Category Archives: Crisis Management

Want to scan your crypto wallet for risks? Check: AML crypto BTC, USDT, ETH. Checking cryptocurrency wallets for dirty money.

Should You Track Down Your Cyberattacker?

Posted on by

By and large, organizations tend to invest in preventative cybersecurity measures and they also concentrate their resources on detecting and stopping cyberattacks, rather than on painstaking “who did it?” investigations. They want to close the gap, manage the public opinion fallout, learn from the episode and move on.

From an enterprise perspective, this makes sense, as resources dealing with cybersecurity are usually overstretched and the organization does not stand to gain much from determining, with a certain degree of certainty, who was behind a cyberattack. The incentive equation, of course, is different if the target of the attack is a government or a large organization that is part of a country’s critical national infrastructure.

Attack attribution has traditionally been approached from the perspective of enabling the target or victim entity to pursue the attacker either for damages in a court of law; or from a national, military or intelligence “strike back” perspective.

While dishing out some form of retribution has always been instinctual, however, only governments and very large corporations have historically had the technical toolbox, the economical means and the long-term view to pursue a cyber retribution strategy.

online pharmacy albenza with best prices today in the USA

But should commercial and non-commercial organizations also care about cyberattack attribution?

online pharmacy amoxil with best prices today in the USA

Yes, within measure.

The first question ought to be: why? What does the target organization stand to gain from investing in cyber-attack attribution? The answer is that, the better it understands the attackers tools and techniques, the more likely the organization is to direct its limited resources to the right areas of defense.

As we know, each attacker or attacker group has certain preferred tooling and attacking methods. Also, they have their own motivation, speed, operational capability and discipline.

Assuming that an organization can safely concentrate only on patching, employee awareness programs, scanning, pen testing, log monitoring and other traditional defensive security measures, would be a mistake. These measures are, of course, necessary but they can no longer be the entire apparatus of cyber defense. Organizations need to invest a certain proportion of their resources in understanding their cyber adversaries, and their motivations, modus-operandi, credibility and capabilities, in order to better tailor their defensive resources.

What would be the “adequate” amount of time and effort for an organization to spend on seeking to attribute a cyberattack, successful or not, to a malicious actor or group? The effort should be proportionate with what is at risk and what resources the company has, either in house or via its suppliers and industry. Knowing at least how some of their enemies attack, however, can help companies to better leverage their resources when defending.

online pharmacy abilify with best prices today in the USA

What to Do About Reputation Risk

Posted on by

Of executives surveyed, 87% rate reputation risk as either more important or much more important than any other strategic risks their companies face, according to a new study from Forbes Insights and Deloitte Touche Tohmatsu Limited. Further, 88% say their companies are explicitly focusing on managing reputation risk.

Yet a bevy of factors contribute to reputation risk, making monitoring and mitigating the dangers seem particularly unwieldy. These include business decisions and performance in the following areas:

Financial performance: Shareholders, investors, lenders, and many other stakeholders consider financial performance when assessing a firm’s reputation.

Quality: An organization’s willingness to adhere to quality standards goes a long way to enhancing its reputation. Product defects and recalls have an adverse impact.

Innovation: Firms that differentiate themselves from their competitors through innovative processes and unique/niche products tend to have strong name recognition and high reputation value.

Ethics and integrity: Firms with strong ethical policies are more trustworthy in the eyes of stakeholders.

Crisis response: Stakeholders keep a close eye on how a company responds to difficult situations. Any action during a crisis can ultimately affect the company’s reputation.

Safety: Strong safety policies affirm that safety and risk management are top strategic priorities for the company, building trust, and value creation.

Corporate social responsibility: Actively promoting sound environmental management and social responsibility programs helps create a reputation “safety net” that reduces risk.

Security: Strong infrastructure to defend against physical and cybersecurity threats helps avoid security breaches that could damage a company’s reputation.

But brand crises make headlines with increasing frequency, and companies are laying responsibility at the feet of the C-suite, particularly chief risk officers. Deloitte reports that respondents considered the primary responsibility to rest with: the chief executive officer (36%), chief risk officer (21%), board of directors (14%), or chief financial officer (11%).

