Risk Roundup for May and June 2019
This month’s Risk Roundup is all about imports and exports, from tariffs on Chinese imports and the latest states importing GDPR-like data privacy requirements to a Florida city exporting $600,000 to recover files from a ransomware attack. We also check in with flooding in the Midwest, and how floods are impacting not just farmers but also the agricultural industry.
Tariffs on Chinese imports
Trump’s 25 percent China tariffs begin as trade talks between two nations continue, read USA Today’s May 9 headline. It’s been an escalating trade war ever since. Tariffs can endanger your vendor relationships by making it cost-prohibitive to import their products. Customers might also balk at paying higher prices due to tariffs. From a risk management standpoint, it might make sense to initiate a vendor review. For tips on managing vendors and other third parties, download our e-book.
States adjust data breach notification laws
In early May, two states took steps toward privacy regulation. New Jersey expanded its definition of personal information to include online accounts. Washington state amended its data breach notification law. These are just two states following the California Consumer Privacy Act, which takes effect on January 1, 2020. The US is headed toward a patchwork of state-specific privacy laws until Congress delivers a federal privacy law that supersedes state laws. Every business will have to analyze its privacy compliance requirements on a state-by-state basis. Silver lining? State privacy laws share similarities.
Ransomware costs city government $600,000
Cybercrime can hit any sized business or government entity. A Riviera Beach, Florida city employee clicked on a malicious link in an email. Suddenly, email wouldn’t work, 911 calls couldn’t be entered into the computer system, and the water utility system was offline. The network would remain locked down unless Riviera Beach paid a 65 bitcoin ($600,000) ransom. The city council voted unanimously to pay the ransom. Humans are still the weakest link in cybersecurity, according to CIO magazine. It’s a risk that must be managed with technology and training.
It’s been a spring and early summer of flooding for Midwest states, and one of the most significant casualties is America’s corn crop. Corn is an ingredient in over 4,000 products, ranging from cereals, sodas, and sweeteners to plastics, textiles and biofuel – it’s a farm-to-table link you may not have expected. With some fields still underwater, organizations that rely on corn products are putting business continuity plans into practice by adjusting their production and transportation plans to meet customer demand. For tips on how to remain resilient when the unexpected happens, watch our webinar, Roadmap to Smarter Business Continuity Management.
The July edition of Risk Roundup reflects how much is outside of your control, and yet it can impact your business. Tariffs, regulations, cybercriminal activity and weather are just a few examples. What you can do is take steps to become a more agile and resilient organization that can handle anything. We’ll be back in September with a roundup of top risks from July and August.
Learn about the key takeaways from Seven Steps to Effective Reputational Due Diligence.
NAVEX Global Expands into Integrated Risk Management by acquiring Lockpath.
Continue to follow the progress of Lance, who is training for a 50-mile race on September 7th.