Connect with us

Latest

Economy

Russia

Cybersecurity has never been more important to Russian companies

As the digital world and the commercial realm of bricks and mortar industry inexorably grow together through e-Commerce as well as the many paths opened via blockchain, the responsibilities of business management are rapidly changing through this evolution.

Published

on

392 Views

Russia has only recently finally codified and set out standards for corporate governance, transparency and paths to market trust. These past several years has also added a further fast developing area of concern, which is cyber risk, that today has become a major board responsibility and issue for both public and private companies.

Serving on and advising several Russian boards of directors over the years this has become ever more urgent, especially in the boardrooms. Business risk(s) are obviously a key factor to try to manage wherever on the planet one does business. One clear indication of how seriously this is taken is the rapid growth of budget allocations specific to getting a managed grip on cyber risks and cyber security.

Some companies place these responsibilities in the hands of risk management departments or similar, usually within the purview of an IT department, and that box was thereby ticked for better or for worse. Others push money at the challenge by retaining the services of a Dr. Web, Kaspersky, the Secret Studio and similar. Others may buy all sorts of cyber insurance mistakenly believing this will keep risks at bay, as insurers should/will recommend actions needed to qualify for comprehensive cover. The easy attitudes have changed, and ticking boxes, like passing the buck, will no longer suffice.

One of the challenges, among several, is the distance and differences in the understanding of the digital world and its language as opposed to the understanding of business, industry and the language of commerce. It was and to varying degrees still is a digital cultural divide at the general management and board level. With the blockchain and outgrowth applications in Fintech and elsewhere firmly gaining broad acceptance, the blending of these cultures is inevitable.

I have witnessed a real core change in the attitudes of Russian boards concerning cybersecurity and the increasing responsibility many directors are taking in addressing this area. Despite the reputation Russia has of being “hacker heaven” and able to leap tall buildings in a single bound, or alter foreign national elections. The fact is that cyber risks affect Russian businesses every bit as much as business in every corner of the world. These are equal opportunity risks knowing no national borders, or geopolitical dissonances as these threats are globally equal.

The development of means and measures to confront cyber risks in many businesses throughout Russia have been mixed at best, just like the rest of the world. Some are now at the cutting edge of cybersecurity, and some are still avoiding the issue aside from tasking IT departments to “handle it”.

For any company anywhere in the world cyber-risks are the same, and the threats do not come from some shadowy “evil empire”, but across the entire digital realm of the planet in equal measure. The juicier and more developed the target, the more hungry and aggressive are the risks, be it in Silicon Valley, Vladivostok, Dubai, Beijing or Durban. Like in any other risk sphere, the lower the fruit, the easier the target of opportunity.

Some of the better-prepared boards here have taken some proactive steps, which may be of interest to overview and I have attempted to collect them into a narrative. These observations are nothing more than applied common sense, not rocket science. Many of these positions have become part of the operational fabric of several companies, both public and private in Russia, and globally as well. What makes them valuable is that they are now being woven into the mindsets and views of more and more personnel, their management and boards of directors.

Several boards have prioritized into their operational mandates the task of identifying those key assets that may be open to cyber-attack, which cyber risks to avoid, accept, or simply observe, and to develop specific plans associated with each approach.

The corporate culture of many boards has changed to view cybersecurity as a strategic and managerial issue and to hold management accountable for recommending and implementing overall cyber-risk management strategy and polices. This had led to concepts and policies of defensive response, and then intelligently adapting by continually gathering updated intelligence in this fast changing risk environment.

There is a far greater emphasis undertaken by the board and management to understand the company’s exposure to third-party linkages and vendors. This in many cases has been shown to be a poorly secured backdoor.

Most importantly, quite a few are actively budgeting to augment the development of a corporate and HR culture that places a high value on cybersecurity, and educating all employees in this risk reality.

The one thing shareholders remember when it comes to a cyber crisis and the subsequent board/management judgement calls is the outcome achieved. A positive outcome is usually the result of a well- considered, disciplined process that demonstrates responsible planning and a commitment to creating and implementing corrective results. Therefore, CYA does play an incentive role in this area.

Board meetings have become a vital time for corporate directors to reassess how they exercise their governance responsibilities with regard to the management of cybersecurity risk. In today’s global cyber minefield, it is essential that boards of directors not just monitor performance, but reward through incentives excellence achieved in this area.