What can they do? The study offered these key points to consider when crafting a crisis management plan:

  • Don’t wait until a crisis hits to get ready. Monitoring, preparation and rehearsal are the most effective ways to get ready for a crisis event. Organizations that can plan and rehearse potential crisis scenarios should be better positioned to respond effectively when a crisis actually hits.
  • Every decision during a major crisis can affect stakeholder value. Reputation risks destroy value more quickly than operational risks.
  • Response times should be in minutes, not hours or days. Teams on the ground need to take control, lead with flexibility, make decisions with less-than-perfect information, communicate well internally and externally, and inspire confidence. This often requires outside-the-box thinking and innovation.
  • You can emerge stronger. Almost every crisis creates opportunities for companies to rebound. However, those opportunities will surface only if you’re looking for them.
  • When a crisis seems like it’s over, it’s not. The work goes on long after you breathe a sigh of relief. The way you capture and manage data, log decisions, manage finances, handle insurance claims, and meet legal requirements on the road back to normality can determine how strongly you recover.

But the real objective should be preventing these potential crises to begin with. Deloitte recommends exploring the possibilities of “risk sensing” – using real-time data to monitor the issues that might impact a company’s reputation:

Crisis management for C-suite executives

Check out the infographic below for more insights from the Deloitte Reputation@Risk survey:

Deloitte Reputation@Risk Global Survey

Could Train Control Technology Have Prevented the Amtrak Derailment?

Posted on by

An Amtrak train that derailed on May 12, traveling more than 100 miles per hour on a known dangerous curve, has an unfortunate similarity to the Spuyten Dyvil crash in December 2013. In that incident, a Metro North train traveling at 82 miles per hour derailed on a treacherous curve, traveling at nearly three times the allowed speed.

Four passengers died in the Spuyten Dyvil derailment.

buy flexeril online sinusys.com/email/img/jpg/flexeril.html no prescription pharmacy

Operator fatigue was deemed to be the cause for that accident. This most recent crash killed at least eight people and eight are listed in critical condition. In both cases, National Transportation Safety Board (NTSB) experts contend that a safety measure called “positive train control” (PTC) could have prevented the disasters.

Robert Sumwalt, a member of the NTSB, explained during a press conference on Wednesday that Amtrak already has a system in place called the Advanced Civil Speed Enforcement System (ACES), which is installed throughout most of the Northeast Corridor. “However, it is not installed where the accident occurred,” Sumwalt said. “That type of a system, we call it a positive train control system, is designed to enforce the civil speed, to keep the train below its maximum speed. We have called for positive train control for many years, it’s on our most wanted list. Congress has mandated that it be installed by the end of this year.”

Sumwalt continued, “Based on what we know right now, we feel that, had such a system been installed in this section of track, this accident would not have occurred.”

He said that a thorough walk-through of the accident site was conducted yesterday and that investigators will be looking into the track, the train control signal system and the operations of the train. “Our mission is to not only find out what happened, but why it happened to prevent it from happening again,” he said.

The looming question is why this safety measure was not in place, even though PTC has been called for since a collision in Chatsworth, California killed 25 people. The Rail Safety Improvement Act of 2008 mandates that PTC for passenger and freight trains be operational by the end of 2015.

buy symbicort online sinusys.com/email/img/jpg/symbicort.html no prescription pharmacy

But because of high costs and the complexity of the system, Congress has been considering an extension until 2020.

According to the NTSB website:

In the aftermath of the Chatsworth tragedy, Congress enacted the Rail Safety Improvement Act of 2008. The Act requires each Class 1 rail carrier and each provider of regularly-scheduled intercity or commuter rail passenger service to implement a PTC system by Dec.

buy zoloft online sinusys.com/email/img/jpg/zoloft.html no prescription pharmacy

31, 2015. Progress is being made toward this lifesaving goal. Metrolink became the first commuter rail system to implement PTC, when it began a revenue service demonstration on the BNSF Railway. This demonstration project is a step in the right direction, and Metrolink reports it will implement PTC fully throughout its entire system before the Congressionally-mandated deadline.

