Avoiding Insider Trading with Cybersecurity and ERM

Cybersecurity has been on our radar a lot lately, but that's thanks to the alarming number of recent, high-profile security breaches. Take a look at our recent blog post regarding a major flaw in the Android operating system, or our discussion of hackers' disturbing rate of maturity.

Federal officials recently broke up a long-term insider trading scheme

In early August of this year, it was announced that Feds succeeded in breaking up a hacking and insider trading scheme in which international hackers gained access to corporate news releases before the intended release dates, and the captured data enabled successful, illegal trades.

Cyber-attacks like these can come at any time and from anywhere: inside, outside, even overseas. They may involve simple corruption or theft, as with Android's issue, but can also be facilitated by company employees, as unpleasant as that notion is.

Protecting your company against any and all cybersecurity breaches is certainly doable, but it will require a concerted, enterprise-wide IT and IS risk management effort. Employees operating on the so-called front lines are just as crucial to uncovering risks as members of senior management.

What actually happened, and who was affected?

According to The New York Times, five men have been indicted so far. Their attack was patient and calculated, having taken place over the course of at least five years.

Technically, they hacked specifically into information-dissemination companies such as Business Wire, but the attacks granted them access to sensitive information about dozens of unsuspecting, publicly traded companies.

Indirect victims come from a wide variety of industries and include Bank of America, Clorox, and Caterpillar, says The New York Times.

How hackers infiltrate their targets

Hacking and illegal trading methods are complicated and diverse enough that entire books could be written about them. BBC news, however, has identified one particularly alarming method somewhat reminiscent of the one criminals might have used to hack Android phones.

This method, aptly known as "spear-phishing," involves sending infected emails to pre-identified, key members of an organization. That's right - hackers are able to pick you out from the bunch if they think targeting you will help them succeed.

As an organization, stay aware & implement preventative cybersecurity measures

The goal of this post is not to spark paranoia. Far from it. ERM software can help you monitor news feeds, identify risk, automatically notify those in your organization that are most likely to be impacted by that risk as well as coordinate and track mitigation activities through to completion.

Centralizing incident management processes, and using them to engage those that are needed in response is critical to prevent disasters before they happen. Visit our website to learn how LogicManager's incident management software platform can help you prioritize what needs to get done today.


Request a free, live demo from a LogicManager Analyst to see how our Enterprise Risk Management software can help you achieve this in less than 90 days.

Views: 52


You need to be a member of GlobalRisk community to add comments!

Join GlobalRisk community

Our Sponsors

Would you like to reach over 90,000 + Risk Professionals? 



Current Partners Include:


Join GRC Inner Circle - Get Top Risk Resources, Member Support PLUS become our patron

Business Exchange

If your organization delivers products and services that bring value to our members, you are welcome to join our partnership program.

Companies are welcome to setup a business profile page in our Multimedia Business Directory. You will get full control of the page and can include cutting edge possibilities – videos, adverts, presentations, white papers, job offers, Press Releases, product information, company blog, news feeds and more.


Our Knowledge Partners

Request our MEDIA KIT

Our Twitter feed

© 2020   Created by Boris Agranovich.   Powered by

Badges  |  Report an Issue  |  Terms of Service