Category: Due Diligence

Darlingtons Solicitors: Raising the Bar
Due DiligenceRisk Management

Darlingtons Solicitors: Raising the Bar

Established in 1999, Darlingtons is a fast growing boutique law firm in London, a modern practice with 50 staff. Covering a wide range of specialisms, the firm serves clients ranging from investors and entrepreneurs to long established, international businesses. Debbie talks us through the firm’s core practice areas and how it aims to provide excellence in these areas.

“At Darlingtons our corporate and commercial team deals with a full range of corporate transactions and advisory services. We are regularly involved in sale and purchases of businesses or assets and shares, MBO, MBI, corporate restructuring, contracts and commercial, advising shareholders and directors on corporate issues. The team also specialises in advising directors and shareholders in relation to disputes that have arisen between themselves and fellow shareholders and directors. Our reputation is built on commercial, practical and insightful advice.

“Expertise and experience are key to our success, but not far behind is the working relationship between lawyer and client. We are dynamic and proactive, taking the time to understand how clients operate and what their objectives are, resulting in structured and tailored advice at the right cost and according to the client timescale.”

Legal practice is changing rapidly, clients are ever more discerning, with perceptions of service quality as well as advice quality just one example of the changes. Debbie outlines how the firm’s ongoing focus remains firmly on providing valuable services in the future.

“Clients have historically seen accountants and not lawyers as their primary trusted advisors. Whilst there are good reasons for this, lawyers are also valuable business advisors, not just to instruct when a transaction is needed or for a contract or a dispute. As lawyers, our challenge is to build proactive, valued business advisor relationships with clients and to remain adaptable and flexible to changing market and clients needs.”

Company: Darlingtons Solicitors LLP
Name: Debbie Serota
Email: [email protected]
Web Address: www.darlingtons.com
Address: Darlingtons House, Spring Villa Park, Edgware, Middlesex, HA8 7EB
Telephone: 0208 951 6666

Effective Threat Detection Strategies for the Financial Industry
Due DiligenceRisk Management

Effective Threat Detection Strategies for the Financial Industry

The research, which forms part of NJR’s cyber security report: how real is the threat and how can you reduce your risk, shows that 23 per cent of employees use the same password for different work applications and 17 per cent write down their passwords, 16 per cent work while connected to public wifi networks and 15 per cent access social media sites on their work PCs. Such bad habits and a lack of awareness about security mean that employees are inadvertently leaving companies’ cyber doors wide open to attack.

This research is supported by a report which incorporates the advice from fifteen experts in the field. Here, Tony Berning, OPSWAT, discusses effective threat detection strategies for the financial industry.

“Over the past few years, the financial industry has been moving towards more digitisation and greater accessibility, mostly due to the industry’s competitive nature. In retail banking, customers expect access to their accounts at all times, from any device that has access to the Internet. Banks are also offering more services than ever before, from digital deposits to money transfers, and any bank that does not offer these services will surely lose customers to competitors that do. Unfortunately, these new services provide an easy way for cyber criminals to attack financial institutions. Some of the threats affecting the financial industry have taken advantage of this digitisation trend by using multiple channels to extract funds that they have compromised.

Similar forces are driving commercial banking towards increased automation and connectivity. With the majority of trades of equity, currency and commodities now done via electronic exchange, transaction speed can make or break a trade. Automated algorithms now execute trades so quickly that the physical distance trade orders travel (at the speed of light), to reach trading platforms significantly impacts profitability. This focus on speed has pushed more operations to become automated with less focus on human interaction.

This combination of greater automation with more information being stored on interconnected networks means that financial institutions have more to lose if hit by a cyber attack. Because of the potential for large gains, malware developers have rapidly adapted their methods, creating new types of threats such as banking malware. There are many different attack vectors that need to be considered, as well as various strategies that attackers may use that need to be addressed.

For instance, some attackers may attempt to get information out of financial institutions, such as customer information, account numbers, etc that they can then use for financial gain. An example of this is the recent Shifu attacks on Japanese banks. Other attackers may be looking to compromise systems within an organisation and modify their behaviour to either move cash out or to create conditions that they can profit from. Other attackers may not have a financial motive at all, instead aiming to sabotage critical networks for geopolitical reasons.

When designing a data security policy, threats need to be addressed as part of a comprehensive program. The first step is to ensure that proper authentication is in place before conducting any transactions, such as multi-factor authentication to ensure that customers are who they say they are. After confirming their identity, it is still important to check all data in the transaction to ensure that the user isn’t unknowingly bringing in any malware. This can be done by defining a secure data workflow to detect and eliminate any threats.

Handling sensitive data is best addressed by keeping it within segregated networks that have limited access to outside networks, reducing the likelihood that the data can be extracted by any malware that has managed to compromise the secure network. A combination of secure data workflow policies and unidirectional transfer devices (data diodes) can be used to make sure that high-security networks stay appropriately isolated.

A regular security scan should be part of any financial institution’s security strategy. Advanced Persistent Threats (APTs) can stay in a network for long periods of time, avoiding detection and waiting to carry out an attack. ZeuS, one of the most persistent threats in the financial industry, has been around for almost nine years and is constantly adapting to compromise more systems. The Shifu virus has continued spreading as well, moving from Japan to the UK. Anti-malware engines are always updating their detection techniques and databases, so it is important to perform regular system scans and continue to check files for threats, even in secure networks that have been fully scanned before.

