Alert & Declare: (877) 364-9393
Member Emergency Hotline
Emergency Hotline
Agility Recovery +

An Unfortunate Trend

In February 2019, a laid-off employee opened fire inside a factory , killing five of his coworkers. It isn’t the first time it has happened. Sadly, it’s highly unlikely it will be the last time. It’s a common misconception around managers and business owners to assume that an employee becomes disgruntled only in the extreme situations that make headlines. The best way for your business to avoid dealing with a disgruntled-employee-turned-workplace-violence situation is for your business to be proactive. By recognizing the early signs of a disgruntled employee, you will be able to quickly and efficiently respond and mitigate additional issues.

Employee Happiness

A happy employee makes a thriving organization. To put these words into perspective, a study by Social Market Foundation revealed that happy employees are up to 20% more productive than unhappy workers . Years of research demonstrated that happiness positively affects every business and educational aspect, with a boost of sales by 37%, increase of productivity by 31%, and sharp accuracy on tasks by 19%. So, what does it mean to be happy at work? In his book, The Truth About Employee Engagement , Patrick Lencioni talks about three elements: the importance of who you are and that people know your name; the significance of the work you perform; the progression of your performance that contributes to company’s success.

Signs of a Disgruntled Employee

On the other side of the spectrum resides an unhappy employee. Being able to identify the early signs of a disgruntled employee will help you avoid escalated situations and a potential liability to the company. Consider some of the following signs that may indicate you’re dealing with a disgruntled worker:

  • – Lack of motivation and involvement
  • – Excessive breaks, apparent tardiness
  • – Negative attitude
  • – An overt pursuit of other work, or unreasonable complaining about the job
  • – Negative feedback from teammates
  • – Strained workplace relationships, verbal abuse
  • – Comments about acts of violence; remarks about issues in personal life or financial issues

Some of these may also be the signs of many serious issues.

The Next Steps

Identifying that you have a disgruntled employee at your business is only half of the battle. It’s essential to address the situation accordingly. There are several tactics that will help you handle a disgruntled employee at your business:

  • Act quicklyAs a business owner or manager, it is your responsibility to identify and address any issues at your business ASAP. If the behavior warrants termination, you also need to terminate immediately. Have everything organized so that the employee has no reasons to return to the office.
  • Approach the situation with empathyWhen approaching a disgruntled employee, do so to understand the motive and what caused the distress.
  • Be sternDo not tolerate violent behavior. Discuss all aspects of the situation and clearly communicate any repercussions if the behavior continues.
  • Document the behaviorKeep official documentation of the demeanor, conversation, and disciplinary actions. If there is another issue with this employee going forward, it is important that you have documented proof for previous incidents.
  • Keep it confidentialDiscuss the situation with other members of management and those directly involved.

However, despite your best efforts, a situation may not always be mitigated. In this scenario, you need to develop an Emergency Action Plan (EAP) for your business. Within your EAP, you should have workplace violence training to make sure that all employees have accurate information on how to handle a violent situation. By emphasizing clear communication and honesty, you can consistently strengthen the employee experience.

The importance of testing your business continuity and disaster recovery (BCDR) plan has never been a dry subject for us at Agility. With a wildfire reason around the corner , we wanted to learn a little bit more about the value fire departments find in testing their hydrants, as well as how we can learn from their examples. Here are several similarities we found between testing fire hydrants and BCDR plans.

Compliance

The National Fire Protection Association (NFPA) sets a standard for the minimum water flow that hydrants must meet. Testing hydrants ahead of time not only ensures the codes are satisfied but also maintains quality. If hydrants aren’t regularly maintained, they can rust, causing parts to snap off. If your business is subject to industry regulations like fire hydrants are, it’s important to test your BCDR plan regularly to ensure you’re meeting the compliance requirements . Otherwise, you expose yourself to potential regulatory violations, such as excessive downtime or rusty procedures, endangering you to security breaches.

