@Risk

Mounting tensions with Iran have many keeping a watchful eye on global energy prices. However, Iran is not the only potential trouble-spot.

The results of Maplecroft’s Resource Nationalism Index show that a full 44 percent of global oil production currently occurs in countries that pose a ‘high’ or ‘extreme risk’ of resource nationalism. In fact, the list includes eight of the twelve members of OPEC .

As Maplecroft defines it, resource nationalism is a rising phenomenon where governments of countries hosting large reserves of natural resources try to secure greater economic benefit from their exploitation or leverage political gain through restricting supplies. This not only has operational and financial implications for extractive companies operating in these countries, but it could create further instability for the global energy markets.

The Resource Nationalism Index identifies the risk of resource nationalism across 197 countries.

Maplecroft included nine countries in the “extreme” risk category: (more…)

News last week that a NASA computer stolen in March 2011 contained unencrypted codes used to command and control the International Space Station has put the spotlight, once again, on the issue of cyber security.

Are C-suite execs paying attention?

Unfortunately, new research suggests they’re not.

The advanced findings from the latest 2012 Carnegie Mellon CyLab Governance survey of how corporate boards and executives are managing cyber risks reveal that the issue is still not getting adequate attention at the top.

Sponsored by RSA, The Security Division of EMC, the survey results show that even though there are some improvements in key “regular” board governance practices formation of board Risk Committees and cross-organizational teams within certain organizations, significant areas of concern remain. For instance:

• Oversight is lacking. Boards and senior management are not engaging in key oversight activities, such as setting top-level policies and reviews of privacy and security budgets to help protect against breaches and mitigate financial losses.
• Most boards aren’t taking responsibility. Less than one-third of the respondents indicate their boards and senior executives are undertaking basic responsibilities for cyber governance.
• Lack of personnel is a concern. Nearly half of the respondents indicated that their companies do not have full-time personnel in key privacy and security roles.
• Insurance coverage needs updating. More than half (58 percent) of the respondents said their boards are not reviewing their companies’ insurance coverage for cyber-related risks.

What can you do to help remedy the situation at your company?  RSA suggests you: (more…)

Secure Socket Layers (SSL) certificates are an essential component of secure online transactions, and yet most (54 percent) of the 174 IT and information-security pros recently surveyed by Venafi admitted they have an inaccurate or incomplete inventory of their SSL certificate populations.

As Venafi points out, deploying encryption solutions without maintaining comprehensive certificate and key inventories is a worst practice that jeopardizes vital business systems and processes, while exposing organizations to substantial risk of security and compliance incidents.

But, hold on. The story gets even worse. The survey results also showed that: (more…)

What’s the biggest headache for corporate finance executives these days?

No surprise –it’s the unpredictable global economy.

According to a recent poll of 435 CFOs, corporate treasurers and other senior finance executives, nearly three-fourths (72 percent) agreed their top concern is managing financial uncertainty, including the risks associated with credit, liquidity, interest rates and currency/foreign exchange.

In addition, more than one-third of respondents are worried about risks associated with:

• macroeconomic conditions, such as the pace of economic growth and inflation (38 percent)
• business/operations, including supply chain and/or production disruptions, litigation, labor and outsourcing (36 percent)

External risks (country, regulatory, natural disaster) and commodity risks (power/heat, crude oil & distillates, agricultural and metals) also emerged as concerns for a significant share of the organizations polled, but to a lesser degree.

And, four in ten respondents (41 percent) said they expect even more earnings uncertainty in the coming years.

The survey results, released last month by the Association for Financial Professionals (AFP), also revealed that: (more…)

Many employees now use mobile devices to access their company’s network. But, what happens if those devices are lost, stolen or resold to others outside the company? Could sensitive data be compromised?

The risks may be greater than you think.

Earlier this month, Motorola announced that approximately 100 out of a batch of 6,200 Xoom tablets that were refurbished by Motorola Mobility may not have been completely cleared of the original owner’s data prior to resale. An earlier analysis found that more than half of 50 mobile phones purchased from second-hand resellers on eBay contained personal data left over from their original owners.

New research from Mobilisafe, a Seattle-based mobile security company, reveals just how widespread employee mobile device use is and how little oversight IT departments are exercising –particularly at resource-constrained small and midsized businesses (SMBs).

For the study, employees at SMBs agreed to help evaluate a product that provides visibility to all mobile devices accessing their company’s network. Then, over the course of three months, Mobilisafe mapped more than 38 million employee mobile device connections, providing key data for its analysis. The interim results from the beta trial showed that: (more…)