Daily News Archive

Please note that The Daily News is publishing (hopefully) twice a week for the foreseeable future due to time constraints.

Tuesday, August 1st

There is hardly anything in the world that some man cannot make a little worse and sell a little cheaper.” -- John Ruskin

 

The Picks of the Day

Joe St. Sauver’s Web Page

Joe is the Director of User Services and Network Applications a the University of Oregon Computing Center.  He’s presented on many topics and has many online for people to read.

http://www.uoregon.edu/~joe/

For example, his presentation on SCADA and infrastructure security is excellent and he cites a ton of examples:  http://www.uoregon.edu/~joe/scadaig/infraguard-scada.pdf

 

Agencies urged to consider rules' indirect impact

“Faced with rising costs for complying with regulations, small businesses want Congress to force federal agencies to pay more attention to the financial impact of their rules.  Agencies already are required to analyze the direct economic impact of new regulations and consider less-burdensome alternatives if small businesses would be significantly affected. But they don't have to study indirect impacts, even if these consequences are foreseeable.”

http://losangeles.bizjournals.com/extraedge/washingtonbureau/archive/2006/07/31/bureau1.html?market=losangeles

[There is an interesting sidebar table wherein the author cites a study that there are 4,062 regulations currently in the pipeline & regulatory expenditures amounted to $1.13 trillion last year.]

 

Compliance Control: How Regulations Are Changing The Enterprise

“Jason Bloomberg, a senior analyst with ZapThink, compares the process of staying in compliance with speeding on the highway but speeding less than the car in the other lane.  According to Bloomberg to be away from the eyes of the regulatory body organisations try their best to be more compliant from other organisations.”

http://www.sda-asia.com/sda/news/psecom,id,10152,srn,4,nodeid,4,_language,Singapore.html

 

IT Process Improvement

Failure Modes and Effects Analysis (FMEA)

“Failure Modes and Effects Analysis (FMEA) is methodology for analyzing potential reliability problems early in the development cycle where it is easier to take actions to overcome these issues, thereby enhancing reliability through design. FMEA is used to identify potential failure modes, determine their effect on the operation of the product, and identify actions to mitigate the failures. A crucial step is anticipating what might go wrong with a product. While anticipating every failure mode is not possible, the development team should formulate as extensive a list of potential failure modes as possible.”

http://www.npd-solutions.com/fmea.html

 

Legal and Regulatory Compliance

Happy Birthday, Sarbox!

“When the Sarbanes-Oxley Act came squalling into existence on July 30, 2002, it was widely viewed as an unruly baby, spawning humongous costs and heavy compliance burdens for Corporate America. Now, on its fourth birthday, the law is being viewed in some circles as an amiable child — still difficult in some respects, it's true, but certainly manageable.”

http://www.cfo.com/article.cfm/7241497/c_7241537?f=alerts

 

PCAOB Alerts Auditors on Backdating

“Two days after the Securities and Exchange Commission issued executive-pay-disclosure rules mandating that corporations report on the backdating of stock-option grants, the Public Company Accounting Oversight Board issued guidance to auditors on the same subject.”

http://www.cfo.com/article.cfm/7241385/c_7241537?f=alerts

 

Security and Risk Management

Senator blasts Homeland Security's Net efforts

“A Republican senator on Friday blasted the U.S. Department of Homeland Security's readiness for a massive cyberattack, saying he hasn't seen any improvements since bringing in department officials for questioning last summer.”

http://news.com.com/2100-7348_3-6099753.html

A great quote from Senator Coburn:  “There's going to be an assistant secretary (for cybersecurity and telecommunications), I promise you, even if we have to raise the salary for the position”

Then, a few days later, we get the following news:

 

DHS puts Zitz in charge of cybersecurity division

“The U.S. Department of Homeland Security has found someone to take over the daily responsibility of running the National Cyber Security Division. But the department has yet to fill the vacant post of assistant secretary for cyber security and telecommunication.”

http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1205259,00.html?track=NL-102&ad=557456&asrc=EM_NNL_406182&uid=3121061

 

Internet Infrastructure:  Challenges in Developing a Public/Private Recovery Plan

“Federal laws and regulations that address critical infrastructure protection, disaster recovery, and the telecommunications infrastructure provide broad guidance that applies to the Internet, but it is not clear how useful these authorities would be in helping to recover from a major Internet disruption. Specifically, key legislation on critical infrastructure protection does not address roles and responsibilities in the event of an Internet disruption. Other laws and regulations governing disaster response and emergency communications have never been used for Internet recovery.”

http://www.gao.gov/new.items/d06863t.pdf

 

