RSS subscription

Recent commentary
Skip Navigation Links.
Collapse 20142014
Collapse OctoberOctober
Red Cross 'Diverted Assets' During Storms' Aftermath To Focus On Image
In Liberia, a Good or Very Bad Sign: Empty Hospital Beds
Report Reveals Wider Tracking of Mail in U.S.
As Ebola Spreads, Asia Senses Vulnerability
Can federal managers turn around employees’ mistrust? Here’s one view
With a $10 million fine, the FCC is leaping into data security for the first time
In West, ISIS Finds Women Eager to Enlist
U.S. Plans 21-Day Watch of Travelers From Ebola-Hit Nations
How Ben Bradlee transformed The Washington Post
After JPMorgan Chase Breach, Push to Close Wall St. Security Gaps
Facebook Debuts Safety Check Feature for Disasters
USIS suffers another blow as GAO rules for competitor in wake of fraud allegations
Dozens Declared Free of Ebola Risk in Texas
How the microscopic Ebola virus kills thousands
Facebook unfriends federal drug agency
Experts Oppose Ebola Travel Ban, Saying It Would Cut Off Worst-Hit Countries
Obama May Name ‘Czar’ to Oversee Ebola Response
With New Ebola Case Confirmed, U.S. Vows Vigilance
Actually, flu is the virus you should really be worrying about
When Ebola Is a Workplace Issue
CDC chief: After Dallas nurse’s Ebola infection, U.S. must ‘rethink’ protocols
Ebola, ISIS, and Large Data Breaches: Is Operational Risk on the Rise?
Texas Health Worker Tests Positive for Ebola
Cloud Computing Cloud Computing Is Forcing a Reconsideration of Intellectual Property
Small drugmakers try to scale up to meet Ebola crisis
Newly Vigilant, U.S. Will Screen Fliers for Ebola
In Net Neutrality Discussion, Lawsuits Loom Large
Ethical choices surround a potential Ebola vaccine
Islamic State, murderer of journalists, releases 11 rules for journalists
Keeping Credit Cards and Bank Account Data from Hackers
We Want Privacy, but Can’t Stop Sharing
Dallas Ebola case spurs concern about hospital readiness
Hackers’ Attack Cracked 10 Financial Firms in Major Assault
Cyberattack Against JPMorgan Chase Affects 76 Million Households
Delay in Dallas Ebola Cleanup as Workers Balk at Task
The Fundamental Horror of ISIS
Ebola patient was allowed to leave Dallas hospital last week
Nigeria’s Actions Seem to Contain Ebola Outbreak
Expand SeptemberSeptember
Expand AugustAugust
Expand JulyJuly
Expand JuneJune
Expand MayMay
Expand AprilApril

Risk News

4/30/2012
Security Experts Warn of Cyber Threats From Iran

"Cyber experts press for greater efforts on the part of civilian and military agencies to address threats from Iran, warning a joint House subcommittee that the Islamic Republic continues to expand its cyber arsenal."

Annie's take:

In the race to pass cyber legislation, Congress is hearing from a range of experts.

4/27/2012
House Votes to Approve Disputed Hacking Bill

"Defying a veto threat from President Obama, the House on Thursday passed a bill that encourages intelligence agencies and businesses to share information about threats to computer systems, including attacks on American Web sites by hackers in China and other countries."

Annie's take:

Enacting a bad piece of legislation does nothing to avert cyberthreats, especially since all information sharing from the private sector is voluntary.

4/26/2012
Who is Threatening the Security of Your Network?

"The myriad threats to public, private and U.S. government networks is getting a ton of attention in Washington, D.C., this week as the House gets ready to debate yet another cybersecurity bill."

Annie's take:

Here's a bit of an update on the cybersecurity discussion and debate going on in Congress this week, including a pretty comprehensive list of how companies are targeted.

