Skip to main content

Home/ WPPS C-Suite News/ Group items tagged organisations

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
sandy ingram

Organisations fail to meet security awareness and compliance training best practices - ... - 0 views

www.scmagazineuk.com/...208893

SC organisations security awareness compliance best practices UK

shared by sandy ingram on 12 Oct 11 - No Cached
  • “If this assessment demonstrates anything, it's that IT and security departments have got to gain greater visibility over all of their security and compliance activities and take steps to better understand and manage them.”
  • sandy ingram on 12 Oct 11
     
    A survey of high-risk organisations has found that more than three quarters fail to perform quarterly security and compliance training. According to a survey by enterprise key and certificate management solutions provider Venafi and IT security research provider Echelon One, 77 per cent of respondents failed to perform quarterly security and compliance training while 64 per cent failed to encrypt all of its data in the cloud. However 90 per cent did use encryption throughout the organisation. The survey of 420 enterprises and government agencies also found that almost 100 per cent of respondents had some degree of unquantified or unmanaged risk. When asked if their organisations encrypted data stored in public clouds such as Google Apps, Salesforce.com and Dropbox, 40 per cent said they did not know.
sandy ingram

Staff fraud 'on the rise'. Majority still undetected and unreportd - 0 views

www.insideretailing.com.au/...Staff-fraud-on-the-rise.aspx

Privacy security Fraud employees

shared by sandy ingram on 06 Dec 10 - No Cached
  • "The vast majority of staff in any organisation are trustworthy and honest. However, businesses are now beginning to realise and understand the scale of the threat posed by the small proportion of staff that act dishonestly and defraud their employer."
  • According to the ACFE 2010 report on occupational fraud the median length of the schemes was 18 months from the time the fraud began until the time it was detected. The median loss caused by the occupational frauds in the report was $160,000. Nearly one-quarter of the cases caused at least $1 million in losses and nine cases caused losses of $1 billion or more.
  • Historically, the most serious threat from staff fraud has been centred on relatively senior employees in management positions. However, the major threat has now shifted down the organisational hierarchy to more junior members of staff, who have access to, and responsibility for, more confidential customer and payroll data than ever before,"
  • ...3 more annotations...
  • "With as much as 30 per cent of all business failures attributable to employee theft, employers are interested in any device or technique that could detect or prevent employee theft.
  • "Given the present wave of corporate scandals and failures, it is not surprising that organisations are being expected to create strong ethical cultures and select employees who will fit into those cultures. This explains, to some extent, the growing emphasis on integrity testing in the business world.
  • Spitzer has simple advice for businesses who are concerned they may be at risk:
  • sandy ingram on 06 Dec 10
     
    "Employee theft and fraud is on the increase - and an Australian start-up company believes it has pioneered a means of early detection. According to a recent survey conducted by KPMG, the total funds lifted from organisations came to $345 million - a significant increase from the $301 million of 2008, totalling 174,914 cases. "Employee fraud is a growing concern for organisations in all business sectors both in monetary and reputational terms," says Alon Spitzer, who has founded Integrity Elements, a company specialising in the new field of ' integrity testing and valuation'."
sandy ingram

Privacy is good for business - CEO Forum Group - 0 views

www.ceoforum.com.au/article-detail.cfm

ceo cpo

shared by sandy ingram on 20 Nov 08 - Cached
  • "There are thousands of privacy professionals now, in the U.S. and Europe and Asia. Most of the Fortune 100 have a privacy officer or some sort of equivalent".
  • "Now imagine", Pearson says, "the first few times an insurance company or a university sends out a letter saying, 'excuse me, but we were hacked and we don't know what happened exactly, we don't know what happened to your data, but we are required by law to notify you that something might have happened'. That's not a pleasant situation to be in".
  • But privacy concerns impact more than just the bottom line; they affect multiple areas of an organisation, from legal liabilities to PR efforts to CRM and employee retention. A well-designed, well-implemented policy can help a company in all of these areas, on both the tactical and the strategic levels.
  • ...2 more annotations...
  • Security and privacy are not simply IT challenges—they need to be addressed as strategic issues, at the highest levels of the organisation.
  • Ultimately, however, it is organisational policies, not technology, that are most important to enforcing privacy.
sandy ingram

