Category Archives: Governance, Risk & Compliance

Игроки всегда ценят удобный и стабильный доступ к играм. Для этого идеально подходит зеркало Вавады, которое позволяет обходить любые ограничения, обеспечивая доступ ко всем бонусам и слотам.

65% of Businesses Unprepared For Email-Based Cyber Threats

Posted on by

In a recent threat report, cloud email management company Mimecast warned they had seen a 55% increase in whaling attacks over the past three months. As we reported in this month’s Risk Management cover story “The Devil in the Details,” social engineering fraud schemes like whaling (which is phishing that targets higher-profile employees and executives) resulted in a total losses of more than $1.2 billion worldwide between October 2013 to August 2015. According to the Mimecast Business Email Threat Report 2016, released yesterday, IT security professionals clearly recognize the risk, with 64% of respondents in the new saying they see email as a major cybersecurity threat to their business. Yet only 35% feel confident about their level of preparedness against data breaches, while 65% feel ill-equipped or too out of date to reasonably defend against the risk.

buy sinequan online youngchiropractic.com.au/wp-content/uploads/2023/10/jpg/sinequan.html no prescription pharmacy

“Our cyber-security is under attack and we depend on technology, and email in particular, in all aspects of business. So it’s very disconcerting to see that while we might appreciate the danger, many companies are still taking too few measures to defend themselves against email-based threats in particular,” said Peter Bauer, chief executive officer of Mimecast. “As the cyber threat becomes more grave, email attacks will only become more common and more damaging. It’s essential that executives, the C-suite in particular, realize that they may not be as safe as they think and take action. Our research shows there is work still to be done to be safe and we can learn a lot from the experience of those that have learnt the hard way.”

Even the most secure companies feel the most at risk of these scams. Of the top 20% of organizations that feel most secure, 250% are more likely to see email as their biggest vulnerability. Those who feel most confident about guarding against the risk are 2.7 times more likely to have a C-suite that is extremely or very engaged in email security. Among the IT security managers who feel most prepared, five out of six say that their C-suite is engaged with email security, Mimecast reports. However, of all IT security managers who were polled, only 15% say their C-suite is extremely engaged in email security, while 44% say their C-suite is only somewhat engaged, not very engaged, or not engaged at all.

The firm also had some insight on best budgeting against the risks of phishing. Those who feel better prepared to handle email-based threats also allocate higher percentages of their IT security budgets toward email security, the firm found, with these IT security managers allocating 50% more of their budgets to email security compared to managers who were less confident in their readiness. Mimecast found 10.4% of the total IT budget toward email security is the ideal intersection between email security confidence and spend.

To reduce the threat of whaling, Mimecast recommends that companies:

  • Educate your senior management, key staff members and finance teams on this specific type of attack. Don’t include whaling in a general spear-phishing awareness campaign—single out this style of attack for special attention to ensure key staff remain vigilant.
    buy biaxin online youngchiropractic.com.au/wp-content/uploads/2023/10/jpg/biaxin.html no prescription pharmacy

  • Carry out tests within your own business. Build your own whaling attack as an exercise to see how vulnerable your staff are.
  • Use technology where possible. Consider an inbound email stationery that marks and alerts readers of emails that have originated outside of the corporate network.
  • Consider subscribing to domain name registration alerting services so you are alerted when domains are created that closely resemble your corporate domain.
    buy bactrim online youngchiropractic.com.au/wp-content/uploads/2023/10/jpg/bactrim.html no prescription pharmacy

    Consider registering all available TLDs for your domain, although with the emergence of generic TLDs (gTLD) this may not be scalable.

  • Review your finance team’s procedures; consider revising how payments to external third parties are authorized. Require more than single sign-off, or perhaps use voice or biometric approval only with the requestor to ensure validity of the request.

Check out the infographic below for more on business email threats:

mimecast business email threats

Captive Regulators Disappointed in New FHFA Rule

Posted on by

A final rule released by the Federal Housing Finance Agency (FHFA) amended its regulation on Federal Home Loan Bank (FHLB) membership to specify that captive insurance companies can no longer be used as a conduit to membership of the organization. Membership offers entities access to low-cost FHLB funding and other benefits. Because insurers may become FHLB members, along with credit unions and savings and loans, the Federal Home Loan Bank Act has been revised to specify that the term “insurance company” excludes captives.

Housing regulators have viewed captive insurers as a loophole used to access low-cost, government-backed financing. “Real-estate investment trusts that invest in mortgages are normally ineligible for home-loan-bank membership, but over the past few years have created captive insurers to gain indirect access to cheap federal funding,” The Wall Street Journal wrote.

As a result of captives being admitted as members, “25 are owned by entities that are not themselves eligible for membership.” The FHFA said it is “concerned that this practice will continue to grow and there is no reason to believe it will not grow to include entities other than REITs (Real Estate Investment Trusts), such as hedge funds, investment banks and finance companies, some of which have already inquired about establishing captives to gain access to the FHLB System.”

