Category Archives: Risk Management

New Studies Highlight Sources, Patterns of Data Breach—And How to Do Better

Posted on by

Three recent studies provide a great reminder of the threats of data breach—and the role workers and IT departments play in either maintaining a company’s defense or letting malware storm the gates.

In its 2014 Data Breach Investigations Report, Verizon identified nine patterns that were responsible for 92% of the confirmed data breaches in 2013. These include: point of sale intrusions, web application attacks, insider misuse, physical theft/loss, miscellaneous errors, crimeware, card skimmers, denial of service attacks, and cyber-espionage. They have also identified the breakdown of these patterns in various industries, highlighting some of the greatest sources of cyber risk for your business:

Verizon Data Breach Investigations Report

Verizon’s report also offers specific information about the patterns and advice on how to respond to them.

Many sources of vulnerability come from within, and there is less variation than you might expect in terms of who the riskiest workers may be.

buy atarax online www.handrehab.us/images/patterns/jpg/atarax.html no prescription pharmacy

A survey by the Pew Research Center found that 18% of adults have had important personal information stolen online, including Social Security number, credit card, or bank account information—an 8% increase from just six months ago. Further, 21% of adults who use the internet have had an email or social networking account compromised. Two groups that make up a large part of the workforce were hit particularly hard during this period: young adults and baby boomers. The percentage of individuals in these groups who had personal information stolen online doubled between July 2013 and January 2014.

buy symbicort online www.handrehab.us/images/patterns/jpg/symbicort.html no prescription pharmacy

stolen personal data by age

But as this chart shows, all age ranges have experienced a significant amount of data theft as of the beginning of the year.

Indeed, according to meetings-software company TeamViewer, 92% of IT administrators have seen troublesome habits among office workers using company computers. These risky behaviors are frequently known to open the work system to viruses or other malware, including:

  • Browsing social media websites (reported by 82% of IT admins)
  • Opening inappropriate email attachments (57%)
  • Downloading games (52%)
  • Plugging in unauthorized USB devices (51%)
  • Plugging in unauthorized personal devices (50%)
  • Illegal downloads, such as pirated movies, music or software (45%)
  • Looking for other jobs (39%)

Further, nine out of 10 IT administrators reported witnessing problems to company equipment because of these actions, including viruses (77%), slow computers (74%), crashed computers (55%), mass popups (48%) and inability to open email (33%). Not only do these behaviors leave corporate infrastructure at risk, but they may endanger the overall HR program, as a vast proportion of IT workers report feeling frustrated, angry and discouraged.

buy xenical online www.handrehab.us/images/patterns/jpg/xenical.html no prescription pharmacy

Up to 12% even said that they were considering quitting over these bad behaviors and increased strain on the IT department.

So what can you do? Administrators agreed that better security software, using remote access to fix problems, installing disk cleanup software, integrating automatic backup solutions, and offering the ability to telecommute would all help mitigate these issues and make their jobs easier.

Strong ERM Gives Companies Higher Market Value

Posted on by

A new study, “The Valuation Implications of Enterprise Risk Management Maturity,” released by the Journal of Risk and Insurance, has found that organizations exhibiting mature risk management practices realize a value growth potential of up to 25%.

The survey is the first wholly independent research project that confirms the value connection of mature enterprise risk management practices in organizations.

Using data from the RIMS Risk Maturity Model (RMM) gathered from 2006 to 2011, Mark Farrell, the paper’s author and the actuarial science and risk management program director at Queens University Management School of Belfast (QUMS) and Dr. Ronan Gallagher of the University of Edinburgh Business School, provided evidence through this research that firms that have reached mature levels of enterprise risk management qualities exhibit a higher firm value.

online pharmacy trazodone with best prices today in the USA

 The broad data set encompassed publicly-traded organizations from a variety of industries. Nearly half the data tabulated by the researchers were submitted by RIMS members.

online pharmacy addyi with best prices today in the USA

The study’s authors reported that “firms that have successfully integrated the ERM process into both their strategic activities and everyday practices display superior ability in uncovering risk dependencies and relationships across the entire enterprise and as a consequence enhanced value when undertaking the ERM maturity journey.”

The authors added, “Upon decomposition of the maturity score, we find that the most important aspects of ERM from a valuation perspective relate to the level of top-down executive engagement and the resultant cascade of ERM culture throughout the firm.”

The RIMS Risk Maturity Model for Enterprise Risk Management (RIMS RMM), was developed in 2005 by risk professionals and LogicManager, and is a free assessment tool for risk professionals and executives to develop and improve sustainable enterprise risk management programs. This online resource allows organizations to score their risk programs and receive an immediate downloadable report.

online pharmacy flagyl with best prices today in the USA

The report provides information not only on current maturity levels, but offers ideas on what it may take to achieve a higher level of maturity in each of seven attributes.

“One of the biggest challenges in implementing an enterprise risk management program is articulating the value that it brings,” said Carol Fox, RIMS director of strategic and enterprise practice. “This research makes that value link quite clear. Although the study necessarily focused on publicly traded companies, the value proposition of enterprise risk management applies to not-for-profits and the public sector as well. In highlighting this research, we hope that more organizations will take advantage of the RIMS Risk Maturity Model to improve their risk practices and, in turn, create additional enterprise value.”

