By:
On:
In: *Connecting the Dots Blog*, Business Continuity, Information Privacy, Information Security, Regulatory Compliance

  Last week financial executives received some valuable advice on ways to significantly reduce costs associated with an expensive non-budgeted item – cybercrime. Greg Schaffer heads up DHS’s Office of Cybersecurity and Communications and his comments on cybercrime included: “Cybercrime is not a problem that is growing, or coming, or off in the future.  This is a problem right now.” Mr. Schaffer also cited some statistics from reports and surveys: A single cyber breach costs companies an average of $6.75 million  27 countries have claimed to have experienced financial losses related to cybercrime In 2009, 30 million examples of new malicious software were released  Read More →

By:
On:
In: *Connecting the Dots Blog*, Business Continuity, Human Resources, Incident Reporting, Information Privacy, Risk Management

  A recent follow up article in Federal Computer Week (FCW) highlighted the porn scandal at the Securities Exchange Commission (SEC) and suggested this was a dramatic wake-up call for any government agency who doubted the need for and importance of an airtight security policy. Good for Teri Robinson… who wrote the article!! However…the steps Teri laid out that an agency should take to build and enforce a security policy are missing a couple of critical steps based on lessons learned and legal defensibility.  Teri suggested the following steps: Review existing policy Social media guidelines should be included and should be specific Assign responsibility becauseRead More →

By:
On:
In: *Connecting the Dots Blog*, Business Continuity, Campus Safety, Incident Reporting, Regulatory Compliance, Risk Management

  If you did not read Part 1…you may want to do so before reading Part 2. During my EduComm presentation,  I identified numerous school related incidents and lessons learned and multiple new ways to improve campus safety, reduce costs, protect reputations and save lives. Then after reviewing multiple lessons learned I asked the group another question: What does each of these well-documented incidents have in common? Columbine Virginia Tech Fort Hood University of Alabama-Huntsville   According to expert reviews and reports, each of these incidents could have been prevented. Let me repeat….each of these incidents could have been prevented.  Each of these incidents couldRead More →

By:
On:
In: *Connecting the Dots Blog*, Business Continuity, Human Resources, Risk Management

  I attended the national ACUTA conference last week and one of the speakers mentioned Philip Quigley’s quote regarding ‘farmers and building tractors’.  If you are not familiar with his quote, see below: Philip J. Quigley, former CEO of Pacific Telesis said, “If we were to go back in time 100 years and ask a farmer what he’d like if he could have anything, he’d probably tell us he wanted a horse that was twice as strong and ate half as many oats. He would not tell us he wanted a tractor. Technology changes things so fast that many people aren’t sure what the bestRead More →

By:
On:
In: *Connecting the Dots Blog*, Business Continuity, Risk Management

  According to a recent article at JournalStar.com, Warren Buffett used his letter to Berkshire Hathaway stockholders to bring attention to corporate responsibility and the government bailout of financial institutions. Warren Buffett wrote: “In my view, a board of directors of a huge financial institution is derelict if it does not insist that its CEO bear full responsibility for risk control.  If he’s incapable of handling that job, he should look for other employment.  And if he fails at it – with the government thereupon required to step in with funds or guarantees – the financial consequences for him and his board should be severe.”Read More →

By:
On:
In: *Connecting the Dots Blog*, Business Continuity, Emergency Management, Risk Management

  Reviewing the bipartisan Commission on the Prevention of Weapons of Mass Destruction Proliferation and Terrorism report card reveals lessons learned have not become lessons implemented. The report card included an ‘F’ grade in Biological Risks due to the nation’s capabilities lacking to:  Coordinate and deploy rapid response to prevent biological attacks causing mass casualties   Under Government Reform, the report card included two more ‘F’ grades for: Reform congressional oversight to better address intelligence, homeland security, and crosscutting 21st century national security missions Implement education and training programs to recruit and retain the next generation of national security experts   The two ‘F’ gradesRead More →

By:
On:
In: *Connecting the Dots Blog*, Business Continuity, Regulatory Compliance, Risk Management

Yes, I admit it…I was surfing the FDIC web site this past weekend and I was spending some time reviewing past Financial Institution Letters that the FDIC releases to advise the banking industry of supervisory changes and guidelines. I came across a Financial Institution Letter for Newly Insured FDIC-Supervised Depository Institutions that included the new changes, as well as a list of common elements from troubled or failed institutions. The list offers some potential lessons learned for organizational leaders (board of directors, executive management, compliance and others) and so I thought I would share the list. Rapid growth Over-reliance on volatile funding, including brokered depositsRead More →

By:
On:
In: *Connecting the Dots Blog*, Business Continuity, Information Security, Legal, Regulatory Compliance, School Safety

Every manager I talk to has a long To Do List and they all say the list is getting longer. Then I ask them a question about their GOT TO DO LIST?  Their responses usually include groans, moans and terribly painful looks on their faces. As I talk to more and more managers and review more and more headlines in the news, it is obvious to me that managers’ GOT TO DO LISTS are becoming more painful by the day. Why are GOT TO DO LISTS getting more painful?  Look at these articles which include lessons learned as well as future challenges: Heartland CEO onRead More →

By:
On:
In: *Connecting the Dots Blog*, Business Continuity

According to a recent article, because of tight budgets, many organizations plan to cut funding for technologies that would help to mitigate the main security threats they face. The article went on to say that 72 percent of respondents have seen an increase in e-mail borne malware and phishing, but eight percent of respondents said they plan to cut previously allocated funding for messaging security, e-mail encryption, e-mail security or instant messaging security technologies. The survey also revealed that although 40 percent of respondents noted lost or stolen devices as a top security challenge for the next 12 months, 15 percent said they will beRead More →

By:
On:
In: *Connecting the Dots Blog*, Business Continuity, Human Resources, Risk Management

Numerous lessons learned reveal the Achilles Heel for most managers (and organizations) is the Lack of Implementation Tools.  The lack of implementation tools has become THE principal weakness for all levels of managers that eventually will lead to their downfall. So let’s discuss some of the details surrounding implementation. First, the lack of implementation tools for implementing what you may ask? Implementing Processes.  Processes include:  procedures, policies, plans, regulations, specifications, roles, responsibilities, strategies, priorities, etc.  Numerous Processes need to be implemented in every Department in an organization.  Numerous Processes need to be implemented to meet requirements in Regulations and Mandates, which continue to mount.  NumerousRead More →