We use cookies and other similar technologies (Cookies) to enhance your experience and to provide you with relevant content and ads. By using our website, you are agreeing to the use of Cookies. You can change your settings at any time. Cookie Policy.

Manage Tomorrow's Surprises Today

Steven Minsky

Avoiding Insider Trading with Cybersecurity and ERM

user-pic
Vote 0 Votes

Cybersecurity has been on our radar a lot lately, but that's thanks to the alarming number of recent, high-profile security breaches. Take a look at our recent blog post regarding a major flaw in the Android operating system, or our discussion of hackers' disturbing rate of maturity.


Federal officials recently broke up a long-term insider trading scheme

cyber crimeIn early August of this year, it was announced that Feds succeeded in breaking up a hacking and insider trading scheme in which international hackers gained access to corporate news releases before the intended release dates, and the captured data enabled successful, illegal trades.

Cyber-attacks like these can come at any time and from anywhere: inside, outside, even overseas. They may involve simple corruption or theft, as with Android's issue, but can also be facilitated by company employees, as unpleasant as that notion is.

Protecting your company against any and all cybersecurity breaches is certainly doable, but it will require a concerted, enterprise-wide IT and IS risk management effort. Employees operating on the so-called front lines are just as crucial to uncovering risks as members of senior management.


What actually happened, and who was affected?

According to The New York Times, five men have been indicted so far. Their attack was patient and calculated, having taken place over the course of at least five years.

Technically, they hacked specifically into information-dissemination companies such as Business Wire, but the attacks granted them access to sensitive information about dozens of unsuspecting, publicly traded companies.

Indirect victims come from a wide variety of industries and include Bank of America, Clorox, and Caterpillar, says The New York Times.


How hackers infiltrate their targets

Hacking and illegal trading methods are complicated and diverse enough that entire books could be written about them. BBC news, however, has identified one particularly alarming method somewhat reminiscent of the one criminals might have used to hack Android phones.

This method, aptly known as "spear-phishing," involves sending infected emails to pre-identified, key members of an organization. That's right - hackers are able to pick you out from the bunch if they think targeting you will help them succeed.


As an organization, stay aware & implement preventative cybersecurity measures

The goal of this post is not to spark paranoia. Far from it. ERM software can help you monitor news feeds, identify risk, automatically notify those in your organization that are most likely to be impacted by that risk as well as coordinate and track mitigation activities through to completion.

Centralizing incident management processes, and using them to engage those that are needed in response is critical to prevent disasters before they happen. Visit our website to learn how LogicManager's incident management software platform can help you prioritize what needs to get done today.

 

Request a free, live demo from a LogicManager Analyst to see how our Enterprise Risk Management software can help you achieve this in less than 90 days.


Leave a comment

In this blog, risk expert Steven Minsky highlights the differences between traditional risk management and true enterprise risk management, which is about helping things happen rather than preventing them from happening. Manage Tomorrow's Surprises Today is designed to help you think about risk in new ways and learn how to benefit practically from this rapidly evolving field.

Steven Minsky

Steven is the CEO of LogicManager, Inc. the leading provider of ERM software solutions. Steven is the architect of the RIMS Risk Maturity Model for ERM, author of the RIMS State of ERM Report among many other papers, and a RIMS Fellow (RF) instructor on ERM. Steven has conducted ERM and RIMS Risk Maturity Model training for hundreds of organizations around the globe. Steven is a patent author of risk and process management technology and holds MBA and MA degrees from the University of Pennsylvania’s Wharton School of Business and The Joseph H. Lauder Institute of International Management. You can reach Steven at steven.minsky@logicmanager.com.

Recently Commented On

Monthly Archives

Blogs

ADVERTISEMENT