Why Non-Financial Metrics are Important for Supplier Risk Analysis
It is easy to zero in on profits, accounting returns, etc. But neglecting non-tangible assets, such as quality, innovation, or customer service risks, will lead to missing relevant early warning signals.
Cyber-attacks, weak government, and energy shocks pose biggest risks to firms, WEF finds
The World Economic Forum (WEF) spoke to more than 12,000 executives around the world about what they considered to be the biggest risks to doing businesses, ranging across political, societal and technological concerns.
Business travel risks analysed
According to the Ipsos MORI Business Resilience Trends Watch 2019 survey, carried out in partnership with International SOS, 43 per cent of key business decision-makers believe that travel risks will increase in 2019.
'Self-Defense' Bill Would Allow Victims to Hack Back
The Active Cyber Defense Certainty (ACDC) Act would amend the Computer Fraud and Abuse Act, which bans unauthorized access of computers. The idea of treating a computer virus victim like the recipient of a face-punch, however, has received mixed reviews from experts.
FBI: U.S. now has one active shooter incident every three weeks
Active shooter incidents are becoming more common, according to an FBI report released Wednesday... The majority of the incidents in the report -- 60 percent -- were over before police could arrive on the scene.
Startups Are More Vulnerable to Fraud. Here‚Äôs Why.
Academic study shows that potential partners and employees may be more likely to deceive startups than established companies.
Social Media Has Doubled the Cost of Reputational Blows
In the aftermath of a reputational crisis, most companies suffer a noticeable drop in stock value. A new study offers evidence that company response has a direct bearing on whether that initial dip has a lasting impact on shareholder value.
Most Companies Suffer Reputation Damage After Security Incidents
New Kroll Annual Global Fraud & Risk Report says 86% of companies worldwide experienced security incidents and information theft and loss in the past twelve months.
How RAND Is Responding to Truth Decay: Q&A with Michael Rich and Jennifer Kavanagh
RAND President and CEO Michael Rich has been talking about what he sees as an erosion of respect for facts and evidence in political life‚ÄĒa phenomenon he calls ‚ÄúTruth Decay.‚ÄĚ He asked RAND political scientist Jennifer Kavanagh to help analyze the issue and lay out a research agenda to better understand Truth Decay's causes and consequences.
Failure of a top cloud service provider could cost US economy $15 billion
A new report by Lloyd‚Äôs, the specialist insurance and reinsurance market, and risk modeler AIR Worldwide analyzes the financial impact of the failure of a leading cloud provider in the US. The report finds that an extreme cyber incident that takes a top cloud provider offline in the US for 3 to 6 days would result in economic losses of $15bn and up to $3bn in insured losses.
To Prevent a Digital Dark Age: World Economic Forum Launches Global Centre for Cybersecurity
The World Economic Forum has announced a new Global Centre for Cybersecurity to help build a safe and secure global cyberspace. The centre will be based in Geneva, Switzerland, and will function as an autonomous organization under the auspices of the World Economic Forum. The aim of the centre is to establish the first global platform for governments, businesses, experts and law enforcement agencies to collaborate on cybersecurity challenges.
Innovation Should Be a Top Priority for Boards. So Why Isn‚Äôt It?
According to a survey of over 5,000 board members from around the world, overall, innovation does not rank as a top strategic challenge for the majority of boards. Although directors in certain industries are more aware of the threat of disruption, the widespread lack of board-level engagement in innovation processes could be a major blind spot and a potential liability.
Quantifying and publicizing a firm's security levels may strengthen security over time
New research from the UBC Sauder School of Business has quantified the security levels of more than 1,200 Pan-Asian companies in order to determine whether increased awareness of one‚Äôs security levels leads to improved defense levels against cybercrime.
How a Cyber Attack Could Cause the Next Financial Crisis
How might a financial crisis triggered by a cyber attack unfold? A likely scenario would be an attack by a rogue nation or terrorist group on financial institutions or major infrastructure.
New SAFETY Act Best Practices Guide to Commercial Building Security Now Available
A new web-based tool can help security professionals for commercial office buildings perform assessments based on the Best Practices for Anti-Terrorism Security (BPATS) for commercial office buildings.
‚ÄúCorporate security professionals can give employers a real competitive advantage‚ÄĚ: Abbott security director Joule Sullivan
In an increasingly complex and dangerous world, how can the modern corporate security professional not only minimise risks to people and assets, but also bring commercial value to their employer? Joule Sullivan, director of international security operations at global healthcare giant Abbott, has a number of suggestions.
