@Risk

Employee Twitter Use at Work Up More Than 700 Percent

February 10, 2012 | No Comments →

We all know that employees use social networks and browser-based file sharing at work. But, new research from Palo Alto Networks reveals just how deeply Web 2.0 tools have penetrated the workplace –and how important it is for companies to prepare for potential threats from social media and file sharing apps.

After analyzing raw application traffic from more than 1,600 enterprises between April 2011 and November 2011, Palo Alto Networks found that:

Social media use is exploding, especially for Twitter. The study revealed that bandwidth consumption for Facebook Apps, Social Plugins and posting increased from 5 percent (October 2010) to 25 percent (December 2011) when measured as a percentage of total social networking bandwidth. Twitter browsing at work alone grew by more than 700 percent year-over-year. (more…)

Tags: Aravo, employment, information risk, IT risk, reputation risk, risk management, risk mitigation, risk strategy, security attacks, social media, supplier risk, vendor risk management

Companies Testing KPIs to Assess Labor and Human Rights Risks in Global Supply Chains

February 03, 2012 | No Comments →

A group of nine companies is testing newly developed Key Performance Indicators (KPIs) designed to assess reputational risks and operational shortcomings associated with labor and human rights factors in corporate supply chains.

Developed as part of the Fair Labor Association (FLA) and Harvard Law School?s Pension and Capital Stewardship Project and with funding from the Investor Responsibility Research Center (IRRC) Institute, this KPI initiative is the first effort of its kind to create a standardized method to assess such risks.

The nine companies involved collectively source from 1,755 factories that employ about 1.8 million workers in 62 countries. They are testing KPIs in the following areas, with a host of detailed underlying information for each category: (more…)

Tags: Aravo, collaboration with suppliers, employment, global sourcing, non-compliance, reputation risk, risk management, risk mitigation, risk strategy, supplier risk, supply chain strategy

Apple Releases List of Major Suppliers and Details on Factory Inspections

January 16, 2012 | No Comments →

As The Wall Street Journal reported over the weekend, Apple Inc. is “increasingly finding itself pinched between the promise and perils of doing business in China.”

Last Friday –and for the first time ever –Apple released a comprehensive list of its major suppliers and a detailed report on factory inspections throughout the company’s sprawling supply chain.

In addition, Apple recently became the first technology company accepted by the Fair Labor Association (FLA), an organization that monitors workplace environments worldwide.

These moves come on the heels of stepped-up pressure from activists worldwide. Earlier this month, workers from a Foxconn Technology factory in China waged a large protest that involved threats from some to commit suicide. (more…)

Tags: Aravo, China supply chain, collaboration with suppliers, employee dissatisfaction, IT, reputation risk, supplier, supplier risk, supplier risk management, supply chain IT

Less Than 40 Percent of Employees Take IT Security Seriously

December 05, 2011 | No Comments →

How careful are employees when it comes to IT security?

Apparently, most aren’t careful, at all. What’s more, most aren’t really concerned whether or not IT policies are followed.

Take a look at these survey results. IT security expert Avira polled nearly 1,000 of its users in September and found that:

Only 38.95 percent of those participating in the study said they adhere to security policies designed to protect their company.
About the same amount (35.42 percent) admitted there are security policies in place at their business, but that they didn’t feel that anyone really cared whether those policies were followed or not.
The remaining 25.63 percent said they see security as a system administrator’s responsibility and not an employee concern. (more…)

Tags: Aravo, collaboration with suppliers, compliance, corporate governance, information risk, IT risk, mobile employees, non-compliance, reputation risk, risk management, risk mitigation, risk strategy, security attacks, social media, supplier risk, vendor risk management

Risk Managers Concerned About Reputation Risk from Social Media

November 02, 2011 | No Comments →

Do you know what your employees, customers and competitors are saying about your company online via social media networks?

Most companies don’t –and that’s starting to cause headaches for risk professionals.

A recent survey by the Federation of European Risk Management Associations and the Institute of Risk Management (IRM) asked risk professionals which three cyber risks they thought were the greatest threats to their own organization and to business, in general.

For business, in general:

Respondents ranked social media alongside non-malicious operational IT risks, theft of customer information and malicious interference with IT systems as the greatest cyber threats to business. Reputation risk from social media was cited as a material risk by nearly 50 percent of respondents and loss of confidential information through social media by 20 percent.

In terms of exposures to their own organizations, the emphasis shifted somewhat:

More than half put operational, non-malicious IT risks among the top three, followed by 43 percent theft of customer information (43 percent) and social media risks (42 percent). 21 percent said they were concerned about loss of confidential information through social media.

In other findings: (more…)