Steven Minsky, CEO of LogicManager and developer of the RIMS Risk Maturity Mode noted, “Boards and ERM committees now have an actionable internal road map and a corresponding return on investment measure to improve their enterprise risk management maturity from whatever level they are at today.”

Top Female Risk Managers Offer Insight on Success with the Board and Beyond

Posted on by

DENVER—Four of the top risk managers gathered today to reflect on their career paths and tips for success in the panel “Women of Distinction: Risk Managers of the Year Share Their Wisdom.”

Noted for far more than their gender, Grace Crickette, Lori Gray, Sheila Small, and Laurie Solomon have all received top accolades in the industry and were all previously been named Risk Manager of the Year. While they all reflected on the strengths and skills that women bring to the field, they did acknowledge a number of challenges faced on the road to management positions, some of which should be no surprise to any woman in business. “When I was first made an executive, I had to see a clinical psychologist,” said Grace Crickette, SVP and CRO for AAA Northern California, Nevada and Utah.

buy fildena online imed.isid.org/wp-content/uploads/2023/10/jpg/fildena.html no prescription pharmacy

“He told me, ‘You have some really great traits to be in business—if you were a man.  As a woman, you’re probably going to have a pretty hard time.’”

Their insight stretched far beyond questions of being a woman in the workplace, however. In particular, their advice on how to earn the respect and recognition of the board offered key tips for any risk manager, male or female. “You need to focus more on building your reputation for work with the board,” Crickette said.

buy arava online imed.isid.org/wp-content/uploads/2023/10/jpg/arava.html no prescription pharmacy

“Help educate them. I make a point to send out an article—not written by me—at least once a month that offers something valuable to learn. In doing so, you also demonstrate what you know, understand, and can engage about.”

“Few people understand our companies across the whole organization as well as we do,” said Laurie Solomon, The Coca-Cola Company’s director of risk management. “Our biggest asset is that broad knowledge of the organization, how it works, what the biggest challenges are, and where there is the greatest potential for risk or growth.” That knowledge and comfort in the material at hand breeds confidence. Knowledge, experience, and confidence combine to create credibility, and that credibility is what facilitates access to the board and progress in your program and your career, she said.

Credibility also has tremendous impact on a risk manager’s success in the public sector as well. Last year’s Risk Manager of the Year, Lori Gray of Prince William County, emphasized the human component of this. The risk assessment process, she said, offers a prime opportunity to establish credibility and strong working relationships by meeting critical players face to face.

buy rybelsus online imed.isid.org/wp-content/uploads/2023/10/jpg/rybelsus.html no prescription pharmacy

“Risk assessment is your opportunity to meet people in person and ask what keeps them up at night. You are developing critical relationships while getting an honest, first-hand perspective of the exposures that should be on your radar,” Gray said. “Going out and meeting department heads is critical because one of your chief jobs is to sell. You are selling yourself and selling your program.”

Gaining recognition may be one of the greatest challenges for the future of risk managers and risk management as a whole. “Part of the challenge we face as an industry is to get recognition of risk management as a pool for future CEOs and COOs,” said Crickette. “The skills and insight we have would make for fantastic officers, but people just do not think of us for those opportunities. The industry has a lot to do to promote our potential.”

Lessons from an Olympic Champion

Posted on by

DENVER—When RIMS keynote speaker Bonnie St. John was five years old her right leg was amputated below the knee because of a medical condition. For most people, it would have been a devastating disability, but St.John was not most people. Instead she became, of all things, a competitive skier. As a member of the 1984 U.S. Paralympic team, she was the first African-American to win an Olympic medal as a ski racer, taking home bronzes for slalom and giant slalom and a silver for overall performance. In effect, she said that made her the second fastest woman on one leg that year.

It was an impressive achievement to say the least and her thoughts on the experience were even featured on a Starbucks cup that read, “I was ahead in the slalom.

buy arimidex online https://silvermancare.com/wp-content/uploads/2023/10/jpg/arimidex.html no prescription pharmacy

But in the second run, everyone fell on a dangerous spot.

buy anafranil online https://silvermancare.com/wp-content/uploads/2023/10/jpg/anafranil.html no prescription pharmacy

I was beaten by a woman that got up faster than I did. I learned that people fall down, winners get up, and gold medal winners just get up faster.”

St. John said that, for her, a normal life wasn’t an option, but “normal is overrated.” Rather, she challenged risk managers in the audience to follow her example and aim higher in their careers. “Be you,” she said. “Be extraordinary.”

St. John expressed a lot of admiration for risk management’s ability to prevent disasters, thanking them for all the things that didn’t happen last year. But after reviewing a list of the past year’s risk events, understandably wondered if risk managers were just “incredible pessimists” given all the bad things they have to deal with. Upon further reflection, though, she said she came to the fitting conclusion that risk managers “practice a special brand of optimistic pessimism.” They know bad things will happen but they are also confident that they can take steps to prevent disaster, which seems to be as accurate a description of a risk manager’s mentality as any I’ve ever heard.

But as valuable as she thought risk managers were, St. John thought that there was still room for them to become world class by taking advantage of expertise of their peers, something she called a “community of champions.” By becoming more “helpable” and receptive to learning and growth opportunities, risk managers could achieve even greater success. “What’s possible for you is more than you can imagine.”

Coming from a one-legged ski champion, it was a lesson that was hard to ignore.