2007 Global Risk Summit at Gleneagles predicts increases in targeted cyber attacks aimed at corporate smart phones and PDAs

Senior executives joined the Corporate Executive Programme’s Global Risk Summit at Gleneagles in Scotland in May to debate trends and anticipate the major risks that will impact international business over the next 12 months.

Senior executives joined the Corporate Executive Programme’s Global Risk Summit at Gleneagles in Scotland in May to debate trends and anticipate the major risks that will impact international business over the next 12 months. Companies and organisations represented included Diageo, Intel, HSBC, KPN, Bank of England, CitiGroup, Sun Microsystems, Verisign, UC Group, Forrester Research, Mitsubishi UFJ, CISCO, Open Text, Imprivata and the UK’s Department for Transport. This year’s Summit examined some of the hottest issues that Boards have to address in their global outlook:

C level executives from Diageo, the Bank of England, UC Group and Mitsubishi UFJ gave their perspectives on the issues that matter most to their Board colleagues – managing risk appetite to support growth whilst embracing the commercial gains from the introduction of new technologies were hot buttons for all Board level executives. A senior research Director from Forrester looked at new organisational strategies for security and information risk chiefs. Moving responsibilities for day-to-day issues to operational departments whilst providing the Board with a strategic risk-based view of the business-driven benefits from the introduction of new and emerging technology solutions was just one of the outcomes from this debate. In the next two years, corporations should expect to have their wireless mobile devices under attack by targeted malicious code designed to extract company-sensitive information and to use these devices as tunnels into corporate networks. During this period, the evolution of “small form factor” targeted attacks will have reached the same sophistication and penetration as those targeting PC and server operating systems are today. The convergence of physical and logical security responsibilities into a centralised CSO role in large global enterprises, was a hot topic for all execs with global responsibilities. As electronic systems providing physical protection for facilities merge with computer systems protecting digital assets, it is becoming obvious that businesses can no longer achieve efficiencies by keeping these disciplines apart and under separate control – continuing to operate these functions in isolation was not considered to be good practice for the future. Some of the potential “show stoppers, challenges and solutions” that came to the fore during the Summit included: Show stoppers: Concern about the manipulation of global business resources to facilitate criminal and terrorist activity – Eg company networks used to send messages; supply chains to move material; procurement to purchase material Lack of understanding of the value of information in enterprises, until it is too late Solar Activity- experts predict that in 2010, we will experience a solar peak which will be the strongest measured during the previous 50 to 200 years. This Electro Magnetic Pulse will effect power grids and communications

Challenges: Managing and communicating uncertainty – how do security professionals add value to the business to achieve optimum risk? - by predicting and judging where best practice lies Integrating all aspects of risk management across and between enterprises

Understanding and responding appropriately to the speed of change.

Solutions:

Below are a couple of tips from one of our senior execs: Boards wish to do only enough – certainly not more than their competitors. So benchmarking with the competition helps to get attention. Getting the message across to the Board or general management asks for tailored communications. What I found useful was to map the personal goals of the individuals and their business goals - then tailor the message so that it supports those goals as much as possible.

About the Corporate Executive Programme (CEP) If you are HR, Finance, Marketing, Security or IT senior executives, you will inevitably have a different perspective on how business and organisational components affect and impact your business or organisation. The CEP is about bringing together members from various functions and from a wide range of industries, to help to create the diverse perspectives needed to understand end-to-end decision-making. The Programme provides unique opportunities for an enhanced understanding of risk issues, whilst members from around the globe contribute to the maintenance of the CEP’s Global Risk Index which offers a collectively accurate assessment of the nature of the top risks against which corporations must plan and prepare. The CEP is affiliated to the global incident handling Forum of Incident Response and Security Teams (FIRST). The experience, knowledge and expertise provided by over 180 global teams, offered the perfect backdrop for the formation of the Corporate Executive Programme. For further information about the CEP please contact the Coordinator John Lyons on +44-7766-900479 or by email at john.lyons@globalcep.com Our website is at: www.globalcep.com

Tue, 05 Jun 2007 21:55:00 +0000

2007 Global Risk Summit at Gleneagles predicts increases in targeted cyber attacks aimed at corporate smart phones and PDAs

Senior executives joined the Corporate Executive Programme’s Global Risk Summit at Gleneagles in Scotland in May to debate trends and anticipate the major risks that will impact international business over the next 12 months.

Senior executives joined the Corporate Executive Programme’s Global Risk Summit at Gleneagles in Scotland in May to debate trends and anticipate the major risks that will impact international business over the next 12 months.

Companies and organisations represented included Diageo, Intel, HSBC, KPN, Bank of England, CitiGroup, Sun Microsystems, Verisign, UC Group, Forrester Research, Mitsubishi UFJ, CISCO, Open Text, Imprivata and the UK’s Department for Transport.

This year’s Summit examined some of the hottest issues that Boards have to address in their global outlook:

  • C level executives from Diageo, the Bank of England, UC Group and Mitsubishi UFJ gave their perspectives on the issues that matter most to their Board colleagues – managing risk appetite to support growth whilst
  • embracing the commercial gains from the introduction of new technologies were hot buttons for all Board level executives.
  • A senior research Director from Forrester looked at new organisational strategies for security and information risk chiefs. Moving responsibilities for day-to-day issues to operational departments whilst providing the Board with a strategic risk-based view of the business-driven benefits from the introduction of new and emerging technology solutions was just one of the outcomes from this debate.
  • In the next two years, corporations should expect to have their wireless mobile devices under attack by targeted malicious code designed to extract company-sensitive information and to use these devices as tunnels into corporate networks. During this period, the evolution of “small form factor” targeted attacks will have reached the same sophistication and penetration as those targeting PC and server operating systems are today.
  • The convergence of physical and logical security responsibilities into a centralised CSO role in large global enterprises, was a hot topic for all execs with global responsibilities. As electronic systems providing physical protection for facilities merge with computer systems protecting digital assets, it is becoming obvious that businesses can no longer achieve efficiencies by keeping these disciplines apart and under separate control – continuing to operate these functions in isolation was not considered to be good practice for the future.