A lesson many businesses learn the hard way is that in today's ever-changing and complex regulatory and political environment operational risks appear to be increasingly exponentially. In order to take control of Operational Risk leaders of the company and risk managers need to have the answers to many questions. Can I profitably grow my business? How do I effectively monitor my outsourced activities? Am I paying enough attention to the risk I am taking on?
With every business having its own ri
All Posts (5947)
Sort by
Whether we are talking about broader HSSE or more narrowly focused CIP, NERC, ISO, Dodd-Frank, etc. compliance, there are two general approaches to implementing a compliance plan within an organization: proactive and reactive.
Reactive – Many companies have used a reactive compliance process for many years. I hesitate to call a reactive approach a plan because it really isn’t a plan beyond the mechanics of scheduling an audit and remediating it. A simple and common example would be: Purchas
Last week, news broke of a global ransomware attack that has struck individuals and companies around the world. In the wake of the attack, which has affected computers in 150 countries, many companies are wondering 1) if they’re going to be hit and 2) what they can do to protect themselves.
The WannaCry ransomware attack still isn’t over, and we’ll see over the coming weeks what the final numbers are. It’s not too late to improve preventative measures for the next wave, which will likely be smart
If you use Gmail, pay attention! Security experts have announced that there is a very effective phishing scam out there, and you are a target. This scam, which has only been growing over the past couple of months, is also hitting other email providers, too. However, it’s quite difficult to detect.
According to researchers at WordFence, who make a security tool for WordPress, this is a pretty serious attack and can have quite an impact, even for those who are up on security.
Here’s how it works:
You
I have always been fascinated by the old question, “Which came first, the chicken or the egg?” According to one article I read prior to writing this blog, the chicken came first because the formation of eggs is only possible due to proteins found in a chicken’s ovaries. Because that was the answer I wanted to hear, that is as far as my research went. Now to my point.
Communicating the benefits of an intangible benefit is incredibly difficult. Take communicating the benefits of a program that help
Believe it or not, you just can’t shred too much. If you aren’t destroying your sensitive data, my best advice is for you to start now. There are people out there who make a living diving into dumpsters in search of credit card info, bank account number, mortgage statements, and medical bills; all things they can use to steal your identity.
Here are 12 tips that you can use to help you destroy your sensitive data:
- Buy a shredder. That said, I don’t own a shredder. I’ll explain shortly. There are a
For more than four years, malware has been posing as legitimate software and infecting industrial equipment across the globe.
The malware, which looks just like the Siemens control gear software, has affected at least seven plants in the US. According to security experts, the malware was specifically designed to attack this industrial equipment, but what it does is not totally known. It is only described as a type of “crimeware.”
The malware was first hinted at in 2013, but at that time, it was no
On Friday, as most of you know, there was a massive global cyber attack that took the form of ransomware. The cost of which is still be calculated.
When you read the articles and analysis several things stand out, which I have been advising you about for some time. The attacks exploited non technical issues. Specifically the all too human behavior that clicks on emails or links that are not secure and not doing updates to key software in a timely manner. All the security technology is helpless if
A new study was just released by the National Association for Information Destruction. What did it find? Astonishingly, about 40% of all digital devices that are found on the second-hand market had personal information left on them. These include tablets, mobile phones, and hard drives.
The market for second hand items is large, and it’s a good way to find a decent mobile device or computer for a good price. However, many times, people don’t take the time to make sure all their personal informati
The Oil and Gas industry is growing but at the same time increases in Oil and Gas activity correlate with an increase in the rate of fatal occupational injuries, particularly when inexperienced workers are not sufficiently trained in safety and precautionary measures.
In addition, Oil and Gas companies also face unprecedented regulatory pressures –organizations are faced with the challenge of effectively managing their OSHA, BSEE, USCG, DOT, EPA, Conflict Minerals, NI-52109, COBIT, ISO and compli
Last blog I said it was good to be common and pointed you to my latest paper on building tribes with a common purpose. This blog I’m not so sure you will be happy to have something in common with insurance companies.
I used to work in the insurance industry. I was there at the Ides of March 2001 when HIH went into liquidation. The insurance industry was and remains a tough industry and has a lot more in common with support functions than you may realise.
The top five things corporate support funct
Storm of Content
The Affordable Care Act. HIPAA. OSHA. If there is one thing hospitals aren’t short of these days, it’s new rules and regulations. And for every fresh law or regulation that gets passed, new or updated policies follow. Add in new technology adoption by the way of Electronic Health Records (EHRs) or mobile health and you’ve got a storm of seemingly countless—and constantly changing—policies and procedures that overworked employees must navigate daily.
![aca2[1]](http://www.360factors.com/blog/wp-content/uploads/2016/04/aca21.png)
The number, type, and complex
If the idea of hacking as a career excites you, you’ll benefit greatly from completing this training. You’ll learn how to exploit networks in the manner of an attacker, in order to find out how protect the system from them.
"The control of information is something the elite always does … Information, knowledge, is power.”
– Tom Clancy
No longer will money have dominion over our ability to learn. Penetration testing and ethical hacking are skill sets as in-demand as anything else in the Cyber Se
A shocking study by the National Associated for Information Destruction has revealed some terrifying information: 40% of electronic devices found on the second-hand market contains personal information. This information includes usernames and passwords, personal information, credit card numbers, and even tax information. Tablets were the most affected, with 50% of them containing this sensitive information, while 44% of hard drives contained the info.
What does this mean for you? It means that al
If you are like most of us, you have undoubtedly received an email that has asked you to click on a link. Did you click it? If you did, you are like 99% of internet users because clicking links in normal. But in some situations you may have found that the link took you to a new or maybe spoofed website where you might be asked to log in. If you ever did this, you may have been the victim of a likely phishing attack, and these attacks are getting fishier all of the time.
A What? Phish? Fish?
It’s c
Governance is defined by the organizational processes used to make and implement decisions. Good governance is not necessarily making only the “correct” decisions. It’s using the best possible risk management process to inform decision-making, which has the potential to impact employees, customers, other stakeholders, and the community at large.
Optimizing organizational governance is not just recommended, it’s a moral and legal obligation. Every company, no matter its industry, product, or servi
You have surely heard of Instagram, the photo sharing social network, but what about “Finstagram?” If you are like most parents, you have rules about the social media practices of your kids. However, once you learn about Finstagram, those might all go out the window.
When you combine the words “fake” and “Instagram,” you get Finstagram. Essentially, these are fake, or alternative, Instagram accounts that are created by teens, for the most part. These accounts can be used for harmless laughs, such
We have to move on from this 3-lines-thinking, it is outdated, every employee is a risk manager and must manage the risks associated with his or her job on a daily basis, in an effective Risk Culture there is no need to "defend" it is just optimised risk management and taking more risk to get more reward and build sustainable competitive advantage. Those who are not good or do nothing to build an effective Risk Culture, will just be exploited by those who are better.
Gone are the days when social media is only used to share what you had for dinner or announcing to the world that you are headed to the gym. But social media has become a platform for any and everyone to say what’s on their mind, and sometimes that’s great, but all too often it isn’t. Social is significantly lacking in decorum. But at least some are using social for good.
These days, law enforcement is using social media to find missing children.
Washington, DC police are leading the way on this.
lead