...]
Can “Resilience” Survive? – The Fundamental Questions behind Resilience
Introduction On the west side of the city sits an outfitting shop that sells everything a person needs to survive in the wild; to the owner, resilience means being able to live without modern conveniences. [...]
Security Budgets and the Risk Tolerance Question
We’ve all been there. It’s annual budget time and we are told that belts are tightening and we have to cut costs. Where does the finance organization look first for savings? That’s right… to the [...]
An Enterprise Needs More Than a Compliant BC Program to Be Resilient
IT Disaster Recovery (ITDR) is about 40 years old and its younger sibling Business Continuity (BC) has passed the 30-year mark. The premise for ITDR was that we needed to be capable of dealing with [...]
How do you Communicate Security Risk to Business Executives?
Security and Business Leaders: A Communications Gap When I find myself talking to a group of security professionals, eventually the topic will turn to whatever security breach was in the news that morning, and how [...]
Supply Chain Risk
Supply Chain Risk The exact nature of Organizational Resilience and how it differs from traditional Business Continuity has generated much heated debate and very few definite conclusions over the past five years. One concept most [...]
A Few Simple Gadgets for Your Exercise Toolbox ― They Hold the Key to Your Success!
Exercises are the “bread and butter” of emergency management. they are the way we train our staff, validate our plans, and prove that we can recover our company, organization or agency. What I have observed [...]
The Increasing Complexity of Supply Chains and the BC Professional
This article discusses how supply chain disruptions have become one of the key issues facing business continuity and risk professionals. It considers the need for organizations to establish and maintain resilient and sustainable supply chains [...]
A Brand New World – Virtual Emergency Operations Centers (VEOC)
We all know what a physical Emergency Operations Center (EOC) looks and feels like. The physical EOC is the "nerve center" of the company's recovery operations. It houses subject matter experts from different areas of [...]
The Importance of Design Teams in Creating a Targeted Cyber Breach Exercise
Businesses and organizations defend against unending attempts to steal their computer data or damage their systems. Few, however, have serious plans for how they will respond to the impact of an actual breach. And even [...]