Boards must lead by defining to management their vision and behavior for cybersecurity and then clearly demonstrate the priority the organization places upon strict adherence. After all, a risk culture gathers all aspects of risk-taking and risk management together through shared corporate values, beliefs, and attitudes.

Cybersecurity is no exception; establishing a strong cybersecurity culture is an essential component of any program, given that the vast majority of cyber risk can be initially traced to people and related behaviors, not technology. There are no offensive strategies in cybersecurity, only defensive ones.

The reality is that most employees are not interested in their personal digital security, much less that of their company. In consequence, changing a company’s culture to strengthen security is especially difficult and requires a top to bottom commitment “with teeth” to keep pace with evolving threats. Historically, anything to do with IT security was kept separate from users by IT teams. Little wonder that users show no or little interest in the company’s digital security.

The simple fact of the cyber risk issue is that the employees/users should be the first line of defense. They are the ones who create and handle the information, and they are in the best position to understand its value. Boards of directors worldwide, not only in Russia are more frequently demanding that management develop interactive training and accountability programs that work with users. In some cases, modern game based training is used and can then monitor how staff apply this training to help transform a company’s culture into one where cybersecurity is in everybody’s interests to enhance.

Without a strong risk culture, even the best cybersecurity management framework would be vulnerable to weaknesses and failures. Given the continuously changing and quickly evolving cyber environment, engendering a strong cyber risk culture provides employees with principles and values to guide activities while policies are still in the process of being drafted or updated. It also strongly narrows the divide between analog and digital thinking, which yields benefits to users on a personal level as well.

No longer is it a question of whether a company will be attacked but more a question of when this will happen, and how a company is going to prevent it or at least control damage. Smart network surveillance, early warning indicators, multiple layers of defense, and lessons from past events are all critical components of cyber resilience. When things go wrong, whether in a major or minor way, the ability to quickly identify and respond to a problem will determine the company’s ultimate recovery and ability to continue conducting business.

Advertisement
Comments

Terrorism

Possible terror attack at California mall thwarted by anti-jihad activist

Angry Muslim women and a shady Muslim man’s carefully-placed backpack were all part of the terrorism scene at the LA shopping mall on July 7.

Published

on

Los Cerritos Center, Los Angeles. Photo: losangeles.cbslocal.com

The Los Angeles Sheriff’s Office and the Los Cerritos Shopping Center are hush hush for now. It’s not yet clear if it was an attempted terror attack or just a dry run, but what is clear enough is that an observant anti-jihad activist thwarted the plans of some ill-intentioned Muslims on Saturday, July 7.

According to Big League Politics, Steve Amundson, the founder of the Counter Jihad Coalition (CJC), trained to detect security threats, noticed several alarming clues that led him to believe a terror attack was underway.

The last straw was when an angry Muslim carefully placed his backpack under the CJC’s table outside the Los Cerritos Shopping Center and walked away, later refusing to retrieve it.

Amundson was on the street that day with a pastor colleague, passing out literature about Islam and the threat it poses to America and other Western nations. An unidentified Muslim man wearing a backpack approached the pastor and began furiously arguing with him.

“Before leaving the table, Amundson says he witnessed the Muslim man strategically place his backpack underneath the CJC booth and walk away,” Laura Loomer writes for Big League Politics.

Amundson asked the pastor if he knew the Muslim man. When he said no, Amundson immediately reported the incident to mall security.

Loomer lays out the events and “red flags” leading up to mall security being called:

The events that unfolded next are shocking, and quite disturbing. Amundson told Big League Politics that after he alerted mall security, they approached the man and asked him if the backpack was his. The man said the backpack did belong to him, but he then refused to retrieve his backpack that he had placed underneath the CJC booth before walking away.

After a discussion with security, the Muslim man walked away with security, and security carefully took the backpack.

Over the past six months that Amundson and his colleagues have been tabling, he has experienced an increase in physical attacks against himself and his booth. For this reason, Amundson says he and his colleagues are trained to detect security threats and what they call “red flags”. While passing out literature on Saturday, Amundson says he witnessed and documented several red flags at the Los Cerritos Shopping Center.

