Stories by Derek Slater

Business continuity and disaster recovery planning: The basics

Disaster recovery and business continuity planning are processes that help organizations prepare for disruptive events—whether those events might include a hurricane or simply a power outage caused by a backhoe in the parking lot. The CSO's involvement in this process can range from overseeing the plan, to providing input and support, to putting the plan into action during an emergency. This primer (compiled from articles on CSOonline) explains the basic concepts of business continuity planning and also directs you to more resources on the topic. Last update: 5/20/2015.

Derek Slater | 22 May | Read more

Taking a risk on risk management

Greg Kaden is a lawyer specializing in corporate bankruptcy at Goulston and Storrs. Seeing changes and trends in risk management and insurance, Kaden and a few colleagues pitched the creation of a subsidiary called Fort Hill Risk Management.

Derek Slater | 05 Dec | Read more

I like risk

Many chess players--and I'm sure you are going to find this hard to believe--are boring. Even to their fellow chess players.

Derek Slater | 04 Dec | Read more

Cloud control

I had the pleasure of sharing the stage at the Cloud Leadership Forum with John Howie. Howie is the newly minted chief operating officer for the Cloud Security Alliance. He came to the CSA after a tenure at "a large cloud provider"--very large indeed--and was able to address both my questions and those from the audience in excellent, useful detail.

Derek Slater | 26 Sep | Read more

Pulling it all together: A special report on GRC

I like the concept of governance, risk and compliance (GRC) for two reasons. One reason is completely tactical, the other completely conceptual. First, the tactical: compliance complexity reduction. This garbled regulatory compliance landscape is madness. Madness! Every year for six years running, more than half of our State of the CSO survey respondents have said they will spend an increasing amount of time on regulatory compliance work.

Derek Slater | 22 Aug | Read more

Getting unstuck

The rate of change these days is so high that occasionally I think: "I'm just looking for a nice rut to fall into. Six months in a rut sounds really relaxing right now."

Derek Slater | 06 Jul | Read more

Disaster recovery is a success just waiting to happen

Security--the topic, and thus the department--sometimes gets pigeonholed as a downer. Maybe from time to time you notice a coworker avoiding getting in the elevator with you. A CSO once told me it's even worse when you get in the elevator and some wiseacre turns to put his hands on the wall--as if expecting you to frisk him.

Derek Slater | 17 May | Read more