It has been more than 45 years since the NTSB first recommended the forerunner to PTC. In the meantime, more PTC-preventable collisions and derailments occur, more lives are lost, and more people sustain injuries that change their lives forever.
buy cymbalta online https://royalcitydrugs.com/cymbalta.html no prescription

Yet there is still doubt when PTC systems will be implemented nationwide as required by law.

Each death, each injury, and each accident that PTC could have prevented, testifies to the vital importance of implementing PTC now.

Security Technology: Reducing Risk for Law Enforcement

Posted on by

 

Nowhere is the work environment more unpredictable than on the front line. Front line employees, whether they work in customer service or high-level security, are constantly exposed to the biggest element of risk—the human element. Working in the field exposes employees to a variety of unpredictable factors, interacting with the public and operating in different environments, making it difficult to predict risks and properly protect employees from external threats.

This is particularly true in law enforcement and security industries, with “police officer” being named as one of America’s most dangerous jobs. It’s no wonder organizations (both public and private sector) are looking for solutions, especially when considering what is at risk. Obviously, employee safety is of paramount concern to any organization and should always be top priority, but there are other elements to consider. Attacks on employees or property can result in huge legal costs, and without physical evidence, it can be hard to recoup this loss. Businesses must also consider the risk to their public image.

To help fight crime and reduce the risks to their front line workers, many government law enforcement agencies and private security organizations are using technology solutions. These solutions, such as advanced security recordings and tracking devices, can act as deterrents. While providing law enforcement officers with more protection, they also help collect irrefutable evidence to protect the company from a legal perspective.

Personal security cameras

These personal security cameras have been adopted by numerous law enforcement agencies around the world, including the City of Clare Police Department in Michigan. The body-worn cameras are attached to the police officer’s uniform—recording footage and displaying a live feed on their front-facing screen. This works in two ways, by providing reliable video evidence from the officer’s perspective of the crime scene and also acting as a deterrent. This approach of alerting members of the public to the fact that they’re being recorded has been shown to reduce the occurrence of criminal activity.

GPS

While GPS systems have existed for a long time, more and more law enforcement agencies are taking full advantage of their benefits—particularly when it comes to pursuing vehicles. Tested with police departments in Arizona and Florida, GPS ‘darts’ are currently in development to reduce the risk to police officers and the general public posed by high speed traffic pursuits. The darts are fired using compressed air and discreetly attach to the vehicle being chased. This means the officer in pursuit can track the vehicle remotely, without the need to initiate a chase at dangerous speeds.

Drones

Perhaps the most controversial of these technologies, drone surveillance has been a hot topic in recent news. While opposition to their use is primarily in relation to privacy or military usage, for law enforcement they provide an affordable and convenient alternative to police helicopters. These small portable flying police drones are equipped with HD surveillance cameras, providing a birds-eye view of crime scenes or events. This live video feed can be monitored and recorded remotely, allowing officers to survey any danger in the area before making a physical appearance. Like body worn cameras, the video footage can also serve as valuable evidence in court. The future of drone technologies being adopted by police departments remains up in the air, however, as some public opposition looks to restrict their usage.

Gunshot detection

Possibly the most innovative of these technologies, gunfire locators or gunshot detection systems have proven to be extremely valuable in protecting front line workers and increasing response time in high gun crime areas. Already used in many cities throughout the United States, these systems use numerous super sensitive microphones (dispersed through a geographic area and connected to a central processor) to immediately alert police to the exact location, and even direction, of gunshots fired in the area.

While some of these technologies have yet to reach their potential, their benefits suggest it won’t be long before they’re fully integrated into police and security industries—and seeing widespread use around the world. While tracking devices and security cameras are nothing new, their improvement and innovative applications in recent years have made them invaluable. From collecting evidence to improving safety for front line workers, these high-tech security solutions effectively reduce risks faced by organizations operating in the sector.