Author Archives: Emily Holbrook

About Emily Holbrook

Emily Holbrook is a former editor of the Risk Management Monitor and Risk Management magazine. You can read more of her writing at EmilyHolbrook.com.
Игроки всегда ценят удобный и стабильный доступ к играм. Для этого идеально подходит зеркало Вавады, которое позволяет обходить любые ограничения, обеспечивая доступ ко всем бонусам и слотам.

Managing the Risk of Cyberattacks: When Will Boards Learn?

Posted on by

Even after the many cyberattacks initiated by Anonymous and Lulzsec, it seems boards are still not exercising appropriate governance over the privacy and security of their digital assets, that’s according to a new study by Carnegie Mellon CyLab entitled “Governance of Enterprise Security.”

The study says that “even though there are some improvements in key ‘regular’ board governance practices, less than one-third of the respondents are undertaking basic responsibilities for cyber governance. The 2012 gains against the 2010 and 2008 findings are not significant and appear to be attributable to slight shifts between ‘occasionally,’ ‘rarely,’ and ‘never.'”

A look at the numbers:

And even with the advancement of enterprise risk management throughout organizations, it seems there is still a disconnect between boards and senior executives understanding that privacy and security and IT risks are a part of ERM. A whopping 58% of those surveyed said their board did not review the organization’s insurance coverage for cyber-related risks.

buy abilify online www.dino-dds.com/wp-content/uploads/2023/10/abilify.html no prescription pharmacy

The survey proved that they do not have full-time senior level personnel in place to manage privacy and security risks.

Less than two-thirds of the Forbes Global 2000 companies surveyed have full-time personnel in key roles responsible for privacy and security in a manner that is consistent with internationally accepted best practices and standards.

buy antabuse online www.dino-dds.com/wp-content/uploads/2023/10/antabuse.html no prescription pharmacy

Moreover, the common practice of assigning security personnel both privacy and security responsibilities creates segregation of duties issues at line responsibility levels.

Though there are signs of progress compared to previous years, the 2012 CyLab survey shows a serious lack of attention at the top in regards to cybersecurity.

buy wellbutrin online www.dino-dds.com/wp-content/uploads/2023/10/wellbutrin.html no prescription pharmacy

Cavalcade of Risk #152

Posted on by

Welcome to the 152nd edition of the Cavalcade of Risk, a roundup of risk and insurance-related posts from around the web. In this edition, we’re highlighting posts from the spectrum of the risk management and insurance industry, from corruption and fraud to life insurance and workers comp. Think of it as a great mélange of minds in the blogging business.

The next CoR host is Jason Shafrin of the Health Care Economist blog. Don’t forget to check it out.

Former Chief at Upper Big Branch Mine Sentenced

Posted on by

The former security chief at the West Virginia mine where 29 workers were killed in April 2010 was sentenced to three years in prison on charges that he lied to federal agents during the investigation.

online pharmacy flomax with best prices today in the USA

Hughie Elbert Stower had originally faced a maximum possible sentence of 25 years by U.S. District Judge Irene Berger.

Last October he was convicted of giving false statements to the FBI and investigators with the Mine Safety and Health Administration (MSHA).

He was also convicted of obstructing the federal investigation into the cause of the explosion at Upper Big Branch mine.

online pharmacy valtrex with best prices today in the USA

U.S. Attorney Booth Goodwin had sought a 25-year sentence, but he said he wasn’t disappointed with the judge’s decision.

online pharmacy paxil with best prices today in the USA

“This represents perhaps one of the longest sentences ever handed down in a mine safety case,” Goodwin said. “We wanted to send a clear message and will continue to send that anyone who obstructs our investigation, they’re going to be met with the harshest prosecution.”

According to witnesses who testified, Stover instructed mine guards to send out radio alerts when inspectors would enter the property, which is illegal. A second count alleged he sought to destroy documents by “ordering a subordinate to bag them and throw them into an on-site trash compactor,” which is illegal as well.

The MSHA released its final report on the incident in December 2011, concluding that flagrant safety violations contributed to a coal dust explosion. It issued 369 citations at that time, assessing $10.8 million in penalties. The Upper Big Branch mine disaster remains the worst coal mine disaster since 1970 when 38 miners were killed at Finley Coal Company’s mines in Hyden, Kentucky.

25 Members of Anonymous Arrested

Posted on by

The hacking collective known as anonymous has suffered a setback. It was announced this morning that Interpol arrested 25 people with ties to the activist group.

On Tuesday, Interpol said that it begun looking for the hackers as part of “Operation Unmask,” an initiative that launched in mid-February. The investigation was launched after Anonymous members claimed credit for denial of service attacks on the Colombian Ministry of Defense, presidential Web sites and an electric company in Chile, as well as an attack on the Web site of Chile’s National Library, the Associated Press reported.

As is customary with Anonymous, the group immediately sought revenge for the arrests, bringing down Interpol’s website briefly after the news broke.

The group made headlines earlier this week when it leaked information gathered from the Startfor Intelligence firm through Wikileaks. The website published an email obtained from Stratfor, an international affairs think tank, that alleges Pakistani intelligence and military officials were aware of Al Qaeda leader Osama bin Laden’s presence in Pakistan.

Of course, Anonymous is not the only hacking group to turn their beliefs and frustrations into breached data. There have been several high profile incidents, whether initiated by an individual or a group, within the past few months that have wreaked havoc at major companies. Here are just a few:

  • Sony — the company’s security policies have been questioned by several lawmakers after the electronics giant fell victim to more than a dozen cyber attacks since a major breach of its PlayStation Network and Qriocity services in May of last year.
  • Google — In June, the web powerhouse announced that several U.S. government officials using its Gmail service were the target of a phishing scam. China was blamed but no proof was ever produced.
  • RSA Security — Lockheed Martin suffered a “significant and tenacious” cyber attack in May that was believed to be the result of an earlier attack on RSA Security. RSA admitted in June that its security systems had been breached.

The arrest of Anonymous members comes on the heels of President Obama’s State of the Union address in which he called on Congress to pass “legislation that will secure our country from the growing dnagers of cyber threats.” Never has this been more necessary than now. In fact, Wired recently ran a piece calling cyberwar “the new yellowcake.” It quotes Senate Commerce Committee Chairman Jack Rockefeller (D-W.Va.) as saying:

“Today’s cyber criminals have the ability to interrupt life-sustaining services, cause catastrophic economic damage, or severely degrade the networks our defense and intelligence agencies rely on. Congress needs to act on comprehensive cybersecurity legislation immediately.”

Strong words. And true.

The fact is, no matter how many members of Anonymous are arrested, there will always be another group or individual ready to inflict damage of organizations and governments via the internet. The only we can do is prepare to manage that risk.