@Risk

Who Has Access to Your Sensitive and Confidential Workplace Data?

December 21, 2011 | No Comments →

Last month, I reported that many companies are struggling to keep pace with the compliance and risk policies necessary for effective social media governance.

Now, HP has released new global research indicating that organizations also face increased threats from an even more fundamental policy and procedures issue: poor control and oversight of sensitive and confidential workplace data.

According to the new study conducted by the Ponemon Institute, many companies say they have well-defined policies for individuals with privileged access rights to specific IT systems. However, almost 40 percent were unsure about enterprise-wide visibility into specific rights, or whether those with privileged access rights met compliance policies.

The survey, which focused on more than 5,000 IT operations and security managers across the US, the UK, Australia, Brazil, France, Germany, Hong Kong, India, Italy, Japan, Korea, Singapore and Spain, also found that: (more…)

Tags: Aravo, collaboration with suppliers, compliance, corporate governance, employee mobility, employment, IT risk, mobile employees, non-compliance, risk management, risk mitigation, risk strategy, security attacks, supplier risk, supply chain strategy, vendor risk management

Semiconductor Sales Poised to Top $300 Billion, Break Records in 2011

December 16, 2011 | No Comments →

The semiconductor industry heard some welcome news last week.

Despite a challenging global economy and natural disasters that impacted production in Asia, the Semiconductor Industry Association (SIA) said it expects continued growth in 2011, 2012 and 2013.

More specifically, the SAI endorsed the World Semiconductor Trade Statistics (WSTS) organization’s Autumn 2011 global semiconductor sales forecast which has projected semiconductor sales to grow to $302 Billion for 2011. If that forecast holds, it will be the first time semiconductor sales have reached the $300 Billion mark and will represent a 1.3 percent growth rate over the record-breaking year in 2010.

WSTS tabulates its annual forecast by convening an extensive group of global semiconductor companies that provide accurate and timely indicators of semiconductor trends.

Beyond 2011, the WSTS expects steady, modest growth: a 3.7 percent increase for 2012, and 5.8 percent increase for 2013. (more…)

Tags: Aravo, China supply chain, economic recovery, global sourcing, IT, IT risk, manufacturers, manufacturing, risk management, supplier risk, supply chain disruption, supply chain IT, supply chain strategy, supply risk

Less Than 40 Percent of Employees Take IT Security Seriously

December 05, 2011 | No Comments →

How careful are employees when it comes to IT security?

Apparently, most aren’t careful, at all. What’s more, most aren’t really concerned whether or not IT policies are followed.

Take a look at these survey results. IT security expert Avira polled nearly 1,000 of its users in September and found that:

Only 38.95 percent of those participating in the study said they adhere to security policies designed to protect their company.
About the same amount (35.42 percent) admitted there are security policies in place at their business, but that they didn’t feel that anyone really cared whether those policies were followed or not.
The remaining 25.63 percent said they see security as a system administrator’s responsibility and not an employee concern. (more…)

Tags: Aravo, collaboration with suppliers, compliance, corporate governance, information risk, IT risk, mobile employees, non-compliance, reputation risk, risk management, risk mitigation, risk strategy, security attacks, supplier risk, vendor risk management

Social Media Growth Outpaces Development of Risk, Compliance Policies

November 30, 2011 | No Comments →

Over the past few years, social media has evolved into an essential component of the marketing toolbox.

But, most companies have failed to keep pace with the necessary compliance and risk policies and procedures.

A recent study conducted by Grant Thornton LLP and Financial Executives Research Foundation illustrates the problem. The survey responses from 141 senior financial executives from public and private companies showed that: (more…)

Tags: Aravo, compliance, corporate governance, employment, IT risk, non-compliance, risk management, risk mitigation, risk strategy, security attacks, supplier risk, vendor risk management

Risk Managers Concerned About Reputation Risk from Social Media

November 02, 2011 | No Comments →

Do you know what your employees, customers and competitors are saying about your company online via social media networks?

Most companies don’t –and that’s starting to cause headaches for risk professionals.

A recent survey by the Federation of European Risk Management Associations and the Institute of Risk Management (IRM) asked risk professionals which three cyber risks they thought were the greatest threats to their own organization and to business, in general.

For business, in general:

Respondents ranked social media alongside non-malicious operational IT risks, theft of customer information and malicious interference with IT systems as the greatest cyber threats to business. Reputation risk from social media was cited as a material risk by nearly 50 percent of respondents and loss of confidential information through social media by 20 percent.

In terms of exposures to their own organizations, the emphasis shifted somewhat:

More than half put operational, non-malicious IT risks among the top three, followed by 43 percent theft of customer information (43 percent) and social media risks (42 percent). 21 percent said they were concerned about loss of confidential information through social media.

In other findings: (more…)