Controlling risks

The first response to an identified hazard/risk is to quantify it.  If it’s big enough to worry about, then you establish controls (people, process, technology) to reduce the likelihood or impact, or both, should that hazard/risk occur.

Now, say the identified hazard/risk is the compromise of your proprietary information.  Like internal conversations about business stuff.  If someone is “mining” that chat stream and analyzing the content, can they get hints about what you’re going to do?

Apparently.  Or at least Goldman Sachs may think so. Or it may be part of the move to a new chat platform. Is Bloomberg’s service scraping data?  And whose data might they be scraping?  Goldman’s?  Its customers’?

“Goldman to Muzzle Some Chat Services, Wall Street Journal, January 24, 2014 C1 http://on.wsj.com/1mRD94Z

Advertisements

Leave a comment

Filed under Business Case, Controls, Information, Internal controls, IT, Ownership, Risk, Security, Third parties, Value

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s