08
May 18

The Register – New and inventive code is transforming your business – and bringing with it new and inventive ways for things to fail

Businesses are becoming increasingly digitalised, with operations and customer experiences relying on data and devices being online all the time.

Application architectures and practices are evolving around high-availability and low-touch administration to allow rapid change, while also serving a variety of platforms.

Increasingly, this is putting tier-one business applications, such as enterprise resource planning and collaboration, on the frontline. These tier-one apps are the lifeblood of digital business: of real-time manufacturing, of decision taking, of customer interaction.

So, OK, you’ve digitalised your operation, but what if your system goes down or data is lost? Remember WannaCry in 2017: critical hospital systems locked down by a global ransomware outbreak?

More of The Register article from Dave Cartwright


23
Feb 18

Continuity Central – Less than half of North American companies tested their IT DR plans in the last year

The majority of businesses in North America are not fully prepared to handle a major disaster striking their IT, network and communications infrastructure according to a biennial technology survey conducted by Evolve IP. The survey of approximately 1,000 IT professionals and executives uncovered risky behaviors exhibited by the majority of organizations including incomplete and untested disaster recovery plans and outdated technologies and methodologies. The survey also identified three main characteristics of organizations that felt ‘very prepared’ to recover from a disaster.

More of the Continuity Central post


27
Dec 17

Continuity Central – A significant number of organizations do not know how much of their IT budget is being spent on IT resilience

Research from Databarracks, has revealed that 30 percent of organizations do not know how much of their IT budget is being spent on disaster recovery and backup services. This follows wider industry research finding that firms in Europe and North America spend seven percent of their IT budget on backup and disaster recovery.

Data from Databarracks’ annual Data Health Check survey revealed a number of insights into organizational attitudes and approaches towards IT resiliency, including:

25 percent do not know what percentage of their IT budget should be allocated for disaster recovery and business continuity;
Only 43 percent of organizations have tested their disaster recovery processes over the past 12 months;
29 percent of respondents answered “less than £1,000” when asked ‘how much annually does your organization spend on backup/DR solutions’.
Peter Groucutt, managing director of Databarracks comments: “It’s often difficult for IT to secure investment for resiliency because it’s not seen as a particularly dynamic or sexy investment that will add value like a new customer-facing system. But we all know we need to invest in resilience to ensure our continued operation.”

More of the Continuity Central article


29
Nov 17

Continuity Central – Common trends and weaknesses in crisis preparedness and business resilience

Victoria Cross, managing partner, Instinctif Partners’ Business Resilience team, discusses the top trends which have emerged from the company’s CrisisOptic and RecallOptic online diagnostic and benchmarking tools over the past year.

In the year since the CrisisOptic and RecallOptic tools have been available, we have helped over 50 businesses and organizations to quantify their business resilience. Three areas have emerged as common weaknesses in crisis preparedness and business resilience strategies and the following article looks at these in turn:

Post-incident review is a weak area

A score of 100 percent is the highest that can be achieved in each category measured, with the Review category (conducting and learning from a post-incident review) being identified as the most common area of weakness. Many of the companies obtained a low score in this area, with some even scoring zero. The average score was 50.7 per cent.

Interestingly, although overall it might be expected that larger companies would generally score more highly, size has not proved a clear indicator of preparedness. In fact, we have seen both global brands and small manufacturers scoring zero in this category.

More of the Continuity Central post


09
Nov 17

Continuity Central – Cascading effects and escalations in wide-area power failures

A new academic paper has been published that looks at the cascading impacts of wide-area power outages. Supported by London Resilience, the paper has been written by the Cascading Disasters Research Group of UCL’s Institute For Risk And Disaster Reduction.

‘Cascading effects and escalations in wide-area power failures’ aims to “provide a synthetic overview of the cascading effects caused by wide-area power failures, and to define the recurrent impacts and sources of escalation.”

The format uses bullet points and examples to facilitate reading in conditions of limited availability of time.

More of the Continuity Central post


07
Nov 17

ZDNet – SaaS, PaaS, and IaaS: Understand the differences

Understanding the cloud is critical to the future of business. Here’s a brief explanation of the three layers by which cloud services are delivered.