4/25/2012
Source's Cover Blown by SEC

"Federal securities regulators, in a sensitive breach, inadvertently revealed the identity of a whistleblower during a probe of a firm that ran a stock trading platform."

Annie's take:

Though the SEC has worked hard to incentivize whistleblowers, especially because of the complexity of transactional platforms, this gaff will set the program back significantly.

4/24/2012
61% of IT Security Professionals Are Concerned About Attacks From Anonymous and Hacktivists

"Concerns over hacktivism and targeted state-sponsored attacks are at the top of security professionals’ minds according to a new survey and research report sponsored by Bit9. The 2012 Cyber Security Survey of nearly 2,000 IT security experts set out to gauge the current state of enterprise security and identify the attack methods and cybercrimal groups that keep IT executives up at night."

Annie's take:

Here's the full survey that over 2,000 information security professionals took, as well as the results of the survey.

4/23/2012
Data protection lessons not being learned

"A survey conducted by Varonis has found that 70 percent of organizations storing third party data are not ‘very confident’ that the sensitive data stored within their organization is protected."

Annie's take:

This new study by Varonis is yet another indicator that data is at high risk in many enterprises, not to mention in small and mid-sized businesses.

4/20/2012
Two years after BP oil spill, offshore drilling still poses risks

"Two years after a blowout on BP’s Macondo well killed 11 men and triggered the largest oil spill in U.S. history, oil companies are again plying the waters of the Gulf of Mexico."

Annie's take:

Here's where things stand in the Gulf two years later. People, whether workers or regulators, are often still at the center of operational risk failures. There's also a editorial today on this topic in the New York Times worth reading.

4/19/2012
Risk Management Makeover

"It's little wonder risk managers are accustomed to remaining behind the scenes. One need only look to Congress grilling Enron's former risk manager about his role -- or lack thereof -- in the company's out-of-control corruption to see that the spotlight can quickly become uncomfortable when it is pointed at risk management."

Annie's take:

The times, they are a changin'. I seem to be one of the few pessimists in this interview.

4/18/2012
Consumers Have Concerns About Mobile Banking Security, Survey Finds

"Roughly one of every five Americans used their mobile phone for some sort of banking activity last year, and about the same proportion say they will probably use mobile banking in the future, a recent survey from the Federal Reserve found."

Annie's take:

Are we surprised by the results of this survey?

I must confess that I am, especially since I regularly find myself warning people that there is still risk around mobile platforms like banking.

4/17/2012
Iraq Emerges From Isolation as Telecommunications Hub

"Iraq, cut off from decades of technological progress because of dictatorship, sanctions and wars, recently took a big step out of isolation and into the digital world when its telecommunications system was linked to a vast new undersea cable system serving the Gulf countries."

Annie's take:

One hardly knows what to make of this new development, especially since it's been characterized as risk management. Iraq will now be a series player in both the energy and telecommunications sectors.

4/16/2012
100 Tornadoes in 24 Hours, but Plenty of Notice

"The tornadoes were unrelenting — more than 100 in 24 hours over a stretch of the Plains states. They tossed vehicles and ripped through homes. They drove families to their basements and whipped debris across small towns throughout the Midwest. In some areas, baseball-size hail rained from the sky."

Annie's take:

Though the property destruction from tornadoes over the weekend was heavy, the number of lives lost were significantly reduced becasuse of the revised alerting system now being tested. I expect to learn a lot more about tornadoes as I prepare to lead discussions in May and October at EPCOR on lessons learned from the 2011 Joplin tornado.

4/13/2012
Facebook Offers More Disclosure to Users

"Facebook, seeking to address concerns about the personal information it collects on its users, said Thursday that it would provide any user with more about the data it tracks and stores. "

Annie's take:

As it readies itself to go public, Facebook has been trying to conform to European data privacy laws as well as requests in this country for a greater level of transparency on the data it collects about its users. See the comment in the article that there are 80+ categories that Facebook collects data in, and that it is proposing to share only half of those categories in its new offer.

