Disaster recovery and business continuity planning are processes that help organizations prepare for disruptive events—whether those events might include a hurricane or simply a power outage caused by a backhoe in the parking lot. The CSO's involvement in this process can range from overseeing the plan, to providing input and support, to putting the plan into action during an emergency. This primer (compiled from articles on CSOonline) explains the basic concepts of business continuity planning and also directs you to more resources on the topic. Last update: 5/20/2015.
Derek Slater |
22 May |
Read more
For a short and very enjoyable history lesson, watch this Youtube video.
Derek Slater |
20 Dec |
Read more
Get out of the office, look around, and get a fresh perspective on protecting employees, assets, and data
Derek Slater |
14 Dec |
Read more
Greg Kaden is a lawyer specializing in corporate bankruptcy at Goulston and Storrs. Seeing changes and trends in risk management and insurance, Kaden and a few colleagues pitched the creation of a subsidiary called Fort Hill Risk Management.
Derek Slater |
05 Dec |
Read more
Many chess players--and I'm sure you are going to find this hard to believe--are boring. Even to their fellow chess players.
Derek Slater |
04 Dec |
Read more
Resilience, speed and visibility. Those are three magic words that make any supply chain manager's ears perk up.
Derek Slater |
27 Nov |
Read more
Sometimes agents of change have to turn up to volume. And sometimes not.
Derek Slater |
18 Oct |
Read more
Security as a profession has come a long way in the last decade. This is not just noteworthy, it's also worth celebrating.
Derek Slater |
01 Oct |
Read more
I had the pleasure of sharing the stage at the Cloud Leadership Forum with John Howie. Howie is the newly minted chief operating officer for the Cloud Security Alliance. He came to the CSA after a tenure at "a large cloud provider"--very large indeed--and was able to address both my questions and those from the audience in excellent, useful detail.
Derek Slater |
26 Sep |
Read more
I like the concept of governance, risk and compliance (GRC) for two reasons. One reason is completely tactical, the other completely conceptual. First, the tactical: compliance complexity reduction. This garbled regulatory compliance landscape is madness. Madness! Every year for six years running, more than half of our State of the CSO survey respondents have said they will spend an increasing amount of time on regulatory compliance work.
Derek Slater |
22 Aug |
Read more
The rate of change these days is so high that occasionally I think: "I'm just looking for a nice rut to fall into. Six months in a rut sounds really relaxing right now."
Derek Slater |
06 Jul |
Read more
Security--the topic, and thus the department--sometimes gets pigeonholed as a downer. Maybe from time to time you notice a coworker avoiding getting in the elevator with you. A CSO once told me it's even worse when you get in the elevator and some wiseacre turns to put his hands on the wall--as if expecting you to frisk him.
Derek Slater |
17 May |
Read more
I have a degree in Linguistics. (But I have a job anyway! Rimshot!) So I have some training in arguing about semantics.
Derek Slater |
06 Apr |
Read more
1. The Senate bill called the Public Company Accounting Reform and Investor Protection Act became law under the name...
Derek Slater |
17 Mar |
Read more
A few decades ago, some genius had this outrageous idea: "Let's put everything online." Everything. Measureless reams of information all piled up on the World Wide Web. The audacity of this concept should not go unappreciated.
Derek Slater |
16 Mar |
Read more