Игроки всегда ценят удобный и стабильный доступ к играм. Для этого идеально подходит зеркало Вавады, которое позволяет обходить любые ограничения, обеспечивая доступ ко всем бонусам и слотам.

After COVID, Cyberrisks Top Agenda for Risk Professionals in India, Marsh and RIMS Report

Posted on December 21, 2020 by Hilary Tuttle

For risk professionals in India, the COVID-19 pandemic has underscored the critical need to build business resilience and develop mature yet flexible business continuity plans to address both short- and long-term threats. In the new Marsh and RIMS report Excellence in Risk Management India 2020, Spotlight on Resilience: Risk Management During COVID-19, 63% of risk professionals in India said a new pandemic or continued fallout from COVID-19 was a top risk facing their organization, followed by cyberattacks (56%), data fraud or theft (36%), failure of critical infrastructure (33%), fiscal crises (31%), and extreme weather events (25%).

This mix of top risks illustrates the critical task before risk professionals heading into 2021: ensuring capability and procedures to respond to fast-emerging disasters, while not losing sight of the critical work to boost baseline resilience against foreseeable risks across the enterprise.

“Organizations need to balance their focus between longstanding and emerging risks,” said Sanjay Kedia, country head and CEO of Marsh India. “While there has long been an awareness of weather-related risks, low-frequency risks generally receive less attention. The pandemic has underlined the need for risk managers to keep all perils on their radar.”

Indeed, Marsh and RIMS found risk assessment and modeling are critical gaps for India-based risk professionals to focus on to mature their risk management programs. “As businesses recover from COVID-19, many senior leaders are shifting attention to questions of resilience.

buy nizoral online greendalept.com/wp-content/uploads/2023/10/nizoral.html no prescription pharmacy

But, as our survey shows, the use of advanced risk management techniques in India remains limited—for example, more than one-fifth of respondents do not assess or model emerging risks,” the report noted.

This is particularly the case with emerging cyberrisks. Cyberattacks and data loss or theft ranked among the top three threats, and the pandemic escalated the already rising number of cyberthreats to companies in India with the shift to remote work, online business, and ransomware attacks. Indeed, the report noted that the pandemic led to a surge in cyberattacks against Indian companies, with New Delhi among the top 10 most often attacked cities with regard to ransomware in 2020, and more than a third of Indian respondents to a June survey by Microsoft reporting they had fallen prey to a pandemic-related phishing email. Yet only a third of respondents to the Marsh/RIMS report said they model potential cyber loss scenarios, and only 26% plan to do so in the next year. Key cyberrisk management measures and the rate of implementation among Indian companies include:

Whether it is phishing attacks on employees or internet outages interrupting operations in the supply chain, the report notes that the next major event for Indian companies could well be a cyberattack. Focusing on building cyber resilience was one of the report’s four key recommendations, noting “organizations should shift their focus from solely trying to prevent an attack to accepting the inevitability of a cyber event and taking action to mitigate its effect.”

The report’s other top recommendations for risk professionals in India were:

Regularly review existing business continuity plans – “Companies should carefully review and refine their business continuity plans. They should ensure their plans enable them to respond effectively to threats that bring short-term pain and long-term and widespread challenges, as is the case with COVID-19.”
Embrace the changing working environment – “Lockdowns intended to stem the spread of COVID-19 required many companies to quickly move to remote working, change their business models, and implement new safety measures upon return to the workplace. Other perils, like a natural disaster, could necessitate and precipitate such shifts, even if shorter in duration. Businesses should invest in structures that allow employees to work remotely effectively, efficiently, and safely and should educate employees on new ways of working under changing circumstances.”
Remap and remodel your supply chain – “The COVID-19 pandemic emphasizes the need to re-examine supply chains regularly, with special focus on understanding the resilience and reliance of vendors. Companies would benefit from understanding their vendors’ ecosystems; both to provide a clearer view of how they could be affected by different risks and to review contracts to better understand liabilities.
buy inderal online greendalept.com/wp-content/uploads/2023/10/inderal.html no prescription pharmacy

”

Moving forward, there is considerable room for risk professionals to be more involved in scenario analysis and strategy

In December, RIMS introduced additional resources specifically for risk professionals in India looking to elevate their risk practice. The report was released around the recent RIMS Virtual Risk Forum India 2020, which brought together hundreds of risk and insurance professionals from across India and around the world. Soon thereafter, the risk management society also announced the official formation of a RIMS India Chapter.

