The Rapid Response Institute

Tag: Cybercrime

  • Clickbait Redux

    Clickbait Redux

    We are offered the world at the tip of our fingers, But!  There are many prices to pay.  Theft by scam simply by clicking on a great opportunity is getting more sophisticated all the time.

    Recently, this pundit was offered a once in a lifetime possibility if only I would listen to an MS Office (voicemail) sent to my email account.  Seemed OK, how harmful could it be?  Certainty, this world class software provider tool was safe?

    Well, as the saying goes, my mama didn’t raise no fool.  Not saying I won’t be duped at some point, but I like to think the odds are against it.  Tagged as junk, I will never know what the sender had to say.  Nor do I care, since likely it was phishing at best and possibly something worse.

    That said, businesses cannot run on the basis of individual prowess, especially when the scams often exceed hundreds a week or even a day.  Junk mail filters are much better than before but still not perfect and malefactors are always launching cyber organized criminal efforts to supersede defensive protections.

    Equally, if not more important, how many legitimate businesses lose sales or even have their reputations significantly compromise as a result of scams?  If a prospects clicks on your logo and is defrauded, her or she will most likely continue to blame the logo owner and not the criminals.

    Setting the Hook

    Fisherman know how to catch fish.  They know the right locations, time of day, cloudy or not and so forth and so on the land the ‘Big One.’

    On the other hand, digital hackers do not appear to have this ingrained focused instinct.  Perhaps, this skill is not necessary for them.

    Masquerading in plain sight, spammers try to tap into the greed in all of us.  Easy, quick and large these opportunities are attractive and many fall for them.

    As a mentor and advisor to organizations of all sizes, I consistently review product/service and even enterprise value propositions.  Frankly, many are found wanting.  Currently, the Lean Canvas construct and/or Elevator Pitch are models for succinctly posturing a position quickly.

    However, it takes a lot of effort to craft the short piece.  Only then does the firm have something of value for prospects and customers.

    While Fortune 500 et al will remain targets of cyber hacking, it is possible for others to make themselves less attractive to organized crime.  Firms should ask themselves, what is the goal for their web presence?

    In 2019, this blog addressed the “what’s in it for me question” as opposed to collecting ‘Likes.’  That edition contained a real world case study of wrong-headed thinking by a consulting firm collecting the wrong data.  As the client, we did not implement that recommendation.

    There is a fine line between building market ‘Buzz’ and simply collecting ‘Likes’.  However, the real focus should be on building repeat customers.  Recommendations from others, should still be part of the business model.

    Cyber is now an important part of every firm’s business model.  Part of the organization’s cybersecurity model has to be, “Why are individuals coming to the website?”  In other words, “What value are we providing them?”

    What is the Value of a ‘Like’ to your Organization and What is the ‘Risk’ of Obtaining One?

    For More Information

    Please note, RRI does not endorse or advocate the links to any third-party materials.  They are provided for education and entertainment only.

    For more information on Cross Cultural Engagement, check out our Cross Cultural Serious Game.  You can contact this author as well.

  • ESG Implementation–Strong v Weak Revisited

    ESG Implementation–Strong v Weak Revisited

    “A healthy corporation acts on the interests of its stakeholders and customers”

    — Ari Melber, Journalist

    Currently, organizations are being implored to implement Environmental, Social, and Governance (ESG) driven business models.   Proponents even suggest that investment in organizations that do not have this imprimatur should be avoided or even divested.

    However, one wonders what has changed?  Successful firms, private and public have long understood that they must add value to their constituencies.  One example, a few decades ago an energy services provider used its high volume oilfield pumps to help a small town in Kansas where it had a district office drain flood waters.  Why would they do this?  Perhaps because employees lived in this community or perhaps it was just the right thing to do.

    Flash forward and we find organizational largess still in place.  During the recent Texas freeze, a local furniture retailer opened its doors to dispossessed individuals and families.  The owner has a long record of supporting the community and his responses to local disasters is legendary.

    After the Deepwater Horizon incident in April 2010, our firm started to look at Asset Integrity issues in oilfield operations.  Our discoveries transcended several Critical Infrastructure segments.  The recent failure of the Colonial Pipeline is a manifestation of issues uncovered yet not resolved more than a decade ago!

    Focus on Operations

    In 2011, we posited that organizational governance was not just a financial issue at the ‘C’ level.  Rather its true focus should be at the revenue generating asset level.  This led to our 2011 groundbreaking monograph, Asset/Equipment Integrity Governance: Operations–Enterprise Alignment.  Therein, we posited a new governance model that incorporated the ESG components widely discussed today.

    Moreover, in 2014 our book, IMPLEMENTING A CULTURE of SAFETY: A ROADMAP FOR PERFORMANCE BASED COMPLIANCE identified the requirement for organizations in the Critical Infrastructure space to change governance models to one of Strong Bond.

    Following the release of our AIG model, we put forth a Strong v Weak governance model to manage High Reliability Organizations (HRO) necessary for firms in Critical Infrastructure sectors.  Strong Bond is appropriate for organizations in Critical Infrastructure segments, while Weak Bonds may be better for retail.

    One suspects that ESG is another tick in the box.  If ten years (or earlier) from now another critical system fails, it will not be because HRM processes were not followed or ESG verbiage was in the annual report Letter to Shareholders; it will be because nothing really changed.  As of this writing the US Federal government is advising organizations in Critical Infrastructure sectors to more aggressively address cybersecurity risks.

    Why is this? Do Boards and CEOs need politicians and bureaucrats to tell them about the details of running a business?  If they do, investors may want to revisit their portfolios.

    One suspects that the ESG fad will fade. There will always be a new management mantra that consultants will put forth.  Well run organizations will remain well run.  Others not so much.

    Governance models come and go.  Regardless, how will you assure your organization is well run?

    For More Information

    Please note, RRI does not endorse or advocate the links to any third-party materials.  They are provided for education and entertainment only.

    For more information on Cross Cultural Engagement, check out our Cross Cultural Serious Game

    We presented, Should Cross Cultural Serious Games Be Included in Your Diversity Program: Best Practices and Lessons Learned at the Online Conference, New Diversity Summit 2020 the week of September 14, 2020.  Check Out this timely event and contact the organizer for access to the presentations!!

    You can contact this author as well.

  • Is Your Digitalized Organization Cybersecure?

    Is Your Digitalized Organization Cybersecure?

    Here is How to Find Out!

    It seems that everyday a new major cyber breach is announced.  The Rapid Response Institute and its Principals have addressed this issue many times through a variety of venues and publications.

    We recently conducted a workshop, “Implementing Digitalization: A Game Changing Transformation of the E&P Sector.”  The Cybersecurity of this sector transformation is critical to its success.

    Moreover, since “this is the way we run our business,” Cybersecurity is now a Board of Directors issue and an integral part of its fiduciary responsibility.

    As part of our continuing effort to add value to Operational Excellence and Risk Mitigation processes, it our pleasure to feature this recent Public Television interview.

    We encourage you to watch this 30 minutes discussion with one of the world’s leading Thought Leaders in the Management of Cybersecurity for Critical Infrastructure Sectors such as oil & gas, electric power generation & distribution, medicine and others as identified by the United States Department of Homeland Security.

    Patriot Act of 2001 defined critical infrastructure as those “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.”

    We believe you and your organization will find watching this video time well spent.  Also, should you wish to talk further with her please contact us and we will arrange this.

    Stay Cyber Safe!