@Risk

In order to carry out their operations, federal agencies often rely on IT components manufactured overseas. But, a new report from the Government Accountability Office (GAO) warns that this growing dependence on a global IT supply chain introduces multiple risks to sensitive federal information systems.

For example, the report says federal agencies are vulnerable to:

• Installation of malicious logic on hardware or software
• Installation of counterfeit hardware or software
• Failure or disruption in the production or distribution of a critical product or service
• Reliance upon a malicious or unqualified service-provider for the performance of technical services
• Installation of unintentional vulnerabilities on hardware or software (more…)

World leaders are meeting in Seoul this week to discuss nuclear security concerns, including the growing threat of radioactive material in the global scrap metal supply chain.

According to a recent article at Bloomberg Businessweek, industries around the world are confronting the impact of loose nuclear (i.e., radioactive) material in an international scrap-metal market worth at least $140 billion. From the article:

Radioactive items used to power medical, military and industrial hardware are melted down and used in goods, driving up company costs as they withdraw tainted products and threatening the public’s health . . . Abandoned medical scanners, food-processing devices and mining equipment containing radioactive metals such as cesium-137 and cobalt-60 are picked up by scrap collectors, sold to recyclers and melted down by foundries, the IAEA (United Nations International Atomic Energy Agency) says.

The problem made headlines earlier this year when retailer Bed Bath & Beyond had to recall a metal tissue holder from its shelves after the item was found to be slightly radioactive.  A Bed Bath & Beyond truck loaded with the tissue holders reportedly set off a surveillance monitor in California. (more…)

Any business is vulnerable to a data breach. However, for the second year in a row, the information security firm Trustwave has found companies in the food and beverage industry are the most at risk from cybercriminals.

Why? According to the newly released Trustwave 2012 Global Security Report, industries with franchise and chain store models are top targets primarily because franchises often use the same IT systems across stores. Once cybercriminals compromise a system in one location, they likely can duplicate the attack in multiple locations. In fact, more than one third of Trustwave SpiderLabs 2011 investigations occurred in a franchise business, and the report predicts this number will rise in 2012.

Here are a few more key findings from the 2012 report: (more…)

Identity fraud jumped by 13 percent in 2011, and that increase may be the result of consumers’ social media and mobile behaviors.

For the past nine years, Javelin Strategy & Research has conducted an annual analysis of identity fraud trends, and for the first time, the 2011 study examined social media and mobile phone behaviors, ultimately uncovering certain related consumer practices that appear to increase risks.

Here are some of the key findings in more detail:

• The overall number of identity fraud cases is up, but the dollar amount held steady. Javelin found that more than 11.6 million adults became a victim of identity fraud in the US last year, although the dollar amount stolen remained constant. (Javelin defines “identity fraud” as the unauthorized use of another person’s personal information to achieve illicit financial gain.)
• Social behaviors are risky. LinkedIn, Google+, Twitter and Facebook users had the highest incidence of fraud although there is no proof of direct causation.  What’s the risk? Javelin found that consumers share significant amounts of personal information frequently used to authenticate identity. For example: (more…)

Mounting tensions with Iran have many keeping a watchful eye on global energy prices. However, Iran is not the only potential trouble-spot.

The results of Maplecroft’s Resource Nationalism Index show that a full 44 percent of global oil production currently occurs in countries that pose a ‘high’ or ‘extreme risk’ of resource nationalism. In fact, the list includes eight of the twelve members of OPEC .

As Maplecroft defines it, resource nationalism is a rising phenomenon where governments of countries hosting large reserves of natural resources try to secure greater economic benefit from their exploitation or leverage political gain through restricting supplies. This not only has operational and financial implications for extractive companies operating in these countries, but it could create further instability for the global energy markets.

The Resource Nationalism Index identifies the risk of resource nationalism across 197 countries.

Maplecroft included nine countries in the “extreme” risk category: (more…)