“The exchange of knowledge and experience drives the risk management profession, allowing practitioners to more effectively enhance corporate decision-making, strengthen resiliency and leverage new and exciting opportunities for their organizations,” said Roop Kumar, chief of risk at SBI Life and inaugural president of the India chapter’s board of directors. “RIMS India Chapter will quickly become an exceptional resource for all business leaders. We look forward to delivering cutting-edge risk management insight to support our members as they advance their programs and their careers.”

Other members of the inaugural board of the India chapter include: Keerthana Mainkar, head ERM at Infosys; Amol Padhye, head of market risk at HDFC Bank; Amber Gupta, head legal and corporate secretary at Birla Sunlife Insurance; Anand Shirur, CEO of Digitangle Consulting PVT, Ltd; Steward Doss, associate professor at National Insurance Academy; Monika Mittal, professor at BIMTECH; Shibyanshu Sharma, vice president of risk management at SBI Life; and Yogesh Ghorpade, head of ERM and insurance lead at Thermax Industries.

“RIMS India’s Board of Directors truly represent a cross-section of the country’s risk management community,” said Gopal Krishnan K S, head of RIMS India Operations. “The Society looks forward to learning from their unique experiences and welcoming others to contribute so that, together, we can develop the highest standard of risk management education to address corporate India’s biggest concerns.

buy cozaar online greendalept.com/wp-content/uploads/2023/10/cozaar.html no prescription pharmacy

”

Reducing Risk Exposure Through Sanctions Screening

Posted on September 11, 2020 by Nina Kerkez

International sanctions have increased in recent years and discrepancies still exist between how financial institutions and non-banking financial institutions in different countries and regions handle them. This has led to ongoing international tensions where politicians use asset-freezing, confiscation and other sanctions as tools to forward personal agendas, producing an increased stream of sanctions. It also leads to headaches for the compliance industry as it attempts to assess their level of risk.

For example, there is a great sanction application difference between the United States and the European Union/United Kingdom as a result of the United States leaving the Joint Comprehensive Plan of Action (JPCOA) agreement and re-implementing sanctions against Iran progressively in 2018. In a post-Brexit world, it is likely that a divergence between European Union and United Kingdom sanctions will occur over time.

Increasing challenges add to complexity for compliance professionals conducting sanctions and transactions screenings in accordance with regulations and institutions’ policies. The rapid transition to an increasingly digital world amidst COVID-19 begs the question: Do financial institutions truly understand the identities moving within their digital networks?

The Wolfsberg Group recently published detailed guidance for financial institutions regarding sanctions screening. The guidance highlights the importance of account and transaction screenings, but does not propose fundamental changes to the processes that financial institutions should follow already. Compliance officers need to rely on robust sanctions screening systems, high data quality and up-to-date policies to drive a successful long-term sanctions screening program.

