The Morning Risk Report: Firms Go Beyond Tech to Fight Data Theft

By Henry Cutter

Companies need to ensure their security strategy encompasses more than the technology-focused approach many firms use today because confidential information faces a greater risk of theft, said Jason Smolanoff, leader of the global cybersecurity practice at Kroll Inc. While 29% of 540 senior executives surveyed last summer by the risk-consulting firm said their firm experienced information theft in the previous 12 months. The survey revealed 27% reported the stealing of physical property, long the most frequent type of fraud. “I would say that these days most information-security programs have been based on a technological solution,” said Mr. Smolanoff. “The real reason why the fraud happens was a lack of really good governance structures.”

To fight back effectively a company must assess what kinds of data it wants to protect and how that information moves through its work flow, he said. It next should look at the threat, consider who might want to steal the data and what tactics they might use. Considering those points allows a company to devise a broad plan that includes technological and other elements, said Mr. Smolanoff. Kevin Hyams, who heads the governance, risk and compliance practice at the accounting and advisory firm Friedman LLP, said a policy for how sensitive information should be handled should be disseminated throughout a firm. Other elements of a plan should include nondisclosure and noncompete agreements for key staff with access to data, training and regular reminders from top executives about security. “There needs to be an atmosphere within an organization that is conducive” to employees taking care to protect data, said Mr. Hyams.

Companies can take specific steps to create that atmosphere, said Caterina Bulgarella, an independent consultant who helps companies change their cultures. Asking employees how they think security procedures could be made better will not only generate specific ideas for improvements, it will emphasize the importance of the data itself, she said. Working together on a problem creates trust that can counter a human tendency to underestimate others’ ethics, giving someone justification to not follow the highest standards themselves, she said. And making sure people feel valued can reduce the risk of malicious breaches by staff or former employees. “The trick is about enlisting people in your organization to do the monitoring of the process,” said Ms. Bulgarella.


U.S. pushes Russia over its neighbors. The U.S. added to its pressure campaign over Russia’s incursions on its neighbors, adding dozens of names to its blacklist related to Ukraine and condemning an agreement struck with breakaway leaders in Georgia.


Japan orders more security for Coincheck. Japanese regulators on Monday ordered cryptocurrency exchange Coincheck Inc. to strengthen its security measures, three days after the exchange said it had been hacked and lost about $530 million in customers’ assets, the WSJ reports.

Saudi businessman is freed. Billionaire Prince al-Waleed bin Talal, a large investor in Western companies, was among a handful of businessmen freed over the weekend after agreeing to make payments to the Saudi government, the WSJ reports. The men had been held in what the government called an anticorruption campaign. People close to the prince say he maintains his innocence.

Canada. Mexico reject a change to Nafta. Mexico and Canada have rejected a proposal by the Trump administration to remake a corporate arbitration system that is a key part of the North American Free Trade Agreement, according to people involved in talks to update the pact, the WSJ reports.


Intel takes heat over chip-flaw disclosure. Intel Corp.’s initial disclosures of security flaws in its chips included Chinese firms, but left out the U.S. government, the WSJ reports. Intel  said it couldn’t inform everyone it had planned to because the news was made public earlier than expected.


Activists to push for sale of Avon. Activist investors Shah Capital, Barington Capital Group LP and NuOrion Partners are joining together to call on Avon Products Inc. to seek a buyer. An Avon spokesman said the companyu is committed to seeking value for shareholders, the WSJ reports.

Elliott Management takes Sky stake. Elliott Management Corp. disclosed Friday that it had taken a 1.09% stake in Sky PLC, which could complicate 21st Century Fox’s effort to consolidate ownership of the British pay-TV giant. Elliott is known for its activist campaigns. Elliott and Sky didn’t respond to requests for comment; Fox declined to comment, the WSJ reports.


Wynn leaves Republican role after harassment allegations. Casino mogul Steve Wynn is stepping down from his post as Republican National Committee finance chairman following a Wall Street Journal report alleging a decadeslong pattern of sexual misconduct by him. Mr. Wynn denied the accusations.

Senator fires staff chief over conduct allegations. Sen. Marco Rubio said late Saturday night that he had fired his chief of staff, Clint H. Reed, after learning a day earlier of allegations of improper conduct. Mr. Reed didn’t respond to a request for comment, the WSJ reports.


Trump hints at retaliation against EU over trade. President Donald Trump extended his threats of action against America’s trading partners, this time hinting at major retaliation against the European Union for what he described as its “very unfair” trade policy toward the U.S., the WSJ reports.


Risk of mudslides as Philippine volcano erupts. Philippine authorities enforced the evacuation of tens of thousands of people as ash and lava spewed from erupting Mount Mayon, warning that mudslides of ash and debris now threaten surrounding areas, the WSJ reports.

Canadian oil firms spar with railroads. Canadian producers hoping to ship oil to the U.S. are running into trouble from railroads, who have signaled they are in no rush to take the oil. Rail operators, fearing oil companies will shift to pipelines when new capacity becomes available in a few years, are pressing oil firms for longer-term contracts, the WSJ reports.


Sanofi to pay $4.95 billion for biotech. Sanofi SA said Monday it would buy Belgian biotech Ablynx for €3.9 billion ($4.85 billion), the French drugmaker’s second acquisition this month after purchasing U.S. hemophilia specialist Bioverativ Inc. Sanofi has been under pressure to complete a large acquisition after earlier deals fell through, the WSJ reports.

Original post found here.

Sign up for our newsletter and get the best of GRC Playbook straight to your inbox.
Leo-logo ERDF ESF