Monday, December 16, 2013

A holiday gift for the family

 1965, outside Union Station in Seattle.
There's a new UW study that re-calibrates the effects of a magnitude 7.0 earthquake on the Greater Seattle region, including impacts from landslides.The Seattle Times did a front page story on the findings this morning, and at the same time re-published its excellent guide to disaster preparedness that we saw earlier this year.

While you're buying presents for others, how about one for your family and your house?  Use the guide (or my book) to gather a list of supplies for a disaster kit.  Or stop by Costco or Target or other big stores and pick up one of their pre-prepared kits, usually found in either a large plastic drum or a backpack.  Then stick it under the tree with a big bow on it, and cross that particular task off your "to do" list.

If you've already got such a kit, then create or update your family emergency plan:  where will you all meet if you can't get home? who will you call to let the rest of the family know where you are and that you are ok?  what city resources should each of you know about?  finally, what is the plan if phones don't work?

Monday, December 2, 2013

Work and think smart during the holiday season

Here's a link to a terrific story in The Street this morning, on the risks that folks run in conducting business transactions (like online banking) over unsecured public wireless platforms.  It seems especially appropriate on the day we call Cyber Monday.

In the chapter called "Online" in Advice From A Risk Detective, I talk more about how to secure your online work, including some of the products that I've found useful to protect against malware and viruses.

Later this week, I'll be talking about securing your home -- and packages that might be arriving --  over the holiday season.  It's time to review the traditions and practices that have become so comfortable, to ensure that you're minimizing your risk both at home and online.

To the left is a comfortable practice that goes back 30+ years: picking up holiday trimmings at the Hunter Tree Farm tree lot in neighboring Wedgwood.  What could make that tradition even more safe?

Monday, November 25, 2013

Give Thanks Any Day

Team Rubicon in the Philippines
Thanksgiving is the day we celebrate the day when Native Americans sat down with Pilgrims and ate together.  For some of us, it's a better holiday than all the others combined because we reflect upon just how much we have to be thankful for.

Team Rubicon in Port-Au-Prince, Haiti
But there's no reason we can't recognize and celebrate unselfish work every day.  Or any day.  Those of you who read me on Facebook may know how much I admire the veterans' volunteer organization called Team Rubicon and the work that these volunteers do during disasters.  They were early into the Philippines and into the devastation in Washington, Illinois.  They sent teams  to help with Hurricane Sandy's aftereffects. Earlier (above), they were in Haiti to help with recovery efforts.  If you'd like to learn more about their efforts or support their work, here's their story.

There are numerous other teams and organizations who do great work and could use your support, or a simple thank you, including our public servants who do their job day after day.

Wave when a fire truck or an ambulance or a police car goes by and give these folks a thumbs up -- something bright and positive to cheer them on.

Say thank you to the bus driver, knowing that profession has become a lot riskier the past couple of years.

You get the idea.

If you're out of ideas on where to donate or how to help and you live in Seattle, then consider a donation to the Seattle Times' fund for the needy, which yesterday discussed one of my favorite charities, Wellspring Family Service.

 Better yet, if you have some spare time, roll up your sleeves and volunteer.  There are so many food banks and emergency services organizations that could use your time, especially this time of year.

So take the risk out of  the beginning of a frenzied season that has become mostly about glitter and gifts.  You'll find that you always get back more than you give, even when giving thanks and helping out.

Monday, November 18, 2013

"Events beyond our control"

"So what you're saying is that you specialize in events beyond our control?"

I don't know how I've never come to this somewhat eccentric description of operational risk management myself.  At cocktail parties, I usually say that I specialize in the unexpected, in things that go bump in the night.   But I'm starting already to refine what he said.

ted aljibe
Tacloban, The Phillipines

Photo of tornado damage in Washington, Illinois.
Washington, Illinois tornado impact this past weekend
A cask of nuclear fuel is lifted by workers during operations to remove fuel rods from a spent fuel pool at Tokyo Electric Power Co's Fukushima Daiichi nuclear power plant in Fukushima prefecture, Japan, on Monday. Picture: REUTERS
Fukashima nuclear rod being lifted some hours ago.

My work is all about identifying events both within and beyond our control so we can plan in advance, thereby reducing both the magnitude, impact and financial loss that results from such events.  Three recent events are shown above, but businesses also sometimes find themselves in events beyond their control when their intellectual property is stolen, or when their online site is compromised.