Cloud computing is one technology moving faster than almost all others toward becoming table stakes in enterprise IT. In 2017 alone, the public cloud services market is predicted to grow 18 percent, hitting a value of $246.8 billion, according to research firm Gartner.

Understanding the cloud can help business leaders make more strategic investments and remain competitive going forward. Cloud clarity starts with understanding the model itself.

As a service
According to 451 Research analyst Carl Brooks, for a technology solution to qualify as “as a Service,” it has to meet the National Institute of Standards and Technology (NIST) definition parameters, which he paraphrased as “self-service, paid on-demand, elastic, scalable, programmatically accessible (APIs), and available over the network.”

More of the ZDNet article from Conner Forest


01
Nov 17

Continuity Central – PwC survey highlights massive corporate planning failures when it comes to cyber security

44 percent of the 9,500 executives in 122 countries surveyed say they do not have an overall information security strategy; 48 percent do not have an employee security awareness training programme, and 54 percent don’t have an incident response process.

PwC has published its 2018 Global State of Information Security Survey (GSISS).

Executives worldwide acknowledge the increasingly high stakes of cyber insecurity. 40 percent of survey respondents cite the disruption of operations as the biggest consequence of a cyber attack; 39 percent cite the compromise of sensitive data; 32 percent cite harm to product quality, and 22 percent cite threat to human life.

Yet despite this awareness, many companies at risk of cyber attacks remain unprepared to deal with them. 44 percent say they do not have an overall information security strategy. 48 percent say they do not have an employee security awareness training programme, and 54 percent say they do not have an incident response process.

More of the Continuity Central post


31
Oct 17

ZDNet – DIY-IT guide to disaster preparedness: Because it’s always something

2017 has been an extremely difficult year for much of North America. We were hit with hurricanes Harvey, Irma, and Mary in the southeast, and wildfires through much of the west. Other regions suffered their own disasters and challenges, as well.

Hurricane risk blankets the southern and eastern coasts. Landslides occur anywhere the ground is too soft with too many rainstorms. Even in areas not normally subject to coastal hurricanes, heavy rains can cause catastrophic flooding. High winds and atmospheric conditions cause tornadoes, particularly through the middle states. Tectonic fault lines slice through the core of of our nation, causing small and devastating earthquakes.

More of the ZDNet article from David Gerwitz


30
Oct 17

Continuity Central – Future business continuity: how technology and strategy improvements will impact the profession

The business world is facing a period of rapid change with various emerging technologies, especially artificial intelligence and machine learning, expected to fundamentally change the structure of organizations and society. How might these developments impact the business continuity profession? Charles Boffin makes some suggestions…

Everyone agrees that business continuity will be changing over the next few years and into the foreseeable future; but, as with any other changing landscape, the future is never a specific of finely shaped object: it is a vision. For business continuity, the end vision is a fully resilient environment which means that things don’t fail and, if they do, they are resolved immediately with no loss of service. This general view of the future of our profession is fine as we build our technological credentials and capabilities, but there are three prime movers involved, and each requires a different response:

1. External factors that can be forecasted

This covers issues such bad weather, demonstrations and civil unrest, economic factors, viruses (human!) and other aspects where we can see events unfolding or likely to happen in a given place. In these cases, responses can be planned and contingencies created.

More of the Continuity Central post


26
Oct 17

Continuity Central – Key trends in business continuity invocations

ach year Sungard AS publishes a summary of its business continuity service invocations, providing useful insights into incident trends. Here Daren Howell presents four key trends from the most recent data.

It’s easy to take for granted or forget the extent to which our lives now rely upon technology that is always on. Every now and again, however, something happens to remind us of this reliance and it’s often an uncomfortable situation for everyone involved. As IT environments become increasingly complex, unfortunately these types of incidents are only going to increase.

Over the past few years, there has been a steady uptick in the number of instances that businesses have required recovery services, reversing what was a long-established downward trend. Businesses are facing an evolving threat landscape, with the increase in malicious cyber attacks, alongside changing working habits that have seen more flexible approaches to the workplace environment and the infiltration of different and more complex technologies such as Artificial Intelligence and the Internet of Things. It’s perhaps, therefore, unsurprising that the need for recovery support is on the rise, however it is not always for the reasons you would expect.

More of the Continuity Central post