Few businesses are likely to be insured against the result of cyber attacks - Security ... - 0 views

www.securitypark.co.uk/security_article263278.html

Best Practice Privacy Security Insurance Employee Fraud unemployment resession

shared by sandy ingram on 21 Jul 09 - Cached
  • Businesses are advised to thoroughly review risk management procedures and insurance programmes to ensure they have adequate and relevant cover in place: “The responsibility to get the house in order should lie with an organisation’s Managing Director or Finance Director, and not the IT department alone,” says Simon. “IT defences whilst vital only react to known problems and are not guaranteed to be 100 percent secure. Protection for the whole business and its sustainability is without doubt the safest option.”
  • “The economic downturn has resulted in people of all levels and responsibilities losing their jobs, and those with a detailed knowledge of their former employers’ IT and operating systems may well present a real potential threat, and turn to extortion as a way of taking revenge on their former employer, and of making some money at the same time.
  • According to The Wilson Organisation, insurers and underwriters are predicting a rise in white collar extortion as the recession continues to bite and unemployment figures increase. Worryingly many businesses do not have insurance cover for data or business loss.
  • sandy ingram on 21 Jul 09
     
    According to The Wilson Organisation, insurers and underwriters are predicting a rise in white collar extortion as the recession continues to bite and unemployment figures increase. Worryingly many businesses do not have insurance cover for data or business loss. "According to a DTI Information Security Breaches Survey, a third of UK businesses think general business insurance provides full cover for damage to the business arising from data loss," comments Wilsons' Simon Hoare, "but the reality is quite different, with very few businesses likely to be insured against the result of cyber attacks on its most crucial management and business tool - corporate and customer information, most of which is today held on corporate IT systems. "For public company directors, this is in fact in breach of their duties under the Turnbull Report, which requires them to identify, manage and take an informed opinion on the transfer of risks for the business."
sandy ingram

Layoffs could lead to theft of interllectual property, placement of code - 0 views

www.linkedin.com/...366179-6510159

extortion layoffs employee workplace

shared by sandy ingram on 17 Nov 08 - No Cached
  • Since we are witnessing one of the most greatest surges in layoffs, how has your information security processes been coping with the increase?
  • I hear that many employees, in anticipation of a layoff, are stealing intellectual property. Thus, some damage to the company may be done prior to the lay off taking place.
  • have direct experience of employees who planted code that would disable key functions in the corporate IT system
  • ...9 more annotations...
  • I have met others who have bought their way into competitors using confidential information.
  • To be completely brutal and honest, if you are in a position to be worried about these things then your organisation has not taken its' security (in the broadest terms) seriously.
  • Security considerations are starting to move higher up the value chain away from its roots of network centricity towards applications and business concerns.
  • I have been monitoring the IT security industry and what I have noticed is not only the number of layoffs but also that there is so few high level IT Security jobs been advertised. Too many organisations see IT Security as an expense, and they have problem seeing the ROI form IT Security project.
  • how vulnerable is the Global economy to the next big attack.
  • corporations rapidly lose the ability to stop serious security breaches within the company as many in this forum have stated many examples.
  • I have seen many people go to extremes and sell this inside information, corporate espionage to name one example, in order to survive.
  • To understand the seriousness of this economic turmoil affecting corporation globally, a Director of Information Security from one of the largest and most admired global corporations was let go in a downsizing restructuring.
  • Understand that every company large and small is going through profound economic issues trying to do more with less staff.
  • sandy ingram on 17 Nov 08
     
    In one case, it was used for extortion, i.e. to demand a better severance package. The other used it for revenge.
sandy ingram