Human Error / Safety

112 Monitored for Suspectedly Contracted Bird Flu Virus in Thailand

“Thai public health authorities admitted that 112 people from 14 provinces suspected of having contracted avian influenza are being monitored, according to the state-run Thai News Agency.”

http://www.redorbit.com/news/health/594269/112_monitored_for_suspectedly_contracted_bird_flu_virus_in_thailand/index.html?source=r_health

 

Thailand confirms second bird flu outbreak

“Thai officials ordered the slaughter of 300,000 chickens after the second outbreak this year of the deadly H5N1 bird flu virus was discovered on a farm in the northeast.”

http://news.yahoo.com/s/afp/20060730/hl_afp/healthfluthailand_060730232006

 

NE Hurricane Could Cripple Economy

“This month, the nation's best hurricane experts met for the first time ever with nervous insurance industry reps about a storm lurking beyond the horizon.”

http://www.cbsnews.com/stories/2006/07/30/eveningnews/main1847562.shtml

 

Outsourcing / Globalization / International

IBM's Insider in Outsourcing

“Walker thinks the most important trend in outsourcing isn't how much money such arrangements save, but what kind of value they add. For instance, anyone now approaching investment in India purely on a cost basis is missing the real payoff, he believes. Walker spoke to BusinessWeek's Bombay bureau chief Manjeet Kripalani about the changing contours of the outsourcing industry.”

http://www.businessweek.com/globalbiz/content/jul2006/gb20060731_018794.htm?chan=tc&campaign_id=rss_tech

 

TCS Leads India's IT Push Toward China

“With competition for homegrown talent on the rise and salaries rising with it, India's outsourcing vendors are pushing deeper into neighboring China, a country that's still largely untapped as a source of low-cost IT labor.  TCS plowed in last week, announcing agreements with three Chinese companies and Microsoft to launch a Beijing-based joint venture called Tata Consultancy Services (China).”

http://internetweek.cmp.com/showArticle.jhtml?articleId=191600367

[And this is how the societies progress with wages moving up and then new sources of low-cost labor being sought out.  Who will be next after China and how long from now is that?]

 

India As A Global Power

“When India's commerce minister stormed out of the World Trade Organization's global trade talks in Doha, Qatar, last week, it was a reminder of the difficulties that the G-8 leaders must face when they assemble this weekend in St. Petersburg, Russia, for their annual summit. India, a booming democracy where socialist ideologies can still dictate government policy, wants to join the G-8, but the Doha round comes first.”

http://www.forbes.com/business/2006/07/13/g-8-india-invest-cx_rd_0713qanda.html

 

Economics / Business / Misc.

Customers pony up for renewable energy

“The trend is upward elsewhere, too. Utilities in 36 states offer some form of green pricing, and last year 430,000 households bought green power — up 20 percent from a year earlier, the U.S. Energy Department reported.”

http://news.yahoo.com/s/ap/20060729/ap_on_sc/green_pricing_1

 

IT's Enduring Image Crisis

“In the survey, 94 percent of IT professionals reported satisfaction with their current positions, citing job enjoyment (40 percent), good pay (34 percent), liking their field (34 percent) and the ability to be creative (23 percent). Eighty-eight percent of tech pros said they would recommend a career in technology to others.”

http://www.eweek.com/article2/0,1895,1994101,00.asp?kc=EWNAVEMNL073106EOAD

Thursday, August 2nd

"If you make the unconditional commitment to reach your most important goals, if the strength of your decision is sufficient, you will find the way and the power to achieve your goals.” – Robert Conklin

 

The Picks of the Day

Paulson: Regs Went Too Far

“In his first speech as Treasury Secretary, Hank Paulson hints at trimming back Sarbox, suggesting that it's time to ‘achieve the right regulatory balance.’"

http://www.cfo.com/article.cfm/7244995?f=alerts

 

Bird flu-human flu virus mix doesn't transmit easily in animal test

“Tests using ferrets suggest that the deadly H5N1 bird flu virus has to undergo complex genetic changes before it could develop into a pandemic flu virus, according to the U.S. Centers for Disease Control and Prevention.”

http://www.cnn.com/2006/HEALTH/07/31/bird.flu.ferrets/index.html?section=cnn_latest

[Note that the article goes on to cite several researchers, including the CDC director, that this does not mean that the virus can not evolve – it just is not a simple process and other combinations of genetic materials are possible that have not been tested.]

 

Auditor Answers: What Should Your Business Continuity Efforts Focus On?