Compliance departments should continue to conduct basic functions such as documented controls and procedures. They should also require a clear understanding of sanctions risk and how essential it is to take a risk-based approach to customer onboarding. Further, the compliance team should consider improving the following:

Sanctions List Management: List data can be incomplete and decay over time. Active list management is essential for compliance personnel to ensure complete, accurate and up-to-date data.
Screening Technology: Screening engines vary in capability. Platforms should meet business needs on a basic level and be able to:
- Manage requisite screening record volumes
- Configure to reflect the differing risk profile lists
- Efficiently remediate alerts through fully functioning workflow tools
- Ingest a variety of external lists
- Integrate APIs into enterprise systems
Sanctions Data: Not all externally provided sanctions lists are created equal. Financial institutions should conduct thorough due diligence and compare data from different sources. Some issues to consider:
- How the data is synthesized from original issuing bodies
- The quality controls within the research process
- The extent that the provider enriches the data to maximize secondary identifiers of sanctioned individuals
- How complete the data set is, given the many official bodies globally and whether the system is configurable to select those relevant to the institution in question
- Whether the data provided facilitates consolidation of entities appearing on multiple sanctions lists to lower duplicate alerts and minimize analysts’ efforts

Sanctions screening is a vital but complex process and a continuously trained compliance staff helps ensure that the financial institution is consistently screening against the most relevant and up-to-date sanctions lists. Sanctions authorities require increasingly strict compliance and this involves employing intelligent augmentation through a combination of human efforts and new technologies such as big data, data analytics, machine learning and artificial intelligence.

Organizations can best reduce risk exposure by using all the compliance tools in a responsible and efficient way. Only then can a financial institution be sure that it is navigating the increasingly complex and rigorously enforced regulatory landscape.

3 Tips for CCPA Enforcement During COVID-19

Posted on August 20, 2020 by Samantha Humphries

As we move into the second half of 2020 and the California Consumer Privacy Act (CCPA) is officially enforced, we are also in the midst of a global crisis that was not properly on the radar when the regulation was enacted in January. Organizations are now being tasked with CCPA compliance in an unexpected remote work environment, with more personal data available online than ever before. And some organizations have the added privacy challenge of contact tracing practices or applications being used internally to monitor employee health.

Even in the remote work environment, relevant companies must ensure that they are informing customers and staff about what data they are collecting, options for which personal details are being gathered, the right to say no and opt out of data collection, the right to request deletion of their information, and equal pricing despite their privacy selections.

Many businesses are still struggling to implement these guidelines and are attempting to avoid significant penalties, all while meeting uptime demands. Below are some tips from security and technology industry experts for the best ways to implement CCPA compliance:

Rely on Data Privacy Regulation Experts

There is increasing uncertainty around many businesses’ futures, and therefore, it is critical to turn to data privacy regulation experts for advice, guidance and technological support.

“With exponential amounts of enterprise data only increasing, ensuring data privacy involves layered, complex challenges for any business. From a cloud hosting perspective, meeting evolving compliance and privacy regulations, such as the CCPA law which is just beginning to be enforced, is one of those layers. One of the most important steps organizations can take to guarantee they are on the right path towards compliance is to rely on hosting providers that have teams experienced with privacy law regulations,” said Lex Boost, CEO of Leaseweb USA.

While it may be tempting to rely on internal teams during the economic downturn, employee burnout in already resource-strapped IT and security teams could cost the companies more in talent loss and potential breaches/fines. Thus, companies should evaluate external providers.

Boost also said, “These providers can guide the process needed to guarantee data is managed within current and upcoming privacy regulations, allowing organizations to focus on maximizing data usage and the experience for their customers.”

Have the Right Cybersecurity Measures in Place

Proper cybersecurity measures are often major components for achieving compliance with a variety of regulations, but especially the CCPA, which is focused on protecting sensitive data and users’ privacy rights. With major hacks making recent headlines at companies like Twitter, and ransomware attacks that threaten to exfiltrate and leak private data on the rise, companies should be on high alert.

“Nobody is safe from an attack leaking personal information, and it’s absolutely essential that correct cyber measures are in place to secure privileged accounts, in particular, as thoroughly as possible. With more information online and spread out than ever before, hackers not only have the ability to scam people, but also undoubtedly have access to private messages, security information, and other personal data,” said Torsten George, cybersecurity evangelist at Centrify.

