|By RealWire News Distribution||
|January 22, 2014 09:16 PM EST||
Business risk consultancy Riskskill (www.riskskill.com) has highlighted what it sees as the main areas of business risk in 2014. Advances in mobile and payment technology predominate globally, along with a retrenchment of government strategy in the UK. Their research suggests that key areas of risk growth in 2014 include:
1. Fraud Risks
In 2014 fraud risks are likely to be the major contender for exposing many businesses to significant risk as the closure of the government's National Fraud Authority (NFA) could, some feel, be seen by fraudsters as a huge victory for the bad guys. The NFA was set up to consolidate and focus upon the handling and approach of combatting fraud and also to direct the strategic elements of the attack on the fraudster. The NFA objectives were previously diluted from eight to three, with the more 'strategic issues' removed. Now its remaining operational functions have been atomized into several government silos.
On the commercial side, payment markets will continue to evolve very quickly this year. New payment systems and software solutions are appearing daily. Many of these do not put in place effective authentication, security, standards or best practice systems. Often, this is because these have yet to be created in a market that is changing so rapidly. New mobile payment and wallet solutions are being developed with the backing of 'big' funding and strong marketing campaigns. Only a few of these will win through though. Many will fail, either commercially or because of serious 'fraud attacks' that exploit the lack of authentication.
2. Identity Validation / Authentication
Who am I dealing with? This will become an increasingly important 'risk related' question in 2014 for businesses and consumers alike and it is very much linked into the whole 'mobile' market evolution. Anti Money Laundering legislation, whether it is in the UK or across the EU, requires that one properly identifies who we are doing business with, know what our customers do, regularly check, watch and look for unusual transactions that might be illegal, and report anything suspect.
There are though several weaknesses in this area. For example, some small operators of 'new' payment solutions think that they are excluded from these requirements. There are also some insurance company policy sellers, who are playing catch up and often who do not check identities. Then there is the public who are increasingly becoming payment providers as they buy and sell more on-line. Whereas one used to know who one was dealing with for financial transactions (as it used to be only one's banks, card companies and utilities that one dealt with) it can now potentially be almost anyone, anywhere in the world.
As a consequence, identity, identity validation and data certainty will all move up the risk hierarchy and as a result so will the level of importance placed on these areas by businesses in 2014. These risks will be amplified greatly or those organisations that do not understand the issues or address them properly.
3. Big-Data Losses
With such problems increasingly arising where our personal data is held and managed by more and more people, often across the web, a new generation of customers are very open about their data and therein are disclosing everything about their finances. They are very keen to become users of the new mobile breed of financial products, which will increasingly present greater opportunities for identity theft and data compromises. With numerous high profile data breaches losing millions of customer data records including payment details in 2013, one can see that more of these types of losses will be incurred over the coming year. Thankfully, the PCI DSS initiatives have helped to protect payments but there are too many people now handling our data. Some observers feel that there is not a comprehensive and pervasive enough solution to protect us. H M Government should be setting the strategy here, but do they have right 'body' with the appropriate level of oversight to understand the threat now that the NFA has been disbanded?
4. Protection For Multiple Channels
The proliferation of new wallets, payment instruments, mobile devices, payment applications and standards being developed means that for businesses to keep up, they need to evolve new protections, controls, and security that are consistent across multiple channels simultaneously - what one might call 'unified protection'. As ever, the security and controls side of things will often lag behind; so businesses must ensure that these developments are carried out fully and that they are free from short-cuts as these will lead to problems later.
One of the major areas of attack expected is a fresh onslaught of new viruses. With such new threats as Cryptolocker, and other such plagues landing on business of all sizes, there is a risk that this kind of attack could reach epidemic levels in 2014. Even the smallest firms must ensure that they update virus and anti-malware software regularly, maintain strong back-up regimes and avoid clicking on any suspicious links. If these dangers move closer to mobile payments, it could threaten the momentum of the mobile sector evolution especially where authentication is often far less effective than it could or should be.
5. Silo Mentality Causing Corporate Ineffectiveness in Combatting Risk
Borne out of the desire to conduct business correctly, increasingly complicated silo structures have grown up in the corporate world, with many differing and sometimes potentially conflicting interests. Often large businesses in particular, introduce several highly ineffective theoretical layers of risk management protection that often keep the business too busy and too slow to do the real work required to tackle the challenges that organisations face.