What's so exciting about what I do is that it's both worldly and academic.  And I'm right out there on the edge, working with some of the best minds available, while teaching the next generation from examples that litter our universe right now of loss and mismanagement.

I was reminded of the intellectual vortex I frequently sit in this weekend, when Mike Crandall sent over his review of the book we'll be publishing by the end of the month, a second volume in a series of research notes.    Here's his take:

“This second volume of Annie Searle’s Reflections on Risk continues her tradition of bringing critical issues facing our society to the forefront through a careful combination of education, collaboration and inspiration. The essays in this book are a result of her mentorship and guidance of students in the University of Washington Master of Science in Information Management program at the University of Washington Information School, and provide a window into the varied and complex issues facing individuals and organizations as we move further into the Information Age. The background and insights provided in this work should be required reading for all; they illuminate the numerous and diverse challenges we face in managing and securing our information assets in the digital world, as well as providing a glimpse into the minds that will be shaping our future. “

·   Michael Crandall, Senior Lecturer and Director, iAffiliates Program, University of Washington Information School

Thanks Mike, and thanks to the unnamed executive who made this tidy summary of the work.  There are 14 authors in this second volume, and we'll be featuring some more extended discussion here of the work when we are closer to publication.

Monday, October 28, 2013

A great honor

Events near the end of October have a way of forcing me to choose among equally enticing prospects.  Rather than attend this year's Executive Women's Forum in Scottsdale, I flew to Reno to help present the 2013 Hall of Fame Awards & Gala for the International Network of Women in Emergency Management and Homeland Security.  The event is only three years old.  I was honored and amazed to be inducted in 2011, along with Eleanor Roosevelt and Clara Barton.  Last year's inductees were splendid.  And this year, we kept the bar high.

Two distinguished Washingtonians were honored:  Mary Schoenfeld, a pioneer in the field of emergency management and school crisis management.  She's been in the field over 30 years and has written 5 books and countless articles. She is an inspiration to each of us.  Here, she is pictured in the president of inWEM, Dr. Jacqueline McBride, who also hosted the evening's festivities.

Also honored in memoriam was Ben Dew from FEMA Region
X and prior to that, Washington State emergency management.  He is the author of the strategy we now call
"Neighbor Helping Neighbor."  More than one person remembered him and his "Never give up" mantra during the evening.

And there were others who received awards that evening as well, including four of the women pictured below.  Left to right:  Judge Renee Cardwell Hughes (Red Cross),
Cheryl (on behalf of Delta Sigma Theta), Fire Chief Toni B. Washington, Dr. Meloyde Batten-Mikens (2012 awardee), and Fire Chief Debra Prior.

Here's Mary Anne McKown, author/synthesizer
extraordinaire for some of our finest national documents, including the National Response Plan, the National Response Framework, and the National Emergency Communications Plan.  That's just a small taste of the work she began when she left Booz Allen become a government employee after 9/11.

Different stories for each of the awardees, but overall you could say that each of these women understands public service, the notion of giving back on behalf of something larger than yourself, and a keen desire to leave the world a better place.

Friday, October 11, 2013

Earthquake planning

In yesterday's operational risk seminar that I teach at the University of Washington, our guest speaker was UW seismologist and information scientist Bill Steele.  In the first hour of class, he used a presentation he had recently made to state government on the development of an alert system that could mitigate certain types of public safety issues during an earthquake.  I've seen parts of the presentation before, and was struck again by the message that is driven home: disaster preparedness reduces costs over the long run.  And it may also reduce business interruption costs by as much as 20%.  Despite these facts, we are a long way from having an effective earthquake alert system in this state that could provide up to 3 minutes of warning before we felt the shock; and that could also be used to stop trains and elevators, and alert schools so that children could drop, cover and hold.

In our seminar the previous week,  I had talked about neuroscientist Tali Sharot's book, The Optimism Bias: A Tour of the Irrationally Positive Brain.  For those of you who might be curious, I've included a link to her TED talk.

How does this optimism bias play into disaster preparedness at the personal level?  You have only to listen to some of your under-prepared friends and neighbors -- "It will never happen in my lifetime" and/or "I know it's going to happen but I have plenty of time to put my emergency kit and plan together."  Sharot calls this underestimating negative events.

So to nudge you along -- including those who live outside earthquake zones but in areas where floods, hurricanes, extreme weather or tornadoes happen -- here's a link to the pull-out center section of last Sunday's Seattle Times magazine, titled "Ready to Rumble."  You can use it as a guide to preparations on your home and for your family against most types of events.