On top of increasing breach risks, many companies’ distributed workforces are making security preparedness even more complex. But there are solutions, according to George: “To protect organizations during this transitional remote working phase and the implementation of CCPA, it’s imperative to provide your IT administration teams, outsourced IT, and third-party vendors with secure, granular access to critical infrastructure resources regardless of location and without the hassles of a virtual private network (VPN). Privileged access management solutions can both maintain compliance and enable secure remote access to on-premises and cloud-based infrastructures, securing all administrative access with risk-aware, multi-factor authentication (MFA), and maintaining the level of compliance CCPA requires.”

Look Toward the Future

The CCPA currently protects Californian’s privacy rights, but many legal and security experts think this could inspire a similar regulation at the federal level if it is successful.

“The CCPA is the first law of its kind in the United States, and it could set a precedent for other states. And because it applies to most companies who do business with individuals residing in California, the sweeping new law promises to have a major impact on the privacy landscape not only in California, but the entire country. The passage of a cohesive U.S. federal privacy law, one that will preempt state laws, is gaining momentum. It has strong bipartisan congressional support, and several large companies from a variety of industry sectors have come out in favor of it, some even releasing their own proposals. There are draft bills in circulation,” said Wendy Foote, senior contracts manager at WhiteHat Security.

Foote also advised, “With a new class of representatives sworn into Congress in 2019 and the CCPA effectively putting a deadline on the debate and officially being enforced in July, there may finally be a national resolution to the U.S. consumer data privacy problem. However, the likelihood of it passing in the very near future is slim. A single privacy framework must include flexibility and scalability to accommodate differences in size, complexity, and data needs of companies that will be subject to the law.”

It will take several months of negotiation for lawmakers to agree upon how the federal law would be implemented. While companies wait for the passage of a national privacy law and for it to take effect, they must continue to monitor developments in both state and federal privacy law and adapt as necessary.

Consumer privacy will continue to evolve, particularly in the time of COVID-19. Because of this, newer laws and regulations, like the European Union’s GDPR and the CCPA, must be flexible and evolve over time too.

Black Lives Matter: Taking Action on Diversity and Inclusion

Posted on June 9, 2020 by Hilary Tuttle

As protesters across the United States call out systemic racism and police violence against Black people, and Pride Month honoring the LGBTQ+ community begins, diversity and inclusion issues are—and should be—drawing headlines and dominating conversations around the world.

RIMS CEO Mary Roth and 2020 President Laura Langone released a statement Friday saying:

“To the Black members of our community, we cannot fully appreciate how pained you must be by not only this most recent act—but by all acts that reflect bigotry and hatred in our nations’ communities. What we can do is accept the responsibility to ensure that RIMS community reflects something different. Let us be clear: RIMS does not tolerate any form of racism or discrimination in our global community. And we will always look for ways to improve.”

The editors of Risk Management and the Risk Management Monitor echo this message and stand with our Black colleagues, RIMS members and the Black community at large.

As we all look to support, advocate, learn and do better, we have compiled a list of resources to help, including industry advocacy groups for Black risk and insurance professionals, as well as resources for strengthening your organization’s policies, procedures and diversity and inclusion programs. You can also review selections from our previous coverage of diversity and inclusion below:

Industry Advocacy Groups and Research

National African American Insurance Association (NAAIA)

International Association of Black Actuaries

REPORT: The Journey of African American Insurance Professionals, from Marsh and NAAIA

For public sector risk professionals:

The Government Alliance on Race and Equity (GARE)

National Forum for Black Public Administrators

From ICMA, the association for professional city and county managers: WEBINAR: Sharpening the Focus on Social Equity to Make Strategic Budget Decisions

ARTICLE: Silence Is Complicity: Can White America Demonstrate that Black Lives Matter?

Diversity and Inclusion Resources

Global Diversity and Inclusion Benchmarks, Standards for Organizations Around the World, from the Centre for Global Inclusion

The Diversity & Inclusion Revolution, Eight Powerful Truths, from Deloitte