Avoiding Insider Trading with Cybersecurity and ERM

Cybersecurity has been on our radar a lot lately, but that's thanks to the alarming number of recent, high-profile security breaches. Take a look at our recent blog post regarding a major flaw in the Android operating system, or our discussion of hackers' disturbing rate of maturity.

Federal officials recently broke up a long-term insider trading scheme

cyber-crime.jpg?width=300In early August of this year, it was announced that Feds succeeded in breaking up a hacking and insider trading scheme in which international hackers gained access to corporate news releases before the intended release dates, and the captured data enabled successful, illegal trades.

Cyber-attacks like these can come at any time and from anywhere: inside, outside, even overseas. They may involve simple corruption or theft, as with Android's issue, but can also be facilitated by company employees, as unpleasant as that notion is.

Protecting your company against any and all cybersecurity breaches is certainly doable, but it will require a concerted, enterprise-wide IT and IS risk management effort. Employees operating on the so-called front lines are just as crucial to uncovering risks as members of senior management.

What actually happened, and who was affected?

According to The New York Times, five men have been indicted so far. Their attack was patient and calculated, having taken place over the course of at least five years.

Technically, they hacked specifically into information-dissemination companies such as Business Wire, but the attacks granted them access to sensitive information about dozens of unsuspecting, publicly traded companies.

Indirect victims come from a wide variety of industries and include Bank of America, Clorox, and Caterpillar, says The New York Times.

How hackers infiltrate their targets

Hacking and illegal trading methods are complicated and diverse enough that entire books could be written about them. BBC news, however, has identified one particularly alarming method somewhat reminiscent of the one criminals might have used to hack Android phones.

This method, aptly known as "spear-phishing," involves sending infected emails to pre-identified, key members of an organization. That's right - hackers are able to pick you out from the bunch if they think targeting you will help them succeed.

As an organization, stay aware & implement preventative cybersecurity measures

The goal of this post is not to spark paranoia. Far from it. ERM software can help you monitor news feeds, identify risk, automatically notify those in your organization that are most likely to be impacted by that risk as well as coordinate and track mitigation activities through to completion.

Centralizing incident management processes, and using them to engage those that are needed in response is critical to prevent disasters before they happen. Visit our website to learn how LogicManager's incident management software platform can help you prioritize what needs to get done today.

 

Request a free, live demo from a LogicManager Analyst to see how our Enterprise Risk Management software can help you achieve this in less than 90 days.

Votes: 0
E-mail me when people leave their comments –

Steven Minsky, CEO and Founder of LogicManager, is a recognized thought leader in risk management. Steven is well known for his precinct abilities to guide organizations through future risk events. Steven is a frequent speaker in the Energy, Financial Services and Cyber industries. While the first wave of COVID-19 caught many organizations by surprise, Steven predicted the pandemic impacts in January of 2020 and swiftly published action plans to help organizations prepare.

You need to be a member of Global Risk Community to add comments!

Join Global Risk Community

    About Us

    The GlobalRisk Community is a thriving community of risk managers and associated service providers. Our purpose is to foster business, networking and educational explorations among members. Our goal is to be the worlds premier Risk forum and contribute to better understanding of the complex world of risk.

    Business Partners

    For companies wanting to create a greater visibility for their products and services among their prospects in the Risk market: Send your business partnership request by filling in the form here!

lead