COVID-19 has brought the world to its knees! For most people in the world, daily life has been disrupted in an unprecedented way. Besides the awful toll on human life, job losses, business failures, etc. are now becoming more prevalent. The impact on the global economy has barely begun to be measured.
Every organization has some level of risk that can impact the organization. Regardless of whether you have a formal quality management system or must meet regimented regulations, leadership, as well as additional stakeholders, have a particularly vested interest in identifying and planning for all potential risks to an organization. The National Institute of Standards and Technology (NIST) has created a guide for conducting risk assessments. Regardless of the technology, the establishment of a standard approach is key.
This is an original NIST Cybersecurity Insights blog post, written by Jeff Greene.
Conference calls and web meetings—virtual meetings—are a constant of modern work. And while many of us have become security-conscious in our online interactions, virtual meeting security is often an afterthought, at most. Who hasn’t been finishing one call when attendees of the next call start joining – because the access code is the same? In the moment it may be annoying, or even humorous, but imagine if you were discussing sensitive corporate (or personal) information. Unfortunately, if virtual meetings are not set up correctly, former coworkers, disgruntled employees, or hackers might be able to eavesdrop. Using some basic precautions can help ensure that your meetings are an opportunity to collaborate and work effectively – and not the genesis of a data breach or other embarrassing and costly security or privacy incident.
This is an original article written by Dan Brown, President of DB Performance Solutions.
Why Risk Matters
In business ”RISK” is a scary word. We have risks if we move forward and risks if we remain still. No matter what industry you are in, you are guaranteed to run into risks. As a business leader, how do you know when to take a risk and when not to take a risk? The answer is pretty straight forward - analyze and then manage your risks - which is certainly easier said than done!
This is a guest blog, written by Alec Alessandra, M.B.A, former John Deer Executive, former IMEC Board Member, and Senior Strategist of Strategic Impact Partners, and Robert Pojasek, Ph.D, Senior Strategist of Strategic Impact Partners.
Many small and medium-sized supplier organizations are receiving notices from their larger sourcing customers to implement a variety of different international standards at their facilities. These standards could include:
- ISO 9001: 2015 (for quality)
- ISO 14001: 2015 (for the environment)
- ISO 31000: 2018 (regarding risk management)
- ISO 45001: 2018 (covering health and safety)
- ISO 50001:2018 (covering energy management)
- The Ethical Trading Initiative Program
This is an original article by Kathleen Martin, MEP's IT Security Officer and a Certified Information System Security Professional.
Almost weekly we hear about another company or organization that has fallen victim to a cyber-attack. We know cybercriminals are more persistent and we need to be more diligent about protecting information.
Written by Cytellix - an IMEC cybersecurity partner
There has been a lot of recent news and discussion about several malware variants that have been defined as ransomware attacks. There are and have been other damaging malware attacks, but ransomware popularity is currently very well publicized.
Ransomware attacks are not simple but are commonplace in the market today. These attacks typically find their way into an organization through social engineering. To be more specific, the malware is embedded in an attachment as an executable. There are several outcomes from ransomware that we have seen thus far: an individual machine is encrypted and the decryption key is held for ransom by the attacker and a currency request of a “Bitcoin” is requested to decrypt the machine in question. The nastier variants can traverse from machine to machine through the network, creating a systemwide infection. This attack causes severe networkwide shutdowns, causing an organization to recover through more significant ransom payments, or if the company was prepared, backup remediation steps are taken.
Southern Illinois Occupational Safety and Health Day (SIOSH) - Temporary Workers Initiative Feature Blog
Written by Lori Amerman, IMEC Operations Coordinator and OSHA Authorized Trainer
A series of blogs will be produced to share resources on the topics to be presented. This should help prepare company safety teams to gain a better understanding of tools available and prepare staff.
At the SIOSH Conference on October 30th, Brandy Lozosky, Illinois Department of Labor will address the question: who is responsible for the safety and health of temporary workers? This session focuses on the employer’s responsibility to protect temporary workers. They will provide a clear understanding of both the host employer’s and the staffing agencies role in complying with workplace health and safety requirements.