Saturday, October 5, 2013

It doesn't cost much to ensure your home's security

I might have written this article by Deborah Abrams myself.  It bears a great similarity to the advice and points I provide in the first chapter of Advice From A Risk Detective, including my recommendation to use wooden dowels to secure windows that don't lock well.

As fall turns into winter, and it becomes darker earlier in the day, it's worth it to review what easy and inexpensive steps you might take to secure your home.  As you're doing fall cleanup, do make sure that shrubs are not covering windows.  The only shrub we have near a first floor window is a prickly holly bush, which is an effective deterrent on the curb side of the house.

Friday, October 4, 2013

"That which does not kill us makes us stronger." -- Frederich Nietzsche

 Many of you have heard me comment on these issues previously, but this is the first post I am making on, and I wanted to set up some of the issues I will be discussing in the future.

We might argue with any number of Nietzsche's philosophical tenants, but this statement seems to define not only the human condition but also the quality of resilience that we aspire to in the plans and programs we build around business continuity and disaster recovery.

Americans are not the only people tested sorely in the past several years by hurricanes, tornadoes, tropical storms, wildfires, floods, extreme heat or earthquakes.  Nor have we had to bear the triple scenario that included a magnitude 9 earthquake, a tsunami, and the failure of major nuclear power plants in Japan in 2011.  Debris from those events is still washing up on the coast of the State of Washington, where I live.  That series of events in Japan should lead all of us in business continuity and emergency management to reconsider the fundamental assumptions on which we make our plans, and ask "What really is the worst case, now that conditions on the Earth have changed so significantly from climate change?"  For there's no doubt that things have changed, even though our plans have probably not been dusted off more than once a year for a drill or exercise, rather than an actual fail-over for the technology components.

The world has changed in other ways than natural disasters.  The intrusion of technology into all aspects of our lives and work means that a company's ability to respond to certain types of disasters is not wholly within their own hands.  Its technology and online presence are dependent upon the power grid to drive both physical and virtual assets; and, as individuals, we are dependent upon the communications sector to provide sufficient bandwidth to power our multitude of smartphones and other devices.

Technology and online are also dependent upon strong online security so that websites are not compromised by cyber amateurs or terrorists.  We know clearly that certain parts of our critical infrastructure, in particular our power grids, offer relatively easy targets to those who wish to disrupt the physical infrastructure upon which most of us have come to depend.  Other parts of our infrastructure like banking and finance offer more ready targets to cyber-terrorists.

Then there's social media.  Some of us deal better than others with it, and its power to do good or wrong.    I've written previously on cyber bullies as well as on exceptional social media programs managed by police, fire and public utilities. In future blogs, I'll look more closely at examples of each.

In business, the foundation for practical, usable, streamlined business continuity plans is the information derived from the tool we call the Business Impact Analysis (BIA).   That information identifies and ranks the most critical business processes for a company.  In doing so, it acts also as a repository of the company's operational risks, as well as estimates of what the failure of the business process would cost to reputation, to revenues, and in terms of regulatory compliance.

I'll stop here by suggesting that it's not until we go all the way back to review our critical business processes to ensure we have absolute breakdowns into sub-processes that we can strengthen our respective levels of resilience by re-ranking and re-architecting business processes based on the current conditions.  So we're not dead yet, but we have fewer dollars to spend to close the gaps.  In the meantime, fires, floods, hurricanes and the Syrian Electronic Army (SEA) continue to present unprecedented challenges.

Wednesday, September 25, 2013

The Great Washington Shakeout

October is Disaster Preparedness Month, and here's a blog from Washington State's Emergency Management Division that covers all the bases where earthquakes are concerned.  If you live in Washington State, there's a link to sign up for the Great Washington Shakeout later this month.

092513_Pakistan_earthquake_02.JPGThe photos just in from Pakistan this morning show what kind of devastation a 7.7 magnitude earthquake can bring.

The second photo is of a new island that has risen as a result of the earthquake. Photos courtesy Al-Jazeera.


Pakistani survivors gather around their destroyed houses in the earthquake-devastated district of Awaran on Wednesday.

Tuesday, September 24, 2013

Managing risk across the enterprise -- five years ago

Many of us had seen the handwriting on the wall:  when there is nothing your boss can tell you that is different than statements released to the press and to the Wall Street markets, then it's time to start reviewing other opportunities.  Five years ago, I had started to do that, thinking there would be time enough to leave at the end of the year.

