Group items tagged

Global risk managers are challenged by new boardroom demands of insurer security, balance sheet transparency, and heightened accountability.

Techworld - The office workplace that has dominated business since the 19th Century is dying and most employees would be quite happy not to work in it, a global study by networking giant Cisco has found. This is a striking theme of the Cisco Connected World Report, which found that 60 percent of employees from 2,600 surveyed across 13 countries do not think it necessary to be in an office to be productive.

The Federal Trade Commission, in conjunction with two international organizations, will host a two-day international conference: "Securing Personal Data in the Global Economy." The conference addresses how companies can manage personal data-security issues in a global information environment where data can be stored and accessed from multiple jurisdictions.

"A new study released today found that companies running applications in the cloud can reduce their carbon emissions by 30 percent or more compared with running those same applications in their own infrastructure. The study, "Cloud Computing and Sustainability: The Environmental Benefits of Moving to the Cloud," was commissioned by Microsoft and conducted by Accenture, a global management consulting, technology consulting and technology outsourcing company, and WSP Environment & Energy, an environmental consulting group. "

In one case, it was used for extortion, i.e. to demand a better severance package. The other used it for revenge.

"The Need for Risk-Based FCPA Compliance Assessments How To Deal With Increasing FCPA Risks In a Time of Shrinking Budgets In a time of dwindling funds, growing risks, and increased government targeting of companies that cut compliance budgets, a proper anti-corruption assessment is a vital first step in creating a cost-effective compliance program When a warning comes straight from the mouth of the U.S. Government's lead prosecutor in a field directly affecting their bottom line, it is wise for businesses to pay heed. In an interview earlier this year with PBS's investigative journal, "Frontline," Mark Mendelsohn, the Deputy Chief of the U.S. Department of Justice's Fraud Section, which is charged with enforcing the Foreign Corrupt Practices Act ("FCPA"), offered advice to all American businesses dealing with the current global recession. "I think that companies need to be especially vigilant in this economic climate to not cut back [on FCPA compliance]," Mendelsohn said. "Our law enforcement efforts are not going to be scaled back, and so it would be, I think, a grave mistake for a company to take that path.""

"This directory includes laws, regulations and industry guidelines with significant security and privacy impact and requirements. Each entry includes a link to the full text of the law or reg as well as information about what and who is covered. The list is intentionally US-centric, but includes selected laws of other nations that have an impact on US-based global companies. "

"According to a recent global survey on data wiping practices, Kroll Ontrack, the leading provider of information management, data recovery, and legal technology products and services, found less than half of businesses regularly deploy a method of erasing sensitive data from old computers and hard drives. Of the 49 percent of businesses that are systematically deploying a data eraser method, 75 percent do not delete data securely, leaving most organizations highly susceptible to data breaches, which plague businesses at least once a year according to the 2010 Kroll Ontrack Annual ESI Trends Survey and cost an organization an average of $6.75 million per breach according to the 2009 Ponemon Cost of Data Breach Study."

CERT'S PODCASTS: SECURITY FOR BUSINESS LEADERS: SHOW NOTES Tackling Tough Challenges: Insights from CERT's Director Rich Pethia Key Message: Rich Pethia reflects on CERT's 20-year history and discusses how he is positioning the program to tackle future IT and security challenges. Executive Summary CERT's vision is a securely connected world. CERT's mission is to enable informed trust and confidence in the use of information technology. To achieve this vision and mission, CERT has broadened its perspective to include the full system/software engineering and operations life cycle and is reaching out to thought leaders in the global IT and security community. In this podcast, Rich Pethia, director of the CERT Program at Carnegie Mellon University's Software Engineering Institute, discusses the past, current, and future state of Internet security and CERT's role in tackling future challenges as CERT celebrates its 20th anniversary. PART 1: LOOKING BACK, LOOKING FORWARD: THE GOOD, THE BAD, AND THE UGLY CERT's Vantage Point CERT's vision is a securely connected world, supported by CERT's mission of enabling informed trust and confidence in the use of information technology. As the director of CERT, Pethia has unique access to government, commercial, and industry leaders. The Good News Internet use continues to grow, not just in size (number of people, volume of traffic) but also in utility, for example: * the increasing amount of real government and business operations * the introduction of new applications * the growing use of new mobile appliances User awareness of the need to address security is increasing along with increasing attention from service providers (firewalls, virus protection, anti-spyware, data backup). Developers are paying more attention to building security into their products. Vendors have more mature processes for providing cost-effective, timely updates for software vulnerabilities. Users are more willing

The economic downturn will hit the Internet economy hard in 2009, according to the latest available OECD estimates. The IT Outlook 2008 says that the IT industry is likely to have grown by 4% at most in 2008 compared to the previous year. But with the outlook for the global economy worsening and business and consumer confidence plumetting, growth will remain flat or decline in 2009.

"Back in the 1990s fellow science and technology journalist Charles Mann and I wrote a book uncovering the true story of how a lone, young, cognitively impaired hacker with relatively few computer skills managed to perpetrate what was then the most extensive and scariest series of computer break-ins ever - government weapons labs, dam control systems and ATM networks were among the hundreds of networks compromised. At the end of the book, we predicted that no matter how much effort was poured into making the Internet safer, hackers would always be able to have a field day, partly for technical reasons but also because companies and individuals would never get it together to take simple precautions critical to safe computing."

Societies and economies are rapidly changing; and the power of "us" has become far more important than the power of "you"

"Our opportunity is to build a globally connected human network capable of working collectively to address the significant social, economic, and political issues of our time. As leaders, it is our responsibility to lead by collaborative example,"

"Over half of CIOs (53%) fail to see how cloud computing can save them money,"

"The results of The State of Compliance: 2011, an inaugural study conducted by PwC US and Compliance Week, will be released today at the Compliance Week 2011 6th Annual Conference for corporate financial, legal, risk, audit and compliance officers in Washington, D.C. The report - the first of its kind - identifies a wide range of compliance issues confronting organizations today and will stay current as new companies participate, accurately reflecting the changing compliance landscape."