About Emily Holbrook

Emily Holbrook is a former editor of the Risk Management Monitor and Risk Management magazine. You can read more of her writing at EmilyHolbrook.com.

Want to scan your crypto wallet for risks? Check: AML crypto BTC, USDT, ETH. Checking cryptocurrency wallets for dirty money.

A Breach a Day…Or More

Posted on March 1, 2013 by Emily Holbrook

More and more we are hearing of the increased frequency with which data breaches are occurring. You read about it the newspaper, see it on the news and sometimes you get notices in your inbox in real-time, like I do. What used to be a once-a-week data breach email alert from DataLossDB.org, an open security foundation, now comes as multiple emails, several times a day.

Quite frightening.

Here are some of the most recent data breach events:

February 27, 2013: TEKsystems, a company affiliated with Bank of America, was charged with monitoring hacker activity from groups targeting the bank — most likely, the collective hacking group known as Anonymous. Not liking the sound of that, a group affiliated with Anonymous released what it claims is “14GB of data belonging to the bank and other organizations, including Thomson Reuters, Bloomberg and TEKsystems.”

February 27, 2013: I thought the first email I received with the title “Laptop of Head of Israel’s Atomic Energy Commission Stolen” was bad, but then I received one the very next day that was even worse. According to various news reports, a second laptop belonging to Shaul Horev was stolen from his home in just one week. It might be time for tighter security.

February 26, 2013: Though this only counts as a potential data breach, it’s still quite alarming. According to the same open security foundation (OSF) from which I receive data breach email alerts, a hospital has left sensitive data belonging to patients and staff exposed on the internet. The worst part is, OSF has made “multiple phone calls, filled out a formal (outsourced) service desk ticket addressed to the hospital’s sysadmin and technical analyst, and sent a direct email to the hospital’s CEO.” Still, they’ve received no response.

February 25, 2013: We’ll head to Canada for this one. According to news reports from the great white north, the loss of a thumb drive has prompted an investigation that has widened to include the Justice Department. The drive contained information regarding Canada Pension Plan disability benefits related to more than 5,000 individuals.

February 21, 2013: Even peacocks are not immune. Last week, NBC announced it was the victim of an attack. Hackers added links to malware on the site, using the Citadel Trojan worm, the same one that plagued the websites of U.S. banks recently.

February 21, 2013: Zendesk, a customer service software provider, announced a security breach that allowed hackers into its system, where they had access to information from three customers — Twitter, Pinterest and Tumblr.

February 5, 2013: The U.S. government seems to be no match for sophisticated system spies. Earlier this month, The U.S. Department of Energy revealed that hackers breached 14 of its servers and 20 of its workstations, making off with personal information belonging to several hundred employees. “It’s a continuing story of negligence,” Ed McCallum, former director of the department’s office of safeguards and security, told the Free Beacon. “[The department] is on the cutting edge of some of the most sophisticated military and intelligence technology the country owns and it is being treated frivolously by the Department of Energy and its political masters.”

These are just a few of the many, many data breach alerts I’ve received in the month of February alone. It leaves one questioning whether we will ever win the war against hackers.

The Biggest Risks and Opportunities Ahead

Posted on February 27, 2013 by Emily Holbrook

For the remainder of 2013 we are likely to see pricing pressure and cost cutting, along with innovation in products, services, operations and rapid-growth market demand. These are the top risks and opportunities, respectively, as presented by Ernst & Young’s lastest study, Business Pulse: Exploring the Dual Perspectives of the Top 10 Risks and Opportunities in 2013 and Beyond.

The top three risks for the remainder of 2013 and projected for 2015:

Pricing pressure — Ernst & Young reports that the strength of low-cost competition and online shopping has intensified the battle for market share and that “brand-driven price premiums have become difficult and expensive to maintain.” Other factors include regulatory actions and its effects on profitability; worsening terms of trade for goods; and high wages and benefits in mature economies.
Cost cutting and profit pressure — Companies have cut just about all they can since the 2008 global economic crisis. This puts firms under extreme pressure to continue cutting without damaging company performance. “These pressures have intesified in recent years, reflecting the narrower margin that firms can absorb and still remain operations,” the report states.
Market risks — Commodity price volatility, interest and exchange rates, and equity risk are all market risks influencing cost cutting and profit pressures.

The Top 10 Risks

The top three opportunities for 2013 and beyond:

Innovation in products, services and operations
Emerging market demand growth
Investing in process, tools and training to achieve greater productivity

Top 10 Opportunities

What are some emerging challenges that firms may face in the future? Ernst & Young points to the following specific and possible events:

The U.S. enters a deflationary trap
Deep recession in the Eurozone
The end of rapid growth in the BRICS
A full-scale interstate war in the Middle East
Cyber conflict that disrupts infrastructure and business operations

Meteorite Injures 950+ in Russia

Posted on February 15, 2013 by Emily Holbrook

Just one day after we posted about an asteroid coming dangerously close (in NASA’s terms) to earth today, we awoke to news about a meteorite streaming through the sky over Russia’s Chelyabinsk region. So far, it is estimated that the shockwave has caused severe damage to property and just under 1,000 are reported injured, though that number continues to climb.

As NBC reports:

The meteor, which was reportedly 10 tons, cut a blazing ribbon across the horizon, leaving a long white trail in its wake that could be seen 125 miles (200 kilometers) away in Yekaterinburg. The Russian Academy of Sciences said in a statement that the space rock entered Earth’s atmosphere at a speed of at least 33,000 mph, according to the AP. Some authorities in Russia, however, have said that the event was a meteor shower, and not a single meteor.

The following amateur videos are, to say the least, shocking.

http://youtu.be/QIMKQihoYRI

And the destruction was documented in an online photo album.

USA Today published an interesting Q&A on the topic, which may help clear up some misconceptions about meteorites.

This wasn’t Russia’s first encounter with a massive meteorite. On July 30, 1908, a devastating explosion occurred in the skies over Siberia with the strength 1,000 times that of the Hiroshima blast at the end of WWII. Today’s blast in Russia is now the second largest meteorite to hit earth. The 1908 event ranks as first.

A clip from the History Channel explains:

http://youtu.be/EiXpp-i442s

This is one random, black swan even that unfortunately cannot be prepared for. As Editor in Chief Morgan O’Rourke pointed out in a 2011 piece in Risk Management, “If a large space rock chooses to head our way there really isn’t much we can do about it, regardless of Bruce Willis’ formidable skill set.” Wired backs that up, stating, “All the advanced air defenses that humanity has invested in? The interceptor missile that are (sometimes) able to stop an adversary missile from impacting? The early-warning monitoring systems that are supposed to give humanity enough time to plan a response? They are useless, useless against a meteorite onslaught.”

No need for risk management here.

OSHA: Unnecessary or a Life Saver?

Posted on February 13, 2013 by Emily Holbrook

While some feel the Occupational Safety and Health Administration (OSHA) is a necessary agency with its proof of necessity being the lives it has saved since its inception in 1971, others feel that it’s just a wasteful regulatory nightmare. Compliance and Safety breaks it down in infographic form:

First, the good: