Connect with us

Business

Managing business risk in the digital economy

Published

on

Managing business risk in the digital economy

By Paul Taylor, Partner and UK Head of Cyber Security at KPMG, says current business risk models fail to take account of the digital industrial revolution

The next industrial revolution, often called Industry 4.0, promises to be as transformative of the business landscape, in the same way as previous industrial revolutions transformed society. This transformation, driven by industrial digitisation, is set to radically reshape business models, disrupt market monopolies, merge previously separate industry sectors and dramatically speed up the pace of innovation.

Paul Taylor

Paul Taylor

Old boundaries between industries, products, and services will be obliterated. There will be convergence within an integrated digital industrial ecosystem.

One example is the recent convergence of the automotive and software industries around the ‘connected car’. Industrial digitisation will also create a shift in production similar to the invention of the moving assembly line, opening up a future digital industrial supply chain where products are digitally developed, manufactured, and monitored in real-time from factory floor to shop floor, and beyond through a single, holistic, integrated process.

Connected supply chains with smart sensors will allow the real-time monitoring and measurement of vast automated assembly lines. The merging of the physical and virtual worlds in manufacturing will enable product developers or customers to convert virtual 3D visualisations of future products into digital files to be autonomously custom-made by 3D printers and other machines.

The unrelenting pursuit of better, faster and more efficient ways of deploying and creating technology has driven innovation in our businesses and across our economy. The pressure is on to reap the benefits of connecting every system, from high-profile innovations, such as connected cars and medical devices, to the tasks that allow product fulfilment and inventory management across a vast and distributed network of retailers.

Why business risk strategies are out-of-date

In Industry 4.0 cyber security will be as important as physical security. Business risk strategies have not caught up with the implications of the transformation from a traditional to a digital economy. Whilst every business department and industry sector is increasingly going digital, information and cyber security risks remain poorly understood in the boardroom.

A recent paper by (ISC), an international non-profit membership association of professionals working in information and cybersecurity entitled ‘What Every Business Leader Should Know About Cyber Risk’, points out that, whilst everything from business IP to business-critical assets is now vulnerable to cyber-attack, many boards do not treat cyber risk as comparable to legal and financial risk. As a result, businesses don’t invest the same time and resources in developing a cyber risk management strategy as they invest in mitigating against other risks.

Lloyd’s of London now estimate that a serious cyber-attack that takes down major cloud providers could cost the global economy up to £92 billion. This would be similar to the fallout from a catastrophic natural disaster. There is growing evidence of the financial risk to business from a cyber-attack. Cyber security vulnerabilities have triggered mass recalls of 1.4 million cars and 500,000 connected pacemakers. Cyber-crime has resulted in multi-million pound thefts, tumbling share prices, major customer losses and multiple CEO resignations. A DDoS attack recently affected a significant proportion  of the USA’s internet. Upcoming data-privacy laws, such as GDPR, will expose businesses to fines and class action lawsuits, with the result that information and cyber risk is now closely intertwined with legal risk.

The lack of understanding of cyber risk extends to other organisations responsible for creating and maintaining our digital economy. Many of those responsible for developing the software, applications, sensors, devices, systems and networks that underpin modern businesses have little or no training in cyber security. This is producing a digital economy with a hidden plethora of vulnerabilities, the equivalent of a physical economy composed of millions of goods that are riddled with latent safety defects. The largest ever survey of cyber security professionals, published this year, found that hidden vulnerabilities – from security misconfiguration to broken authentication systems – is one of the threats of most concern to businesses worldwide.

Risk management for a digital economy

There are some steps that can be taken to turn the situation around. Businesses must start by accepting that cyber risk is a business risk like any other, not merely a technology problem, and align their spending priorities accordingly. This starts from the realisation that cyber risks are intertwined with other business risks especially as cyber-attacks often spill over into the physical world; for example, (ISC)2s recent white paper points to a cyber-attack on the German steel industry that caused physical damage to a factory.

This means cyber security expertise can no longer be siloed in the IT department; all business units must be collectively held responsible for online security as part of a holistic risk-management strategy based on a comprehensive view of cyber risk across the company. This means cyber risks should be added to the company risk register, and a governance framework should be created to include cyber risk management. A board member should be included in all substantive cyber risk discussions. Crucially, companies need to audit and take control of the digital assets they hold, just as companies seek a full inventory of all their other assets.

Businesses must track and protect data in transit in the same way as they use systems such as GPS ‘track-and-touch’ to monitor and protect physical assets on the move. This is even more important with the introduction of GDPR, which will widen the definition of a privacy breach to include any unauthorised access to personal data, even by employers or other departments of the business.

Crucially, information, cyber security and data privacy must be built in to every product, business process, and service at design stage. Every digitised product and service; from smart meters, to connected cars, from automated manufacturing, to employee location-tracking must be designed with security and privacy as a central consideration.

The key to securing Industry 4.0 is for businesses to manage and mitigate risks to our digital economy just as they manage risks to our traditional economy, by recognising that the two are inextricably linked.

Business

Why cybercriminals have ‘Gone Vishing’ during the COVID-19 Pandemic

Published

on

Why cybercriminals have ‘Gone Vishing’ during the COVID-19 Pandemic 1
  • More than 215,000 vishing attempts in the last year alone

As new coronavirus restrictions look set to confine much of the UK population to their homes this winter, cybersecurity specialists Panda Security are warning consumers to be on guard for an explosion in ‘Vishing’ attempts by cybercriminals.

Vishing, or voice phishing, is a social engineering technique used by fraudsters posing as someone from an IT helpdesk or support services, in order to obtain personal information from a victim. They will then look to use this information to hack into secure systems and defraud victims.

Vishing has increased as hackers are taking advantage of employees working remotely. Since August last year, HM Revenue and Customs (HMRC) has received reports from the public of more than 215,000 vishing attempts. These scams often offer fake tax refunds or help with claiming Covid-19 related financial support.[i]

The hacker can be very convincing and will often have done a lot of research into the company and the person they are contacting, to make what they are asking you for sound plausible. At times they even spoof phone numbers, so it looks like the caller ID is authentic and the same number as the real business.

European Cybersecurity Month: Keeping the ‘Vishers’ at bay

During European Cybersecurity Month, Panda Security is raising awareness of the dangers of vishing and is calling on consumers and businesses alike to take some simple measures in order to protect their data.  Hervé Lambert, Global Consumer Operations Manager at Panda Security, gives his top tips to avoid being a victim of a vishing attempt this winter.

  1. Never give out your personal details: You should never give anyone your personal details such as bank details or passwords verbally over the phone or via email. Hackers will often find data about you on the internet and through social media networks and use this to convince you they are legitimate
  2. Be suspicious: It is right to be apprehensive of unknown callers, particularly if you are not expecting the phone call. Ask the caller questions or give deliberately false statements, and if you do not feel comfortable with their answers, hang up and phone the company or person back directly
  3. Don’t always trust caller ID: Hackers can often spoof legitimate phone numbers and make you believe that the phone call is coming from a credible source. Remember that legitimate businesses will never ask for your personal details unsolicited over the phone
  4. Install security measures: While internet security will not completely protect you from fraud, installing measures such as antivirus software will help protect your digital identity and make the job of the hackers much more difficult
  5. Keep calm: Often the hacker will try to panic you into reacting very quickly and scare you into providing them with your information. Take a moment to breathe and slow the conversation down

Commenting on the raise in vishing attempts, Hervé Lambert, Global Consumer Operations Manager at Panda Security says: “Vishing is not a particularly new or sophisticated technique, and yet the “new normal” of working from home has been a boon for cybercriminals looking to exploit vulnerable people in this way. Hackers will scour the Internet and social media networks for any information they can glean about a potential victim before making a call. Once they have secured the victims trust they are then in a position of power to defraud them.”

Lambert continues: “It is essential that consumers take preventative measures to protect their digital identity, while remaining vigilant and question anything that seems unusual. Our key piece of advice remains: never give out your personal details over the phone.”

Continue Reading

Business

Five golden rules of recruitment

Published

on

Five golden rules of recruitment 2

Former investment banker and entrepreneur, Connie Nam, discusses five ways in which basing your recruitment process around understanding a candidate’s personal passions, motivations and personality can improve staff retention and strengthen your workforce.

Ex-investment banker Connie Nam saw a niche in the UK jewellery market and built a £10m business from her kitchen table in just eight years. Today, as CEO and founder of cult jewellery brand Astrid & Miyu, she is continuing to grow her business as well as her team despite the unprecedented challenges of a global pandemic.

As founder and CEO of a rapidly growing business, Nam’s role is ultimately to create a clear vision, run the business, continue its growth and – most importantly – lead and support her team in their work and in their progression within the business. Nam started her business on her own and, as the brand grew exponentially, she had to become quickly accustomed to managing people and continually refining her recruitment process to attract and retain the best talent to grow with the business.

Now, with a team of more than 80 across the business, Nam and her senior management team have built a rigorous recruitment process, driven by strong cultural values, to identify the perfect candidates and ensure there are world class managers heading up each department as her team continually expands.

The key to recruitment and retention according to Nam, is that the people and culture element is part of the wider company strategy, not just part of a HR strategy in silo. Nam believes that people should be at the heart of any business and that taking the time and asking the right questions to understand a candidate’s personal passions, motivations, goals and personality during the recruitment process is vital to building and retaining a unified team. Here are five key benefits of taking this approach, according to Nam:

  1. Bring any missing qualities into a business

We’re always reviewing our business and team which allows us to identify gaps and bring in missing qualities into the business. One thing I do – which I’d recommend any business leader does – is hold strategy meetings with my leadership team every quarter where we review the brand, business, and above all team strategy. These meetings allow us to find out what we’re missing in a team – in terms of communication, skillsets, values and personalities – and look to bring people in to fill those gaps.

  1. Craft a cohesive team

When crafting a cohesive team, it’s important to recruit based on values and ensure that a candidate’s own values align with those of the business. Values are such an important part of our business and this is true to everyone’s heart in the business; it’s not just coming from me – or from the top – it’s not corporate spiel rather it is instilled in everything we do.

We recently redefined our values which are: grow together, celebrate each other and break all boundaries (or throwing out the rulebook!). We take these values very seriously and build the team on these foundations. Whenever we recruit, we look for these three signals and if people don’t fit into these three values then they won’t be hired – values are not just a company buzzword, they are important and just underpin everything you do as a business and as a team.

We are also planning to put these three values formally into our appraisal system so when we do our biannual reviews with colleagues – aside from the business KPIs – these values will be a very important factor in their progression and development within the business. I would advise any business leader to make sure you take the values seriously and live and breathe them so everyone in your team feels equally passionate – that is the secret to crafting a truly cohesive team.

  1. Enable empowerment of individuals

Empowering individuals in your team is so important, not only for their own personal development, but for the benefit of the wider team and even the business as a whole. It’s important to allow people to play to their own strengths and give them a sense of ownership if you want them to fulfil their role with as much passion as though it was their own business.

As we have grown so rapidly, it has put a lot of challenges and pressure on the team, but at the same time they have been able to grow as individuals and step up very quickly to becoming industry leaders in their fields. Our last value is to break all boundaries and we give a lot of freedom to individuals and allow them to take risks (within the means of their roles). Everyone at Astrid & Miyu owns some segment of the business; they have clear boundaries and budgets but –if they act within that and meet business targets and KPIs – they’re free to do their job however they like. They can take risks and if they fail, we don’t have a blame culture. If they fail within the means, we actually celebrate it as it allows people to reflect on the key learnings which I think is quite powerful in terms if empowering individuals.

  1. Enhance job satisfactionFive golden rules of recruitment 3

Job satisfaction seems like an obvious one, but it really is one of the most important elements of maintaining a loyal and motivated workforce. As I’ve already mentioned, we ensure everyone has a very specific role with strong sense of ownership, and we let people run with their work within very clear boundaries with clear expectations. Aside from business KPI reviews we also carry out regular personal development reviews where every individual comes up with what they want to learn for the full year or for the quarter and how they want to develop and their manager will guide them – even if it’s not related to their immediate job – so they have something to look forward to which keeps them satisfied in their role and motivated. That learning and sense of ownership, development and progression really enhances employee satisfaction.

  1. Improve staff retention

Clearly, staff retention goes hand in hand with job satisfaction – if people are satisfied, they will stay in their role. As well as having a sense of ownership, having clear goals and enough progression opportunities form a big part of staff retention; teams and individuals need room to grow. We have always made sure there are progression opportunities for our people, though we have been lucky to experience continual growth that allows us to have even more progression opportunities for those who are able to keep up.

We have a very transparent progression scale, which includes total transparency when it comes to pay – something that isn’t common in the fashion industry or a start-up environment but is vital for ensuring teams are motivated and trusting of the company. Everyone at Astrid & Miyu knows what their salaries would be if they get promoted to certain levels and what their band is – if they’re on the same level, everyone is on the same pay, so I think that’s highly motivating. This is something we implemented at the end of last year to make things very transparent and open and I think people are definitely more motivated because they’re not left in the dark, which can be the feeling when remuneration is done on a case by case basis. Now we have a very clear process and salaries attached to job titles so there’s no room for complaints and the team all know exactly what they need to do to progress.

The fact it’s very clear and transparent makes people trust the business and trust the leadership. Our transparency when it comes to pay is reminiscent of the structured progression routes you see in the corporate arena of banking and accountancy which is where I started my career – I know it can become political and chaotic if you don’t have this, which is not going to aid staff retention, it will do the opposite.

Though these are the five building blocks of a successful recruitment and retention strategy, I would add that businesses should not be afraid of making hard decisions. Although it’s important to foster a supportive workplace culture and help your people with their career progression, the onus needs to be on the individual – if they are not working hard and to the business’ values, their role within the company should be reviewed – don’t let people slip at the detriment to the wider team. This can be avoided if you find the right people at recruitment stage which is why recruitment is so important because, if it doesn’t work out, companies should not be shy of letting people go if they are not committed and the right cultural fit. I think that is motivating for the people who do work hard – it can be very disheartening for employees who are working hard to see one of the team is not pulling their weight. It is important that businesses are constantly reviewing their recruitment strategy and that there is a strong set of values and a clear onboarding process to ensure a strong and united workforce.

Continue Reading

Business

Using data analytics to improve SME cash flow and treasury management

Published

on

Using data analytics to improve SME cash flow and treasury management 4

The pressure facing SMEs this year is widely known, and they are looking for ways to improve their cash flow and payment decisions. Data analytics is a hidden gem that many SMEs are not tapping into. Smart data-driven decision-making could potentially be transformational for small businesses owners, writes Neo’s CEO, Laurent Descout.

 

The ability to maintain positive cash flow is one of the biggest challenges SMEs are struggling with during the COVID-19 pandemic. In times like these, the ability to monitor outgoings versus income, make payments to staff and suppliers, be paid on time and preserve a healthy order book of customers, is an extremely difficult task.

 

Governments around the world have done their best to help business owners in different ways, with fixes such as direct cash injections and loans to covering staff costs. As welcome as these are, they are short-term solutions. As businesses hopefully start to emerge from the pandemic, SMEs need tailored support and guidance that address their specific challenges – not a one-size-fits-all strategy. 

 

What many business owners may not realise is that they are sitting on a treasure trove of information that could go some way towards helping them in this regard.

 

Tapping into data and analytics for smarter decisions

 

Every SME will be facing their own challenges. Each business’ trading histories, payment cycles and cash reserve levels are unique. Over a period of months and years, through a process of trial and error, they increased oversight of their finances and improved their overall decision-making and performance.

 

They can go one step further and make smarter business decisions by using tailored data and analytics derived from their company’s history of trading, payments and cash flow. By utilising comprehensive analytics of their business functions, owners can have a complete view of their corporate behaviour, backed by intelligence. 

 

Ever wondered if all of your payments made on time, or even too early? Or what percentage of their customer’s payments are delayed, and by how much? How can temporary cash shortfalls be addressed more effectively?

 

Knowing the answer to such questions and more can result in improved forecasting, detecting patterns and anomalies and automating processes. This enhances financial decision making, risk management and cash flow monitoring. Critically, the answers derived from these analytics are unique to each business.

 

There are other benefits too. Time is saved from participating in routine and straight-forward bookkeeping processes, which improves productivity, while decision making is more informed. Furthermore, improved forecasting and predicting customer preferences can lead to an improved experience as well as new business opportunities.

 

The need for a treasury system to navigate difficult times

Laurent Descout

Laurent Descout

 

Of course, this requires access to a treasury management system (TMS), something which has historically presented a hurdle. It is estimated that three-quarters of SMEs have no treasury function; rather, they often rely on spreadsheet software, but these were never designed for this purpose. 