Little did we know that the FDIC had already conducted an auction of Washington Mutual, and that the lucky bidder was JPMorgan Chase.  On September 25, 2008, at the end of the day, it came across the wires:  the FDIC had seized Washington Mutual.  Later that evening, we all hopped on to a teleconference with Jamie Dimon.  The next morning, his team was in town to meet with senior management.

Washington Mutual had taken on so much credit and market risk that it sank under the weight of fear and disbelief generated once Lehman Brothers failed earlier in the month. The media continued to grind out stories on which banks were too big to fail, as credit rating agencies, themselves later found to be in disgrace, continued to downgrade Washington Mutual.  Depositors started taking their money out of the bank, which led to more of the same.  Which led the FDIC to take the actions it did.

Five years later, I see some of the same types of reckless behaviors in large banks.  The behavior seems to be unaffected by large fines or the expansion of enterprise risk management functions.  When 80-90% of your focus is on task and achievement of corporate goals, then ethical behavior takes a back seat to greed and ambition.

Risk-taking is an essential part of growth.  So is doing the right thing.

Tonight some of us are going to lift a glass to a company that had everything we could imagine early in 2000, when it started to grow exponentially.  Great people that respected each other and did the right thing.  A culture that valued teamwork, innovation and excellence and was not afraid of either growth or change.  There are lessons here that can be extrapolated for other companies struggling right now with some of the same challenges.

I am happy to have kept in touch with so many of my Washington Mutual colleagues,  pleased to see where they have landed and the differences they are making for other companies now.

Monday, September 23, 2013

Taking it up a notch

I like applying what I know to related disciplines, so it was a real pleasure to be invited for two days of panel work in Washington DC last week, at the National Academies.  All four are housed in The Keck Center -- the National Institute of Science, the National Institute of Medicine, the National Institute of Engineering, and the National Research Board, under whose aegis my panel was located -- and it's an elegant, functional building.

I was most taken by the large interior wall that I never did get a full shot of, but here are some of the elements that are part of the wall.

The Darwin quote and image to the right are part of an element of the wall shown above.

I was also taken by the cornerstone quote from Thomas Jefferson on the outside of the building.

The work we were able to accomplish in two days was significant.  It will lead to the creation of a guidebook for managing risk across the enterprise in state departments of transportation.  Our ten person panel is a mix of risk managers from departments of transportation around the country and several risk experts, as well as liaisons from federal agencies like the Federal Highway Administration and TSA.  I'll be reading a number of proposals from potential contractors for the work, as well as coming up to speed in risk literature that has already been created by the National Research Council.  We'll meet again later this year to select the contractor.

A side benefit of the work is access to the National Academies Bookstore.

I brought back two books published by the Council that pertain to my ongoing research, writing and speaking, but especially to the introductory operational risk course I start teaching this week.   The first is an older publication, Biotechnology Research in an Age of Terrorism.  The other is more recent, but still four years old:  Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities.

Saturday, September 14, 2013

Cyber bullies

When I spoke at Starbucks last week, I spent roughly half my time on managing critical corporate risk issues and the latter half of the talk on managing personal risk.  The second edition of Advice From A Risk Detective includes a new chapter on managing risks at school, including the one described in this painful New York Times article on cyber bullying and suicide.

The rise of all these new and largely unknown social media applications represents a high barrier for entry to parents who try to help their kids, and to stay connected in their lives.  Note that the mother took the phone away, removed the girl from the school, and took other measures as well.

I have no good answers here, only the usual exhortation to stay closely connected to your child and his/her state of mind.  In the meantime, because of the article, I just learned a bit more through google search about, kik and voxer.  It is hard to keep up, and hard to know how these spread so rapidly for young people, who can lead a whole separate life on these channels.

Wednesday, September 11, 2013

"Barely room on the walls of the heart."

From Billy Collins, poet laureate of the United States
This poem is dedicated to the victims of September 11 and to their survivors.

