Category Archives: Technology Risk

Игроки всегда ценят удобный и стабильный доступ к играм. Для этого идеально подходит зеркало Вавады, которое позволяет обходить любые ограничения, обеспечивая доступ ко всем бонусам и слотам.

Why Mark Cuban Lost Interest in Facebook Brand Pages – And Why the Social Network Should Care

Posted on by

Mavericks owner Mark Cuban (third from right) with his players at ESPN’s ESPY Awards.

Each year, our December issue of Risk Management highlights the Year in Risk. Basically, we look back at the year that was through the lens of risk and offer a time line of its biggest events as they relate to the discipline. (Look for it in your mailbox or online in a few weeks.)

One of the trends I wrote about this year was how some of the internet/tech companies that the world has been buzzing about for years are starting to lose their shine. Facebook (with its disastrous IPO), Google (with its third-quarter earnings embarrassment) and Apple (with its iPhone map fiasco and fall stock drop) have all looked a little less rosy this year. After some high-profile gaffes, that are starting to seem more like any other major brands with major revenues and major detractors.

Now, it seems that Facebook also may have to begin dealing with an outspoken critic: Mark Cuban.

The boisterous billionaire owner of the NBA’s Dallas Mavericks and television network AXS TV wrote an op-ed chastising Facebook’s sposored post arrangement with companies and, really, its whole strategy. In his eyes, the company is getting away from what made it such a good network in the first place and is now force-feeding users content based upon its proprietary algorithm rather than what they want. Thus, given the diminishing returns he now sees on the time and money the Mavericks devote to Facebook, he is instead directing the team’s staff to prioritize other networks, like Twitter, Tumblr and Pinterest.

Cuban wrote the following on Business Insider today.

First, I’m not recommending to any of my companies that we leave Facebook. I am recommending that we de-emphasize pushing consumers or partners to like us on FB and focus on building up our followings across all existing social media platforms and to evaluate those that we feel can grow a material following. In the past we put FB first, twitter second. FB has been moved to the bottom of a longer list.

The crux of his dwindling interest in using Facebook to promote his brand is the company’s increasingly pervasive EdgeRank algorithm, which decides which items in a person’s time line are the most important and thus elevates them to the top. For a brand like the Mavs, which often posts the score of the team’s game as it is occurring, the result can be a non-chronological display of the breaking information they’re trying to provide those that “like” their page. Or worse, it means that fans might miss interesting nuggets of info altogether.

Essentially, in its attempts to become, as Cuban terms it, an “efficient information delivery source” via their algorithm, the company is making it harder for companies to get the benefits they signed up for — and often pay for with “sponsored posts” that purport to help reach a wider audience.

By trying to be an incredibly efficient information delivery source, they confine our ability to organically reach most of our followers to using Sponsored Posts. They also significantly increase our costs because if we create a post that doesn’t engage our followers to the level the algorithm expects it to, it can impact our ability to be seen in the future. Talk about pressure.  Put up a post, but be sure that EdgeRank doesn’t think it sucks.

Then of course there is the money. As many have written before me, sponsored posts can get expensive. If you post many times a day, that can get incredibly expensive.

So why would brands who can’t afford the algorithmic presentation risk, or the financial cost, want to continue to drive their user interaction by investing in FB if there are alternatives?

Of course, all this critiques are basically just mumbo jumbo to most of us non-techgeeks. These are details that few people actually care about. With his closing comments, however, Cuban gets to what sound like a potentially larger problem — and one that, if a host of other executives feel similarly about, could cost Facebook a lot of cache from the companies it has been enticing to join in recent years. In short, with its strategic shift, it may have invited strategic risk.

I also think that FB is making a big mistake by trying to play games with their original mission of connecting the world. FB is a fascinating destination that is an amazing alternative to boredom which excels in its SIMPLICITY. One of the threats in any business is that you outsmart yourself. FB has to be careful of just that.

And in case you were wondering: I first became aware of Cuban’s essay from @BusinessInsider on Twitter.

The Reputational Risk and IT Relationship

Posted on by

With more visibility and vulnerability in today’s business landscape due to social media, online commerce and doing business through mobile devices, it only makes sense that there would be more potential risks to a company’s reputation and brand. In fact, now more than ever, executives are attempting to protect their brands from these security threats by being more proactive and looking for blindspots in their risk management program. That’s according to findings from the “2012 IBM Global Reputational Risk and IT Study,” conducted by the Economist Intelligence Unit, which analyzed responses from 427 senior executives from around the world, representing nearly all industries.

Respondents indicated that cybercrime is more of a reputational threat than systems failure — a finding that clearly illustrates how cybersecurity is a growing concern among executives, as shown in the following graph from the report.

What’s more, 64% say their company will put additional effort into managing its reputation in the future while 75% of respondents say their IT budget will grow over the next 12 months due to reputational concerns. “Underestimating the cost of reputational risk greatly exceeds the cost of protection,” said one U.S.-based study participant. “Being proactive is preferable to being reactive.”