Instead, businesses should be fighting hard to define clear risk management direction, together with business goals that incorporate risk thinking and risk/loss targets. Collaboration is the key here. It facilitates speed of decision-making, clear and assertive action-taking and an understanding of the business drivers. It also enables the ability to act, invest and change the business as required which are key to controlling risks.
Says Bill Trueman CEO of Riskskill's parent company UKFraud, "The whole area of risk management is an on-going challenge to maintain and manage controls and processes in business. Losses tend only to be managed in a panic when they happen, but are generally predictable and avoidable. Equally, management should be able to move and act quickly and effectively to change the business and to react to attacks. Problems generally occur because the controls, measurements, or IT security technologies have lapsed over time. With the exception of fraud losses, things do not take us by surprise. Even with fraud, most of the losses are completely preventable and something that can be planned for.
"In 2014 it is going to become easier for things to go wrong. As we enter the year with FTSE / S&P highs and increasing employment rates, the evident green shoots of recovery will see system controls and financial prudence starting to relax. This will encourage both internal and external attacks on a business and upon individuals alike. Greedy crooks, will take these more relaxed opportunities and exploit them fully. The opening of new product and sales channels such as mobile payment will inevitably mean that there will be gaps and new risks that are opened up. The risk management challenges in addressing these will probably predominate in 2014."
About Riskskill (www.riskskill.com)
Part of the acclaimed UKFraud operation, Riskskill delivers 'total risk' strategies, direction, risk assessments for major corporations, solving problems and engineering bespoke risk reduction solutions in organisational, management, financial control and IT.
Specialists at Riskskill cause losses to reduce by €-$-£ millions each year, when they carry out assessments, analyse areas where organisations are at risk and put in corrective plans in area that include: fraud, credit risks, counterparty or partner risks, cybercrime exposures, bad debt management, and the oversight and control of other write-offs along with compliance penalties and legal-case losses. Having identified specific areas of risk, Riskskill supports businesses with change plans. Plans are backed by comprehensive executive mentoring and support, coaching, training and staff mentoring programmes, which target the engineering of ground-up (but also top-down) solutions throughout a client's organisation, people, processes, management and systems.
For Further Information please contact:
+44 20 8133 7575
The Right Image
+44 844 561 7586
+44 7758 372527
Technology vendors and analysts are eager to paint a rosy picture of how wonderful IoT is and why your deployment will be great with the use of their products and services. While it is easy to showcase successful IoT solutions, identifying IoT systems that missed the mark or failed can often provide more in the way of key lessons learned. In his session at @ThingsExpo, Peter Vanderminden, Principal Industry Analyst for IoT & Digital Supply Chain to Flatiron Strategies, will focus on how IoT depl...
Jan. 18, 2017 02:30 AM EST Reads: 1,806
Data is an unusual currency; it is not restricted by the same transactional limitations as money or people. In fact, the more that you leverage your data across multiple business use cases, the more valuable it becomes to the organization. And the same can be said about the organization’s analytics. In his session at 19th Cloud Expo, Bill Schmarzo, CTO for the Big Data Practice at Dell EMC, introduced a methodology for capturing, enriching and sharing data (and analytics) across the organization...
Jan. 18, 2017 02:15 AM EST Reads: 3,202
With all the incredible momentum behind the Internet of Things (IoT) industry, it is easy to forget that not a single CEO wakes up and wonders if “my IoT is broken.” What they wonder is if they are making the right decisions to do all they can to increase revenue, decrease costs, and improve customer experience – effectively the same challenges they have always had in growing their business. The exciting thing about the IoT industry is now these decisions can be better, faster, and smarter. Now ...
Jan. 18, 2017 01:30 AM EST Reads: 4,197
WebRTC is about the data channel as much as about video and audio conferencing. However, basically all commercial WebRTC applications have been built with a focus on audio and video. The handling of “data” has been limited to text chat and file download – all other data sharing seems to end with screensharing. What is holding back a more intensive use of peer-to-peer data? In her session at @ThingsExpo, Dr Silvia Pfeiffer, WebRTC Applications Team Lead at National ICT Australia, looked at differ...
Jan. 18, 2017 01:15 AM EST Reads: 4,868
The cloud market growth today is largely in public clouds. While there is a lot of spend in IT departments in virtualization, these aren’t yet translating into a true “cloud” experience within the enterprise. What is stopping the growth of the “private cloud” market? In his general session at 18th Cloud Expo, Nara Rajagopalan, CEO of Accelerite, explored the challenges in deploying, managing, and getting adoption for a private cloud within an enterprise. What are the key differences between wh...