 

The events of 2020 have caused many people to reassess how they manage their businesses, especially while working remotely. For SMEs, modern fintech treasury management systems (TMS) could provide a solution.

 

Once solely at the disposal of large corporations, there is now a wave of innovation in treasury technology systems, which has democratised access through lower costs, and offer access to customised interfaces that are easy to use and tailored to individual business requirements.

 

The phrase ‘cash is king’ is often used more frequently during crises to highlight the critical importance of maintaining positive cash flow. Having a comprehensive oversight of your treasury management operations is essential for effective business and risk management and maintaining positive cash flows. Tailored data and analytics can be crucial for achieving this.

 

This has become even more important during the current pandemic. With the majority of finance teams around the world likely to be working remotely for a substantial period, and with social distancing expected to continue in some form throughout the year and likely into next in many countries, now is the time to make smarter decisions to sustain small businesses through a difficult period.

Continue Reading
Editorial & Advertiser disclosureOur website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.

Call For Entries

Global Banking and Finance Review Awards Nominations 2020
2020 Global Banking & Finance Awards now open. Click Here

Latest Articles

Will covid-19 end the dominance of the big four? 5 Will covid-19 end the dominance of the big four? 6
Top Stories8 hours ago

Will covid-19 end the dominance of the big four?

By Campbell Shaw, Head of Bank Partnerships, Cardlytics Across the country, we are readjusting to refreshed restrictions on our daily...

Why cybercriminals have ‘Gone Vishing’ during the COVID-19 Pandemic 7 Why cybercriminals have ‘Gone Vishing’ during the COVID-19 Pandemic 8
Business15 hours ago

Why cybercriminals have ‘Gone Vishing’ during the COVID-19 Pandemic

More than 215,000 vishing attempts in the last year alone As new coronavirus restrictions look set to confine much of...

Risk Mitigation vs. Risk Avoidance: Why FIs Need to Maintain Risk Appetite and Not Place All Bets on De-Risking 9 Risk Mitigation vs. Risk Avoidance: Why FIs Need to Maintain Risk Appetite and Not Place All Bets on De-Risking 10
Finance15 hours ago

Risk Mitigation vs. Risk Avoidance: Why FIs Need to Maintain Risk Appetite and Not Place All Bets on De-Risking

De-risking aims to protect financial institutions from the increasing pressures placed by regulators and threats, associated with clients operating in...

Using AI to identify public sector fraud 11 Using AI to identify public sector fraud 12
Technology18 hours ago

Using AI to identify public sector fraud

When it comes to audits in the public sector, both accountability and transparency are essential. Not only is the public...

Five golden rules of recruitment 13 Five golden rules of recruitment 14
Business18 hours ago

Five golden rules of recruitment

Former investment banker and entrepreneur, Connie Nam, discusses five ways in which basing your recruitment process around understanding a candidate’s...

Using data analytics to improve SME cash flow and treasury management 16 Using data analytics to improve SME cash flow and treasury management 17
Business19 hours ago

Using data analytics to improve SME cash flow and treasury management

The pressure facing SMEs this year is widely known, and they are looking for ways to improve their cash flow...

Why dependency on SMS OTPs should not be the universal solution 18 Why dependency on SMS OTPs should not be the universal solution 19
Technology19 hours ago

Why dependency on SMS OTPs should not be the universal solution

By Chris Stephens, Head of Banking Solutions at Callsign In our day-to-day lives, SMS one-time passwords, also known as OTPs, have...

The chosen one 20 The chosen one 21
Business20 hours ago

The chosen one

By Jesse Swash, Co-Founder Design by Structure. The lessons for the future lie in the past. The same truths still hold. This time...

How PR can help franchise businesses emerge stronger from 2020 22 How PR can help franchise businesses emerge stronger from 2020 23
Business21 hours ago

How PR can help franchise businesses emerge stronger from 2020

By Mimi Brown, Head of Entrepreneurs & Business at The PHA Group A second wave of coronavirus is gathering pace...

Cash and digital payments – a balancing act to aid financial inclusion 24 Cash and digital payments – a balancing act to aid financial inclusion 25
Finance21 hours ago

Cash and digital payments – a balancing act to aid financial inclusion

By Matthew Jackson, Head of Partner Development, EMEA at PPRO The cashless debate is one that continues to spark both conversation...

Newsletters with Secrets & Analysis. Subscribe Now