May 22, 2013

Posts Comments

You are here: Home / Archives for Information / Risk Management

Cyber Security and Its Importance to an Organization

May 15, 2013 By Leave a Comment
photo courtesy of vpnchoice.com

For quite some time, business continuity professionals have been associating Cyber Security as an important Business Continuity Planning (BCP) concern, but, like so many other issues in the world of BCP, without full buy-in from upper management (or the Board of Directors), it will be almost impossible to truly implement effective Cyber Security policies, plans and procedures throughout any organization. With that point in mind, and to assist the process of increasing cyber security awareness in your company’s upper management, our staff recommends reading an article written by Edward B. … [Read more...]

Cyber Risk — How Well Are Board Members Managing?

May 14, 2013 By Leave a Comment
photo courtesy of catastrophy property casualty

Protecting a company’s digital assets continues to be a challenging component of a director’s and/or board member’s total fiduciary duties --- and--- with the growing number of regulations now imposing more specific privacy and cyber security related obligations on companies --- answering the question of whether or not those directors are managing cyber risks responsibly begs the need to find out how well those directors are really doing….. To that point, Carnegie Mellon University’s “CyLab” group recently released the results of a survey it conducted which examined data … [Read more...]

World Risk Day — May 14, 2013

May 10, 2013 By Leave a Comment
photo courtesy of www.worldriskday.com

  World Risk Day 2013 is an event when and where industry thought leaders and peers can gather together virtually to discuss the major trends, challenges and best practices in risk management. This year that event will take place on May 14, 2013. This year’s event -- which is the second annual World Risk Day --- has been given the theme “Shattering the Project Myth”, and again will introduce a virtual summit participation opportunity based on webinars, interviews and live Q&A sessions with “best-in-class” project managers and risk practitioners from around the … [Read more...]

NIST Offers Free Download of SP 800-53, Rev 4

May 9, 2013 By Leave a Comment
Photo courtesy of www.livehacking.com

The National Institute of Standards and Technology (NIST) has now made available the Final Release of SP 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations – representing the most comprehensive update to the security controls catalog since its inception in 2005. This update was motivated primarily by the expanding occurrences of cyber security threats – looking at the increased sophistication of those cyber-attacks; the growing frequency of such attacks; the professionalism of the attackers, and the persistence of targeting by … [Read more...]

E-Discovery Concerns Must Be Addressed Before Moving Data to the Cloud

April 11, 2013 By Leave a Comment
data privacy

If you begin with the following assumption: “As businesses move more applications and data to cloud services, those businesses inevitably are going to find themselves in litigation with the need to retrieve electronically stored information (ESI) from the cloud to comply with their e-discovery obligations.” ….then it makes a lot of sense to make sure that you do not forget about e-discovery when you are considering moving your company’s data to the cloud environment. In what our staff believes to be one of the better postings on this important risk mitigation topic, they would … [Read more...]

Incentive Management Needs Alignment with Organizational Risk Management

April 10, 2013 By Leave a Comment
Photo courtesy of vertexsystems.com

Risk Management continues to become a larger component of total organizational resilience methodologies.  And implementing an effective risk management culture in any organization ultimately depends on support from top management, consistently communicated actions properly funded by top management and an ongoing commitment by top management to be involved in that process to review and --- where needed --- improve that communication methodology on a regular basis. However, at the same time, having top management walk the walk of promoting an effective risk management culture in the … [Read more...]

Board Risk Oversight / Business Continuity / Banks Return to Financial Products Linked to 2008 Credit Bubble

April 4, 2013 By Leave a Comment
Photo courtesy propertycasuality360.com

By: Ben J. Carnevale Is the passage of time erasing our memories of the risk management failures committed by so many of our major economic institutions during the 2008-2009 financial crises? A recent article posted in Business Week entitled “Behold the Ghosts of Bubbles Past” would certainly seem to indicate that to be the case. This article listed several events which would seem to imply that business continuity planners perhaps needed to quickly re-evaluate their business impact assumptions and even consider re-writing many of their disaster preparedness strategies related to … [Read more...]

E-Discovery Predicted to be Business-Critical Operation in 2013

April 3, 2013 By Leave a Comment
Photo courtesy of easyediscoveryblog.sonian.com

The topic of e-discovery continues to become an important area of enterprise risk management focus and is an area which our staff continues to monitor.  It is with that thought in mind, that brought our staff to recommend a recent posting by Aiith Samuel. Samuel's posting addresses trends and predictions for 2013 in which Samuel summarizes, “…e-discovery practices in 2013 will now involve other critical functions, including information governance, records management, social media and cyber-security, just to name a few.” Of the many postings reviewed regarding e-Discovery trends or … [Read more...]

NIST Updating SP 800-53 Information Security Guidance Document

April 3, 2013 By Leave a Comment
Photo courtesy of dnssec-deployment.org

Many of our readers – especially associated with government contracting -- may not know that the National Institute of Standards and Technology (NIST) is now a step closer to publishing its 4th version of one of its premier information security guides --- i.e. Special Publication 800-53: Security and Privacy Controls for Federal Information Systems and Organizations. More specifically, on Feb 5th 2013, NIST issued the final public draft of the guidance, seeking comments from the public as NIST will then publish the final version of SP 800-53 Rev 4, --- expected sometime this month of … [Read more...]

Risk Management Labor Relations Issues Addressed in WMACCA Luncheon

March 5, 2013 By Leave a Comment

Risk management methodologies for large enterprise organizations often must include considerations and attention to labor-management relationships.  To that point, and for those readers residing in the US Washington Beltway area, our staff recommends that in-house legal counsel team members pay attention to the offerings of the Washington Metropolitan Area Corporate Counsel Association. The WMACCA Signature Luncheon Series will offer its next presentation on Tuesday, March 5th, 2013 at the Tysons Corner Marriott in Vienna, Virginia.  The title of the presentation is “A New Era in … [Read more...]

«Older Posts
 
#BusinessContinuity & #DisasterPrep is out! http://t.co/kQAWgR2ySu ▸ Top stories today via @xMatters_inc @Nisar_eBRP @ContinuityMag13 hours ago