By:
On:
In: *Connecting the Dots Blog*, Hackers, Human Resources, Information Security, Risk Management, Security

ONGOING PATCHING is one of the BEST ways to prevent expensive and embarrassing information security breaches. Equifax failed to PATCH a server and it led to 143 million of Americans (perhaps even you and me) having their sensitive information exposed to cybercriminals. Two top Equifax IT executives have stepped down (and were called out by name in negative headlines) because they failed to make sure the ONGOING PATCHING of their servers took place in a timely manner to prevent hackers from gaining unauthorized access to sensitive information. Equifax is just one of thousands of organizations that have failed to make sure ONGOING PATCHING is takingRead More →

By:
On:
In: *Connecting the Dots Blog*, Business Continuity, Connect the Dots, Emergency Management, Financial, Government, Health Care, Human Resources, Incident Reporting, indicators, Prevention, Risk Management, Workplace Violence

Dangerous GAPS Evidence from hundreds of post-incident reports reveal almost every organization and community has a myriad of common GAPS and dangerous GAPS. At-Risk Individuals Evidence reveals almost every organization and/or community has at-risk individuals who could commit numerous types of disruptive incidents involving people, information, organizations, and communities. Disruptive Incidents Evidence reveals alarming trends involving numerous types of disruptive incidents including terrorism, homicides, workplace violence, gang violence, drugs, crimes, sexual assaults, human trafficking, suicides, and numerous others. Dangerous GAPS and Disruptive Incidents Unless (and until) dangerous GAPS are eliminated, disruptive incidents, tragedies, and numerous other unwanted, embarrassing, and costly consequences will be difficult ifRead More →

By:
On:
In: *Connecting the Dots Blog*, Campus Safety, Connect the Dots, Education, Emergency Management, Financial, Government, Health Care, Human Resources, Incident Reporting, indicators, Legal, Prevention, Risk Management, School Safety, Workplace Violence

Give us 5 minutes… …and you’ll see why YOU need a proven “Connecting the Dots Platform” for your organization, because no one wants a preventable incident on their resume or conscience. Want to get notified as soon as we post helpful information like this? Subscribe to our blog in the right sidebar!Read More →

By:
On:
In: *Connecting the Dots Blog*, Education, Human Resources

  As budgets grow tighter…how many school Superintendents would approve the following expense requests? Expense Request A: I am submitting a request to spend thousands of dollars to print up thousands of pages of information that no one will read… Expense Request B: I am submitting a request to spend thousands of dollars for software, hardware and personnel to support the software and hardware so we can upload documents on our intranet that no one will read… Bottom lines are getting crunched because schools are still spending thousands and thousands of dollars on printing, distributing and updating Student Handbooks, Teacher Handbooks, Employee Handbooks, Department Binders, CodeRead More →

By:
On:
In: *Connecting the Dots Blog*, Human Resources, Legal, Regulatory Compliance

  I recently came across a discussion between Markkula Center for Applied Ethics’ Executive Director Kirk Hanson and Craig Nordlund, former general counsel of Agilent Technologies.  Nordlund believes the concern for ethics must be shared by everyone in the organization, but suggests ethics programs will be ineffective without leadership from the company’s top executives. It is hard to argue with his comment stating “ethics programs will not work unless there is leadership on ethics from the company’s top executives”. However, lessons learned and incidents seem to clearly reveal that leadership from the company’s top executives is not enough. So why is creating an ethics cultureRead More →

By:
On:
In: *Connecting the Dots Blog*, Financial, Human Resources, Information Privacy, Information Security, Regulatory Compliance, Risk Management

  Recent attacks continue to show that spear phishing is quickly emerging as one of the society’s greatest threats.  Technology alone is NOT going to solve this problem.  It is critical for consumers to be more vigilant and aware of what they are clicking on, sites they are visiting, e-mails they are responding to, etc. Lessons Learned:  Financial insitutions should make consumer education a higher priority.  Awareness training, handouts, seminars, etc. can be a great way for organizations to connect with their customers, improve trust, enhance reputations and help prevent potential incidents, breaches, lawsuits, etc. down the road.  Security awareness training and education can become aRead More →

By:
On:
In: *Connecting the Dots Blog*, Human Resources, Regulatory Compliance

  OCEG recently announced poll results from a One Minute Poll about Policy Management.  In their poll, 429 members replied to the following question: How do you primarily manage lifecycle of internal policies, procedures and guidelines? 32% use an internally developed database or intranet system 24% have no formal structure 18% use file folders or centralized network drive 14% use document or policy management software  8% track changes in Word  4% use other methods   Lessons learned:  Bad guys already know what the results from this poll clearly reveal…People are an organization’s weakest links.  As long as 86% or more of organizations continue to useRead More →

By:
On:
In: *Connecting the Dots Blog*, Government, Human Resources, Workplace Violence

  The Ethics Resource Center’s (ERC) recent survey revealed that 40% of employees observing misconduct do not step forward to report it out of fear of retaliation, mistrust or feel their reports will be ignored. Lessons Learned: Organizations must develop secure, anonymous and/or confidential reporting solutions to empower all employees (and third-parties) to report suspicious incidents, violence, fraud, misconduct, ethical violations, etc.  And once an incident has been reported, all appropriate personnel (ethics, legal, management, compliance, safety, law enforcement, etc) should be immediately and automatically notified to ensure a timely response and ensure red flags do not fall through the cracks. Based on other surveysRead More →

By:
On:
In: *Connecting the Dots Blog*, Campus Safety, Human Resources, Incident Reporting, Risk Management, School Safety

  Already in 2011, tragedies in Tucson and Omaha have reminded each of us about the consequences of missed opportunities involving red flags and warning signs.  Lives were lost and lives will be changed forever because of these and many other tragic incidents. We are now learning numerous red flags and warning signs existed involving the gunman in each tragedy, which has many people asking why these two tragedies were not prevented and how can we prevent future incidents like these from occurring? Some people are suggesting new gun control laws in Arizona or new laws that do not allow guns within 1000 feet ofRead More →

By:
On:
In: *Connecting the Dots Blog*, Human Resources, Information Privacy, Information Security, Risk Management

  In a recent Dark Reading article, new research from Trusteer revealed that mobile users are the most likely to fall victim to fake e-mail messages and visit phishing sites. Once they arrive at the fraudulent site they are also three times more likely than users on PCs to provide sensitive login information. Why are mobile users more vulnerable? Availability – smartphones are with their users 24/7 so e-mails are checked more frequently. Phishing attacks generally get their victims during their initial launch, as after a certain time frame sites are taken down, blocked or shut down. Size – the smaller screens of mobile devicesRead More →