Jan. 18, 2017 01:00 AM EST Reads: 6,044
"Splunk basically takes machine data and we make it usable, valuable and accessible for everyone. The way that plays in DevOps is - we need to make data-driven decisions to delivering applications," explained Andi Mann, Chief Technology Advocate at Splunk and @DevOpsSummit Conference Chair, in this SYS-CON.tv interview at @DevOpsSummit at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Jan. 18, 2017 01:00 AM EST Reads: 2,009
"Logz.io is a log analytics platform. We offer the ELK stack, which is the most common log analytics platform in the world. We offer it as a cloud service," explained Tomer Levy, co-founder and CEO of Logz.io, in this SYS-CON.tv interview at DevOps Summit, held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA.
Jan. 18, 2017 12:45 AM EST Reads: 6,247
Adding public cloud resources to an existing application can be a daunting process. The tools that you currently use to manage the software and hardware outside the cloud aren’t always the best tools to efficiently grow into the cloud. All of the major configuration management tools have cloud orchestration plugins that can be leveraged, but there are also cloud-native tools that can dramatically improve the efficiency of managing your application lifecycle. In his session at 18th Cloud Expo, ...
Jan. 18, 2017 12:45 AM EST Reads: 5,949
In his session at @DevOpsSummit at 19th Cloud Expo, Robert Doyle, lead architect at eCube Systems, will examine the issues and need for an agile infrastructure and show the advantages of capturing developer knowledge in an exportable file for migration into production. He will introduce the use of NXTmonitor, a next-generation DevOps tool that captures application environments, dependencies and start/stop procedures in a portable configuration file with an easy-to-use GUI. In addition to captur...
Jan. 18, 2017 12:30 AM EST Reads: 2,782
"ReadyTalk is an audio and web video conferencing provider. We've really come to embrace WebRTC as the platform for our future of technology," explained Dan Cunningham, CTO of ReadyTalk, in this SYS-CON.tv interview at WebRTC Summit at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Jan. 18, 2017 12:00 AM EST Reads: 2,256
Due of the rise of Hadoop, many enterprises are now deploying their first small clusters of 10 to 20 servers. At this small scale, the complexity of operating the cluster looks and feels like general data center servers. It is not until the clusters scale, as they inevitably do, when the pain caused by the exponential complexity becomes apparent. We've seen this problem occur time and time again. In his session at Big Data Expo, Greg Bruno, Vice President of Engineering and co-founder of StackIQ...
Jan. 18, 2017 12:00 AM EST Reads: 7,735
One of the hottest areas in cloud right now is DRaaS and related offerings. In his session at 16th Cloud Expo, Dale Levesque, Disaster Recovery Product Manager with Windstream's Cloud and Data Center Marketing team, will discuss the benefits of the cloud model, which far outweigh the traditional approach, and how enterprises need to ensure that their needs are properly being met.
Jan. 17, 2017 11:30 PM EST Reads: 4,340
Containers have changed the mind of IT in DevOps. They enable developers to work with dev, test, stage and production environments identically. Containers provide the right abstraction for microservices and many cloud platforms have integrated them into deployment pipelines. DevOps and Containers together help companies to achieve their business goals faster and more effectively. In his session at DevOps Summit, Ruslan Synytsky, CEO and Co-founder of Jelastic, reviewed the current landscape of D...
Jan. 17, 2017 11:15 PM EST Reads: 4,925
In 2014, Amazon announced a new form of compute called Lambda. We didn't know it at the time, but this represented a fundamental shift in what we expect from cloud computing. Now, all of the major cloud computing vendors want to take part in this disruptive technology. In his session at 20th Cloud Expo, John Jelinek IV, a web developer at Linux Academy, will discuss why major players like AWS, Microsoft Azure, IBM Bluemix, and Google Cloud Platform are all trying to sidestep VMs and containers...
Jan. 17, 2017 11:00 PM EST Reads: 577
IoT is at the core or many Digital Transformation initiatives with the goal of re-inventing a company's business model. We all agree that collecting relevant IoT data will result in massive amounts of data needing to be stored. However, with the rapid development of IoT devices and ongoing business model transformation, we are not able to predict the volume and growth of IoT data. And with the lack of IoT history, traditional methods of IT and infrastructure planning based on the past do not app...
Jan. 17, 2017 10:30 PM EST Reads: 726