“Auditor Answers responds to real questions submitted by real readers. This week, the auditor looks at how to preserve business functions in the face of natural disasters and staff decimation.”

http://www.itcinstitute.com/display.aspx?ID=2090

 

IT Process Improvement

Using RACI Charts to Improve Processes

“In understanding current processes, as well as designing new processes, it is vital to recognize the roles and responsibilities required. To this end, processes can be flow-charted and then mapped using a RACI chart in order to understand and clarify responsibilities.  The RACI chart (pronounced “racey”) allows for each task step to be identified; then each stakeholder and their responsibilities can be identified. The resulting chart can be scrutinized for opportunities for improvement.”

http://itmanagement.earthweb.com/columns/article.php/3623611

[Note, a RACI Excel template can be downloaded from http://www.spaffordconsulting.com/RACI_062706_v1a.xls

 

Responsibility Charting

This is a great presentation on how to create and interpret RACI charts.  It goes into far more detail than my article in terms of how to analyze them.

http://www.army.mil/escc/docs/RACI_Approach.pdf

 

OGC Awards ITIL Accreditation to APM Group

http://www.egovmonitor.com/node/6938

 

Exin and ISEB response to OGC announcement

http://en.itsmportal.net/modules.php?op=modload&name=News&file=article&sid=2298

 

Legal and Regulatory Compliance

Silver Bullet for Compliance

“No-one in business today can be unaware of the compliance challenges facing the IT team in protecting company assets and processes. The statistics are clear, abundant and all around us, leaping from headlines on a daily basis; massive financial losses associated with security non-compliance are commonplace, as are high-profile court cases about staff misuse of email where internal policies have failed, along with punitive fines for software license infringement.”

http://www.it-observer.com/articles/1194/silver_bullet_compliance/

[Beware of tech heavy approaches – there is no silver bullet other than to have a clearly defined process to understand risks to the organization (not just to IT) including those presented by regulatory compliance, then identifying the controls necessary to reduce the risks to an acceptable level.  From there, firm specific process wrappers are put in place leveraging best practices.  In some cases, tooling may well be warranted and in others manual processes may be all that is needed and/or cost justifiable.]

 

Restatements jump 67% after Sarbanes-Oxley

“More than 520 companies restated results through the first nine months of last year, the Government Accountability Office said in a report released Tuesday. That compares with 314 in 2002, the year President George W. Bush signed the Sarbanes-Oxley Act into law.”

http://www.freep.com/apps/pbcs.dll/article?AID=/20060802/BUSINESS07/608020455/1020/BUSINESS

 

Visa gives some merchants added compliance measures

“Visa USA has changed the way it classifies some merchants under the Payment Card Industry data security program, a move that will require about 1,000 retailers and other businesses to meet more-rigorous standards for validating their compliance with the PCI edicts.”

http://computerworld.co.nz/news.nsf/news/21FAA44814BD24D6CC2571BD001EC08A

 

At SEC, a Year of Relative Calm

“When former California lawmaker Christopher Cox took the helm of the Securities and Exchange Commission a year ago this week, his arrival inspired a cauldron of rhetoric. . . . Yet, for the most part, Cox has gone out of his way to avoid actions that would incite the passion of admirers -- or the ire of his critics.”

http://www.washingtonpost.com/wp-dyn/content/article/2006/08/01/AR2006080101473.html?referrer=email&referrer=email&referrer=email

 

Security and Risk Management

High Anxiety

“Known as ISO 27001, the standard is laid out in a 34-page manual that covers nearly 200 technology practices and procedures. Getting certified in 27001 can be a lengthy process.”

http://www.cfo.com/article.cfm/7243023?f=alerts

The ISO order page for 27001 is http://www.iso.org/iso/en/CatalogueDetailPage.CatalogueDetail?CSNUMBER=42103&ICS1=35&ICS2=40&ICS3=

[Note:  This is the ISO standard that superseded BS7799-2.]

 

Help! I'm Your Laptop and I've Been Stolen

“As laptop thefts soar, vendors are stepping forward with improved ways of safeguarding mobile systems.  ‘Given all the recent headlines about missing laptops and vulnerable data, businesses have a lot of interest in finding new approaches to protecting their machines,’ says Richard Stiennon, chief analyst at IT-Harvest, a Birmingham, Michigan-based technology research company.”

http://www.cfo.com/article.cfm/7243013?f=FinancialSoftware080106

 

UK Intelligence Community Online

“From here you will be able to get an overview of the provision of intelligence in support of Government and law enforcement, including how the various intelligence and security agencies work together, as well as being able to connect to their individual websites which set out specific roles and responsibilities.  This site reflects the UK Government's desire to be as open as possible about intelligence matters, while recognising the constraints imposed by national security.”

http://www.intelligence.gov.uk/index.asp

 