As the report states:

Going forward, assessing potential blind spots and new technologies will likely be accelerated through the use of case studies and scenario analysis rather than waiting for direct experience. “To use new technologies like cloud you need trust,” says Andrea MacIntosh, director of quality with Alpha Technologies in British Columbia, Canada. “How do you build trust? Either by demonstrating performance or through looking at comparable organizations that are using it with good success. I think there’s a lot of referential data for companies like ours, but as with any new technology, you’ve got to be cautious.”

So how does a company avoid data breaches and strengthen the public’s trust in its brand? The respondents feel that integrating IT into reputational risk management, along with having a strong IT risk management capacity, is the best bet.

Gone are the days when a customer inherently trusts that a company’s IT capabilities are sufficient. In fact, customers are taking a more proactive approach when it comes to understanding a current or potential business partner’s IT infrastructure. “We’re seeing more requests from our customers for details of our IT infrastructure and security, along with on-site audits, as part of the supplier qualification process,” said MacIntosh.

Organizations of all sizes across all industries are devoting more time and attention to potential cyber threats that could harm their reputation. “This concern is reflected in more integrated, enterprise-wide approaches to risk management led from the C-suite and increased attention being paid to the direct reputational impacts of IT risks,” the report states. This study, along with many others, point to the conclusion that cyber and data security has earned top billing in the list of biggest risks posed to businesses. How is your company responding?

The State of Risk-Based Security Management

Posted on by

During my time at the Gartner Security & Risk Management Conference last week, I had the chance to sit down with Dwayne Melancon, chief technology officer at Tripwire, an IT security software firm. I was introduced to the term risk-based security management (RBSM) and presented with a report issued by Tripwire with research conducted by the highly regarded Ponemon Institute titled “The State of Risk-Based Security Management.” Here, Melancon answers a few questions regarding the report and the state of security risk management in general.

First of all, what motivated you and your team to dig deeper into this issue and publish this report?

DM: For the past five or six years, a lot of our focus has been on trying to translate security information to compliance auditors. About a year or a year-and-a-half ago, we started to notice an influx of people talking about risk and risk management. So we commissioned the Ponemon Institute to do an independent study to find out what’s going on with risk: Where are the people, what are the challenges, what are the concerns about it? They surveyed a little over 2,000 people worldwide. The idea was to establish sort of a baseline: What’s the current state of practice in thinking and where are there gaps? When you dig into the demographics, it’s a good cross-section not just of companies, but of industries, job titles and so on.

Who is this report geared towards?

DM: I would say it would appeal to a couple of audiences. One are the CIO, CISO-level people who understand their side of technology but need to relate to other business executives outside of their world. And then the other to me is really when you get to the IT mid-management person who has to kind of focus their resources, make sure their staff’s focused on the right thing, but then communicate value up, to either their boss or their boss’ boss. I think those are the two audiences who would probably get the most out of this.

What was the most interesting aspect of the report?

DM: A couple of things. One is that there is a lot talk and not a lot of walk yet. So, somewhere around 77 or 80% of the organizations said that risk management was important, but less than half are actually doing anything about it.

We see that a lot — people saying we need a risk management program and understand its value, but fail to implement it.

DM: Definitely. And another piece that seemed to be related to that was that there was a lot of inconsistency in who really owns the risk management program. So it was all over the map. You would think that, typically, it would be somebody senior in the organization, because most of the time, unless somebody really endorses it, it’s the “tone at the top” thing. Unless somebody at the top says, ‘this is important,’ then it becomes sort of a David and Goliath thing — some superhero in IT who decides they’re going to take this on and they get frustrated.

The term “risk-based security management.” Have you heard it used before or is this a new term in the world of risk management?

DM: We’ve heard it mentioned and when we heard it we decided that it sounds a lot like what we’re focused on. Where this came together, and I think it’s a linkage to our compliance roots, is that when we dealt with a lot of audits, scoping was really important and they always talk about the importance of a top-down risk-based assessment to figure out what’s in scope and what’s not, what’s relevant and what’s not. And one of our audit clients started describing it as risk-based security. And we said, ‘OK, that makes a lot of sense.’ Because if you have a good understanding of where the risks are, then you can align your budget, your resources, and what you report on based on risk and it makes it easier. Especially when you deal with non-technical executives. A lot of them tend to have financial backgrounds. They understand risk and they understand controls. So if you can kind of frame it in that, it’s a better starting point than trying to explain what patching is, for instance.

Was there anything in the report you found shocking?

DM: One other thing I thought was surprising is that when we asked people about data — there seems to be a dearth of metrics, a lot of people are trying a bunch of things to see what works — one thing that bothered me was that so many organizations had cost as their primary measure. I think cost is a good indicator, but it’s not a metric because you can’t drive costs and risk gets better. It just doesn’t work that way. We’ve been trying to help people understand that. It’s kind of a two-way street: What metrics are working for you, here are some things we’ve seen work.

Here is a shocking chart presented in the report:

The Risk of Hacktivism

Posted on by

According to a Zurich expert, the cost of hacking is now larger than the heroin, cocaine and marijuana markets combined. Best Day offers the following video that explains the threat, especially in terms of how “hacktivists” are attacking corporate interests. “Anybody that doesn’t take it seriously is at risk,” says Larry Collins of Zurich.