This post first appeared on Risk Management Magazine. Read the original article. Organizations frequently share information—some of it sensitive or confidential—with vendors in their supply chain. But many data breaches, such as Target’s 2013 breach that exposed the financial data of 40 million customers, have resulted from poor cybersecurity on the part of a vendor. (more…)
Notepad: Risk in Review – May
This post first appeared on Risk Management Magazine. Read the original article. North Carolina Repeals Bathroom Bill After a year of protest, economic fallout, and the ousting of the governor who signed it, North Carolina legislators repealed the controversial House Bill 2 (HB2), also known as the “Bathroom Bill.” The measure restricted enactment of anti-discrimination (more…)
Border Security: Additional Actions Could Strengthen DHS Efforts to Address Subterranean, Aerial, and Maritime Smuggling, May 01, 2017
This post first appeared on GAO Reports. Read the original article. What GAO Found GAO’s analysis of Department of Homeland Security (DHS) data showed that there were 67 discovered cross-border tunnels, 534 detected ultralight aircraft incursions, and 309 detected drug smuggling incidents involving panga boats (a fishing vessel) and recreational vessels along U.S. mainland borders (more…)
Unlocking the Power of NIST’s Cybersecurity Framework
This post first appeared on Next Gov. Read the original article. In the not-so-distant past, it was hard to get people to think cyber risk management.
Disruptive Technologies Present Opportunities for Risk Managers, Study Finds
This post first appeared on Risk Management Monitor. Read the original article. PHILADELPHIA–Disruptive technologies are used more and more by businesses, but those organizations appear to be unprepared. What’s more, companies seem to lack understanding of the technologies and many are not conducting risk assessments, according to the 14th annual Excellence in Risk Management report, (more…)
And the 2017 RIMS Awards Go to…
This post first appeared on Risk Management Monitor. Read the original article. PHILADELPHIA—At today’s RIMS 2017 Awards Luncheon, the society issued its top honors for achievement in the risk management and insurance industry. Scott B. Clark, area senior vice president and enterprise risk management consultant at Arthur J. Gallagher & Co., received the society’s most (more…)
It’s a Great Time to Be a Risk Manager
This post first appeared on Risk Management Monitor. Read the original article. 2017 has so far been a wild ride of change. Companies are navigating through a new U.S. administration, Brexit and cyber risks that are more daunting each day. We are bombarded with uncertainty and unchartered waters. Nevertheless, it’s a great time to be (more…)
SSA Disability Benefits: Comprehensive Strategic Approach Needed to Enhance Antifraud Activities, Apr 17, 2017
This post first appeared on GAO Reports. Read the original article. What GAO Found The Social Security Administration (SSA) has taken steps to establish an organizational culture and structure conducive to fraud risk management in its disability programs, but its new antifraud office is still evolving. In recent years, SSA instituted mandatory antifraud training, established (more…)
Protecting Employees in the Face of International Risks
This post first appeared on Risk Management Monitor. Read the original article. Increasing globalization and the growing world market presents employees with opportunities to travel and experience new countries and cultures. With travel comes risk, however. In the event of an unforeseen incident, it is an organization’s top priority to ensure its employees are safe (more…)
Elevating Data Risk Management to the Board Level
This post first appeared on Risk Management Magazine. Read the original article. For years, the security industry has worked to promote cybersecurity as a critical topic for the most senior corporate decision-makers: the c-suite and board of directors. Work remains, but most organizations now realize that data risk management and data-centric security must have board-level (more…)