Financial institutions are at risk from cyber threats because of the large amounts of money they handle as well as the technological innovations they are making that leave them vulnerable to new attack vectors. It is crucial that these organisations consider the security implications of any new technology, in order to keep up with the evolving threat landscape.”

To read more useful and practical insights into topics including: How to assess the scale of your risk level; Managing the immediate aftermath of a security breach; How different sectors are affected, download the full report – http://www.norriejohnstonrecruitment.com/downloads/cyber-security/

CEO of the Month
Due DiligenceRisk Management

CEO of the Month

Can you give a brief overview of what your company does and your role within it?

To prioritize safety and minimize the impact of disruptive events, organizations need to be able to quickly assemble information and determine exactly who needs to receive each communication. Then, just as importantly, an organization needs to reliably deliver this information to virtually anyone, on any device or contact path, anywhere in the world. An example might be managing a substantial IT outage– network engineers tasked with responding to the problem need one level of information, customer service representatives need another, and both need messages delivered to them in seconds. Global companies need to send notifications in multiple languages, and given the diverse ways people communicate, in multiple modes—via voice, email, text, digital signage, two-way radio, and so on. Our applications automate this process and deliver notifications at very large scale for over 2,700 enterprise customers, including 24 of 25 of North America’s busiest airports, 6 of 10 of the world’s largest auto makers, and in the U.S., 7 of the 10 largest investment banks and 4 of the 10 largest healthcare providers.

My tenure at Everbridge began with my joining the Board of Directors in 2010. In late 2011 we merged a software company I had founded in 2009, CloudFloor, Inc., into Everbridge and I became CEO and Chairman of the Board. Everbridge was founded after the tragic events of September 11, 2001, when the need for instant, reliable communications to prioritize safety became clear. To build our business over the last 15 years we have been fortunate enough to attract great people – in fact over 50 of our current team members have worked together in multiple successful previous ventures. We have a saying at Everbridge: “first the team because the team is the business”—it is our way of highlighting the importance of people. My role is to lead the strategic corporate direction that enables our continued growth while being capital efficient. We focus on the top and bottom lines and pay close attention to a number of key performance metrics. Our entire Senior Management Team also spends a significant amount of time with customers. I personally spend a lot of time with new and current customers who are often the source of our best ideas for improving our platform and extending it to new applications and markets.

Can you go into more detail about the services you offer?

Let me give you a couple of examples of how our products are used. The City of Boston, local hospitals, companies, and a number of nearby towns are all customers of Everbridge. When the Boston Marathon bombing happened, the Boston police used our software to contact and coordinate the actions of first responders. Hospitals used it to communicate to and bring in trauma surgeons to treat the wounded. The Watertown Police Department used it to keep citizens informed as police conducted a door-to-door search for the bombers. Local towns used it to advise citizens to stay indoors, and corporate customers used the software to check on the safety of their employees running in the Marathon.

These were all uses of our core application, Mass Notification. This application organizes the process for constructing and securely and reliably sending out notifications in seconds. It is based on a Software as a Service Architecture, with multiple data centers around the world, so we can scale to sending out millions of messages simultaneously and our infrastructure is never constrained by the severe weather issues that customers may be facing. We deliver messages via over 100 different modalities. In 2015, we sent out over 1 billion messages, we have contact data for over 100 million people, and our platform can deliver messages to over 200 countries and territories and in 14 languages and dialects.

A second application is IT Alerting. When an IT outage or cyberattack occurs at a company, the resulting service downtime can cost thousands or tens of thousands of dollars per minute. Companies use our IT Alerting application to rapidly notify and organize responders across departments in order to shorten the time to restoring service. Incident management procedures can be pre-built into the system based on rules so that the software knows what groups need to be represented, what type of information they should receive, who to contact within the groups, how they are best reached, and, if people with the right skill sets do not respond in a prescribed period of time, who to escalate to. Other stakeholders, such as executive team members and customer service representatives, can be simultaneously notified with messages appropriate to them so they are kept properly informed. Automating the process lowers costs, improves speed, and avoids errors at what are often times of high stress.

We are also leveraging the power of our underlying platform with additional applications. We have introduced a secure messaging application which enables healthcare organizations to replace patient home visits with telemedicine check-ins and to rapidly organize teams to respond to code alerts in hospitals. Safety Connection, our newest solution, enables organizations to determine if traveling or mobile employees are safe in the event of a man-made incident or natural disaster, to get them instructions, and to ensure that buildings have been fully evacuated when required. Safety Connection is the first Internet of Things (IoT)-related application we have introduced. With sensor data and connected devices becoming ubiquitous, we see a growing need for companies to organize employees to respond to whole new classes of alerts and believe IoT applications and use cases represent a significant new market opportunity for us. 

How does it feel to be awarded CEO of the Month?

I am honored to receive this award. I’m especially pleased for our team. We put a strong emphasis on our management team working together— we win or lose as a team. This is a nice win for our team.

What are the main challenges you face in your role, at the helm of the business?

People are by far our most important asset. In the hot tech space, competing against giants like Google and Amazon for talent is difficult. We focus a great deal of effort on attracting, hiring and retaining great people. We have also worked hard to develop our culture. This has been aided by our mission, which is to not only build great technology solutions but to deliver solutions that help people. We hear stories from customers using our solutions to help find a missing child, or to successfully evacuate an area after a dangerous chemical spill, and these results makes all of us at Everbridge proud of what we do!

On the execution side, we have an enormous opportunity to expand our business internationally. Our current sales are driven 85% from North America and 15% internationally. The international space is ultimately much larger than the U.S.—these markets are more mobile oriented, they have a wider diversity of communications requirements, and are just as prone to emergencies and critical events, both man-made and natural. A key question for us is where to build organically overseas and where to buy or partner. The wrong decisions can cost us years of missed opportunity. International growth is an accelerator for Everbridge— we’ve got to get this right.

When hiring staff, what kind of people are you looking for that will help you drive your business?

We are strong operators and I look for senior people who are intelligent, curious, and have a track record of doing what they say they will do and being accountable. We also hire a fairly large number of people as their first or second job after college. Here, I want people with good intellects and a real hunger to learn. Just as important as people’s skills is their fit with our culture. Our teams and leaders are highly collaborative so we involve a lot of people in the interviewing process to make sure we and the candidates are excited about the opportunity to work together.

Can you tell us about your career background prior to becoming a CEO?

I have actually been a CEO for most of my professional career. My second real job as a 21 year old involved my founding of a software company. Since then I have held multiple public and private company Chairman and CEO positions. Some examples include serving as CEO of Gomez, Inc., a private company and leader in the internet performance management space, of S1 Corporation, a public company and the first to provide on-line banking in North America, and of Interleaf, a public company that provided software tools for e-content management. The common thread among the companies I have led was that they were all profitable, high-growth tech companies. Following on from this, how did you attain the position of CEO? I became CEO when Everbridge acquired a company I had founded, CloudFloor, Inc. Everbridge was looking to rebuild the core technology underpinning its platform based on a cloud infrastructure. The Cloud- Floor solution, and the management team behind it, were a great fit.

How do you think your company has performed while you have been CEO?

I set stretch goals and am a tough grader so I tend to not often be fully satisfied with how we perform. That said, we have made dramatic progress over the past 5 years on pretty much all fronts — our people, our products and the underlying platform, customer wins and follow-on purchases, and our vision for the future have led to top-of-class growth overall for Everbridge. From 2012 to 2015 we have achieved average annual revenue growth of 35-40% versus approximately 10% growth in total sales in 2010. And we have been able to achieve this growth without any new capital infusion. I am very excited about where we are and where we are going.

As CEO, what do you see as the main challenges for your company in the future?

The key challenge is to continue add and retain great people while scaling the business. As one measure, we have gone from sending under 50 million notifications in 2010 to over 1 billion in 2015, and from fewer than 20 million people connected to our solutions to over 100 million people connected today. We’ve put in place a scalable architecture on the platform side but we are going to need to hire great sales and marketing, operations, and technical staff, to continue to mature some of our operational processes, and to increase the sophistication of some of our management processes. It’s very important for us to stay ahead of the curve in these areas.

Do you have any plans for 2016 and beyond that you would like to share with our readers? We have been adding new solutions which open up new addressable markets. We have gone from two products on our critical communications platform in 2010 to seven products today. The new products leverage the power and scalability of our underlying platform. In 2016, we have announced Safety Connection, which adds a new location dimension to notifying traveling and mobile employees to keep them safe. We’ll continue to ensure that our customers have effective ways to communicate with people no matter where they are through our resilient platform and innovative applications.

Company: Everbridge
Name: Jaime Ellertson, Chairman & CEO
Web Address: www.everbridge.com
Address: North America Headquarters – East Coast, 25 Corporate Drive,
Burlington, MA 01803 USA
Telephone: 1 818 230 9700

Survey Reveals Misconceptions About Investment Performance and Risk
Due DiligenceRisk Management

Survey Reveals Misconceptions About Investment Performance and Risk

A focus on short-term financial performance and misunderstandings about the nature of investment risk may have an impact on American investors’ financial well-being. According to a new TIAA-CREF survey, 36% of respondents look to one-year performance as the most important indicator of an investment’s return, with an additional 16% looking to quarterly performance as most important. Nearly half (47%) have purchased a fund based on its performance during the previous year rather than looking at its performance over a longer-term investment horizon such as five or 10 years.

“It’s important to look at the big picture when evaluating investment performance. One year or one quarter is a short period of time when you consider that many individuals are investing for 30 years or more,” said Roger W. Ferguson, president and chief executive officer of TIAA-CREF. “Fortunately, investors can avail themselves of a range of resources, including professional financial advice, which can help them make well-informed investment decisions and build portfolios designed to meet their specific financial goals—whatever they may be.”