Maintenance

Facilitating your business growth requires you to revise, modernize, and develop your current and future products and services, as well as the tools you use to deliver them. Hydrants are a part of a huge underground network that provides water access to an entire community. Sometimes valves have to be temporarily closed to allow for maintenance, but due to the complexities of this network, water flow can be reduced without ever being fully cut off from users. Unfortunately, after the work is completed, these closed valves are sometimes forgotten about and not reopened. While this omission doesn’t affect the community on a day-to-day basis, the reduced water flow wouldn’t be sufficient to put out a fire when needed for an emergency. Similar to hydrants, your BCDR plan needs to be updated and maintained to coincide with the progress of your company. Facilitating your business growth requires you to revise, modernize, and develop your current and future products and services, as well as the tools you use to deliver them. However, if you don’t consistently update and test your BCDR plan to ensure that it keeps up with the innovation of your business, your plan won’t offer the full flow of information you need to calm the fire, so to speak, when it comes.

Avoiding Neglect

One of the dangerous consequences of not regularly testing hydrants is that they become hidden, either by overgrown plants or by decorations placed by residents who find the sight of hydrants unpleasant. Unfortunately, when a crisis occurs, these obstructions can make it almost impossible for firefighters to find hydrants and carry out their jobs. Just as residents don’t want to look at fire hydrants, many companies don’t like to dwell on BC/DR planning because it’s not always pleasant to think about. Instead, they focus on revenue, shareholders, or customer growth. A common issue that we’ve seen over the years is businesses that have a plan but don’t make it a priority to regularly test. This leaves the BC/DR plan to get buried under more gratifying things, such as profits. We recommend taking the time to fully test your BC/DR plan at least once a year to help you work out any kinks before a disaster actually strikes. How often do you test your BC/DR plan?

What does shelter in place really mean?

In certain emergency situations, including a severe weather alert, a pandemic, an environmental hazard (e.g., chemical release), or a local emergency (e.g., active shooter), the public is told to “shelter-in-place.” The purpose of sheltering in place is to keep people safe while indoors during an emergency event. However, the phrase may be confusing to someone who is not well-versed in disaster preparedness, interpreting the instruction as staying where you currently are. That’s precisely the opposite of what you need to do.

Steps

Different threats require slightly different sheltering recommendations. The following steps describe how to effectively take shelter in place in your office, or at home, and ensure everyone is safe during a crisis.

  • – If there are any visitors in your office, make sure that they stay in your building and are instructed on shelter-in-place protocols for your office.
  • Gather everyone in the designated shelter-in-place area, secured and with locks on the doors.

  1. – In a natural disaster or radiological release, the safest location is the room on the lowest level, or underground, and in the interior-most part of the building.
  2. – In the event of a chemical or biological disaster, the area should be an interior, windowless room on the highest floor of the building. Most hazardous agents are heavy enough to slowly settle to the ground.
  3. – In the situation of a pandemic, you’ll want to remain at home and only leave for essential items (food, supplies). If you do find yourself in a busy area, you’ll want to practice social distancing to give yourself the best chance of not becoming infected.

  • – If your office is in a mobile unit, a plan must be developed in advance specifying a nearby building to seek shelter in. Strong winds will turn over a trailer or a mobile unit, making it an unsafe location during many types of disasters.
  • – Shut off all HVAC systems and fans. If there is no other room other than the one with windows, cover or block them.
  • – Encourage everyone to reach out to their emergency contact and let them know of their location.
  • – Have essential emergency kit accessible.

In any emergency situation, immediate and clear communication can provide a lifeline. Consider our Crisis Communication checklist as a part of your strategy.

Additional safety measures

It is beneficial to have a land-line phone along with a battery-operated radio and television in this safe room for efficient and reliable communication, as cellular towers may get overloaded. While using an emergency notification system in your company to alert employees to any threats in essential, consider subscribing to your local police department or local county government’s Reverse 9-1-1 system to get warnings about local threats in your area. To find this information online, search the phrase “emergency alert system” including your county and state. Exercising practice drills annually will help everyone in your workplace understand how to respond to a shelter-in-place situation, preventing any mistakes. Take your knowledge home to make sure that your family stays safe should a disaster occur. Shelter-in-place can be in response to a pandemic (ex: COVID-19). To learn more about preparing for a pandemic, download our Pandemic Tabletop Exercise . And to learn more about preparing for an active shooter, download our Active Shooter Tabletop Exercise .

