This newsletter highlights all the feature articles published on Continuity Central during September 2017 as well as various resources.

NOTE: If you cannot read this newsletter properly visit www.continuitycentral.com/roundupoct2017.html

FEATURE ARTICLES

ClearView

Business continuity in 2018
Every year Continuity Central conducts a survey looking at the changing trends and challenges in the business continuity profession. We have now launched the latest survey in the series and would like to invite all business continuity professionals to take part.
Take part in the survey
• World

A response to ‘A methodological approach for developing a business impact analysis’
In a recent Continuity Central article Dr. Alberto G. Alexander set out nine methodological steps for developing a business impact analysis (BIA). David Lindstedt has submitted a detailed response to the article…
Read the article
• US / World

Industrial robot hacking: what is the scale of the threat and what can be done about it?
Users of industrial robots from manufacturing to healthcare are unprepared for the real risk of a hacking attack, warns a cyber security expert.
Read the article
• UK / World

Daisy

Developing effective disaster recovery programs: what can we learn from Hurricanes Irma & Harvey?
Geary Sikich looks at some of the ‘lessons learned’ that have been published following Hurricanes Irma & Harvey and provides his own take on these. He also presents a resilience framework, which breaks the resilience process into strategic, operational and tactical levels.
Read the article
• US / World

A methodological approach for developing a business impact analysis
While business impact analysis (BIA) is seen by many as the backbone of any business continuity management system (BCMS) it is lacking a formal methodology. Here, Alberto G. Alexander, Ph.D, MBCI, details nine methodological steps for developing a BIA and discusses information gathering methods and BIA project management aspects.
Read the article
• World

How to diffuse the IT blame game following an incident
Network visibility is often the root cause of difficulties during information security incidents. Keith Bromley explains why this is the case and what organizations can do about the issue.
Read the article
• UK / World

Work area recovery insights: Modern options for work area recovery
Fortress has made available a report which looks at the subject of work area recovery covering the following:

The recovery position

The day to day operation of many firms has changed from physical office space to a much more fluid, remote and online existence. Martin Allen Smith asks what this means for work area recovery and the need for back-up facilities should the worst happen.

Building resilience
We all know that teams work better in engaging work environments, being more creative, making faster and better decisions. This dynamic does not need to change in times of crisis. Andrew Lawton explains how.

More details
• UK

Tips for improving decision making during incidents
Understanding what is happening within our brains when making decisions under stress can help improve performance under pressure. In this article Charles Boffin provides a helpful overview and some useful tips for ways to improve your decision making during incidents.
Read the article
• UK / World

So you have disaster recovery, but can you really avoid downtime?
Disaster recovery is imperative for the survival of any organization and whilst many businesses have some form of strategy in place, they need to ensure they can maintain continuity should a disaster strike. The concept is not new, so why are we still seeing many organizations fall victim to downtime? Johan Pellicaan looks at this question.
Read the article
• World

The security and compliance issues related to instant messaging use
Most organizations now allow employees to use IM in some capacity; or their employees use it anyway! And with IT teams under a lot of pressure, the risks of data leakage that come with IM are often forgotten about. Thomas Fischer thinks that IM threats are worth talking about…
Read the article
• World

RESEARCH, REPORTS & PUBLICATIONS

Continuity2

‘Woefully inadequate’ IT processes for managing user accounts and access are creating risks
One Identity has released study results showing significant gaps in how organizations manage accounts used to access IT infrastructure, systems, and data—gaps that could result in major security and compliance risks.
Read the article
• World

Information Security Forum publishes GDPR implementation guide
The Information Security Forum (ISF) has announced the launch of the ISF GDPR Implementation Guide, which presents best practices for guiding a compliance program ahead of the European Union’s General Data Protection Regulation (GDPR).
Read the article
• Europe / World

Risk management continues to climb up the corporate agenda
Respondents to Sword Active Risk’s annual ARM Global Customer Survey have confirmed that risk management is increasingly important in their organizations.
Read the article
• US / UK

Perpetual Solutions

Survey reveals trends in corporate security and protection
Unpreparedness is still affecting many corporations according to Rave Mobile Safety’s Trends in Corporate Security survey; and lack of clarity about where responsibility lies may be at the root of the problem.
Read the article
• US