"The Names"

Yesterday, I lay awake in the palm of the night.
A soft rain stole in, unhelped by any breeze,
And when I saw the silver glaze on the windows,
I started with A, with Ackerman, as it happened,
Then Baxter and Calabro,
Davis and Eberling, names falling into place
As droplets fell through the dark.
Names printed on the ceiling of the night.
Names slipping around a watery bend.
Twenty-six willows on the banks of a stream.
In the morning, I walked out barefoot
Among thousands of flowers
Heavy with dew like the eyes of tears,
And each had a name --
Fiori inscribed on a yellow petal
Then Gonzalez and Han, Ishikawa and Jenkins.
Names written in the air
And stitched into the cloth of the day.
A name under a photograph taped to a mailbox.
Monogram on a torn shirt,
I see you spelled out on storefront windows
And on the bright unfurled awnings of this city.
I say the syllables as I turn a corner --
Kelly and Lee,
Medina, Nardella, and O'Connor.
When I peer into the woods,
I see a thick tangle where letters are hidden
As in a puzzle concocted for children.
Parker and Quigley in the twigs of an ash,
Rizzo, Schubert, Torres, and Upton,
Secrets in the boughs of an ancient maple.
Names written in the pale sky.
Names rising in the updraft amid buildings.
Names silent in stone
Or cried out behind a door.
Names blown over the earth and out to sea.
In the evening -- weakening light, the last swallows.
A boy on a lake lifts his oars.
A woman by a window puts a match to a candle,
And the names are outlined on the rose clouds --
Vanacore and Wallace,
(let X stand, if it can, for the ones unfound)
Then Young and Ziminsky, the final jolt of Z.
Names etched on the head of a pin.
One name spanning a bridge, another undergoing a tunnel.
A blue name needled into the skin.
Names of citizens, workers, mothers and fathers,
The bright-eyed daughter, the quick son.
Alphabet of names in a green field.
Names in the small tracks of birds.
Names lifted from a hat
Or balanced on the tip of the tongue.
Names wheeled into the dim warehouse of memory.
So many names, there is barely room on the walls of the heart."

Friday, September 6, 2013

New home security tools

Bob Tedeschi did a great job of showing us some new options -- and not all of them tied to a computer, where passwords can be hacked -- for home security in his article yesterday in the New York Times.

Take a look and see what you think, especially of items and what looks like very good pricing on many of them.  I've left my copy of the paper in the car so that I can go out and take a look at some of these devices.

Thursday, August 29, 2013

Speaking up and out

Knowledge is really only valuable if you can share it.  I do that at the University of Washington when I teach courses in risk or in technology as it applies to ethics, policy and law.  I do that when I speak at large conferences such as EPCOR (photo above from 2012).  Now I'm going to try to move out past professional and/or corporate audiences into the schools.

The second edition of Advice From A Risk Detective has a new chapter on risks that kids face when they go to school.   When that chapter is combined with the one on technology, it makes for a powerful message for kids growing up with electronic devices that represent previously unimaginable freedom.  I call it the two faces of technology, and want to talk with kids about risks online, bullying, and managing other risks that come with social media.

So if you've got kids in Seattle area middle or high schools, feel free to suggest that I get invited to have a lively, direct and humorous time with them.  I promise you that what they learn on that session can be brought home and applied to your own online life.

Monday, August 12, 2013

Your car and your home -- what computers have wrought

There's a long column this morning in the New York Times by Nick Bilton that covers nearly everything most people do not want to know about technology and how it impacts other types of private spaces -- our cars and our homes.

Can hackers actually reprogram your car?  What about those convenient home oversight programs that allow you to turn up your heat or check in on your pet?  As the article points out, anything that runs on a computer program can be hacked.  But to what end?  Do computer hackers who work online have the an aptitude for physical robbery?

The question to answer is whether or not you view this type of risk as high.  Most of us do not secure our homes with such computer systems, many of which have mobile interfaces.  If we do use such systems, or if we drive cars that run rather completely on computers, then it is worth it to check with the manufacturer to see what types of security is already in place.

Ironically, we may find that, at least in this instance, technology imperfections will lead us back to improved physical security.

Saturday, August 3, 2013

Tripping the light fantastic in Washington DC

I had four spectacular days in Washington DC.  Though it moves at a different pace than New York or Seattle, it is one of my favorite American cities, laid out so many years ago by Pierre Charles L'Enfant.  Though many ugly corporate office buildings now distract the eye, there is still the unfailing symmetry of the streets and the older buildings and monuments to give visual satisfaction.   Here's a photo I took from my cab window coming into the city on Memorial Drive, of the back of the Lincoln Memorial.  (They were still working to wash away the green paint on Lincoln's left leg that a deranged visitor to the city had left.)