The business continuity and disaster recovery (BCDR) software market is currently flooded with varying degrees of continuity manager software that can all perform roughly the same tasks. As a business, this can be in your favor due to supply and demand paving the way for better prices and enhanced competitive features. Having a Business Continuity Plan is vital for your organization . However, with so many options, it can be overwhelming to sort through all of the available continuity software until you find one that suits your company. In this blog post, we’ll explain what we’ve found to be three of the most valuable features you should ask for in your business continuity manager software. To begin with, let’s discuss a continuous Business Impact Analysis (BIA).

What Is a Continuous BIA?

A BIA is necessary to establish parameters within your organization as to better estimate if there were an incident, what would be the best solution to get your company back on its feet, and how fast you would need to recover. A continuous BIA (offered in most business continuity software) can be updated regularly so you can ensure compliance with your industry’s regulations and maintain a well-developed plan to coincide with your business’s growth and expansion. It will retain the data from your last update, never resetting or deleting. The interaction that software provides can far outweigh that of a one-time-use template.

How Does a Continuous BIA Keep You Compliant?

No matter the industry, regulations exist to ensure quality, safety, and best practices. These guidelines are also associated with large penalties and fees for not meeting minimum compliance requirements. Every business, with only a few exceptions, is required to have an Emergency Action Plan (EAP) . A continuous BIA, unlike simple template forms, allows you to keep your BCDR plan up to date on compliance and government regulations. By having software that can track the completion of your plan, you are better able to see your progress towards being compliant. Also, because of the control given to the user to update and revise continuity goals, you’ll be able to easily incorporate new regulations as they arise.

How Does a Continuous BIA Accommodate Growth and Expansion?

Profit and customer growth are universal business goals driven by passion and ambition. Because of this, businesses are constantly evolving to the trends of their consumers’ markets to expand reach into new territories. These expansions could mean new software applications, upgraded tools and equipment, or even an increase in employees. To keep up with the movement of your business and maintain a well-developed and up-to-date BC/DR plan, having the capability to continually update your business’s BIA is crucial. When was the last time you updated your BIA?

A multi-location long-term care (LTC) facility in Florida provides critical care to elderly and medically vulnerable patients. With Florida’s high risk of hurricanes, flooding, and severe storms, combined with the increasing threat of cyberattacks, the organization faced dual challenges in protecting its operations.

The facility must comply with strict healthcare regulations , including:

  • HIPAA (Health Insurance Portability and Accountability Act) for patient data security
  • HITRUST for cybersecurity best practices
  • CMS Emergency Preparedness Rule for disaster resilience

While the facility had disaster recovery and cybersecurity measures in place, leadership realized they needed a   more proactive, integrated approach to ensure regulatory compliance and improve overall resilience.

The Challenge: Addressing Cyber & Natural Disaster Risks

The LTC facility identified three major risks:

  1. Cybersecurity Threats: Ransomware attacks targeting patient records and medical devices.
  2. Natural Disasters: Hurricanes causing power outages, flooding, and operational disruptions.
  3. Regulatory Compliance Gaps: Meeting CMS, HIPAA, and HITRUST requirements for both cybersecurity and emergency preparedness.

Previously, the organization relied on annual audits and manual penetration testing, but that left them vulnerable between testing cycles. They also conducted emergency drills but lacked a structured, expert-led tabletop exercise program to integrate cybersecurity and disaster response.

The Solution: PTaaS & Tabletop Exercises for Continuous Preparedness

To strengthen security and disaster resilience, the facility partnered with Agility Recovery to implement a dual approach: 1. Continuous Penetration Testing as a Service (PTaaS) for Automated Cybersecurity Monitoring

  • Weekly security scans identified vulnerabilities in EHR systems, medical devices, and third-party software.
  • Automated compliance reports simplified HIPAA and HITRUST audit preparation.
  • Real-time alerts helped IT teams remediate security risks before they became incidents.

