Author Archives: Emily Holbrook

About Emily Holbrook

Emily Holbrook is a former editor of the Risk Management Monitor and Risk Management magazine. You can read more of her writing at EmilyHolbrook.com.
Игроки всегда ценят удобный и стабильный доступ к играм. Для этого идеально подходит зеркало Вавады, которое позволяет обходить любые ограничения, обеспечивая доступ ко всем бонусам и слотам.

Talent Shortage: A Top Risk Facing Businesses

Posted on by

No, it’s not the credit crisis or the looming threat of cyber crime or business continuity during a natural disaster or the overall state of the national economy that keeps American business owners awake at night. It is, according to most, the shortage of talent and skills.

This may seem strange, seeing as were are still experiencing record unemployment numbers — meaning the pool of seemingly qualified employees should be vast to say the least. But in fact, the 2011 Lloyd’s Risk Index found that talent and skills shortage ranked as the number two risk facing American business leaders — shooting up from the number 22 spot in 2009.

“These findings show that talent is now firmly part of the risk lexicon — high levels of unemployment have boosted the quantity of candidates, but employers are still wrestling with the quality. Our own Global Talent Index echoed these concerns and highlighted two factors underscoring this risk: population demographics and skills gaps,” said Kevin Kelly, CEO of Heidrick & Struggles the leadership advisory firm providing executive search and leadership consulting services worldwide.

Are business leaders prepared to handle not only the number two risk on the list, but all 50 in the index? Apparently they are. Respondents said they are more than adequately prepared for 48 out of the 50 risks listed. That is in comparison to 2009, when leaders said they were not adequately prepared for eight of the 40 listed risks. Leaders cited “boosting talent retention” as one of the most overall effective risk management actions taken over the last three years, showing how eager businesses are to retain the staff they have.

Speaking of risk management, when respondents were asked to identify the most effective risk management action their organization had taken over the last three years, they cited the introduction of formal risk management strategies and systems, stating that “risk management is now one of the most important roles in the business community.”

Finally.

It may have taken the collapse of the U.S. housing market, a worldwide recession and the continuous uncovering of massive fraud to push the idea of risk management to the forefront of global business programs, but at least the discipline is now moving to where it belongs.

And it is apparently now focused on retaining the talent and skills that are greatly needed in a business world full of continuously evolving risks.

The Risks of Social Media: Spam Attacks Q&A

Posted on by

In mid-November, Facebook became the target of spam attack that infiltrated user’s profile pages on which it posted disturbing images. The attack caused an uproar due to the nature of the violent and sexually explicit images. Facebook chalked it up to a “security bug in an internet browser.” But this was not the first (or, most likely, last) spam attack on the social media site.

Over the Thanksgiving weekend, the Facebook community forum was flooded with spam messages that advertised links for streaming sporting events. And just today it was announced that a new worm spreading on Facebook is aiming to infect users with a data-stealing virus. Though not considered a spam attack, it is just another example of the risks of social media.

With questions on this topic, I turned to Dr. Hongwen Zhang, co-founder and CEO of Wedge Networks.

Facebook has been the target for several recent aggressive spam attacks. What makes the site so popular for spammers?

Spammers are moving their efforts away from email and towards social media, exploiting the ability to create fake profiles for free while quickly gaining a massive online presence across various platforms such as Facebook. In addition, hackers/spammers are capitalizing on the popularity of social media by manipulating end-users into downloading malicious content or browsing malicious sites. Studies conducted by security vendor Kaspersky Labs, show that social networking sites are 10 times more effective at delivering malware than previous methods of email delivery. This is a result of social media sites, such as Facebook, where development is based on human relationships and the ability to quickly and easily connect, creating a perfect breeding ground for malicious code and spam.

What were the implications of the recent Facebook spam attack?

With such a large online community, the increasing amount of spam and malware affects Facebook’s operations as well as their users. While the most recent spam attack isn’t new, the violent and pornographic nature of November’s attack upset users more than usual, who went to their blogs, Twitter or Facebook accounts to discuss the outbreak. As of October of this year, Facebook said that spam represents less than 4% of content shared on the social networking website and affects under 0.5%, or 4 million users, on any given day. This is still a large number of people who are being affected on a daily basis and I suspect that this number only includes spam that Facebook catches, therefore it’s not 100% accurate.

Have there been any recent spam attacks on other social networking sites, such as Twitter or LinkedIn?

Twitter and LinkedIn both have faced similar attacks as Facebook, although we have not seen any published information on these attacks as large of a scale or as organized as what we saw in November with Facebook’s stream of spam messages on user profiles and on their help forum. However, most social media sites follow the same principles of user-generated content on trustworthy sites and as such, hackers and spammers can quickly and easily publish their attacks on all sites and expect a similar effect. For example, there have been many documented cases of spam and malware on multiple sites at once, such as the Starbucks themed attack that used both Facebook and Twitter concurrently in November. According to Sophos, spamming on social networks rose in 2010, with 67% of people surveyed receiving spam messages, up from 57% at the end of 2009 and 33% in the middle of that year. Phishing and malware incidents were also rife, with 43% of users spotting phishing attempts and 40% receiving malware.

How can these spam attacks affect businesses who use social media for marketing purposes?

Twitter, Facebook and LinkedIn have entered the IT security landscape — bringing both advantages and dangers to your business. Organizations continue to utilize social media services for marketing and its employees utilize social media for personal usage. IT departments must balance use with control in order to protect a business in the social media world. It becomes a two-fold job:

1. Stopping Outbound Malicious Spam:
Proactively controlling outbound content mitigates the risk of disclosure, ensures appropriate information is being sent and stops the network from sending out spam or malware from your organization. Organizations need to take measures to ensure that its corporate accounts are safe. This includes limiting passwords, staying up-to-date on industry trends and providing education to staff that are managing social media accounts on behalf of the organization. In addition, outbound malware and spam threatens business relationships with customers and negatively impacts the reliability of the brand. Companies must use content protection strategies to strengthen their brand by preventing the distribution of bad outbound content, including spam and malware from their corporate IP or account.

