Category Archives: Small Business

Risk Management, Small Business

Planning for Disaster

Today is the one year anniversary of the “Miracle on the Hudson” – the day a plane landed in the Hudson River after its engines ate too many geese and shut down.  All of this took place literally shouting distance from New York City’s skyscrapers.  The captain of the plane as well as a group of passengers each wrote a book detailing this amazing story.  

The key takeaway from this event is that planning for disaster – whatever that might be for your business – is not a waste of time.  According to an account reported in his book, Captain “Sully” actually studied beforehand an ocean ditching similar to the one he performed in the Hudson River.

Privacy, Risk Management, Small Business

Data Breaches, Encryption and ICs

In 2009, there were 498 reported breaches involving over 222 million records.   And, of these 498 incidents, only six firms reported that they had deployed encryption or another strong security to  protect the exposed data.   This is not surprising given that most notification laws provide a safe harbor for encrypted data.  In other words, there would not have been a need to report. 

As well, of the reported records impacted by the breaches, 59% could be attributed to the conduct of independent contractors.  Last year, over 45% of all breached records – 16 million – were compromised by the actions of independent contractors. In fact, the Ponemon Institute reports that 29% of all breaches are caused by third-party negligence.   As the year progresses and budgets continue to be squeezed, the due diligence that was once used to vet vendors will unfortunately slip a bit. And, when vendor engagements start favoring pricing over controls, the resulting increase in vendor data loss may prove staggering.

Improving independent contractor due diligence by employing only those small business vendors with sound data protection practices in place will go a long way in improving your risk profile.  Moreover,  in addition to being a sound way to better protect sensitive data, encryption deployment has the added benefit of protecting you from notification laws and resulting lawsuits.  The public notices speak for themselves.

Network Security, Privacy, Risk Management, Small Business

Data Theft by Former Employees

With unemployment now stretching past 10%, the Ponemon Institute “Data Loss Risks During Downsizing” survey conducted last year is more relevant than ever.  This survey found that 59% of employees who leave or are asked to leave a company are stealing proprietary or sensitive corporate data. Moreover, 79% of these respondents admit that their former employer did not permit them to leave with company data. Not surprisingly, 67% of respondents used their former company’s proprietary information to leverage a new job.

Risk Management, Small Business

CIT Group Bankruptcy

Down 38.49% in 2008, the S&P 500 experienced its worst performance in over seven decades.  In 2009, the S&P 500 bounced back and was up 19.67%.  Notworthy S&P news for small business owners, however, is the fact that CIT Group was booted from the index when it filed for bankruptcy – the 5th largest in U.S. history.   CIT was a HUGE lender to small businesses around the country.   As CIT’s marketing materials put it, “For more than 100 years, CIT has provided capital to small business and middle market customers. These sectors continue to play a vital role in the US economy and in overall employment, representing more than 90 million jobs.” 

Although the bankruptcy was a quick “pre-packaged” filing that had little real impact on its day-to-day operations, the impact on small business remains to be seen given the new shareholders of the company will be debtors, i.e., large financial institutions, and the most recent board members have a financial pedigree that favors big business interests.

Litigation Management, Risk Management, Small Business

Use Your Existing Providers to Reduce Litigation in 2010

It should come as no surprise that our current deep recession has been  boosting corporate litigation.  According to a CFO article published earlier in the year, “[l]egal wrangling is erupting across the board as aggrieved plaintiffs battle over breached labor contracts, unwarranted executive layoffs, dubious financial disclosures, broken supply chains, ailing strategic partnerships, ravaged 401(k) plans, unjust competitive practices, intellectual-property infringements, and curtailed credit lines.”  In fact, New York State’s courts will close out 2009 with 4.7 million cases – the highest tally ever – so the general litigation climate could probably not be any worse. 

Finding ways to cost-effectively manage this uptick in litigation can be a great challenge for shrinking or non-existent in-house departments.   You should tap into your existing service professionals.  It is never too late to use your existing providers – whether in insurance, law or accounting – to assess and implement loss control and prevention techniques and initiatives, advocate on your behalf with claims adjusters regarding existing claims, and coordinate existing litigation with outside counsel.  Much of this work should be included in your current service contracts or should be at a minimal additional charge.