Confidence in Shipping Risk Management Drops
Confidence in the ability of sound risk management to contribute to commercial success in the shipping industry has fallen in the last 12 months an average 5.9 out of a possible score of 10.0, according to the latest annual Shipping Risk Survey from accountant and shipping adviser Moore Stephens.
OCC won‚Äôt offer further guidance on ‚Äėfourth-party‚Äô risk
Onus is on banks to vet subcontractors during contract negotiations, regulator says
New Research Confirms that IT and Physical Security Are Moving to Integrate
More and more, the management of physical access control solutions is coming under the control of information technology (IT) or information security.
DHS Creating New Cyber Threat ‚ÄėRisk Radar‚Äô For Agency Leaders
The Department of Homeland Security is working with multiple Federal agencies to develop a new ‚Äúrisk radar‚ÄĚ that will help agencies‚Äô top executives contextualize cybersecurity risk and clarify where they need to apply focus and resources.
Microsoft: U.S. political system facing 'broadening cyberthreats' from Russia
Last week, Microsoft received a federal court's permission to take down malicious websites that mimicked the login pages of the Senate, Microsoft's own Office 365 email platform and two conservative think tanks, the International Republican Institute and the Hudson Institute.
65% of Procurement Professionals Say Regulations Increase Business Risk
A survey of 600 professionals in the U.S. and U.K. conducted by Dun & Bradstreet also finds that "88% of the 341 respondents who experienced fraud in the past two years said fraud has had an impact on their company‚Äôs brand." Follow the link in the article for the full report.
Social Media and Fraud Part 1: The CISO's Advice
Social media platforms have emerged as the world's most popular forms of communication. They also have become popular platforms for committing fraud. David Pollino, CISO of Bank of the West outlines what institutions should do to secure their social media presence.
IBM's HR Chief Shares Best Advice On The Future Of Work
Diane Gherson discusses teambuilding, motivation, and the impact of technology on the global workforce.
Congress passes data security bill for small businesses
The US Senate has passed its version of the NIST Small Business Cybersecurity Act. The bipartisan measure promises smaller companies a consistent, relevant and universal set of NIST-based guidance and resources for protecting their data against online threats.
America Needs a Blockchain Strategy ASAP
The technology behind cryptocurrency can keep the United States safe‚ÄĒbut only if the country takes advantage of its head start.
74 Arrests in Business Email Compromise Takedown
A six-month coordinated global law enforcement effort to crack down on business email compromise schemes has resulted in 74 arrests, the DOJ announced.
Atlanta expects ransomware infection that sought $50K will cost the city millions more: Report
Atlanta anticipates spending another $9.5 million to recover from the ransomware virus that infected city computers in late March and disrupted government services for several weeks, a top local official said.
School Security Plan Should Look for Threatening Behaviors, Experts Say
Public spaces ‚ÄĒ including Boston Public Schools ‚ÄĒ are increasing security in response to mass shootings, but school safety experts say that‚Äôs only a small piece of the puzzle.
Trump‚Äôs School Safety Commission Won‚Äôt Look at Guns, Betsy DeVos Says
During her testimony Tuesday before the Senate subcommittee that oversees education spending, Education Secretary Betsy DeVos said that the federal commission on school safety established after the Parkland, Fla., school shooting will not focus on the role guns play in school violence.
Gaining Confidence in Showing Value
Four proven elements to help security leaders maintain a strong business focus.
COSO offers enterprise risk management certificate
The Committee of Sponsoring Organizations of the Treadway Commission, also known as COSO, has introduced a COSO Enterprise Risk Management Certificate program for professionals who want to demonstrate their expertise in the COSO ERM Framework.
Why the Security of Your Vendor‚Äôs Entire Enterprise Matters
Be cautious of vendors who contend that their enterprise security program is none of your concern. That very argument demonstrates a lack of understanding of the cyber-threat landscape.
Alexa Mishap Hints at Potential Enterprise Security Risk
Some significant security concerns comes with the possibility of a headlong rush into voice assistants in the workplace.
Third of business decision makers would pay hacker‚Äôs ransom demands rather than invest in more security, NTT Security Risk:Value report reveals
The findings from the 2018 Risk:Value Report, commissioned by NTT Security, the specialised security company of NTT Group, show that another 30 per cent in the UK are not sure if they would pay or not, suggesting that only around half are prepared to invest in security to proactively protect the business.
Fixating On Vulnerabilities Is A Vulnerability
Security teams struggle to prioritize and understand the business risks associated with vulnerabilities, sometimes at the expense of other security efforts.