FHFA Director Melvin L. Watt said in a statement, “FHFA has the authority and the duty to implement the statutory membership provisions of the Federal Home Loan Bank Act and by adopting the proposal to exclude captives from the definition of insurance company we are making sure that institutions can’t frustrate the intent of Congress.” He added, “Congress has amended the Federal Home Loan Bank Act in the past to allow additional entities to become members of a Federal Home Loan Bank and it can certainly do so again if it wants some of these entities to be eligible for membership.”

Captive regulators of Vermont and Delaware expressed disappointment in the decision. David Provost, deputy commissioner of captive insurance of the Vermont Department of photo_provostFinancial Regulation, said, “Vermont’s response to the proposed rule was pretty straightforward: Don’t ban captives from FHLB membership just because they are captives. Captive insurance companies are regulated insurance companies, licensed for a particular purpose, and regulated in a manner commensurate with their risk,” he said.

online pharmacy estrace with best prices today in the USA

Steve Kinion, director of the Bureau of Captive and Financial Insurance Products for the Delaware Insurance Department said, “The Delaware Insurance Department is disappointed that the Federal Housing FinancSteve Kinion (2)e Agency made the decision it made. In at least two comment letters, one in 2012 and the other in 2015, we have made attempts to work with the Federal Housing Finance Agency to help it understand captive insurers.” He added that what has been disappointing is that “our offers were never accepted. Delaware Insurance Commissioner Stewart continues to believe that captive insurers that are members of the FHLB system are well regulated and contribute to the FHLB’s mission of fostering housing in the United States.”

Kinion explained that that REITs have long sought membership in the Federal Home Loan Bank system, which was formed in 1932 to provide liquidity for the housing market. Because current law states that only certain types of institutions may become Home Loan Bank members, “captives have been a portal for membership. It’s unfortunate when well-regulated captive insurers are excluded from membership.

online pharmacy cipro with best prices today in the USA

 I only wish that, before it issued its regulation, the FHFA would have allowed me the opportunity to show what Delaware does at the state level to regulate captive insurers.”

Delaware had been seeing increased interest in REITs. The domicile has one such captive and others were in the pipeline. One reason Delaware likes them is the revenue they bring in. “Our regional Home Loan Bank is in Pittsburgh and 10% of the profits generated have to be designated for affordable housing programs,” Kinion said. “In Delaware, there are a number of organizations that receive grants from the bank to promote affordable housing, and that benefits the state.”

The REITs captive program was fostered by Delaware Insurance Commissioner Karen Weldin Stewart. Her rationale was that, through the program she could “help with affordable housing in Delaware, which she can’t do directly as insurance commissioner,” Kinion said. “This was an indirect means of helping Delaware’s affordable housing programs.

online pharmacy tadalista with best prices today in the USA

Provost said that while he supports REITs captives, the new rule will have a negligible impact on Vermont. “We have studiously avoided jumping on bandwagons of forming captives that have no apparent insurance purpose solely for some ancillary advantage,” he said. “We have allowed captives to apply for membership to the FHLB, and so far five have joined. They will have one year or five years to leave the FHLB system, depending on when they joined.”

Kinion noted, “I wish the FHFA would have at least talked to us, so they could have seen how we regulate captive insurance companies. If regulation is a concern, they should have at least taken a step to find out what we do at the state level. But that didn’t happen.”

Legal Woes Highlight Dangers of the Food Industry Supply Chain

Posted on by

chipotle

A spate of recent cases offers a clear warning for the food industry about the legal and reputational perils of not getting more serious about supply chain control.

On Monday, the U.S. Supreme Court declined to consider an appeal from Nestle, Archer Daniel Midlands Co. and Cargill Inc., allowing a slave and child labor lawsuit to proceed against the three food industry giants.

Three plaintiffs who claim they were trafficked from Mali as child slaves and forced to work harvesting and cultivating beans in Cote d’Ivoire, and allege that the companies aided, abetted or failed to prevent the torture, forced labor and arbitrary detention they suffered.

According to Reuters:

The plaintiffs, who were originally from Mali, contend the companies aided and abetted human rights violations through their active involvement in purchasing cocoa from Ivory Coast. While aware of the child slavery problem, the companies offered financial and technical assistance to local farmers in a bid to guarantee the cheapest source of cocoa, the plaintiffs said.

The defendants knew about the child slavery problems in the region and offered both financial and technical farming assistance to support the agriculture methods in place, the plaintiffs claim. What’s more, they say, the defendants could have used their leverage in the cocoa market to stop or limit the alleged child labor practices and failed to do so.

According to the Wall Street Journal:

Mark Theodore, a partner at Proskauer Rose, said that the ruling reinforces to companies that they need to be socially responsible employers. And while there is no way to ever completely prevent such risks, he said the ruling is a reminder to companies that they “should be monitoring and also maybe doing a little bit of introspective thinking about their own practices to avoid these things, or prevent them from happening, or to put themselves in legally defensible position if they can’t prevent them.”