The first red flag occurred when two Muslim men inside the mall began snapping pictures of the CJC booth and making phone calls shortly after. Amundson witnessed this and recognized it as “red flag one.”

bigleaguepolitics.com

The second red flag occurred when two Muslim women approached the booth and began cursing at the CJC’s booth operators, calling them liars. Mall security observed the hostile interaction and began speaking to the two women. It was at that moment when the two Muslim women distracted security that a white haired Muslim male walked over to the booth and slid his backpack under that table.

Mall security has thus far declined to confirm if the Muslim man was arrested or if the bomb squad had been called. Thus, it remains unclear if this was a dry run or the real deal.

The report continues:

Amundson’s experience at the shopping center is disturbing and concerning for many reasons, primarily because it appears as though the mall security and Sheriff’s Office are actively working to keep the public and Amundson in the dark about what appears to be a dry run of a jihadi attack. What happened to Amundson at the shopping center is a very serious incident the needs to be further investigated and disclosed to the public to ensure that people are aware of the threat that is clearly present within their own community.

Amundson applied to have another CJC booth at the same mall on July 21, which mall security rejected, citing safety concerns: “While we understand your organization’s right to engage in free speech subject to reasonable time, place and manner rules, we must consider the safety of the Center’s patrons.”

Continue Reading

Latest

Maria Butina, her crime: A love of the NRA and being Russian (Video)

The Duran – News in Review – Episode 61.

Alex Christoforou

Published

on

Russian Foreign Minister Sergey Lavrov has communicated to US Secretary of State Mike Pompeo that Russian national Maria Butina must be set free and allowed to return to Russia, after she was arrested by US officials on dubious spy charges.

Lavrov said that the US should immediately release the Russian gun activist, who is being held in the US on espionage charges, after a phone conversation with his US counterpart.

Lavrov called the charges levied against Butina “fabricated.”

In his conversation with US Secretary of State Mike Pompeo on Saturday, “Lavrov stressed that the actions of the US authorities that arrested Russian citizen Butina on fabricated charges are unacceptable.”

In an official statement the Russian Foreign Ministry called for her “immediate release.”

The Duran’s Alex Christoforou and Editor-in-Chief Alexander Mercouris examine the oddly timed, out of the blue arrest of Maria Butina, who is being held by US authorities for what they claim to be a violation of the FARA act.

In reality Maria Butina’s crime is much more troubling than simply failing to register as a foreign agent.

Maria made the double mistake of being in the United States of America as a Russian citizens who loves guns, at a time when racism and bigotry against Russians and NRA supporters is surpassing McCarthyite levels.

Remember to Please Subscribe to The Duran’s YouTube Channel.

Via RT

The Foreign minister raised the issue during phone conversations that were made at the request of the US and aimed at “further normalization of the US-Russian relations” following the summit between the US President Donald Trump and Russia’s Vladimir Putin in Helsinki. Lavrov and Pompeo also discussed the process of denuclearizing the Korean Peninsula, as well as the situation in Syria.

The 29-year-old Russian student and a gun activist was arrested in the US about a week ago and charged with acting as a foreign agent without registering her activities with the authorities. Butina has pleaded not guilty to the charges.

On July 16, a DC Federal Court rejected Butina’s bail plea and ordered her to be placed in custody pending trial over fears that she could flee or contact Russian intelligence officials. Her lawyer says the trial is being politicized and Russian embassy staff were only allowed to visit her in jail on Thursday.

The Russian Foreign Ministry has called Butina’s arrest politically motivated, adding that it could have been aimed at disrupting the Helsinki summit between Putin and Trump. On Thursday, the ministry also launched a campaign hashtagged #FreeMariaButina on Twitter to raise awareness of her case.

Continue Reading

Latest

Ugly breakup at FBI: Lisa Page throws ex-lover, Peter Strzok, under the bus (Video)

The Duran – News in Review – Episode 60.

Alex Christoforou

Published

on

While Peter Strzok’s testimony put a face on the deceptive and secretive Deep State, GOP lawmakers who were present at Lisa Page’s closed-door deposition said they learned a lot of new information from the ex-FBI lawyer, and ex-lover of Peter Strzok.

Lisa Page confirmed to GOP lawmakers that the text messages sent between her and her lover Strzok “meant exactly what they said,” contrary to Strzok’s testimony.