While investors continue to grapple with the challenges of market volatility, it’s even more critical for them to understand key investment concepts around diversification, asset allocation, risk and returns. However, among those surveyed, 71% of American investors believe they can eliminate investment risk by having a diversified portfolio; in fact, while a diversified portfolio can help to manage investment risk, there is no way to eliminate it altogether. Similarly, although investors should maintain an appropriate level of risk in their portfolios, many are unclear about how that works: 53%think that higher risk guarantees higher returns.

All investors would benefit from better access to financial education on these topics. But for Gen Y, the challenges posed by unpredictable markets and their impact on investing decisions are even more pronounced. While 29% of all respondents misunderstand the nature of various asset classes, indicating that they believe that all investments offer the same level of risk, 40% of Gen Y report the same, and 64% of Gen Y think that higher risk guarantees higher returns.

Investing for Better Outcomes

Despite some misconceptions about investment performance, American investors have a clear picture of what they want from their portfolio. Two-thirds of investors believe it’s more important that their portfolio allows them to achieve their life goals, such as funding a comfortable retirement or paying for a college education, versus one-third who place more importance on a portfolio that consistently meets specific investment criteria, such as a certain percentage return.

In order to achieve their objectives for their investments, however, investors need to ensure they are not taking actions that can undermine long-term performance. For instance, 36% of respondents say that market volatility is the most likely reason they would rebalance their portfolio – in contrast to most advisors’ recommendation to ride out market fluctuations as part of a long-term investing strategy. Fewer say they are most likely to rebalance when most advisors would recommend – at a regular time of year like a birthday (21%) or after a life change such as marriage, the birth of a child or grandchild, or the death of a spouse (20%).

“Having a well-defined vision of one’s financial goals is a good first step for investors,” said Ferguson. “Once you have set your priorities, a financial advisor can help you find the approach that is right for you. By looking at your risk tolerance and your short-term and long-term goals, a financial advisor can help you pick the investment options that may work best with your financial plan.”

No matter what’s going on in the market, TIAA-CREF has focused on delivering long-term results for our clients at competitive costs for nearly 100 years. Morningstar has awarded 65 percent of TIAA-CREF mutual funds and variable annuities overall ratings of 4 and 5 stars, and the organization has won the Lipper Award for Overall Best Large Fund Company, based on delivering risk-adjusted returns, for three years in a row.

Due DiligenceRisk Management

Shifting the Risk Landscape

Despite market fluctuations occasionally drawing deep breaths from investors as global economies endeavour to move on from the global financial crisis, investment managers have generally enjoyed returning stability and significantly improved trading conditions in recent years.

However, new and emerging challenges are shifting the risk landscape for investment managers, notably the growing threat of cyber-attacks — with cyber criminals finding ever more inventive ways to compromise systems — and increasing regulatory investigations. This poses a challenge not only for investment managers but also their insurer partners in finding ways to address the complexities as they arise and to mitigate the associated risks.

From a regulatory perspective, there is now far greater scrutiny of Financial Institutions across the US, UK and Europe. In the United Kingdom there has been an increase in the number of private warnings issued in recent years. These are a low-touch way of addressing less serious issues, as opposed to a full investigation for more serious and obvious regulatory breaches. While these, in effect, serve as a warning, usually with no lasting implications for the firm, any individuals implicated will likely see this recorded on their employment file, which could affect their prospects.

Private warnings can affect people within an organisation who may not be at the most senior levels, such as anti-money laundering officers or compliance managers. The only way they can challenge a private warning after it has been issued is via a judicial review, which is time consuming and costly. While insurance cannot fund the costs of a Judicial Review, it can provide funding to affected individuals to contest a potential action at the point where the regulator declares its intention to issue a private warning by way of a ‘minded to’ letter. This assistance can be extremely valuable for investment manager clients and is one example of how innovative insurance brokers and insurers are developing insurance products capable of meeting their needs in complex situations such as this.

Part of the issue for investment managers with much of modern-day regulation globally is that it is not prescriptive and therefore can often be difficult to interpret – or be confident you have interpreted it correctly. This has prompted many to voice the concern that it is not a question of if they have a regulatory issue but when.

There has also been an increase in more visible regulatory enforcement action, with numerous examples of investigations or fines being made against FCA-regulated entities. To date, most of the regulatory scrutiny has fallen on the banking sector and not in the investment management space. However, there are organisations within the insurance industry that are making provisions to assist investment managers as it is far better to help clients be prepared, rather than respond after regulatory action has been initiated. Regulatory investigations can take up considerable time and resources and insurance can be an effective tool to offset those costs while supporting investment managers in assisting the regulator with an investigation. Mitigation cover, which allows costs to be incurred under the policy prior to the insurer being notified, is a further development designed to help reduce or mitigate a third party claim, which is clearly valuable for both the insured and insurer.

The other issue of particular concern for many investment managers is the growing risk of a cyber breach and subsequent loss of data. This threat has also long been testing the minds of legislators as to how best to counter the threats. The EU Data Protection Directive, which will lead to specific legislation in the UK, will set out guidelines and penalties in the event that data is lost. Investors too are concerned by the threat of a cyber-attack and, in the same way that potential investors will ask if an investment manager has professional indemnity (PI) insurance, we expect investors will begin to routinely question if adequate cyber cover is in place in order to have the confidence to invest.

