| |

When Cyber Risk meets Third-party Risk

“AT&T confirmed yesterday that the company experienced a massive data breach in which an unknown entity stole phone records from almost all of its nearly 110 million customers. The telecommunications giant discovered the breach in April and started an investigation. It found that the hacker accessed the data through an illegal download that targeted a third-party app called Snowflake,…

|

WASA: Re-Engineering and Reorganizing without End-to-End Operational Risk Assessment?

How is that possible? (OK, OK, I AM SHOWING MY BIASES HERE) As you all may know, Operational risk assessments are essential tools for identifying potential hazards, vulnerabilities, and areas of improvement within an organization’s operations. By conducting these assessments, WASA can better understand the possible consequences of changes to their operations and develop strategies to…

|

Now We Know: Why Silicon Valley Bank Imploded or Failed…

“The bank waited too long to address its problems and, ironically, the overdue actions it finally took to strengthen its balance sheet sparked the uninsured depositor run that led to the bank’s failure,” said Barr (Federal Reserve Vice Chair), adding that there was “inadequate” risk management and internal controls. The above questions apply to YOUR organization…

|

Is Your Institution (Bank or Non-Bank) Sleepwalking into a Crisis?

Risk management is not a panacea or a fait accompli to value protection in any institution. The most recent failures of the Banks in the US and including Credit Suisse are proof of that. Your risk managers, internal audit, and your external auditors may be “blind” to some risks if their focus continues to be singularly on “accounting”…

|

Get Off Your Ass and Do Something: Risk Management is Real

Hey colleagues, This may be me venting or projecting, but I have penned this “thesis” for sharing, but I thought I will share it with you first. It is a first draft (pen to paper) and so I am not asking/expecting agreement, but in critiquing, please apply your risk knowledge/risk intelligence. And, yes, I feel very strongly…

|

Your Risk Management Framework May Be Obsolete

Welcome to a new work week, my friends: Most of us will agree that our working world today and in the future is significantly more complex, volatile, chaotic dynamic, and disruptive than at any other time in our working lives. However, despite the many escalations in systemic risks, massive negative disruptions, and volatility in the environment,…

|

The Paria diving Disaster: “Pre Motems” are much better that “Post Mortems”

Condolences to the family, friends, and colleagues of those who lost their lives in this catastrophe. The best way for the leaders of these institutions to honor those lives lost is not by talking but by acting. There is a maxim that says: “the uninspected usually deteriorates”. There are risks and hazards (and they are not always the same) that may…

| | |

A New Variant Discovered: Maybe Leaders Should Be Looking at People’s Resilience Under Pressure

If the one of the greatest risks to any organization is their people (decision makers/employee) risk, why then are we not putting more emphasis on mitigating that risk, especially given the new construct of employee engagement deployed because of and during the pandemic. Think: WFH, hybrid work hours, stress management etc.