In September, the Justice Department finalized a landmark conviction of the former head of the Peanut Corporation of America, who was sentenced to 28 years in prison for knowingly shipping salmonella-tainted products that sickened 714 people and killed nine. That may be the department’s first step in a new approach to taking food industry product safety more seriously, and more aggressively pursuing wrongdoing on a criminal level. The Justice Department has now opened formal investigations into the e. coli outbreak at Chipotle and the listeria outbreak at Blue Bell Creameries, both of which sickened hundreds of consumers.

The department has already signaled a broad intention to focus more efforts on individual law-breakers in corporate crimes. Now, the government appears to be showing the food industry that things are changing in terms of corporate responsibility and food safety, according to Andrew Lankler, partner at Baker Botts. Lankler told the Wall Street Journal that the Department of Justice is signaling that whatever standard the food industry thought it needed to meet for food safety, the bar is higher. “The department is going to step up enforcement in areas where they can prove they sold tainted product,” he said.

And the trouble at Chipotle shows little sign of abating. The CDC is still investigating multiple outbreaks, and the chain has now been served a subpoena as part of a criminal probe by the U.S. Attorney’s Office and the Food and Drug Administration’s Office of Criminal Investigations regarding an isolated norovirus incident in August.

A fourth lawsuit was recently filed by a customer who claims he was sickened by the same strain of e. coli linked to Chipotle, but this case dates back to July, meaning far more people may have been affected in the outbreaks. At least nine suits have been filed by customers, and Bill Marler, a food and safety litigator in Seattle, claims more are coming from the 75 Chipotle-related clients he represents.

At this week’s ICR conference this week, CEO Steve Ells said he is hopeful that the CDC will soon declare the restaurant’s e. coli outbreak over, adding, “we know that Chipotle is as safe as it’s ever been before.”

To that end, Chipotle announced today that it will close all of its stores on Feb. 8 to have a corporation-wide meeting with all staff regarding food safety.

But customers remain extremely wary. Indeed, while it may be an e. coli cliché, it would not at all be a stretch to say public opinion about the brand remains in the toilet, with YouGov’s BrandIndex score for the company seeing a drop equal to that of GM during its crisis.

yougov poll chipotle

To combat that, the company also announced plans to launch a sizable new marketing campaign to win back customers, using direct mail and traditional advertising to attempt to win back consumer confidence. As Fortune reported, executives said the campaign will attempt to provide a “detailed story of what happened” to explain to customers why they are now safe, and that it will not focus overtly on food safety, but will have “an undertone” of humility.

Chipotle’s stock dropped nearly 42% in the wake of the outbreaks, and according to an SEC filing, sales at stores open more than a year were down 30% last month. Ells and his team admitted they could not guess how much the fallout will impact 2016 financial results, but expect it will be a “messy” year. Costs are expected to go up from the marketing campaign and new food safety measures, including processing more food through centralized kitchens in an attempt to better control the conditions of ingredients.

The company darkened its outlook for Q4 results, and As Wells Fargo Securities wrote in a recent research note, “We expect CMG to point to a hard-fought and long-tailed [same-store sales] recovery across 2016, and to stress that there is still much work to be done in assessing the sizeable costs associated with the company’s supply chain overhaul.”

For more about food safety crises and product recall, check out the following articles from Risk Management:

Feeding an Appetite for Trust, A Q&A with Center for Food Integrity CEO Charlie Arnot

Food Safety Updates Stalled by Funding

Maximizing Coverage for a Product Recall

U.S. Sues VW

Posted on by

VW logo

The U.S. Justice Department on Monday sued Volkswagen in federal court in Michigan for illegally installing faulty emission control devices in about 600,000 vehicles. The lawsuit, filed on behalf of the U.S. Environmental Protection Agency (EPA), accuses VW of four counts of violating the U.S. Clean Air Act, including tampering with the emissions control system and failing to report violations.

According to a Reuters review of the U.S. complaint, VW could face fines of up to $37,500 per vehicle for each of two violations of the law, up to $3,750 per “defeat device,” and another $37,500 for each day of violation.

Risk Management magazine reported in December 2015 that the affected EA 189 diesel engines were installed in more than 11 million Volkswagen and Audi vehicles manufactured between 2009 and 2014. The company announced on Oct. 22 that it was also looking into whether the software might be in earlier versions of its latest EA 288 diesel engine, potentially adding millions more to the total.

Regulators across the globe, including in India, South Korea and Germany, are conducting their own investigations, as are attorneys general in all 50 U.S. states. The Justice Department has been seen as the only agency that might hold executives personally accountable, according to The New York Times.

The government is seeking a number of penalties against the company, including fines and further actions to mitigate the emission of harmful pollutants. A federal court will determine what actions the company must take to reduce emissions and a dollar figure for the penalty.

VW (VOWG_p.DE) shares fell as much as 6% to a six-week low on Jan. 5, the biggest drop yet on Germany’s blue-chip DAX index, Reuters said.