Part of the problem here is that while the insurance market provides a broad variety of cyber cover, through the traditional PI, crime and computer crime policies, the introduction of Cyber as a standalone product (available since the late 1990’s but something that has really come into focus in recent years) – which covers, for example, the specific costs relating to a data breach or non-damage business interruption, has caused confusion to insurance buyers.

It is not uncommon therefore to discover that clients don’t fully understand the level of cyber cover they already have and so it is for their broker to not only explain but identify any gaps. Following a broker’s assessment, some clients may say they do not want a standalone policy but it is still the broker’s job to identify the potential issues to ensure the client can make an informed choice.

Currently insurance market conditions are hugely favourable for investment managers due to the competition arising from ample capacity within the market. Investment management firms are very attractive to insurers — with a relatively benign recent claims history many insurers are keen to underwrite more business in this segment. This is also an attractive area to those insurers that used to underwrite tier-one banks and which are looking to diversify their portfolios. All of which spells good news for investment managers.

Demand for standalone cyber products is likely to increase and, given the availability of insurance capacity and the appetite of insurers to gain market share, so too will the availability of multi-year premiums with a locked in discount, which some clients have obtained this year.

Given these conditions, there is great potential for insurance to build its relationship with, and be of greater assistance to, investment management firms. The mature specialty insurance markets in London have a long history of innovation, which is a fundamental reason why London has remained a leading market for complex commercial risks globally. Brokers and insurers that are willing to identify where the exposures are for individual clients, and take a proactive approach to understanding the shifting complexities, will continue to produce innovative insurance solutions that can assist investment managers with these emerging issues, as they seek to grow their standing in this appealing area of financial services.

64% of Leading APAC Bankers Feel Unprepared for a Cyberattack
Due DiligenceRisk Management

64% of Leading APAC Bankers Feel Unprepared for a Cyberattack

As incidents of cybercrime continue to make headlines across the globe, financial institutions are giving more attention to cybersecurity, but a new survey by FICO suggests that APAC banks may be lagging. In a survey conducted at FICO’s Asia Pacific CRO Forum, 64% of senior bank executives from the region said they feel unprepared for cyber-attacks today, despite cybersecurity being a clear priority for them.

The survey showed uncertainty from bankers about their institution’s preparedness, with 55% of senior APAC bank executives were unsure if their organization currently ran regular audits of data and networks to check if the company had suffered data loss.

An additional 58% of respondents said they had not heard of a predictive analytics alternative to traditional rules-based SIEMs (security information and event management).

However, awareness appears to be rising with 73% of respondents said their CEO/ company board had prioritized a review of cybersecurity in the last 3-6 months.

The survey was conducted at the 2015 FICO Asia Pacific CRO Forum, held earlier this year in Bangkok, Thailand. A total of 34 senior risk officers and banking executives representing 23 financial institutions across the region participated.

Dan McConaghy, President of FICO Asia Pacific, said, “For many banks, cybersecurity is a shared domain of the IT and Fraud departments. In order to effectively combat ever-evolving cybercriminals, it is necessary for financial institutions in Asia Pacific to connect fraud and cyber information, systems and investigations. This holistic approach is needed to
limit damages to customers, systems and the bank’s reputation.”

FICO has leveraged extensive IP assets from its banking technology, including streaming analytics and anomaly detection techniques used within its market-leading FICO® Falcon® Fraud Manager software, for the creation of an analytics-driven cyber security solution that is highly differentiated from current industry offerings and complementary to existing infrastructures and investments.

Economic Confidence Rebounds amongst Italian Business Leaders
Due DiligenceRisk Management

Economic Confidence Rebounds amongst Italian Business Leaders

Confidence amongst Italian CEOs bounced back in the first quarter of 2015, following continued low commodity prices and the European Central Bank’s significant quantitative easing package. The YPO Global Pulse Confidence Index for Italy rose 5.3 points to 61.6, its highest level for a year.

Confidence rose in all three key indicators within the survey, with Italian CEOs reporting that they expected to increase revenue, headcount and fixed investment in the 12 months to come.

Across the European Union, CEOs remained positive about the prospects for their organisations and the wider business environment. The YPO Global Pulse Confidence Index for the EU climbed 1.3 points to 62.5, matching the record high that it achieved in the second quarter of 2014.

For the first time in the Global Pulse Index’s six-year history, EU confidence is now higher than the global composite level of 61.5, and only marginally below the world’s two most optimistic regions, Asia, which landed at 63.6, and the United States, which came in at 63.3.

“The results indicate that Italy is receiving a timely boost in economic confidence, after a challenging few years in Europe, following favorable economic policies, low fuel prices and the continued devaluation of the euro,” said Federico Grom, founder and CEO of Grom and a member of the YPO Italy Chapter. “Business leaders in Italy will likely remain cautious throughout the next year, aware of the many threats to sustained economic growth.”

The YPO Global Pulse Confidence Index declined 1.0 point in the April 2015 survey to 61.5 from 62.5. The global index continued to track closely to its peak level for the cycle, but growth prospects around the world were increasingly uneven. While confidence rose in Asia and the European Union and remained high in the United States, the indices for Latin America and non-EU Europe both tumbled to 52.4, their lowest levels since the YPO survey began.