2. Tabletop Exercises Led by an Agility Certified Business Continuity Planner

  • Quarterly tabletop exercises simulated hurricanes, cyberattacks, and power outages.
  • Cross-functional teams, including clinical staff, IT, and leadership, participated in real-world scenario testing.
  • Exercises identified gaps in disaster response and cybersecurity incident plans.

3. Integrated Business Continuity & Cybersecurity Strategy

  • The Agility Business Continuity Planner helped the facility update and refine its emergency response plans.
  • Cybersecurity risks were incorporated into the overall disaster recovery framework.
  • Post-exercise debriefs provided actionable recommendations to improve response time and decision-making.

Results: A Resilient Long-Term Care Facility Protected Against Natural Disaster and Cyberattack Interruptions

Since implementing continuous PTaaS and structured tabletop exercises for common regional events like hurricanes, flooding, and power outages, the LTC facility has achieved:

  • 100% compliance with HIPAA, HITRUST, and CMS emergency preparedness requirements.
  • Zero unpatched high-risk vulnerabilities in EHR and patient data systems.
  • Improved emergency response times for hurricanes, power outages, and cyber incidents.
  • Better staff preparedness through hands-on training and incident simulations.

Key Takeaways for Healthcare Organizations

For long-term care facilities in high-risk regions like Florida, a proactive approach to cybersecurity and disaster recovery is essential. Combining automated penetration testing with expert-led tabletop exercises ensures that both cyber and natural disaster risks are addressed. ✔ Continuous security validation with PTaaS to protect patient data and IT systems. ✔ Scenario-based training to prepare staff for real-world threats. ✔ Seamless compliance with HIPAA, HITRUST, and CMS requirements. Being prepared is non-negotiable. Secure your facility, protect your patients, and ensure compliance with Agility Recovery’s tabletop testing and cyber resilience solutions .

In early 2021, a regional bank with over 150 branches suffered a cyberattack that compromised customer data and disrupted operations. Attackers exploited an unpatched vulnerability in the bank’s online banking platform, leading to unauthorized access to sensitive financial records. While the breach was contained, it resulted in:

  • Regulatory scrutiny from FFIEC and PCI DSS compliance auditors
  • Customer trust erosion due to potential identity theft risks
  • Significant downtime, disrupting account access for thousands of customers

Despite having basic cybersecurity measures in place, the bank lacked proactive testing to identify and mitigate vulnerabilities before they were exploited.

The Challenge: Closing the Gaps in Cybersecurity & Compliance

After the incident, the bank’s executive team recognized the need for a more comprehensive cybersecurity strategy. The bank needed to:

  • Enhance regulatory compliance—meeting stringent requirements under FFIEC, PCI DSS, and GLBA
  • Protect customer data—prevent unauthorized access to sensitive financial information
  • Improve business continuity—ensure operations could withstand cyber threats without disruption

Traditional manual penetration testing was already part of their annual security assessment, but it wasn’t enough to keep up with the evolving threat landscape. The bank needed a continuous, proactive security approach.

The Solution: A Hybrid Approach with Continuous & Guided Penetration Testing Solutions

The bank’s BCDR team was given a recommendation to implement a two-pronged penetration testing strategy that combined automated testing for continuous monitoring and manual testing for in-depth security analysis.

1. Continuous Penetration Testing for Automated Threat Detection & Security Validation

  • Runs weekly vulnerability scans across the bank’s digital infrastructure
  • Detects new security weaknesses as soon as they emerge
  • Provides automated compliance reporting, simplifying FFIEC and PCI DSS audits

2. Guided Penetration Testing for Robust Threat Detection and Enhanced Compliance Posture

  • Conducted quarterly guided simulation penetration tests (also known as manual PTaaS) on high-risk assets, including online banking platforms, mobile apps, and third-party vendor systems
  • Identifies complex vulnerabilities like API weaknesses, session hijacking risks, and business logic flaws
  • Ensures that security patches and remediations are properly implemented

By integrating both automated and manual penetration testing, the bank now has a proactive, layered security approach that continuously evolves to defend against emerging threats.

