2018: Businesses get stronger through cyber resilience

In the past, companies tried to create perfect security. You were either secure, or you weren’t. But today, risk is no longer viewed as being perfect or binary. It’s a continuum. In 2018 enterprises will focus on getting their resilience as high as possible — or, reducing their risk by taking down the highest-risk activities. […]

What’s your cyber risk appetite?

How much cyber risk is your organization willing to take on? Knowing this “risk appetite” is an important element in the pace of the digitization of your organization. Cyber resilience is the ability of your enterprise to keep its transformed business models efficient and effective in the face of increased IT system threats from nation […]

To lower enterprise risk, get cyber resilient

The digital transformation of business puts information technology at the center of your enterprise. At the same time, it greatly expands risks to the enterprise. As these cyber risks become central to both operational and business risk, they’ll have a greater influence on the enterprise’s overall risk. What you need is cyber resilience. That’s the […]

The value of orthogonal data to insurers

It is anticipated that within the next three years, on average every human being on the planet will create about 1.7 megabytes of new information every second. This includes 40,000 Google searches every second, 31 million Facebook messages every minute, and over 400,000 hours of new YouTube videos every day. At first glance, the importance […]

A passion for obsession

Passion

Everyone admires someone with tremendous passions, but if you have tremendous obsessions for the same things, you’re considered “scary.” It’s like the difference between a renaissance man and a madman. I understand this. I’ve accumulated many passions over the years, ranging from food and wine, fly-tying and snowboard instruction to cross cultural communications. I can […]

Reducing your risk in the cloud

Reducing Risk in the Cloud

In late 2014 and early 2015, the Australian Prudential Regulatory Authority (APRA) observed that many of the regulated entities that previously outsourced parts of their ICT capability were increasingly adopting a cloud strategy. The organisation released an information paper, Outsourcing Involving Shared Computing Services (including Cloud), intended as guidance for the banking and financial sectors. In response, I published […]

Leaked U.S. cybersecurity order focuses on workforce development

The latest draft of the Trump administration’s cybersecurity executive order focuses on modernizing federal IT systems and holding departmental heads responsible for maintaining adequate security. While hopes were high that the order would be signed earlier in the administration’s tenure, the date keeps getting pushed back. Rumors have picked up once again this week, following the latest […]

Insuring blockchain assets

Last month, I started hearing some chatter in blockchain tech circles (some skeptical) about Inchain, an autonomous insurance service on the Ethereum blockchain.  Its initial stated objective is to manage the risk of loss of virtual assets stored on blockchains – rather than physical assets in the “real world”. Insurance Inchain is a decentralised insurance platform that mitigates […]

Oscillating between ‘Know Your Customer’ and ‘Know Your Bank’

In a previous post, we examined some elements of Know Your Customer (KYC) programs. Now I’m going to drill deeper into what happens when the interests and objectives of customers, banks and regulators don’t converge. In many cases, this gives rise to disconnects or the possibility of disconnects. For example, when the interests/objectives of the bank and […]

Finding and building a safe place to fail

In a previous life, I spent many hours working with colleagues and consulting clients on baking risk-reward structures into compensation plans at every level in the enterprise. In essence, we built pay and bonus programs that not only encouraged, but incentivized taking risks and, in many cases, failing after. We found that even though the […]