“Three From China Indicted in Cyberattacks,” The Wall Street Journal, November 28, 2017 B4. Allegedly hacked into the email account of an economist at Moody’s and gained access to gigabytes of confidential data of Siemens beginning in 2011.
Who has access to your data? Is the email account of a third-party vendor a potential source of a major leak? Even an economist?
Filed under Access, Compliance, Controls, Corporation, Duty, Duty of Care, Employees, Governance, Information, Interconnections, Internal controls, IT, Oversight, Protect assets, Security, Third parties, Value
“Chicago Sues Uber For Lag in Reporting Data Hack,” The Wall Street Journal, November 28, 2017 B4. Following the disclosure of the year-old breach of 57 million accounts, Uber is sued for consumer fraud and deceptive business practices, among other things.
There is the breach. And then your response to the breach. And then the regulators’ and the customers’ and the shareholders’ response to the breach.
Filed under Communications, Compliance, Controls, Corporation, Directors, Duty, Duty of Care, Employees, Governance, Information, Internal controls, Investor relations, IT, Oversight, Protect assets, Security, Supervision, To report, Value
Cybersecurity involves protecting the enterprise from internal or external attack and responding after the enterprise has been attacked. How do you ensure your business continues to operate if its cybersecurity is breached? It’s not just sending notices to affected customers and paying for credit watches.
“Banks Create Cyber Doomsday System,” The Wall Street Journal, December 4, 2017 B1. By requiring banks and credit unions to back up their data so that operations can be restored after a breach. This also protects confidence in the overall banking system.
Do you have a business continuity plan? Does it address how you will access your critical information so that you can continue to operate?
What’s surprising is that this is newsworthy.
Filed under Access, Board, Business Case, Business Continuity, Controls, Corporation, Directors, Duty, Duty of Care, Governance, Information, Interconnections, Internal controls, IT, Operations, Oversight, Protect assets, Protect information assets, Security, Value
“Steinhoff’s CEO Resigns Amid Accounting Probe,” The Wall Street Journal December 7, 2017 B3. Off-balance sheet accounting leads to resignation of CEO of parent company of Sleepy’s (a mattress brand), and a drop of 62% in share value.
Where was the Board? Where were the auditors? Trying out the company product?
Who pays the price of management’s failure?
Filed under Accuracy, Compliance, Compliance, Compliance Verification, Controls, Corporation, Culture, Duty, Employees, Governance, Information, Internal controls, Oversight, Oversight, To report, Value
“Nielsen Acknowledges It Misses ‘Live’ Streamers,” The Wall Street Journal December 7, 2017 B3. Networks don’t get full credit on the viewing statistics (number of viewers for a particular show) for all the live viewers. Apparently, those viewers who stream certain broadcasts aren’t fully counted.
What do you do when technology changes, and it’s harder to count what you’re used to counting? How do you price your offering? What’s your information worth?
“Wall Street Takes Aim At Market-Data Sales,” The Wall Street Journal, December 7, 2017 B1. Banks and trading firms want the SEC to limit the amount that stock exchanges can charge for selling market data.
Apparently, capitalism is a one-way street. Or not. And market data has a large value.
“Russian Firm Was Long Seen as Threat,” The Wall Street Journal, November 18, 2017 A2. Questions as to the Kaspersky antivirus software company were raised by military intelligence in 2004, well before the 2013 threat assessment issued Pentagon-wide.
Who dropped the ball? Did the Russians have an inside track?
Filed under Access, Communications, Controls, Duty, Duty of Care, Governance, Government, Information, IT, Oversight, Security, Supervision, Value