Key findings

Italian business leaders positive about short-term business climate: Two-thirds of Italian CEOs expected the business and economic conditions affecting their organisations to improve in the next six months, with the other third predicting that conditions will remain the same.

Looking ahead 12 months, Italian business leaders were more conservative. Twenty percent indicated they expected to increase their headcounts within the year; 40% indicated increasing capital spending during the same time period.

Confidence levels converge across region: In first quarter 2015, confidence levels evened out across the major European economies, as many countries that had experienced extremely fragile levels of confidence over the past few quarters bounced back. France jumped 9.1 points to 61.2, its highest level since the second quarter of 2011, Greece climbed 8.1 points to 58.8, and Germany gained 2.6 points, landing at 60.8, its highest level since the final quarter of 2010.

In contrast, with its forthcoming national elections in the balance, confidence in the United Kingdom remained almost unchanged, edging up by just 0.1 point to 68.7, still in firmly optimistic territory.

YPO Global Pulse Confidence Index

The quarterly electronic survey, conducted in the first two weeks of April, gathered answers from 2,211 chief executive officers across the globe. Visit www.ypo.org/globalpulse for more information about the survey methodology and results from around the world.

About YPO

YPO (Young Presidents’ Organization) is a not-for-profit, global network of young chief executives connected through the shared mission of becoming Better Leaders Through Education and Idea ExchangeTM. Founded in 1950, YPO today provides 22,000 peers and their families in more than 125 countries with access to unique experiences, extraordinary educational resources, access to alliances with leading institutions, and participation in specialised networks to support their business, community and personal leadership. Altogether, YPO member-run companies employ more than 15 million people around the world and generate US$6 trillion in annual revenues. For more information, visit www.ypo.org.

Business Owners Save 300 Hours a Year with Automated Accounting App
Due DiligenceRisk Management

Business Owners Save 300 Hours a Year with Automated Accounting App

IP Commerce, Inc., developer of innovative products and services that automate business processes for small business owners, launched the newest version of Commerce Sync today.

Commerce Sync is a software application that automatically transfers sales information from a point of sale (POS) system or e-commerce solution directly into accounting software on a daily basis.

“Commerce Sync is an extremely valuable tool that helps optimize and streamline our business processes and ultimately saves us valuable time and money.”

Drawing on its profound understanding of both point of sale (POS) solutions and accounting software, IP Commerce created Commerce Sync to alleviate the burdensome task of manual accounting. The application transfers sales information, including taxable and non-taxable income, tips, discounts, sales tax and refunds – for businesses with one or many locations – into any QuickBooks or Xero account. Commerce Sync is available to business owners that use either Stripe or Clover POS for accepting payments.

U.S. small and medium sized businesses spend billions of hours each year managing their finances. Commerce Sync relieves business owners of this burden by reducing the time spent on manual data entry and increasing the accuracy of their financial accounting. In fact, Commerce Sync saves the average small and medium-sized business (SMB) 300 hours a year – the equivalent to $15,000 annually.

“As a start-up, it is imperative to make sure everything is in place as we grow,” said Bill Willkins, Founder and Chief Operating Officer of PupJoy, a Chicago-based online specialty store for dog lovers. “Commerce Sync is an extremely valuable tool that helps optimize and streamline our business processes and ultimately saves us valuable time and money.”

Commerce Sync has a simple activation process and is fully customizable. The latest version of the app introduces multiple levels of service that range in feature sophistication thereby catering to a wide range of business needs.

“We want to empower merchants to focus on what matters most – growing their business,” said Charlie Wilson, President and Chief Executive Officer of IP Commerce. “With the ultimate goal of helping small business owners and entrepreneurs succeed, we have spent the last year listening to our customers and realizing the true value of the service we offer. We are thrilled to make these innovative enhancements readily available to the market.”

Zurich Responds to International Demand for Comprehensive Cyber Policy
Due DiligenceRisk Management

Zurich Responds to International Demand for Comprehensive Cyber Policy

 It’s never been more important to protect a company’s balance sheets and reputations from cyber risk. Over the past decade we have seen an increase in the costs to organisations as a result of cybercrime and despite advances in cyber security it is clear the hacker is currently winning the battle. Data breaches, network outages, corrupt data, lost customers, regulatory fines, litigation claims, and cyber-extortion payments are issues the majority of companies rarely have the necessary resources to effectively address. Therefore, to protect and help organisations get back to business following a breach, Zurich has developed ‘Security and Privacy ‘ protection and ‘DigitalResolve’.

Zurich’s research highlighted that outside of the US global companies main cyber concern was their first party exposures as a result of a breach rather than their potential liabilities.

For this reason ‘Security and Privacy Protection’ coverage has been specifically developed to cover these first party exposures as well as cover for 3rd party liabilities and includes a new cover to provide loss of income following a data breach or damage to reputation.

‘Zurich Security and Privacy Protection’ also includes a global breach response service called ‘DigitalResolve’. Following a breach, Zurich clientswill be provided with a single dedicated Incident Manager, with 24/7/365 availability to manage the resources needed to recover from a damaging cyber event. The ‘DigitalResolve’ team of global trusted expert providers, co-ordinate and triage the cyber-attack incident response from it’s first notification right through to it’s successful conclusion. ‘

 

Hire a Hacker to Solve Cyber Skills Crisis
Due DiligenceRisk Management

Hire a Hacker to Solve Cyber Skills Crisis, Say UK Companies

UK companies admit they are considering turning to ex-hackers in a bid to stay one step ahead of cyber criminals, according to the latest research from KPMG.

