@Risk

Vermont Is Number One State for Embezzlement

January 23, 2012 | No Comments →

Vermont is known for maple syrup, fall foliage, covered bridges and now . . . embezzlement?

As strange as it sounds, Vermont topped the list of states with the highest risk of loss due to embezzlement in 2011, according to new research from Marquet International Ltd.

The 2011 Marquet Report On Embezzlement, examined 473 major employee theft cases active in the US last year and found that: (more…)

Tags: Aravo, collaboration with suppliers, cyber attacks, financial risk, risk management, risk mitigation, risk strategy, security attacks, supplier risk, supply chain strategy, vendor risk management, workforce

HP Finds 56 Percent Rise in Cost of Cybercrime

August 12, 2011 | No Comments →

Despite widespread awareness, cyberattacks are becoming increasingly common.

As remarkable as it sounds, a new study from HP and the Ponemon Institute found that over a four-week period, the organizations surveyed experienced 72 successful attacks per week, an increase of nearly 45 percent from last year. (Note: More than 90 percent of all cybercrime costs were caused by malicious code, denial of service, stolen devices and web-based attacks.)

Of course, the financial impact of a cyberattack can be devastating. The Second Annual Cost of Cyber Crime Study also revealed that the median annualized cost of cybercrime incurred by a benchmark sample of organizations was $5.9 million per year, with a range of $1.5 million to $36.5 million each year per organization. This represents an increase of 56 percent from the median cost reported in the inaugural study published in July 2010. (Note: More than 90 percent of all cybercrime costs were caused by malicious code, denial of service, stolen devices and web-based attacks.)

Interestingly, the study looked deeper into the economic costs of cybercrime and found that: (more…)

Tags: Aravo, cyber attacks, IT risk, risk management, risk mitigation, risk strategy, security attacks, supplier risk, supply chain disruption, supply chain strategy, vendor risk management

Using Digital Ants to Mitigate Power Grid Cyber Threats

June 27, 2011 | No Comments →

The nation’s electrical power grid is becoming increasingly interconnected through the internet, and while this technological sophistication provides significant benefits, it also comes hand-in-hand with considerable risk:

Enhanced interconnectivity means the power grid is now more vulnerable to cyber attacks.

Fortunately, researchers are now hard at work, designing safeguards to help protect the grid from computer viruses trying to wreak havoc on the system.

For instance, Errin Fulp, professor of computer science at Wake Forest University, is developing an army of “digital ants” that can scour computer networks looking for threats such as computer worms and self-replicating programs designed to steal information or facilitate unauthorized use of computers. When one of these digital ants detects a threat, it is designed to send for more ants to converge at that particular location, drawing the attention of human operators to investigate further.

“The idea is to deploy thousands of different types of digital ants, each looking for evidence of a threat,” Fulp said in a press release. “As they move about the network, they leave digital trails modeled after the scent trails ants in nature use to guide other ants. Each time a digital ant identifies some evidence, it is programmed to leave behind a stronger scent. Stronger scent trails attract more ants, producing the swarm that marks a potential computer infection.”
(more…)

Tags: Aravo, cyber attacks, IT, IT risk, risk management, risk mitigation, risk strategy, security attacks, supplier risk, supply chain IT, supply chain technology

Verizon’s 2011 Data Breach Investigations Report Shows Dramatic Shift in Cyber Crime Tactics

April 25, 2011 | No Comments →

Verizon released the latest edition of its Data Breach Investigation Report (DBIR) series last week, and the results are a rather interesting mixed bag.

On the one hand, the total data lost through cyber attacks decreased dramatically in 2010. However, the study also found that the overall number of breaches was higher than ever before.

According to Verizon, the seeming contradiction between the low data loss and the high number of breaches likely stems from a significant decline in large-scale breaches, caused by a change in tactics by cybercriminals. Apparently, cybercriminals now tend to engage in small, opportunistic attacks rather than large-scale, difficult attacks, and they are using relatively unsophisticated methods to successfully penetrate organizations. As Verizon points out, only 3 percent of breaches were considered unavoidable without extremely difficult or expensive corrective action.

Here are a few of the report’s key findings in more detail:
(more…)

Tags: Aravo, collaboration with suppliers, cyber attacks, IT, IT risk, risk management, risk mitigation, risk strategy, security attacks, supplier risk, supply chain IT, supply chain strategy, Verizon

IT Security Risk and Compliance Remain Major Concern

April 20, 2011 | No Comments →

Businesses today face IT security and compliance risks on several fronts. But, are they rising to these rapidly proliferating challenges?

New survey results from McAfee suggests that the answer to that question is unfortunately, a resounding, “No.”

The report, Risk and Compliance Outlook: 2011, commissioned by McAfee and conducted by Evalueserve, found that 41 percent of organizations are not well aware of or protected against IT security risks. In addition, the vast majority, 75 percent of respondents, are not confident that they will pass a regulatory audit, with more than half of organizations stating that they have already failed one.

The survey, which was conducted in Australia, Canada, France, Germany, New Zealand, Singapore, UK and US, also revealed that:
(more…)