By:
On:
In: *Connecting the Dots Blog*, Business Continuity, Regulatory Compliance, Risk Management

  Is Measuring Risk Possible? I saw a discussion question recently asking how to measure risk? My first reaction was…do you measure risk?  I say no. Do you measure security?  Do you measure prevention?   I would say no and no. Do you measure cake? Not usually, unless you are paying for cake by the pound, but measuring the cake does not guarantee the cake is any good. Determining if the cake is any good depends on how the cake looks and how the cake tastes.  To make a good cake, you need to measure each of the ingredients for the cake (internal) and you needRead More →

By:
On:
In: *Connecting the Dots Blog*, Human Resources, Information Privacy, Information Security, Risk Management

  In a recent Dark Reading article, new research from Trusteer revealed that mobile users are the most likely to fall victim to fake e-mail messages and visit phishing sites. Once they arrive at the fraudulent site they are also three times more likely than users on PCs to provide sensitive login information. Why are mobile users more vulnerable? Availability – smartphones are with their users 24/7 so e-mails are checked more frequently. Phishing attacks generally get their victims during their initial launch, as after a certain time frame sites are taken down, blocked or shut down. Size – the smaller screens of mobile devicesRead More →

By:
On:
In: *Connecting the Dots Blog*, School Safety

  Much of the media spotlight in 2010 was given to bullying, cyberbullying, bullying legislation, bullycides, bullying lawsuits and more.  However, most of the attention was focused on reacting to problems and consequences. In 2011, rather than continuing to discuss how to address bullying once it occurs, reading about young children driven to suicide after countless years of bullying and debating over states implementing anti-bullying laws, perhaps school and community leaders can work together to prevent and mitigate this escalating challenge? In 2011, hopefully schools will be focused on solving bullying related problems, preventing bullying and preventing bullying consequences. The OCR “Dear Colleague” letter inRead More →

By:
On:
In: *Connecting the Dots Blog*, Incident Reporting, School Safety

  In a recent Boston Globe article, several Massachusetts school administrators discussed how they were implementing (or not implementing) the new state requirements for bullying. The new anti-bullying law can potentially expose schools — and individual staffers — to lawsuits by parents or state authorities if incidents of bullying are not handled properly. One of the key requirements is for school leaders to thoroughly investigate all reports of bullying and document actions taken.  One superintendent claimed, “I like to keep the informal stuff in my head.”  But, keeping informal reports and incidents in one faculty member’s head provides no documentation of a student skipping school,Read More →

By:
On:
In: *Connecting the Dots Blog*, Uncategorized

  As the end of 2010 approaches, it is a great time to review lessons learned and decide where you need to be to ensure better results in 2011. Lessons learned from WikiLeaks, OCR and NSBA Dear Colleague letters, breaches, lawsuits, fines and numerous other failures clearly reveal how risks, threats, regulations, liabilities, vulnerabilities and obligations are changing.  Are you, your entire organization and your partners prepared for 2011? Status quo is not the way to keep up with change and status quo is clearly taking a serious toll on organizations around the world. Status quo is also expensive and perhaps Albert Einstein said itRead More →

By:
On:
In: *Connecting the Dots Blog*, Regulatory Compliance, Risk Management, School Safety

  Natasha Alam from True Blood has joined the growing list of celebrities speaking out publicly against bullying.  Celebrities are raising awareness and bringing attention to this escalating challenge. Alam recently filmed an anti-bullying public service announcement (PSA), click here to learn more. Canada recently targeted bullying with their National Bullying Awareness Week and the UK recently promoted the Big March to bring attention to bullying, violence and harassment in schools. Each of these efforts encourages people to speak out about bullying and victimization, and adults are being urged to listen.  These campaigns also mention prevention, the need for awareness and how everyone (students, parents,Read More →

By:
On:
In: *Connecting the Dots Blog*, Emergency Management, School Safety, Workplace Violence

  Tips prevent a lot of bad things from happening within organizations, but tips alone are not the answer based on recent lessons learned.  The Christmas Day Bomber attack was prevented and lives saved thanks to tips, but also thanks to the FBI’s proactive efforts in confidentially sharing information with other key players, such as law enforcement and local government. An anonymous tip from Saudi Arabian intelligence helped to locate package bombs that were sent from Yemen.  No doubt these package bombs could have caused a lot of damage and loss of lives, had specialized prevention teams not taken proactive actions to locate and confiscate theRead More →

By:
On:
In: *Connecting the Dots Blog*, Emergency Management, Risk Management

All of this TSA stuff on the news is getting a little crazy…it almost seems like the media is looking for passengers who are looking for attention. But once again the lessons learned are clear…at least if we all agree on the primary goal. Hopefully everyone agrees that our main goal is safety and national security, because I don’t know about you, but when I am flying through the clouds at 35,000 feet I do not want the plane to blow up. So if we are all in agreement, then it comes down to human beings – pilots, passengers and security personnel – having situationalRead More →

By:
On:
In: *Connecting the Dots Blog*, Emergency Management, Incident Reporting

  Airline security is a hot topic and it reminded me about my experiences flying to Israel earlier this year. Have you ever flown into or out of Israel?  I flew in and out of Tel Aviv this past year and the differences between airline security in the USA and Israel were like night and day in so many ways. Have you heard of Isaac Yeffet? For those of you who do not know, Isaac Yeffet is the former head of security for El Al of Israel.  In an interview I listened to last night, Yeffet said…”technology in general can never replace a qualified andRead More →

By:
On:
In: *Connecting the Dots Blog*, Business Continuity, Emergency Management, Human Resources, Incident Reporting, Information Security, Regulatory Compliance

  General Information Personally Identifiable Information Intelligence Information Industry Information Regulatory Information Legal Information Risk Information Customer Information Emergency Information Competitive Information Etc…. Most people and their organizations would agree they are overwhelmed by information that is spread all over in e-mails, web sites, binders, intranets, etc. BUT, most people and their organizations would also agree they are not overwhelmed by awareness, and more specifically they are not overwhelmed by Situational Awareness. Lessons learned continue to reveal that just having information is not enough.  Most of the highly publicized tragedies and incidents reveal that information in the form of red flags or intelligence or riskRead More →