Feds Issue a Computer Security Incident Handling Guide

The National Institute of Standards and Technology (NIST) of the US Department of Commerce has just released a 79 page guide on how security incidents should be handled.  This publication (800-61) is Revision 2 of the guide and has a detail discussion of the composition, interrelationships with others (before – during – after) , and responsibilities of the Incident Response Team.

Incident Response Team

To download a full copy of the guide go to:


Include Social Media in Your Business Continuity Plans

6 Ways to Utilize Social Media Before a Disaster Strikes

by Adam Crowe

When creating a disaster recovery plan include social media.  Simple things like having a predefined hash tag (#companynameBC) will make the recover process easier and provide a quick way to get back in business. In addition utilize sites like youtube.com to have instructions on what and how to do it in the recovery process.


Texas prepares for flu pandemic

As the risk for a pandemic increases, Texas prepares.

Radiological and Nuclear Disaster Planning

Meeting ISO 27031 Requirements

Meeting ISO 27031 Requirements

ISO 27031

The ISO Standard defines the Information and Communication Technology (ITC) Requirements for Business Continuity (IRBC) program that supports the mandate for an infrastructure that supports business operations when an event or incident with its related disruptions affects the continuity of critical business functions. This includes security of crucial data as well as enterprise operations.

The ISO standard centers around fours areas; Plan, Do, Check, and Act.

Plan Do Check Act Cycle

  • Plan – Establish a Disaster Recovery Business Continuity policy with objectives, metrics, and processes relevant to managing risk and improving the enterprise’s Information and Communication Technology ability and readiness to operate at the level defined within the parameters of the enterprise’s overall disaster recovery and business continuity objectives.
  • Do – Implement and operate the Disaster Recovery and Business Continuity policies, procedures, controls, and processes.
  • Check – Assess and monitor the performance metrics as defined within the Disaster Recovery and Business Continuity policy metrics and communicate the results to the management of the enterprise. This process can be done via an audit, a test of the plan, or an actual execution of the plan via a post event analysis session.
  • Act – Modify the Disaster Recovery and Business Continuity policies, procedures, and metrics based on the “Check” (audit, test, or execution of the plan) in order to improve the Disaster Recovery and Business Continuity Policy.

Order Disaster Plan TemplateDisaster Plan Sample


IT Job Market Improves

IT job market increases significantly with 20,400 jobs added in July

One in five organizations is looking to hire additional IT staff within the next month – IT is not expected to regain all of the jobs lost during the 2007-09 recession until 2013

There was a net increase of 20,400 seasonally adjusted IT jobs in July  according to the latest BLS data. There was an improvement in computer system  design and related services accounted of 10,400 jobs; 7,000 in telecommunications, 1,900 jobs in Data Processing,  hosting and related services; and another 1,100 jobs in other information  services.

The IT job market growth trend for IT Professionals is down, See chart below.

              Hiring Trend Moving Average

At the same time Janco’s CIO Hiring plans look upbeat with CIO looking to replace consultants and contractors with full time employees. There is general consensus that they will be hiring next year at this time.

IT Hiring Trend

The number of new jobs created continues to be lower than the number of jobs needed   for the  US economy to stay even with adult population growth. The Labor Department has reported the economy added added 163,000 in July up from  80,000 in June ( 69,000 in May) . Unemployment is highest in Nevada  and California.     

IT Job Market Employment Trends

For the first time in several months there were gains in the total number of jobs in all sectors of the IT job market. There was a net increase of 20,400 seasonally adjusted IT jobs in June  according to the latest BLS data. There was an improvement in computer system  design and related services accounted of 10,400 jobs; 7,000 in telecommunications, 1,900 jobs in Data Processing,  hosting and related services; and another 1,100 jobs in other information  services.

IT job market improves - hiring up

IT job market improves - hiring up          

Health Care vs. Financial Services Job Growth

Heath Care Job Growth

Employment is on the rise in Healthcare IT and spending will reach $40 billion by the end of this year. Much of that growth will come from spending on electronic health record (EHR) systems, mobile health applications and efforts to comply with new government standards. Boosted by increased spending on healthcare software — which is needed for the rollout of EHR systems — the U.S. healthcare IT market is expected to grow at a rate of about 24% per year from 2012 to 2014, the study said. Spending on healthcare software rose 20.5% in the past year, from $6.8 billion in 2010 to a projected $8.2 billion this year. Recent mergers and acquisitions in the healthcare IT market also point to growing private-sector interest in software, which will see sales grow at rate of more than 30% annually from 2012 to 2014.

Industries and occupations related to health care, personal care and social assistance, and construction are projected to have the fastest job growth from now until 2020. Total employment is projected to grow by 14.3 percent over the decade, resulting in 20.5 million new jobs. Despite rapid projected growth, construction is not expected to regain all of the jobs lost during the 2009-12 recession. The bad news is that the number of individuals dropping out of the job market continues to increase and the Labor Participation Percentage continues to fall.

Labor Participation Pct


Labor Force Participation Rate Drops

Not a good sign as more workers leave the job market

In July of 2012 the work force participation percentage of all employees (male and female) went down to 63.7% according to the BLS data. That low level has not been seen in over 40 years. That is not a good sign for the overall strength of the recovery.

Work Force Participation

Assuming that there is a significant downsizing of the military and there are no new programs to get jobs for soldiers coming home then the true unemployment levels will not go down for some time.

Compliance requirements drive security

Policy and Procedure Manual – Compliance Management Made Easy
ISO 27000 / HIPAA / SOX / CobiT Compliant

Includes PCI DSS Audit Program
Order Security ManualTable of Contents

Security ManualSecurity incidents are rising at an alarming rate every year. As the complexity of the threats increases, so do the security measures required to protect networks and critical enterprise data. CIOs, Data center operators, network administrators, and other IT professionals need to comprehend the basics of security in order to safely deploy and manage data and networks.


Securing a typical business network and IT infrastructure demands an end-to-end approach with a firm grasp of vulnerabilities and associated protective measures. While such knowledge cannot stop all attempts at network incursion or system attack, it can empower IT professionals to eliminate general problems, greatly reduce potential damages, and quickly detect breaches. With the ever-increasing number and complexity of attacks, vigilant approaches to security in both large and small enterprises are a must. The Security Manual Template meets that requirement.

What is Disaster Recovery

Information on Disaster Recovery

A disaster recovery is a response to a declared disaster or a regional disaster. It is the restoration or recovery of an entire Agent computer. A disaster recovery plan describes how an organization is to deal with potential disasters.

Disaster PlanJust as a disaster is an event that makes the continuation of normal functions impossible, a disaster recovery plan consists of the precautions taken so that the effects of a disaster will be minimized, and the organization will be able to either maintain or quickly resume mission-critical functions.

Typically, disaster recovery planning involves an analysis of business processes and continuity needs; it may also include a significant focus on disaster prevention.

The Disaster Recovery Planning Template (DRP) can be used for any sized enterprise.

The template and supporting material have been updated to be Sarbanes-Oxley compliant.  The complete package includes:

  • Disaster Recovery Plan Template
  • Business and IT Impact Analysis Questionnaire
  • Work Plan

With the template is a 3 page Job Description for the Disaster Recovery Manager.  The Disaster Recovery Plan Template PREMIUM Bundle contains 11 additional key job descriptions.

Clients can also subscribe to Janco’s DRP update service and receive all updates to the DRP Template*.

The DRP template includes everything needed to customize the Disaster Recovery Plan to fit your specific requirement.

 Order Disaster Plan TemplateDisaster Plan Sample