Survey Finds Gap in Attitudes Between the Cloud "Haves" and "Have-Nots" - ReadWriteCloud - 0 views

www.readwriteweb.com/...vey-finds-gap-in-attitudes.php

Security Privacy cybersecurity compliance cloud marketing

shared by sandy ingram on 24 Aug 10 - Cached
  • This post is part of our ReadWriteCloud channel, which is dedicated to covering virtualization and cloud computing. The channel is sponsored by Intel and VMware.
  • London-based communications SaaS provider Mimecast has announced the results of its second annual Cloud Adoption Survey. The survey, conducted by independent research firm Loudhouse, assessed the attitudes of IT decision-makers in the U.S. and UK about cloud computing
  • The majority of organizations now use some cloud-based services. The report found 51% are now using at least one cloud-based application. Adoption rates for U.S. businesses are slightly ahead of the UK with 56% of respondents using at least one cloud-based application, compared to 50% in the UK
  • ...7 more annotations...
  • Two thirds of businesses are considering adopting cloud computing. 66% of businesses say they are considering adopting cloud-based services in the future, with once again, U.S. businesses leaning more towards adoption than their UK peers (70% of U.S. businesses, and 50% of UK ones).
  • Email, security, and storage are the most popular cloud services. 62% of the organizations that use cloud computing are using a cloud-based email application. Email services are most popular with mid-size businesses (250-1000 employees) with 70% of organizations this size using the cloud for email. Smaller businesses (under 250 employees) are most likely to use the cloud for security services, and larger enterprises (over 1000 employees) most likely to opt for cloud storage services.
  • Existing cloud users are satisfied. Security is not considered to be an issue by existing cloud users: 57% say that moving data to the cloud has resulted in better security, with 58% saying it has given them better control of their data. 73% say it has reduced the cost of their IT infrastructure and 74% believe the cloud has alleviated the internal resource pressures.
  • Security fears are still a barrier. 62% of respondents believe that storing data on servers outside of the business is a significant security risk. Interestingly, this number was higher for users of cloud applications than it was for non-users (only 59% of non-users thought it was risky, while 67% of users did.)
  • Some think the benefits of the cloud may be overstated.54% of respondents said the potential benefits of the cloud are overstated by the IT industry, and 58% indicated they believed that replacing legacy IT solutions will almost always cost more than the benefits of new IT.
  • "The research shows that there is a clear divide within the IT industry on the issue of cloud computing," says Mimecast CEO and co-founder Peter Bauer. "While those organisations that have embraced cloud services are clearly reaping the rewards, there are still a number who are put off by the 'cloud myths' around data security and the cost of replacing legacy IT
  • It is now up to cloud vendors to educate businesses and end users to ensure that these concerns do not overshadow the huge potential cost, security and performance benefits that cloud computing can bring."
  • sandy ingram on 24 Aug 10
     
    Existing cloud users are satisfied. Security is not considered to be an issue
sandy ingram

Organisation for Economic Co-operation and Development - WHERE PRIVACY LAW GET'S IT'S QUE - 0 views

www.oecd.org/..._2649_201185_1_1_1_1_1,00.html

Economics Statistics Research OECD cooperation

shared by sandy ingram on 06 Jan 09 - Cached
  • sandy ingram on 06 Jan 09
     
    The economic downturn will hit the Internet economy hard in 2009, according to the latest available OECD estimates. The IT Outlook 2008 says that the IT industry is likely to have grown by 4% at most in 2008 compared to the previous year. But with the outlook for the global economy worsening and business and consumer confidence plumetting, growth will remain flat or decline in 2009.
sandy ingram

CIOs confused about cloud computing, survey reveals - 0 views

www.computerweekly.com/...d-computing-survey-reveals.htm

cloud computing CIO survey

shared by sandy ingram on 07 Jan 11 - No Cached
  • That is despite the fact that the cloud model avoids capital expenditure by providing access to virtualised resources, said the report on the survey of 270 IT executives in 12 countries.
  • Many organisations are still in the early stages of adoption despite the availability of cloud services such as unified communications, customer relationship management and virtual datacentres, said Hanif Lalani, chief executive at BT Global Services.
  • But the majority of CIOs (57%) and senior executives (53%) surveyed said they were not happy to run applications and store data on servers outside their country for security reasons.
  • ...1 more annotation...
  • Very few CIOs (21%) think that doing business in the cloud is not a security concern.
  • sandy ingram on 07 Jan 11
     
    "Over half of CIOs (53%) fail to see how cloud computing can save them money,"
1 - 8 of 8
Showing 20 items per page