@Risk

Despite growing awareness and appreciation of the risks of non-compliance, only about one in four companies feel ready to meet the requirements of the Foreign Corrupt Practices Act (FCPA) and the UK Bribery Act (UKBA), according to new survey results from Kroll Business Intelligence and Investigations.

The study, which polled more than 1,200 senior executives from a broad range of industries worldwide, found that:

• Just 27 percent of survey respondents said they are well-prepared to comply with FCPA and UKBA.
• Of those companies subject to these two laws, just  43 percent have trained senior management, agents, vendors and foreign employees to be compliant with one of these laws. Even less (39 percent) have assessed the risks arising from them.
• More than one-third (37 percent) believe their due diligence provides a sufficient understanding of a potential partner’s of investment target’s compliance with these acts.

Clearly, companies need to step up their game. Not only are the risks of non-compliance quite serious (and getting more so), but fraud is on the rise. Knoll’s new research also showed that: (more…)

Technology now permeates virtually all business practices, and yet new research shows that most corporate boards still rely on more traditional methods of communication, such as hard copies of board books and documents.

The study, conducted by Thomson Reuters Governance, Risk & Compliance, found that:

• The average corporation surveyed prepares and disseminates nearly 6,000 pages of sensitive material to its board every year. As remarkable as it sounds, some companies produce more than 200 board packs per year! This significant volume of highly sensitive and confidential material is required to be distributed to board members, and a majority of corporations (61 percent) still send those documents via traditional courier.
• Even though an overwhelming majority (73 percent) of respondents said they send documents to board members via private, non-commercial email addresses, three-quarters reported they also print and carry those sensitive documents. (more…)

Email is fundamental to business communication.

But is this commonplace, everyday electronic correspondence a threat to your company’s data security and regulatory compliance?

It very well could be, and according to a recent study by Zix Corporation and Ponemon Institute,  IT professionals are growing increasingly concerned about these risks, especially now that more and more  business is conducted outside the office using mobile devices.

The survey, which received feedback from 830 IT and IT security practitioners, as well as IT compliance, legal and other specialists, found that: (more…)

Despite widespread awareness, cyberattacks are becoming  increasingly common.

As remarkable as it sounds, a new study from HP and the Ponemon Institute found that over a four-week period, the organizations surveyed experienced 72 successful attacks per week, an increase of nearly 45 percent from last year. (Note: More than 90 percent of all cybercrime costs were caused by malicious code, denial of service, stolen devices and web-based attacks.)

Of course, the financial impact of a cyberattack can be devastating. The Second Annual Cost of Cyber Crime Study also revealed that the median annualized cost of cybercrime incurred by a benchmark sample of organizations was $5.9 million per year, with a range of $1.5 million to $36.5 million each year per organization. This represents an increase of 56 percent from the median cost reported in the inaugural study published in July 2010. (Note: More than 90 percent of all cybercrime costs were caused by malicious code, denial of service, stolen devices and web-based attacks.)

Interestingly, the study looked deeper into the economic costs of cybercrime and found that: (more…)

Even though many have had to cope firsthand with disruptions caused by recent natural disasters such as Iceland’s volcanic eruption or the earthquake and tsunami in Japan, executives now see cyber attacks –rather than physical attacks –as potentially the most damaging to their supply chains, according to new report from PwC.

The report, Volume 4 of the Transport & Logistics’ 2030 series Securing the Supply Chain, is a joint project between PwC and the Supply Chain Management Institute (SMI) at EBS Business School in Germany.  It warns that cyber attacks are now so sophisticated that any business, or even country, could be at risk. (The German internet, for example, is attacked every two seconds, PwC says.)

On average, the 80 science, government and business executives polled agreed that there is a 56 percent probability of a rise in attacks in some form. Overall, those surveyed said they were even more concerned about hacker attacks affecting their supply chains than they were about actual physical attacks.

In addition, survey respondents said there was a 70 percent probability of logistics companies having to perform obligatory security checks on their whole supply chain, and they said there was a 60 percent probability that modern technology would offer businesses better protection.
(more…)