KPMG surveyed 300 senior IT and HR professionals in organisations employing 500-plus staff to assess how the corporate world is ‘skilling-up’ to protect itself against cyber security breaches. The survey revealed that many companies are becoming increasingly desperate as they struggle to get the right people on board.

Nearly three quarters (74%) say they are facing new cyber security challenges which demand new cyber skills. For example, 70% admit their organisation ‘lacks data protection and privacy expertise’. The same proportions are also wary about their organisation’s ability to assess incoming threats.

The majority are candid enough to admit that the shortfall exists because the skills needed to combat the cyber threat are different to those required for conventional IT security. In particular 60% are worried about finding cyber experts who can effectively communicate with the business – vital to ensuring that cyber threat is well understood by corporate leaders outside the IT department.

While 60% claim to have a strategy to deal with any skills gaps, it is clear that there is a short supply of people with all the relevant skills. 57% agree it has become more difficult to retain staff in specialised cyber skills in the past two years. The same number say the churn rate is higher in cyber than for IT skills and 52% agree there is aggressive headhunting in this field.

According to KPMG’s research, the skills gap is forcing many companies to consider turning to ‘poachers turned game-keepers’ to keep up to speed. 53% of respondents say they would consider using a hacker to bring inside information to their security teams. Just over half (52%) would also consider recruiting an expert even if they had a previous criminal record.

Commenting on the findings Serena Gonsalves-Fersch, head of KPMG’s Cyber Security Academy, says: “The increasing awareness of the cyber threat means the majority of UK companies are clear on their strategy for dealing with any skills gaps. However, they wouldn’t hire pickpockets to be security guards, so the fact that companies are considering former hackers as recruits clearly shows how desperate they are to stay ahead of the game. With such an unwise choice on the menu, it’s encouraging to see other options on the table.

“Rather than relying on hackers to share their secrets, or throwing money at off the shelf programmes that quickly become out of date, UK companies need to take stock of their cyber defence capabilities and act on the gaps that are specific to their own security needs. It is important to have the technical expertise, but it is just as important to translate that into the business environment in a language the senior management can understand and respond to.” 

Cybercrime Incidents on the Rise
Due DiligenceRisk Management

Cybercrime Incidents on the Rise

The number of reported information security incidents around the world rose 48% to 42.8 million, the equivalent of 117,339 attacks per day, according to The Global State of Information Security® Survey 2015, released by PwC in conjunction with CIO and CSO magazines. Detected security incidents have increased 66% year-over-year since 2009, the survey data indicates.

“It’s not surprising that reported security breach incidents and the associated financial impact continue to rise year-over-year,” said David Burg, PwC’s Global and US Advisory Cybersecurity Leader. “However, the actual magnitude of these breaches is much higher when considering the nature of detection and reporting of these incidents.”

As security incidents become more frequent, the associated costs of managing and mitigating breaches are also increasing. Globally, the estimated reported average financial loss from cybersecurity incidents was US$2.7m – a 34% increase over 2013. Big losses have been more common this year as organisations reporting financial hits in excess of US$20m nearly doubled.

But despite elevated concerns, the survey found that global information security budgets actually decreased four% compared with 2013. Security spending as a percentage of IT budget has remained stalled at 4% or less for the past five years.

“Strategic security spending demands that businesses identify and invest in cybersecurity practices that are most relevant to today’s advanced attacks,” explained Mark Lobel, PwC Advisory principal focused on information security. “It’s critical to fund processes that fully integrate predictive, preventive, detective and incident-response capabilities to minimise the impact of these incidents.”

Organisations of all sizes and industries are aware of the serious risks involved with cybersecurity; however, larger companies detect more incidents. Large organisations – with gross annual revenues of US$1bn or more – detected 44% more incidents this year. Medium-sized organisations – with revenues of US$100m to US$1bn – witnessed a 64% increase in the number of incidents detected. And while risk has become universal, the survey found that financial losses also vary widely by organisational size.

“Large companies have been more likely targets for threat actors since they offer more valuable information, and thus detect more incidents,” said Bob Bragdon, publisher of CSO. “However, as large companies implement more effective security measures, threat actors are increasing their assaults on middle-tier companies. Unfortunately, these organisations may not yet have security practices in place to match the efficiency of large companies.”

Insiders have become the most-cited culprits of cybercrime – but in many cases, they unwittingly compromise data through loss of mobile devices or targeted phishing schemes. Respondents said incidents caused by current employees increased 10%, while those attributed to current and former service providers, consultants and contractors rose 15% and 17%, respectively. “Many organisations often handle the consequences of insider cybercrime internally instead of involving law enforcement or legal charges. In doing so, they may leave other organisations vulnerable if they hire these employees in the future,” added Bragdon.