The conference I was in town to attend was sponsored by the Department of Homeland Security, and held at minimal cost and a lot of staff time at the national headquarters of the American Red Cross.  The building dates at around 1912.

Two of our most inspirational speakers were FEMA director Craig Fuguate....

...a plain-spoken professional, who has somehow managed to elevate the concept of "whole of community" to a new level.  Best story about him:  in the midst of one of the more recent disasters (probably Sandy) when with the president for a briefing, someone mentioned the name of another corporation that wished to "partner" with FEMA. Fugate is noted as having looked exasperated and said "We don't need another partner.  We need teammates."

By far, the most compelling story told was by the keynote speaker, Jacob Wood, of Team Rubicon, a group of veterans whom he's organized to volunteer their skills during disasters.

You can find out more about Team Rubicon at, and in fact join one of their teams if you are a veteran.  Jacob's most compelling story had to do with sending in a group of technology experts with their laptops to help after Hurricane Sandy.  He said they did not know going in how they were going to help -- in fact his slide on this story had the question "Who Are These Geeks?" that was asked when they arrived on site -- but he had a feeling they would.  It turns out the team gathered large amounts of data that was immediately useful in the recovery effort.

The second day of the conference began for me with a business breakfast at Cafe du Parc at the Willard Hotel.  It put me right in the middle of the oldest part of the city, just across the street from the U.S. Treasury Building.

Willard Hotel

 It was an easy walk from the hotel over to the American Red Cross headquarters for the second day of the conference. 

I simply took the walkway behind Treasury (building is in the background and the Savannah statue to the right) to cross, and in doing so walked behind the White House and the Old Executive Office Building (another favorite) as well.  I had a special treat at a fairly quiet time of the day.

Here's the White House vegetable garden (above) well as....

...the White House Beehives.  Ironically, so thrilled to get these two photos, I neglected to photograph the White House itself!

Here's a view of the back of the Old Executive Office Building, every bit as grand as the Willard Hotel.

Walking that way brought me out at the intersection where the Corcoran Gallery is located, another of Washington DC's art treasures.  The Corcoran is on the block just north of the American Red Cross building.

So on the second day of the conference, we heard a number of speakers and panels focused on campus resiliency.  We also heard a number of government officials speak of concentrated efforts around the executive order on cyber-security.  I was lucky enough to have four great panelists to close out the conference, looking ahead to next steps for public-private partnerships.   My thanks go to Bill Raisch, founder of InterCEP as well as the Global Risk Forum at New York University, and special adviser to the 9/11 commission on the private sector; Brian Tishuk, who spent nearly 20 years at Treasury, where he created the Office of Critical Infrastructure Protection, now the executive director of ChicagoFIRST since 2003; Alan D. Cohn, the DHS Assistant Secretary for Strategy, Planning and Risk, also an adjunct professor at Georgetown University; and Jim Thompson, former acting director for the Secretary of State's Global Partnership Initiative, and who now heads partnerships and innovation for the National Security Staff at the White House.  All four men are dedicated public servants with clear ideas for how to move ahead.

My trip was not without personal pleasures.  I was able to catch up with  a number of old friends and colleagues over meals.  I came back more committed to the issues at hand.   I'll be talking more about some of those issues in this month's issue of ASA News & Notes which will appear on August 12.

Friday, July 26, 2013

Travel routines

It doesn't matter whether I'm going on a trip for a month or for four days.  My gear is the same.  And my inclination is always to simplify what I carry. 

The suitcase holds clothing and any cords or cables.  My trusty Coach briefcase has front pockets for my wallet and my cosmetics bag.  I carry a plastic file folder with printouts of boarding pass, hotel confirmation, any business-related materials, and a photocopy of my passport, drivers license, and credit cards.  Because I post up to "Annie's Take" every day and the program to do that is Windows-based, I carry both a lightweight netbook as well as my iPad and iPhone.

I never check my bag.  It saves time on both ends of the flight, but it also reminds me to keep it as light as possible for the lifts into the overhead bin.  My briefcase goes under the seat, for easy access.  I do not carry a purse, though I have a small flat one packed in my bag for occasions where I don't want to carry the briefcase, like dinners or sightseeing.

Given recent fiascoes with plane landings where passengers have had to use chutes to exit the plane, I've just double checked both type the types of planes (Boeing on the outbound, Airbus on the return) as well as my seat assignments (always aisle for me, and near an emergency exit as well).