2. Protecting You and Your Employees from the Dangers of Social Media:
Organizations must also protect their networks and assets from employees who use social media sites. With high click through rates, spam being sent through social media can damage corporate assets as well as cost organizations time and money while they clean infected devices. Inline real-time threat protection and malware analysis of all content, including hidden injected malware attacks and downloads, is necessary to efficiently analyze web traffic for malicious attacks against all endpoints. This provides organizations with the comfort of knowing they are protected, even if their employees have been tricked.

What can businesses do to prevent, or at least minimize, the attacks?

Prohibiting employees from accessing social networking sites like Facebook, Twitter and LinkedIn is no longer realistic.

Blocking and application control policies are becoming inefficient with dynamic user generated content and cross-site, drive-by attacks on good websites. Combined with access through multiple endpoints (mobile devices, PDAs and tablets), old approaches are no longer effective. Security solutions with the ability for deep content inspection give organizations the advantage of utilizing all social media, while guaranteeing compliance mandates are met and the organization is protected, regardless of what the end-user is accessing. The solutions provide visibility of the application content and the aptitude in which to apply flexible policies over users, applications and protocols based on the real-time understanding of the applications’ intent.

It seems individuals and companies will always be one step behind when it comes to preventing such attacks. Hackers and spammers are just more sophisticated in terms of technical expertise. Do you agree?

I agree with this as many companies and individuals are struggling to protect themselves against attacks, especially when conventional approaches, such as blocking web access according to the reputation of the URLs, are used. However, there are innovative solutions out there that go beyond simply checking on the reputation of a link and go deep to make sure that the actual content is not malicious. These deep content inspection based solutions are effective tools to prevent the spreading of malicious content in social media use.

Flash Mobs and Black Friday: Retailers Prepare!

Posted on by

The term “flash mob” was coined in 2003 to describe a sudden, large-scale gathering of people in one specific location to perform an unusual and sometimes pointless act for a brief period of time. With the growing popularity of Facebook, Twitter and viral emails, flash mobs have grown much larger and, in some cases, dangerous.

Though most of these events are organized solely for the purpose of artistic expression or to merely entertain passers by, some flash mobs have become “flash robs” — where groups descend on stores and other venues to, in most cases, steal merchandise. These events can easily injure employees and customers and cause monetary loss through theft and damage to property. And the threat is real. In fact, Marsh recently released Responding to Flash Mob/Rob Events, which, among other things, outlines steps retailers should take before, during and after a flash mob event, such as:

  • monitoring of social media websites to identify potential threats
  • reviewing business interruption plans and insurance programs with regards to partial or full shutdown of a location
  • providing training to employees related to disorderly conduct, assault, theft and looting
  • developing internal and external communications plans before an event
  • communicating frequently with local law enforcement

With Black Friday just two days away, the threat of flash robs is on the minds of retailers, and if it’s not, it should be. The National Retail Federation has compiled guidelines and protocols of more than 100 retail companies to better understand how to respond.

Now let’s take a look at three videos. The first is an example of a peaceful flash mob, the second is an example of a dangerous flash rob and the third is an analysis of the flash mob epidemic as a spiritual issue.

Climate Change Causes Some Extreme Weather Events: United Nations

Posted on by

Climate change and the risk it poses to businesses and communities has been in the headlines this week, including one article by Reuters analyst Gerard Wynn that claims “rising temperatures are driving more frequent bouts of extreme weather,” some of which we saw this year. While Wynn and others (such as myself) are in agreement that climate change is behind some extreme weather events, others continue to staunchly deny such links.

In his article, Wynn references the fact that global carbon emissions rose by a record amount last year (6%), making it the biggest one-year jump in history and proving that even though the world economy may be in tatters, ozone-depleting gasses continue to be emitted at an alarming rate. And, according to statements issued today by the Intergovernmental Panel on Climate Change (IPCC), “It is virtually certain that increases in the frequency and magnitude of warm daily temperature extremes and decreases in cold extremes will occur in the 21st century on the global scale. It is likely that the frequency of heavy precipitation or the proportion of total rainfall from heavy falls will increase in the 21st century over many areas of the globe.”

The report, which the IPCC said was a scientific foundation for sound decisions on infrastructure, urban development, public health and insurance, also states that there are many options for decreasing risk, with the best options providing solutions across a wide range of possible levels of climate change.

But this is just the most recent of string of reports suggesting that human-induced climate change is linked to some severe weather events. For business to continue to prosper within the world economy, adopting a greener way of business is the only way to decrease the risk of future extreme weather events affecting organizations and society in general.

Though the Kyoto Protocol has striven to be a catalayst of global change, the United States (the world’s number two carbon emitter) is still in stubborn denial of the need to adopt such carbon-cutting measures. To that end, China, the world’s biggest carbon emitter, plans to nudge the U.S. towards more action at a South African summit later this month. Expectations, however, are low.

As the Associated Press reported today:

Top international climate scientists and disaster experts meeting in Africa had a sharp message Friday for the world’s political leaders: Get ready for more dangerous and “unprecedented extreme weather” caused by global warming.

Making preparations, they say, will save lives and money.

These experts fear that without preparedness, crazy weather extremes may overwhelm some locations, making some places unlivable.

As a climate deal is unlikely soon and emissions continue to grow, the future is grim.