Meanwhile, high profile attacks by nation-states, organised crime and competitors are among the least frequent incidents, yet the fastest-growing cyber threats. This year, respondents who reported a cyber-attack by nation-states increased 86% – and those incidents are also most likely under-reported. The survey also found a striking 64% increase in security incidents attributed to competitors, some of whom may be backed by nation-states.

Effective security awareness requires top-down commitment and communication, a tactic that the survey finds is often lacking across organisations. Only 49% of respondents say their organisation has a cross-organisational team that regularly convenes to discuss, coordinate, and communicate information security issues.

PwC notes that it is critical for companies to focus on rapid detection of security intrusions and to have an effective, timely response. Given today’s interconnected business ecosystem, it is just as important to establish policies and processes regarding third parties that interact with the business.

“Cyber risks will never be completely eliminated, and with the rising tide of cybercrime, organisations must remain vigilant and agile in the face of a constantly evolving landscape,” said PwC’s Burg. “Organisations must shift from security that focuses on prevention and controls, to a risk-based approach that prioritises an organisation’s most valuable assets and its most relevant threats. Investing in robust internal security awareness policies and processes will be critical to the ongoing success of any organisation.”

UK Pork Farmers Facing Pressure to Reduce Prices
Due DiligenceRisk Management

UK Pork Farmers Facing Pressure to Reduce Prices

The warning was issued by BPEX, the trade body for pig production in the UK, which went on to say it will detrimentally effect many Western countries, as demand drops and supply is maintained.

Mick Sloyan, the director of BPEX, said:

“This will increase competition on global markets,

“It may have some knock-on effect on the EU market and, hence, the UK,”

Russian Ban and Canada’s Woe

The ban imposed by Vladimir Putin is in response to the sanctions which have been imposed on Russia over the continuing crisis in Ukraine.

Coming into effect from last Thursday, August 7, the ban has been introduced for at least a year. All members of the EU, Australia, Canada, Norway and the US are affected alongside the UK.

With all pork producers likely to undergo further due diligence processes to understand the full potential of the ban, the biggest hit country will be Canada. Russia presently imports about 90% of its pork products, with the North American country supplying 40% of that total.

UK Demand and Chicago’s Warning

The result could see prices in the UK drop significantly, with the boss of Midland Pig Producers, James Leavesley, telling the BBC:

“If Russia bans pork from other countries there is a danger it could be dumped into the UK market,”

With prices falling already and low margins as a result, Mr Leavesley fears for the future of the industry. His fears could be backed up by results overseas.

Chicago is seen as a benchmark for global pork pricing with ‘Lean Hog’ futures and options traded on the Chicago Mercantile Exchange (CME). After peaking in July the market has seen a fall of 18%.

At the time of writing, the market price was hovering at around 114¢.

Ameripact Announces Due Diligence Packet for Real Estate Market
Due DiligenceRisk Management

Ameripact Announces Due Diligence Packet for Real Estate Market

Ameripact, the real-estate service platform, today released its latest home-buying efficiency and money-saving tool, the Due Diligence Packet, a lender quality portfolio of unbiased information that includes everything a buyer needs to quickly close on a home sale.

“The mission of the Due Diligence Packet is very simple. It creates trust, reduces risk, and provides unprecedented convenience to agents, home sellers, and homebuyers,” explained Ameripact CEO and founder, Haresh Sangani. “We strongly believe that this is the natural direction the real estate marketplace has to move towards. The technology is there, the consumers and brokers are hungry for it, and the right business model is finally here.”

The Ameripact Due Diligence Packet equips homebuyers with the following information upfront:

• The Summary Report

• The Title Report

• The Certified Residential Appraisal

• The Licensed Inspection

• Earnest Money Protection

This benefits all parties, encouraging more offers, reducing the chances for future renegotiations, and reducing the risk of time and money lost from transactions falling through after having been mutually accepted. Ameripact is so confident in the Due Diligence Packet, they back it up with the industry’s first Earnest Money Protection.

“‘Ameripact is not only great to work with but the Ameripact Certified properties consistently receive multiple offers from qualified buyers of 10-15% over listing price with no inspection or appraisal contingencies. My sellers are happy and I’m impressed,” said Shawn Lee, Managing Broker, Big Sound Homes Team, Keller Williams Realty GSRE. Beyond helping agents attract cleaner and better offers, the Ameripact Due Diligence Packet service creates another venue for marketing their listed properties.

“The Ameripact Due Diligence Packet is only the first of many technology enabled services we have in the works. We will continue to offer additional solutions to fill the gaps in the real estate equation,” said Sangani.

Ximen Due Diligence Agreement with Huldra
Due DiligenceRisk Management

Ximen Due Diligence Agreement with Huldra

The agreement has been reached for the purposes of determining the feasibility and conditions of a proposal for the acquisition of Huldra Silver.

The transaction is subject to approval from the court and the creditors in the CCAA proceeding and the TSX Venture Exchange. Ximen intends to commence legal, financial and commercial due diligence shortly.

Ximen Mining Corp. is a publicly listed company trading on the TSX Venture under the symbol ‘XIM’, and is also listed on the Frankfurt, Munich and Berlin Stock Exchanges in Germany under the symbol ‘1XM’ and a German Securities Number of ‘A1W2EG’.