Results: A Stronger, More Resilient Financial Institution

Since adopting this hybrid penetration testing strategy, the bank has achieved:

  • 100% compliance with FFIEC cybersecurity assessment guidelines and PCI DSS requirements
  • Zero major security breaches since implementing automated testing
  • Improved customer confidence with stronger data protection measures
  • Reduced downtime risk—business continuity plans now account for cybersecurity threats

Additionally, the bank’s IT and security teams are now more proactive, identifying and addressing security gaps before they can be exploited.

Key Takeaways for Financial Institutions

Cyber threats continue to evolve, making continuous security testing a necessity for banks and credit unions. Automated penetration testing provides real-time vulnerability detection, while manual testing ensures deep security validation—together, they create a resilient, compliant, and customer-trustworthy financial institution.

Don’t wait for the next attack. Learn how Agility Recovery’s penetration testing solutions can strengthen your cybersecurity and business continuity strategy or contact us to speak with an Agility expert.

In the ever-evolving landscape of cybersecurity threats, proactive measures are essential for protecting sensitive financial data.

For one forward-thinking credit union, partnering with Agility Recovery to conduct a ransomware impact analysis (RIA) uncovered critical vulnerabilities in their hybrid work model and led to a comprehensive security overhaul. This success story highlights the steps taken and the positive outcomes achieved, showcasing the value of a robust RIA in safeguarding operations and ensuring business continuity.

The Challenge: Unseen Vulnerabilities in Home Offices

With the rise of hybrid work environments, the credit union, like many organizations, faced new cybersecurity challenges. While their main office was fortified with strong security measures, the home offices of their hybrid employees posed a significant, yet overlooked, vulnerability. Despite using virtual private networks (VPNs) and antivirus software, the RIA conducted by Agility Recovery revealed that many home office setups lacked comprehensive protection against sophisticated ransomware attacks.

The RIA Process: Identifying Critical Gaps

Agility Recovery’s RIA involved a thorough assessment of the credit union’s entire IT infrastructure, focusing on both the central office and remote work environments. Key findings included:

  1. Inadequate Endpoint Security: Many hybrid employees were using personal devices without proper endpoint security, making them susceptible to malware and ransomware attacks.
  2. Weak Network Security: Home Wi-Fi networks often lacked strong encryption and were vulnerable to breaches.
  3. Outdated Software and Systems: Several remote workstations were running outdated software, increasing the risk of exploitation by cybercriminals.
  4. Lack of Awareness and Training: Employees were not fully aware of best practices for cybersecurity in a home office setting, leading to risky behaviors.

The Solution: Implementing Comprehensive Protections

Armed with the insights from the RIA, the credit union collaborated with Agility Recovery to implement a multi-faceted security enhancement plan. This included:

  1. Enhanced Endpoint Protection: Deploying enterprise-grade endpoint security solutions on all devices used for work, ensuring robust protection against malware and ransomware.
  2. Securing Home Networks: Providing employees with guidelines and tools to secure their home Wi-Fi networks, including router configuration tips and recommendations for strong passwords and encryption settings.
  3. Regular Software Updates: Establishing a policy for regular updates and patches to all systems and applications, ensuring that vulnerabilities were promptly addressed.
  4. Cybersecurity Training: Conducting comprehensive training sessions to educate employees about the importance of cybersecurity, safe browsing practices, and how to recognize phishing attempts and other cyber threats.
  5. Secure Backup Power & Connectivity: With more employees working engaging in remote work, the credit union enhanced their remote resilience with portable backup power and connectivity units. This solution would not only protect employees from cyber threats when they worked from home or another location, it would also ensure that regional power outages would not impact employees’ productivity at home.
ReadyTechGo