Guide for improving business continuity planning in higher education published
Kuali has announced the availability of a free guide to assist higher education based business continuity planners in building leadership support for campus-wide action and inclusion.
Read the article
• US / World

Survey shows strong cyber security helps businesses to grow
A new cyber security report from Vodafone, ‘Cyber Security: The Innovation Accelerator’, highlights a strong link between how cyber security is used and business success, with 86 percent of high-growth companies seeing information security as an enabler of new business opportunities.
Read the article
• Various

eBRP

Business Continuity Institute publishes information security benchmarking report
The Business Continuity Institute, in association with Mimecast, has published the BCI Information Security Report 2017. The report provides a benchmark of how organizations handle sensitive data and how resilient they are when it comes to data protection.
Read the article
• UK/ World

Survey finds that GDPR is still confusing global organizations; and preparations are lacking
With the GDPR (General Data Protection Regulation) deadline set for 25th May 2018, a global survey shows that many organizations are ill-prepared due to uncertainty about the criteria for compliance.
Read the article
• World

Reputation is the most important element of organizational resilience: survey
Protecting reputation tops business leaders list of priorities, ahead of financial achievements and business leadership, according to the world’s first benchmark of organizational resilience published by BSI.
Read the article
• US / World

Capital Continuity

Quantum computers threaten to destroy Internet security as we know it
Researchers are in a race against time to prepare new cryptographic techniques before the arrival of quantum computers, as cryptographers Tanja Lange (Eindhoven University of Technology, the Netherlands) and Daniel J. Bernstein (University of Illinois at Chicago, USA) describe in a paper in the journal Nature.
Read the article
• US / World

Survey shows move towards cloud and away from data centers
Survey results have been published by Unisys which show a trend away from traditional on-premises data centers / centres towards cloud-based hosting.
Read the article
• World

DNS attacks an increasing problem for public and education sector around the world
Councils, schools and government offices were among global public sector and education organizations hit badly by DNS attacks last year – with nearly half reporting dealing with the issue cost them hundreds of thousands of pounds.
Read the article
• World

Many UK risk managers are not properly prepared for a major incident insurance claim
A survey carried out by Echelon Claims Consultants has revealed that many UK risk managers are not well prepared for an insurance claim arising as a result of a major incident.
Read the article
• UK

DRI International releases women in business continuity management study results
Earlier in 2017 DRI International conducted a survey looking at the experiences of women in the business continuity profession. Around 1000 responses were received to the survey and the results have now been published in a white paper.
Read the article
• US / World

Improving metrics in cyber resiliency
The Cloud Security Alliance (CSA) has announced the release of a new white paper designed to help enterprises develop metrics and processes to measure threats before they become cyberattacks and recover functionality lost in the wake of those attacks.
Read the article
• World

Gartner publishes ‘Hype Cycle for Cloud Security in 2017’
The Gartner Hype Cycle for Cloud Security aims to help security professionals understand which emerging technologies are ready for mainstream use, and which are still years away from productive deployments for most organizations.
Read the article
• US / World

New NIST cybersecurity practice guide helps organizations recover from ransomware and other destructive events
NIST has announced the release of its latest practice guide, ‘Data Integrity: Recovering from Ransomware and Other Destructive Events, SP 1800-11’. As a draft NIST Cybersecurity Practice Guide, comments and feedback are being sought.
Read the article
• US / World

COSO launches enterprise risk management framework revision
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has published a revision to its 2004 Enterprise Risk Management–Integrated Framework. ‘ERM Framework: Enterprise Risk Management–Integrating with Strategy and Performance’ builds on its predecessor.
Read the article
• US / World

FSB publishes ‘Business continuity for startups’ guide
The UK Federation of Small Businesses has written a short guide to business continuity, which is aimed at new companies. ‘Business continuity for startups’ explains essential factors to keep in mind to provide effective business continuity for a start-up.
Read the article
• UK

CALL FOR PAPERS

Written a relevant article or white paper? We'd like to consider it for publication on Continuity Central. Simply e-mail editor@continuitycentral.com

You have subscribed to this newsletter. To unsubscribe visit:
http://www.continuitycentral.com/index.php/unsubscribe or e-mail webmaster@continuitycentral.com

This email was from:
Portal Publishing Ltd, PO Box 1393, Huddersfield, HD1 9TN, UK, Tel: +44 1484300750

Continuity Central is a registered trademark