Thursday, November 6, 2008

Risk Management in the Digital Age

Check out Russ Banham's "Risk Management in the Digital Age" article in today's Wall Street Journal. It's pretty scary to hear the ease with which sophisticated cyber criminals are able to steal financial information and make themselves a whole lot of money.

Brendan
Posted by Brendan at 11/06/2008 08:29:00 AM
Labels: ,

4 comments:

  1. BrendanNovember 6, 2008 at 8:37 AM

    I think one of the most interesting parts of the article is that of trying to manage "inside jobs." I guess it's impossible to fully protect against an insider mishandling, whether with malicious intent or not, sensitive information, right?

    ReplyDelete
  2. KatieNovember 6, 2008 at 3:04 PM

    I agree with Brendan-it's really hard to protect against inside jobs (though the government has a lot of ways to protect information like not allowing flash drives, etc.).
    I also thought this article was interesting, as well as a bit disturbing. It is nice for the consumers, because it seems a lot of the risks are mitigated by credit card companies/financial institutions. These kinds businesses, of course, are effected greatly by digital age "bank robberies". I thought it was also interesting how normal businesses have become very concerned with this issue as well. The expanding technology that has allowed for online financial hacking has also made information so readily available. You can research where to buy from or what financial company is most secure easily using the internet.

    ReplyDelete
  3. irishNovember 7, 2008 at 1:37 PM

    This article just screams for the need of better education and controls on data. For example education on social engineering attacks by companies will make employees more aware of social attacks and how to avoid them. Another thing that needs to be done is encouraging employees not to bring sensative data at the office so that laptops, hardrives, and USB drives are not stolen.

    ReplyDelete
  4. Megan BeckerNovember 8, 2008 at 11:54 PM

    Even though companies say that employees can't use things like flashdrives, it is very difficult to enforce. It's not feasible for a company to watch what ever employee is doing at all times. And incidents like the Veterans Association demonstrate that employees fail to even physically protect data. I think a lot of times we think of phishing scams as targeting individuals, but as this article discusses, they can have disastrous effects on companies as well. The way the customer perceives them (whether it's accurate or not) is essential to their success. Even though it's so important to prevent attacks, I think companies are always going to struggle with protecting themselves internally. It's so easy for employees to access important information. Even if all employees are well educated on information security, there will always be somebody who wants to exploit their privileges.

    ReplyDelete

Subscribe to: Post Comments (Atom)