According to The Gateway Pundit, one damning text message in particular sent from Strzok on May 19th, 2017, just two days after Robert Mueller was appointed Special Counsel, intrigued investigators and the public alike.

“There’s no big there there,” Strzok texted.

According to investigative reporter, John Solomon, Lisa Page confirmed that text from Peter Strzok did indeed refer to the Trump-Russia case.

Strzok knew it was a nothing-burger yet he forged ahead.

The Duran’s Alex Christoforou, RT CrossTalk host Peter Lavelle, and Editor-in-Chief Alexander Mercouris discuss how Peter Strzok’s testimony has undoubtedly contradicted Lisa Page’s cooperative deposition, as the ex-FBI lawyer is preparing to save herself, while throwing her ex-lover under the bus.

Remember to Please Subscribe to The Duran’s YouTube Channel.

Via The Epoch Times

Representatives John Ratcliffe and Louie Gohmert of Texas recently shared their observations of the closed-door testimony of former high-ranking FBI lawyer Lisa Page, which concluded on July 16.

One of the major questions regarding the testimony was whether it would match the one given by FBI Deputy Assistant Director Peter Strzok.

But while Ratcliffe said he found a mismatch, Gohmert wouldn’t go so far.

Page and Strzok played major roles in the investigations on both 2016 presidential candidates: former Secretary of State Hillary Clinton’s use of a private email server and the Trump campaign’s alleged ties to Russia. During the same period, Page and Strzok had an affair and exchanged thousands of text messages expressing a strong bias against Trump and in favor of Clinton.

“When I questioned Lisa Page on Friday about the anti-Trump text messages that were sent between herself and Peter Strzok, there were significant differences in her testimony and Strzok’s as it relates to what she thought some of these text messages meant,” Ratcliffe said in a July 16 tweet, shortly before the second round of questioning.

“Page gave us new information that Strzok either wouldn’t or couldn’t, confirming some of the concerns we had about these investigations and the people involved in running them,” he wrote.

On July 17, Ratcliffe expanded on his further statements about Page’s testimony. Radcliffe told Fox News…

“There are differences in their testimony.”

“In many cases, she admits that the text messages mean exactly what they say, as opposed to agent Strzok, who thinks that we’ve all misinterpreted his own words on any text message that might be negative.”

Via The Epoch Times

In one of the texts, Strzok vowed to “stop” Trump from becoming president. In another, the two discussed having an “insurance policy” in the “unlikely” event that Trump would win the election.

Strzok, who gave a closed-door testimony on June 27 and a public one on July 12, said the first message meant he and the American people would stop Trump. The second, he said previously, meant he wanted to pursue the Russia investigation aggressively, in case Trump won.

GOP lawmakers were furious with Strzok’s attitude and unwillingness to answer questions. In a scathing monologue, Gohmert even linked Strzok’s credibility to the fact that he was unfaithful to his wife.

President Donald Trump repeatedly called Strzok’s testimony a “disgrace.”

The lawmakers said Page was comparatively more cooperative.

“There were times the FBI lawyers would be reaching to the button to mute her comment, and she would answer before they could mute her comment,” Gohmert told Fox News.

He said Page didn’t contradict Strzok “so much,” but “has given us insights into who was involved in what.”

“I think she’ll be a good witness,” he said.

Page ditched her first testimony appointment on July 11, prompting GOP lawmakers to threaten her with contempt of Congress. She then agreed to appear on July 13, which gave her the opportunity to review Strzok’s public testimony before giving hers.

The lawmakers are probing the FBI’s and Justice Department’s decisions before the election, suspecting they were influenced by political considerations.

Texts between Strzok and Page suggest that the FBI initiated an offensive counterintelligence operation against the Trump campaign as early as December 2015.

Continue Reading

JOIN OUR YOUTUBE CHANNEL

Advertisement

Your donations make all the difference. Together we can expose fake news lies and deliver truth.

Amount to donate in USD$:

5 100

Waiting for PayPal...
Validating payment information...
Waiting for PayPal...
Advertisement
Advertisements
Advertisement
Advertisements

Quick Donate

The Duran
EURO
DONATE
Donate a quick 10 spot!

The Duran Newsletter

Trending