Cloud Computing: Is Your Company Weighing Both Benefits & Risks?
Cloud computing is a landscape-altering technology that is enjoying increasing rates of adoption — often implemented, however, without taking sufficient risk management precautions. Risk managers need to have a deep understanding of what cloud computing is, and why they need to be aware of it. While there are numerous advantages to adopting the cloud, there are also abundant risks, and having a comprehensive risk management plan in place is critical.
-
Cyber
Privacy Insurance: Avoiding the HMO Experience
Privacy, as it relates to an individual’s personally identifiable information, such as Social Security numbers, credit card and healthcare data, has become a cause célèbre of federal and state regulators. Increases in the scope of privacy laws continue to fuel a rise in publicly reported corporate data breach incidents. A company that suffers a significant data breach not only confronts the possibility of great financial loss, it may also suffer irreversible reputational damage—fueling a need for privacy insurance. Data breach incidents typically arise from the theft or loss of customers’ and employees’ personally identifiable information, either in an organization’s care and custody or in the custody of its third-party affiliates, vendors or business partners. For the past 15 years, insurance carriers have marketed privacy insurance (also called network security or cyber insurance) to cover the financial losses arising from a data breach. In addition to this risk transfer is a hidden treasure in some privacy policies—access to expert advice and services. Not all privacy insurance products are created equal, however. While most policies and endorsements address both first-party and third-party exposures, there are often wide differences in coverage terms, conditions, exclusions and financial limits.
-
CyberSocial Media: The Business Benefits May Be Enormous, But Can the Risks — Reputational, Legal, Operational — Be Mitigated?
In less than a decade, social media, in many ways, seems to have “taken over the world.”
This statement is not hyperbole. As one of the largest social networking sites in the social media universe, Facebook boasted more than 750 million people actively using its service. If it hasn’t already, Facebook will soon grow twice as large as the population of the United States, which currently hovers at 311 million.
Even so, the vast majority of companies did not immediately join the social media revolution. Instead, they spent varying amounts of time observing from the sidelines. But when the first wave of companies did join, it was because they anticipated the significant business benefits of this “brave new world” -- where the personal, the professional, and the commercial combine seamlessly, and in the blink of an eye.
Many others, however, remained unconvinced -- often because of a lack of information and an unclear understanding of how social media could be beneficial. “What is this ‘social media’ thing all about?” they wanted to know. “And why should my company care?”
-
Cyber
Data Security: Protecting Private Data From Prying Eyes Poses Some Serious Risk Management Questions
The number and cost of data breaches appear to be rising each year. While US incidents and costs are fairly well documented, it is more difficult to gain a full picture of the situation in Europe, since notification of potentially affected customers is not mandatory in all countries for all types of companies. This may change, however, as the European Commission seeks to tighten and harmonise data privacy regulations.
The Commission’s proposals are the result of the technological developments and the growth in globalisation that have taken place since the current Data Protection Directive was introduced. Not least among these is the growth in cloud computing, which poses some particular risk management challenges.
Handing over-sensitive data to a third party inevitably carries risks. But these may be especially significant in view of the fact that the cloud is a relatively recent phenomenon. For example, it can be difficult to ascertain where data is stored in the virtual cloud environment, the robustness – or otherwise – of the cloud provider’s security, and even in some cases whether the cloud provider is handling data in a lawful way. The traditional checks that companies run when outsourcing may be much harder to enforce.
-
CyberData Risks for Midsized Companies (Crain's Cleveland Business)
When it comes to protecting one's house against intrusion, the common wisdom is to think like a burglar.
Criminals are adept assessors of risk: The house on the block without a fence, a dog and an alarm system vs. other homes that have such security measures is the one to burglarize.
The same applies to Internet hackers. Lots of companies have a tantalizing storehouse of personally identifiable information on customers and employees, but the ones hackers are going to attack are those deemed to be the least secure. Right now, this description fits many small and medium-size companies, experts say.
Recent studies underscore the threat to middle-market players.