NIST CSRC:  Guidance for Securing Microsoft Windows XP Home Edition

“NIST is pleased to announce the release of draft Special Publication 800-69, Guidance for Securing Microsoft Windows XP Home Edition: A NIST Security Configuration Checklist. SP 800-69 provides guidance to home users, such as telecommuting Federal employees, on improving the security of their home computers that run Windows XP Home Edition.”

http://csrc.nist.gov/itsec/guidance_WinXP_Home.html

 

The new learning curve: Technological security

“Raising awareness among computer users about privacy protection is a never-ending job, especially on college campuses where the student population changes each year. USA TODAY reporter Mary Beth Marklein examines how and why security breaches have occurred on campus, some of the ways colleges are trying to protect data and how students can protect themselves.”

http://news.yahoo.com/s/usatoday/20060802/tc_usatoday/thenewlearningcurvetechnologicalsecurity

 

Human Error / Safety

Evolving bird flu requires vigilance

“Thailand has come a long way in terms of its efforts towards the prevention, monitoring and containment of bird flu since the first case of the potentially catastrophic H5N1 virus was detected in 2003.”

http://www.nationmultimedia.com/2006/08/01/opinion/opinion_30010045.php

 

AEP shuts Mich. Cook 1 reactor due to heat

“A spokesman for the Columbus, Ohio-based company said the unit was shut down because the temperature in the containment room reached 120 degrees Fahrenheit (49 degrees Celsius), exceeding allowable levels”

http://today.reuters.com/stocks/QuoteCompanyNewsArticle.aspx?view=CN&storyID=2006-07-31T143156Z_01_N31181476_RTRIDST_0_UTILITIES-AEP-COOK-UPDATE-2.XML&rpc=66

[It was hot not just because of the temperature outside but because the weather has been so hot, the cooling water from Lake Michigan was too warm to suitably cool the facility.  Yes, another think to thank global warming for.]

 

Outsourcing / Globalization / International

Indian Tiger Trumps Chinese Dragon

“India has the potential to be the next great bull market of the 21st century, one which I believe will be a better investment opportunity than even China.”

http://www.forbes.com/2006/07/28/india-tata-sensex-in_cd_0731soapbox_inl.html?partner=rss

 

Economics: Risk of bust growing for Chinese economy

“China's leaders are finding that the world's largest command economy no longer responds to their commands.  Growth is hurtling along at the fastest pace in a decade, defying official efforts to curb investment in unneeded factories and real-estate projects.”

http://www.iht.com/articles/2006/07/30/bloomberg/bxecon.php

 

2008 Olympics - the IT ground work in China

“By the end of 2006, Atos will have 60 people working on the Games in Beijing. By 2008 the number will have leapt to more than 400, plus several hundred volunteers.  Hore would not comment on the IT costs for the Games but said they are similar to Athens', which had a combined budget of $1.2bn.”

http://www.silicon.com/research/specialreports/china/0,3800011742,39160294,00.htm

 

Economics / Business / Misc.

Report: Mass bunker under Shanghai

“Shanghai has constructed a massive underground bunker complex capable of sheltering 200,000 people from a nuclear attack, a local newspaper reported”

http://www.cnn.com/2006/WORLD/asiapcf/08/02/china.bunker.ap/index.html

[If you find bunkers/underground complexes of interest, check out:

·         Subterranean bunker-cities
http://bldgblog.blogspot.com/2005/11/subterranean-bunker-cities.html

·         Subterranea Britanica
http://www.subbrit.org.uk/

·         Beijing's Underground City
http://www.china.org.cn/english/travel/125961.htm

·         Beijing Underground City – The Secret Tunnels of the Capital
http://www.drben.net/ChinaReport/Beijing/Landmarks-Hotspots/ChongWen/Underground_City-Beijing_Air_Raid_Shelters/Beijing_DixiaCheng-Beijing_Underground_City.html

 

Can hot weather cool economy?

“The weather is often a business executive's easy excuse for failure.  Blaming Mother Nature, instead of institutional error, for disappointing sales or profits is a common dodge when the atmosphere has been a little off kilter of late.”

http://www.ocregister.com/ocregister/money/columns/article_1230459.php

 

Heat wave could leave lasting price impact

“As a blistering heat wave continued to sear much of the U.S., utilities struggled to produce record amounts of power, natural gas prices soared, and farmers assessed damage to scorched crops. Though temperatures eased Wednesday in the western half of the country, the impact on consumers may be felt long after cooler breezes begin flowing again in the east.”

http://msnbc.msn.com/id/14153714/

 

More economists are using dreaded ‘S’ word

“It's not a term economists toss about lightly, but signs of slowing growth and rising inflation in the U.S. economy have some using the ‘S’ word: stagflation.  Combining the words stagnation and inflation, the term is used to describe periods of rising prices and a stalled economy.

http://msnbc.msn.com/id/14153846/