27
Dec 17

Continuity Central – A significant number of organizations do not know how much of their IT budget is being spent on IT resilience

Research from Databarracks, has revealed that 30 percent of organizations do not know how much of their IT budget is being spent on disaster recovery and backup services. This follows wider industry research finding that firms in Europe and North America spend seven percent of their IT budget on backup and disaster recovery.

Data from Databarracks’ annual Data Health Check survey revealed a number of insights into organizational attitudes and approaches towards IT resiliency, including:

25 percent do not know what percentage of their IT budget should be allocated for disaster recovery and business continuity;
Only 43 percent of organizations have tested their disaster recovery processes over the past 12 months;
29 percent of respondents answered “less than £1,000” when asked ‘how much annually does your organization spend on backup/DR solutions’.
Peter Groucutt, managing director of Databarracks comments: “It’s often difficult for IT to secure investment for resiliency because it’s not seen as a particularly dynamic or sexy investment that will add value like a new customer-facing system. But we all know we need to invest in resilience to ensure our continued operation.”

More of the Continuity Central article


29
Nov 17

Continuity Central – Common trends and weaknesses in crisis preparedness and business resilience

Victoria Cross, managing partner, Instinctif Partners’ Business Resilience team, discusses the top trends which have emerged from the company’s CrisisOptic and RecallOptic online diagnostic and benchmarking tools over the past year.

In the year since the CrisisOptic and RecallOptic tools have been available, we have helped over 50 businesses and organizations to quantify their business resilience. Three areas have emerged as common weaknesses in crisis preparedness and business resilience strategies and the following article looks at these in turn:

Post-incident review is a weak area

A score of 100 percent is the highest that can be achieved in each category measured, with the Review category (conducting and learning from a post-incident review) being identified as the most common area of weakness. Many of the companies obtained a low score in this area, with some even scoring zero. The average score was 50.7 per cent.

Interestingly, although overall it might be expected that larger companies would generally score more highly, size has not proved a clear indicator of preparedness. In fact, we have seen both global brands and small manufacturers scoring zero in this category.

More of the Continuity Central post


28
Nov 17

ZDNet – Cloud computing: How to build a business case

Like any other major tech project, moving workloads into the cloud needs a solid business case — one that takes into account all the likely costs and benefits — before a company can decide whether it’s the correct move.

Cloud migration may be a tougher proposition than a standard IT project because companies have to consider a wider variety of issues — like what to do with all those servers, or even entire data centers, that may be made redundant by the move.

The business case should calculate the costs of migrating to the cloud — which include the cost of moving systems over, as well as the cost of running services in the cloud after migration — and then compare them to the costs of keeping systems in-house.

More of the ZDNet post from Steve Ranger


24
Nov 17

The Register – VMware refuses to support its wares running in Azure

VMware has responded to Microsoft’s plan to run its stack in Azure, by saying customers who choose that option will have to forego support.

“This offering has been developed independent of VMware, and is neither certified nor supported by VMware,” wrote Virtzilla’s senior veep for product development and cloud services Ajay Patel.” Patel added that no VMware partners have collaborated with the company to build Microsoft’s offering.

VMware’s reason for denying support was explained on the basis that standing up a VMware-based cloud service needs a lot of careful work one does not simply walk into Mordor.

“Our experience has shown public cloud environments require significant joint engineering to run enterprise workloads,” Patel wrote, later charactering VMware-on-AWS as a “a jointly architected, and fully tested and validated cloud service”

More of The Register article from Simon Sharwood


09
Nov 17

Continuity Central – Cascading effects and escalations in wide-area power failures

A new academic paper has been published that looks at the cascading impacts of wide-area power outages. Supported by London Resilience, the paper has been written by the Cascading Disasters Research Group of UCL’s Institute For Risk And Disaster Reduction.

‘Cascading effects and escalations in wide-area power failures’ aims to “provide a synthetic overview of the cascading effects caused by wide-area power failures, and to define the recurrent impacts and sources of escalation.”

The format uses bullet points and examples to facilitate reading in conditions of limited availability of time.

More of the Continuity Central post


01
Nov 17

Continuity Central – PwC survey highlights massive corporate planning failures when it comes to cyber security

44 percent of the 9,500 executives in 122 countries surveyed say they do not have an overall information security strategy; 48 percent do not have an employee security awareness training programme, and 54 percent don’t have an incident response process.