The Results: A More Resilient and Secure Hybrid Workforce

The impact of these measures was immediate and profound. The credit union reported several key outcomes:

  1. Reduced Vulnerabilities: The implementation of endpoint protection and secure home networks significantly reduced the vulnerabilities in their hybrid work model.
  2. Increased Awareness: Employees became more vigilant and knowledgeable about cybersecurity best practices, leading to safer behaviors both at work and at home.
  3. Enhanced Incident Response: With a stronger security posture, the credit union was better prepared to detect and respond to potential ransomware attacks, minimizing the risk of significant disruptions.
  4. Improved Confidence: The credit union’s leadership and IT teams expressed increased confidence in their ability to maintain business continuity and protect sensitive data, even in a hybrid work environment.

Get Started: Proactive Measures for Long-Term Success

This success story illustrates the critical importance of conducting a ransomware impact analysis, especially in today’s hybrid work environment. By partnering with Agility Recovery, the credit union was able to identify and address significant vulnerabilities, ensuring that their employees’ home offices were as secure as their central office. The proactive steps taken not only enhanced their overall security posture but also reinforced their commitment to protecting their members’ financial information.

Talk to an Agility expert today about how your business can use RIA insights and tools to safeguard operations and protect critical systems from of emerging cyber threats.

Second only to large-scale natural disasters like hurricanes and wildfires, winter storms are among the greatest risks to business continuity in the United States.

For organizations with a minimal threshold for operational downtime, the need for rigorous business continuity testing and a fail-safe recovery plan is critical.

Overview:

A cold storage manufacturer with operations in the Midwest faced the constant threat of winter storms disrupting their business. With perishable goods requiring precise temperature control, even a short-term power outage or supply chain disruption could lead to devastating losses. Recognizing the importance of preparation, the organization partnered with Agility Recovery to conduct a series of business continuity tabletop testing exercises.

The Challenge:

The manufacturer’s facilities relied heavily on backup power systems to maintain refrigeration during outages. However, their leadership team wanted to go beyond just ensuring their generators were operational. They needed to:

  • Evaluate their overall preparedness for extended outages caused by severe winter weather.
  • Ensure effective communication with employees and drivers during emergencies.
  • Guarantee a steady fuel supply to keep generators running and maintain delivery operations.

Agility Recovery’s Solution:

Through Agility’s tabletop testing services, the manufacturer was able to simulate a worst-case winter storm scenario. These exercises brought key stakeholders together to walk through their emergency response and identify gaps in their continuity plan.

What the Testing Revealed:

  • Emergency Notification System Gaps: The exercise exposed a significant gap in the company’s ability to communicate with employees, drivers, and stakeholders in real time during an emergency. Without a centralized notification system, relaying critical updates on road conditions, power outages, and delivery delays would be chaotic and inefficient.
  • Fuel Supply Vulnerabilities: While the facility’s backup generators were functional, the testing revealed no formal plan to secure fuel deliveries during prolonged outages. With roads potentially closed or delayed due to snow and ice, this left their refrigeration and delivery vehicles at risk of running out of fuel, jeopardizing operations and inventory.

Actionable Results:

Following the tabletop exercise, the manufacturer partnered with Agility Recovery to:

The Outcome:

After implementing these solutions, the manufacturer is now confident in their ability to:

  • Maintain continuous communication with employees and stakeholders during winter weather events.
  • Avoid fuel shortages and keep operations running smoothly, regardless of storm severity.
  • Minimize risks to inventory and delivery timelines, ensuring their customers receive uninterrupted service.

As a result, the organization has strengthened its resilience against winter storm disruptions and is better prepared to safeguard its critical operations and perishable goods.

Agility’s tabletop testing opened our eyes to vulnerabilities we hadn’t even considered. Their expertise helped us close those gaps, and now we’re confident in our ability to face winter storms head-on.
Operations Manager

Ready to test your resilience?

Agility Recovery’s tabletop testing services can help uncover gaps and refine your business continuity plan. Let’s build your readiness together.