Hiring a new employee can be a rushed process, especially if the position is a mission-critical one. But neglecting to follow through on pre-employment screening can be even more disastrous to the enterprise than having an empty seat for a few weeks. A foregone or limited background check, a lack of fact-checking or a single-minded policy about hiring could leave a company with rushed hire and an unsuitable new employee, or worse – a wave of new risks and liability.
Picture this – in 20 minutes, one enterprising hacker at the 2012 Defcon conference in Las Vegas learned one Wal-Mart store’s physical logistics – from the janitorial contractor to where employees go to lunch – key details about the make and version numbers of the Wal-Mart manager’s PC, browser and anti-virus software, and got the manager to upload the address of an external website into his browser – no questions asked.
Utilizing the principles, standards and methodologies of ERM and/or ISO 31000 as the foundation of security programs is vital in order to transform your security program to holistically address the full scope of the risk, threat and hazard landscape that your organization faces today and into the future. Going forward, we will provide some insight into the concepts of ERM and why it is so important to utilize ERM as the foundation of your security program.
Risk appetite isn’t a term that comes up a lot in the security trade media. This is interesting, because understanding risk appetite is a crucial factor in developing acceptable security programs, communicating value, and aligning the function with the goals of the business — all of which are talked about in security circles all the time. So what is risk appetite?
The 1995 bombing of the Alfred P. Murrah Federal Building in downtown Oklahoma City, OK, changed the state of Oklahoma and the country as a whole forever, but it didn’t stop businesses and families from calling it home, including GE’s new Oil & Gas Technology Center (OGTC), in Oklahoma City. Learn how the OGTC is a shining example of high-tech security with GE’s historically customer centered beliefs and strategy. Also in this issue: why smart cards are increasingly being embedded into mobile devices and wearables, what role certifications play in your career, and much more!