PwC has published its 2018 Global State of Information Security Survey (GSISS).

Executives worldwide acknowledge the increasingly high stakes of cyber insecurity. 40 percent of survey respondents cite the disruption of operations as the biggest consequence of a cyber attack; 39 percent cite the compromise of sensitive data; 32 percent cite harm to product quality, and 22 percent cite threat to human life.

Yet despite this awareness, many companies at risk of cyber attacks remain unprepared to deal with them. 44 percent say they do not have an overall information security strategy. 48 percent say they do not have an employee security awareness training programme, and 54 percent say they do not have an incident response process.

More of the Continuity Central post


31
Oct 17

ZDNet – DIY-IT guide to disaster preparedness: Because it’s always something

2017 has been an extremely difficult year for much of North America. We were hit with hurricanes Harvey, Irma, and Mary in the southeast, and wildfires through much of the west. Other regions suffered their own disasters and challenges, as well.

Hurricane risk blankets the southern and eastern coasts. Landslides occur anywhere the ground is too soft with too many rainstorms. Even in areas not normally subject to coastal hurricanes, heavy rains can cause catastrophic flooding. High winds and atmospheric conditions cause tornadoes, particularly through the middle states. Tectonic fault lines slice through the core of of our nation, causing small and devastating earthquakes.

More of the ZDNet article from David Gerwitz


26
Oct 17

Continuity Central – Key trends in business continuity invocations

ach year Sungard AS publishes a summary of its business continuity service invocations, providing useful insights into incident trends. Here Daren Howell presents four key trends from the most recent data.

It’s easy to take for granted or forget the extent to which our lives now rely upon technology that is always on. Every now and again, however, something happens to remind us of this reliance and it’s often an uncomfortable situation for everyone involved. As IT environments become increasingly complex, unfortunately these types of incidents are only going to increase.

Over the past few years, there has been a steady uptick in the number of instances that businesses have required recovery services, reversing what was a long-established downward trend. Businesses are facing an evolving threat landscape, with the increase in malicious cyber attacks, alongside changing working habits that have seen more flexible approaches to the workplace environment and the infiltration of different and more complex technologies such as Artificial Intelligence and the Internet of Things. It’s perhaps, therefore, unsurprising that the need for recovery support is on the rise, however it is not always for the reasons you would expect.

More of the Continuity Central post


18
Sep 17

Continuity Central – Disaster recovery is a key driver of trend to move virtual workloads to the cloud

Druva has published the results of its 2017 VMware Cloud Migration Survey, which looked at how enterprises working in a VMware environment are approaching cloud migration. The survey results show a powerful trend toward moving virtual workloads to the cloud due to its lower cost, with Amazon Web Services (AWS) being the preferred destination for workload migrations. Disaster recovery, workload mobility, and archival automation were all strong adoption drivers, with many organizations looking to save money and maximize IT initiatives focused on simplifying their infrastructure.

Key findings of the Druva 2017 VMware Cloud Migration Survey:

There is a major shift in the VMware market to migrate data centres to the cloud. 90 percent of companies are aiming to migrate their workloads by 2018, with a clear preference for AWS (47 percent), followed by Microsoft Azure (25 percent).

More of the Continuity Central article


07
Sep 17

Continuity Central – Crisis preparedness and its impact on shareholder value

All commercial organizations operating in the digital era exist within a challenging landscape. Underlying trust is weak; expectations of good, transparent governance are high; and acceptance of failure is low.

At the same time, communicating with stakeholders is becoming more complex as traditional addressable audiences fragment into ever-evolving, always-online socially-connected communities, guaranteeing that issues and crises play out very publicly and swiftly.

To navigate these challenges successfully and to protect value for shareholders as companies grow, it’s vital to enhance business resilience. Reducing risk and building trust should be as important as innovating and pursuing operational excellence.

What is a crisis?

The British Standard for Crisis Management (BS 11200:2014) defines a crisis as “An abnormal and unstable situation that threatens the organization’s strategic objectives, reputation or viability.” Understanding this definition is vital in helping an organization to prepare itself to deal with a crisis. Through worst-case scenario planning, organizations can identify what abnormal events they could be exposed to, the impact of abnormal events on the ability to execute strategic objectives, and the damage that could be caused to reputation and viability.

More of the Continuity Central post from Robert McAllister