4/12/2012
Crisis Communications 2012: Social Media & Notification Systems

"Continuity Insights’ first in-depth survey for 2012 looks at the growing use of social media as a crisis communication tool. Respondents from over 250 organizations were asked to provide data about their organization’s social media accounts and usage, which was then used to indicate the reach and target audience — key factors when using social media in a crisis."

Annie's take:

The results of this survey are disappointing but not surprising. There is still significant resistance to the use of social media tools around emergency management. For one of the most interesting blogs by those actively using the tools see a site used by roughtly 1700 emergency managers, to be found at http://idisaster.wordpress.com/.

4/11/2012
Nerves Are Rattled After Bomb Threats at Pitt

"Dozens of bomb threats at the University of Pittsburgh since mid-February have disrupted classes and dormitory life and prompted some students to find housing off campus just weeks before the semester ends."

Annie's take:

By virtue of its nature, a university campus is wide open. In the last several years, we've seen incidents at Virginia Tech and, more recently in Oakland, where shooters were able to take advantage of that openness. At Pitt, the sheer volume of the bomb threats is enough to disrupt campus life for teachers, students and campus police. The New York City slogan, "If you see something, say something" might be a good tool to use to identify the disruptors.

4/10/2012
Pentagon to fast-track cyberweapons acquisition

"The Pentagon is planning to dramatically speed up the development of new cyberweapons, giving it the ability in some cases to field weapons against specific targets in a matter of days, according to a new Pentagon report to Congress."

Annie's take:

This is an interesting new development. It would have been helpful to have an example of what a cyberweapon might be.

4/9/2012
Selling You on Facebook

"Many popular Facebook apps are obtaining sensitive information about users—and users' friends—so don't be surprised if details about your religious, political and even sexual preferences start popping up in unexpected places."

Annie's take:

If you wish to keep details of your preferences and your personal life as private as it is possible to do with social media, then don't subscribe to third party applications available with Facebook. And double check your privacy settings at least once a month to be sure that the security choices you have made are still current.

4/6/2012
Cyber-Criminals Change Tactics as Network Security Improves

"IBM in its X-Force security report for 2011 said security efforts have cut spam and improved vulnerability patching, but attackers are now targeting mobile devices and the cloud."

Annie's take:

This is a good summary of the IBM report, and highlights the need for information security professionals to establish the protections on their data before they move it to the cloud.

4/5/2012
New Bill Lets Gov't Collect All Your Private Cyber Info

"The Cyber Intelligence Sharing and Protection Act (CISPA) is getting a lot of bipartisan support, but in reality it’s a nightmare that makes SOPA look practically benign in comparison. "

Annie's take:

Here's one professional security person's take on a bill pending in Congress, along with links to some additional information you may want to review.

4/4/2012
DHS Budget Trends Jeopardize Partnerships and Collaboration

"Jim Mullen likely won’t drown in the emergency management bloodbath that is the U.S. Department of Homeland Security (DHS) budget, but he may have a hard time staying afloat."

Annie's take:

Impacts to Washington State's emergency management program are discussed first in this quite depressing article.

4/3/2012
How China Steals Our Secrets

"For the last two months, senior government officials and private-sector experts have paraded before Congress and described in alarming terms a silent threat: cyberattacks carried out by foreign governments."

Annie's take:

Richard Clarke, former presidential adviser, has written several books that cover this important topic. Here he critiques the forms of congressional legislation pending as really not dealing at all with problems like Chinese cyber threats.

4/2/2012
In Person: Bubble-spotter Shiller says consumers need more protection

"In the course of his four-decade career, Yale economist Robert Shiller has seen enough financial folly to make anyone cynical. Instead, he thinks the industry can and should be reformed to serve ordinary people, not just the superrich."

Annie's take:

This is a terrific interview with economist Robert Shiller that covers a lot of ground, including current legislation moving into law.