On each trip I take, I plan in personal time.  Since I'll be in DC for four days, that includes meals with friends and colleagues as well as my usual walks to the Mall to visit the Vietnam and Lincoln Memorials, as well as to the new Martin Luther King Memorial.  I'm going to write more about that side of the trip on my personal blog.

Thursday, July 25, 2013

Audit yourself, not just your business

I had a great time answering terrific questions yesterday on Patricia and David Wangsness' radio program.  (The show will be rebroadcast on Sunday at 1pm on AM1590, and I will eventually be able to post the broadcast link on our website.)

We covered everything from earthquake preparedness, to RFID chips in credit cards and drivers' licenses,  to what happens to your digital identity (all those blogs, Facebook, Twitter, LinkedIn and Google+ posts) when you die.  The most interesting question came from David, who had read Emily Oxenford's excellent research note about conducting "information audits" on businesses in Reflections on Risk.  How would you conduct an information audit on your family, he asked?

When we do such audits (assessments) for clients, we pull a variety of data upon which to base our due diligence:  policies, standards, codes of ethics or codes of conduct, brand statements made in print or online.  We ask for copies of any audit findings or regulatory critiques.  Then we interview a sample population, ranging from the person who has to decide how to perform a certain type of work with or without guidance, to the manager that employee reports to, to the executive in charge of the division as well.  When we're on site, we're also tracking another relatively undefinable cultural quality:  do employees respect the executives in charge of the company?  Do they believe that the executives practice what they preach?  Our final report reflects the cultural conclusion we have come to as well as the data points, complete with recommendations for improvements

So how to translate this over to the personal side?  The first chapter of my book does deal with what pieces of information you should be able to put your hands on, no matter what type of loss or disaster you may have suffered.  Here's the basic list, for those who haven't yet read the book.  There are other recommendations on what I might add to that list, but it's entirely possible to audit your own family to see if you can find these vital documents and determine whether or not they need to be updated.

 Home & auto policies
 Driver’s license
 Credit cards
Health insurance
 Immunization records
Other medical information if relevant
Wills and medical directivesBank-account numbers
Inventory list of stocks & bonds
 Household contents inventory
 Family records (birth and marriage licenses)

       Thanks again to David and Patricia for their good questions yesterday!  Every time I go out and speak, I get questions that show me just how much more there is to know about good personal risk management.

Monday, July 22, 2013

Not yet my iCloud

Even "experts" like me have technology challenges.

I'm historically a Windows user, complemented with the Outlook suite from Microsoft Office.  Because I knew this platform well, I dragged it along with me when I left the corporate world in 2009.  Both my laptops are configured with Windows 7 and Office 2011.  Even prior to my time at the bank, I had sold Microsoft operating systems with our custom computers since 1985.

But in 2009 when I left the bank, I  invested in an iPhone.   That I had one Apple device and two Windows laptops  was still fine because there was a product called "MobileME" that allowed my Outlook calendar to sync across to all the devices.  It worked like a charm!

That product went away earlier this year, and I've struggled since then to properly set up the Apple "iCloud" product for Outlook so that I don't have to enter my calendar data more than once.  I've reviewed all the technical suggestions and bulletins, but have not been able to solve the problem.

Why is it so hard to walk away from a well-understood application? 

Thursday, July 18, 2013

Your Digital Footprint

New York TImes image for this article, July 18, 2013

Somini Sengupta is one of the New York Times best technology reporters.  Today she's written an article called "Digital Tools to Curb Snooping," that covers a great deal of ground in describing applications that can help you obliterate your Internet tracks.  I find most of the article to offer too many choices,  many of which are expensive.  But I offer the article for those who do want to consider how to defeat data-miners and cyber-thieves.

Only at the end of the article does she come to what seems to me to be the salient point:  first actions to take don't cost anything.  Do keep your software updated, from operating system patches where you can set up automatic updates for your devices, to security protection patches from whatever vendor you use for virus/malware/SPAM protection.  And, though it is inconvenient until it becomes a habit, use two-factor authentication.  Finally, beware what types of transactions you are engaging in when working in an unsecure wireless environment.

And, as Sengupta points out early in the article, despite all efforts on your part, know that the federal government can subpoena your emails or records if it can show even a barely plausible reason.

Which leads to the point I try to make more clearly in the second edition of Advice From A Risk Detective: consider carefully what you post on social media sites.  It's a difficult challenge when so many have begun to confuse their own voice and identity with the digital profile they aspire to create on such sites.