Are you Covered? | Cyber Attacks May Cause Property Damage

Posted by Jon Edwards on Jan 10, 2017 2:16:47 PM

Traditionally, a cyber breach occurs and otherwise private information is stolen or made public resulting in costs such as notification expenses, IT forensics, data recovery, public relations/crisis management, legal defense, business interruption, brand/reputation damage and regulatory fines and penalties; just to name a few. However, the breadth of cyber-attacks has proven to be ever expanding.  Now, breaches resulting in physical property damage are being reported more regularly which leads to the immediate question, “am I covered for such an event?”

Read More

Topics: Cyber Breach, Cyber Risk, Data Breach, Property Risk, Risk Management Blog

Implementing ERM | Building a Risk-Aware Culture and Developing an ERM Framework

Posted by Andrew Masini on Jan 4, 2017 2:20:48 PM

 

In our previous blog posts, we introduced Enterprise Risk Management (ERM) as a strategic discipline that affords a "portfolio" view of risk and we outlined how to establish roles and a context for ERM implementation.

Read More

Topics: Enterprise Risk Management (ERM), Enterprise Risk Management, Enterprise Risk Management, ERM, ERM Framework, Risk Appetite, Risk Management Blog, Risk Register, Risk Tolerance

Is a Cyber Breach on Your Holiday Wish List? | The Internet of Things (IoT)

Posted by Jon Edwards on Dec 20, 2016 5:32:06 PM

The holiday season usually means new tech gadgets for everyone to tap, swipe, click, and download.  Most people who unwrap a new iPhone, MacBook, Smartwatch, Fitbit, or game console probably aren’t considering the ramifications of connecting those devices to the Internet and setting up new user accounts filled with their personal information.  Unfortunately, we live in a time where have to, or at the very least, should.

Read More

Topics: Risk Management Blog

Implementing ERM | Establishing the Roles, Objectives and Context

Posted by Andrew Masini on Dec 16, 2016 3:26:57 PM

In our previous post, Taking a Closer Look at Enterprise Risk Management, we introduced Enterprise Risk Management (ERM) as a strategic discipline that affords a “portfolio” view of all threats and opportunities throughout an organization.  We contrasted ERM with the traditional “silo” approach to risk management, where various parts of an entity manage their risks with no overarching risk management strategy.

Read More

Topics: Enterprise Risk Management (ERM), Enterprise Risk Management, ERM, Portfolio View of Risk, Risk Management Committee, Risk Management Blog, Subject Matter Expert Group

But, the Data was Encrypted... | California Data Breach Notification Law Amendment

Posted by Jon Edwards on Nov 22, 2016 2:52:03 PM

Back in May 2016 I posted a blog (Be Prepared – Data Breach Notification Laws are Changing), which covered how data breach notification laws were evolving.  At that time the state of Tennessee amended its law, becoming the first state in the nation to require notification of any data breach, whether the information is encrypted or not.  I also predicted that state laws would most likely become stricter in the not too distant future…

Read More

Topics: Breach of Security, California Data Breach Notification Law; Data Brea, Cyber Breach, Cyber Liability, Cyber Risk, Cyber Security, Data Breach, Personally Identifiable Information, PII, Protection Bill AB2828, Risk management, Risk Management Blog

Taking a Closer Look At Enterprise Risk Management

Posted by Andrew Masini on Nov 17, 2016 10:58:35 AM

Every organization is faced with risks and needs to practice some form of risk management in order to maintain the health of the entity. Many take a traditional approach, where risk is managed in silos, with each leader of a business unit (sales, operations, finance, HR, etc.) responsible for managing the risks that fall within his or her area of responsibility.

Read More

Topics: Enterprise Risk Management (ERM), Enterprise Risk Management, Enterprise Risk Management, ERM, ERM Framework, Risk Management Blog

Election Day | Cyber Concern Runs High

Posted by Jon Edwards on Nov 8, 2016 1:41:30 PM

As the world focuses on the outcome of the contentious Presidential race between Trump and Clinton, the US government is on high alert for potential Election Day cyber attacks.  The current global cyber climate, this summer’s Russian hack of the Democratic National Committee, and a recent string of Distributed Denial of Service (DDoS) attacks have intelligence officials highly concerned that cyber event(s) could seriously infringe on today’s election process.

Read More

Topics: Breach of Security, Cyber Breach, Cyber Insurance, Cyber Risk, Cyber Security, Data Breach, Election Day Cyber Alert, Election Day Cyber Attack, High Alert Election Day Cyber Attack, Risk Management Blog

Presidential Election Cyber Vulnerabilities | What Can We Learn?

Posted by Jon Edwards on Nov 1, 2016 3:54:15 PM

With the Presidential Election only days away, the question remains: Will the election be hacked? In this case, a cyber breach can lead to two major issues. The first is stolen data of registered voters; the second issue and perhaps the more frightening one – manipulation of the election results.

Read More

Topics: Breach of Security, Cyber Breach, Cyber Insurance, Cyber Liability, Cyber Risk, Cyber Security, Data Breach, Political Risk, Risk management, Risk Management Blog

What’s Behind the Counter? Enterprise Risk Management Can Be a Retailer’s Edge

Posted by Andrew Masini on Oct 19, 2016 7:06:42 PM

Enterprise Risk Management (ERM) concepts can help retailers create a competitive advantage out of the business of managing risk. ERM’s “portfolio view” collects all risk and mitigation activity into a single Risk Register. This enables management to coordinate mitigation efforts across functions, rather than leaving risk to be managed in a patchwork fashion among various pockets in the organization. These are the critical areas for retail organizations where embracing an ERM approach adds value and opportunities that would likely otherwise be “missed:”

Read More

Topics: Cyber Breach, Cyber Risk, Data Breach, Enterprise Risk Management (ERM), Enterprise Risk Management, Enterprise Risk Management, ERM, Reputational Risk, Retail Risk Management, Risk management, Risk Management Assessment, Risk Management Blog, Risk Register, Social Media Risk

Oil and Gas Consolidation: Hidden Risk in the Pipeline

Posted by Andrew Masini on Oct 5, 2016 3:20:59 PM

Nine out of the 10 largest bankruptcies in the first half of 2016 were energy companies, according to investment insights publication The Turnaround Letter. Eight of those were oil and gas companies, specifically. Such widespread failures throw not just assets but whole segments of operations up for  grabs.  As the buyers assimilate these operations, it is no surprise that the acquisitions change the risk profiles of the new owners.

Read More

Topics: Due Diligence, Energy Company Mergers & Acquisitions, Energy Risk, Energy Risk Management, Enterprise Risk Management (ERM), Enterprise Risk Management, Enterprise Risk Management, ERM, Mergers & Acquisitions, Oil and Gas Risk Management, Oil & Gas Risk Management, Risk Appetite, Risk Management Blog, Risk Register

The ALS Group

Risk Management Blog

We manage more than a quarter billion dollars of premiums for a diverse range of clients around the globe. 

Our areas of expertise include:

  • Enterprise Risk Management (ERM)
  • Cyber Security & Cyber Liability Insurance
  • Construction Management
  • Customized Risk Management Assessments (RMAs)

Subscribe to Email Updates

Recent Posts

Posts by Topic

see all