Business Continuity Blogs
SubscribeCISOs Must Act As The Glue Between BC, DR And Security
May 03, 2012
During the past three years, you may have noticed that security and risk professionals have added a new term to their lexicon – business resiliency. Is this just an attempt by vendors to rebrand business continuity (BC) and IT disaster recovery (DR) in much the same way that vendors rebranded...
Business Continuity Standards Don’t Matter -- But They Should
April 26, 2012
The current state of business continuity management (BCM) standards? Abysmal. According to a joint Forrester/DRJ study, 69% of respondents said that British Standard (BS) 25999 did not influence or only somewhat influenced BCM at their company. It’s not much better for NFPA 1600, 70% of...
Communication And Coordination Should Be The Cornerstone Of Your BC Plan
April 13, 2012
In a recent Forrester/DRJ joint survey on BC preparedness, of organizations that have invoked a BC plan in the last five years, 37% said that their BC plans had not adequately addressed communication.
Workarounds without data?
April 06, 2012
A big part of business continuity planning is making sure we have manual processes or other workarounds in place. They act as interim bandages to keep business processes moving forward. Many organizations, especially those required to do so by regulation, have documented processes...
More evidence critical infrastructure is a train wreck waiting to happen
January 24, 2012
Need more proof that SCADA systems are seriously vulnerable? Here's the story of how hackers messed with railroad signals for a couple days last month, after breaking into a Northwest rail company's computer systems.
SECURITY WISDOM WATCH: SOPA-PIPA edition
January 20, 2012
Debate continues to rage over SOPA and PIPA. My take on the heroes and villains in this drama.
Key Sessions at CISO Executive Summit 2011
December 03, 2011
The EC-Council will host a gathering of public/private sector information security executives and thought-leaders at the CISO Executive Summit 2011 on December 5-6 in Las Vegas. The agenda features panel discussions addressing issues that emerge from the intersection between technology, people, and...
Securing Mobile Data at the Application Layer
October 23, 2011
Data Security is one of the concerns addressed in the OWASP Mobile Security Project; a project focused on the application-level risks that face mobile devices. This installment will look at some of the threats to mobile data and recommended controls to mitigate the associated risks.
Security Metrics and the Balanced Scorecard
October 19, 2011
If you can’t measure it, you can’t manage it. Metrics, the bane and blessing of corporate citizens, emerge from this truism. Metrics allow managers to determine the efficacy of process changes and technology implementation. However, poor metrics sometimes impose an atmosphere of...
The Dark Side of Collaboration
October 16, 2011
Collaboration can be toxic to an Information Security program. Assaulted by conflicting management agendas and priorities, the consensus needed for success sometimes suffers an early death. However, many organizations perpetuate the mantra that collaboration is always a good idea.
Previous Page
Recent Comments
Webcasts
- The CISO's Survival Guide to Securing Data
- Data Privacy and Protection in Production Environments: New Research from Ponemon Institute
- FireEye Advanced Threat Protection KnowledgeVault
- Five Tips to Consider in a Data Security Strategy for Smartphones and Tablets
- Moving Your Email to the Trusted Cloud
- Comprehensive Server Protection
White Papers
