Read the latest insights from the Camms team.
Adam Collins | October 2, 2020
We are excited to announce that our industry recognized Risk Management Software Solution, Camms.Risk, was yet again named as a “High Performer” in the GRC software category by G2 in their Fall 2020 report. This marks the 3rd consecutive quarter in 2020 Camms.Risk has been recognized by G2 in its quarterly Grid report.
Daniel Kandola | October 1, 2020
Transferring products from A to B quickly and efficiently is the name of the game in the constantly moving world of transportation and logistics. Unfortunately, a myriad of variables means this process is rarely as easy as ABC at the best of times – and 2020 is proving more algebra than alphabet. Navigating a clear course within the sector has never been so challenging. Existing risks have been overshadowed – or in some cases accelerated – by an unprecedented global event that has brought the importance of organisational resilience into sharp focus: the COVID-19 pandemic.
Beau Murfitt | September 25, 2020
Major banking institutions have been at pains to stress their determination to overhaul their ability to combat financial crime of late – following a string of high-profile corruption scandals. Unfortunately, these claims appear to be words without substance after a disturbing tale of leaked documents, dirty money, and international crime emerged – one that sounds more like something from a Netflix crime drama than the world of regulatory compliance.
Daniel Kandola | September 17, 2020
The rapid spread of the COVID-19 pandemic has completely blindsided society in 2020, with devastating effect. But was this cataclysmic event a black swan? It appears not. According to the National Risk Register – an overview of the risks of major emergencies that could impact the UK in the next five years – the threat of a pandemic was firmly on the government’s radar: “experts agree that there is a high probability of another influenza pandemic occurring, but it is impossible to forecast its exact timing or the precise nature of its impact.” In fact, of all the high consequence risks outlined in the register – from severe weather to terrorist attacks – a pandemic was considered to have the highest potential impact.
This threat wasn’t classified information reserved for senior figures in Whitehall; it had filtered down to local government level. Take Camden Council, for example, which – like other local authorities – already had information about pandemic risk fed to them by Public Health England. Camden subsequently rated a ‘pandemic flu’ as a 4/5 likelihood and 5/5 for potential damage on its risk register – proof that more high-profile risks like terror and cyber-attacks weren’t their only focus when it came to organisational resilience.
Daniel Kandola | September 10, 2020
What a difference a year can make. Cast your mind back to 2019: the global defence sector was on the offensive due to budget increases and military modernisation was the plan of attack, as growing security concerns forced governments to invest heavily in new equipment. So much so that international defence expenditure was forecast to grow between 3% and 4% in 2020 to reach an estimated US$1.9 trillion – driven by increased spending in the US, Russia, China and India.
Daniel Kandola | September 2, 2020
Successful organisational resilience relies heavily on the four sights: insight, foresight, oversight and hindsight. Unfortunately, anticipating and preparing for sudden
Warwick Kirby | August 24, 2020
McKinsey & Company published an insightful article in March 2020 – Beyond coronavirus: the path to the next normal.
Kevin Sneader and Shubham Singhal stated, that to win the war against Coronavirus required action across five horizons: Resolve, Resilience, Return, Reimagination, and Reform.
Brad Smith | August 5, 2020
The impact of the massive global disruption from the COVID-19 pandemic during 2020 has been felt in virtually every organizsation, workplace, and household around the world. With or without an effective vaccine, the pandemic’s far reaching impacts will be felt globally for some time to come.
Brad Smith | July 28, 2020
We all know that reporting safety incidents in the workplace is essential to managing risk, but with the advent of COVID-19 the relationship between risk and incident has taken on a whole new meaning.
Camms | July 23, 2020
Camms has continually evolved since we were founded in 1996! With nearly 25 years of experience in business software solutions, we have continually invested in making our software right for supporting organizations to achieve their goals.
Camms | June 11, 2020
To provide our customers with assurance around Camms' ongoing commitment to information security management, we are pleased to announce that we have recently achieved certification of the ISO 27001:2013 standard for our major offices around the globe. This followed an in-depth set of assessments over the past 6 months including onsite audits in all locations.
Camms | June 4, 2020
The largest implementation partner of Adaptive Insights in the APAC region, GK Horizons, are trusted by their customers across various industry verticals to improve not only their financial insights but their business agility and overall performance.
Brad Smith | June 1, 2020
Today’s climate proves that both local and global events can significantly impact the strategy and operations of an organisation. With key attributes in today’s volatile and uncertain environment being agility and flexibility,
Camms | April 21, 2020
Tomorrow needs pace, agility and quick decisive management. Today is the day to invest in the right risk management software. Rapid change is a constant in today’s environment.
Yasith Fernando | November 25, 2019
Sustainable Software Development refers to a set of principles and practices which enables a team to maintain an optimal speed in development indefinitely for the sustainability of the development team and ergo, the company.
If you’ve been following the news in 2020, and let’s be fair, who hasn’t, you may have noticed – between the headlines of US election drama and burgeoning pandemic numbers – that cyber crime is well and truly on the rise.
From Australian Prime Minister, Scott Morrison’s alarming announcement in June, that a foreign government had been discovered undertaking “malicious” cyber attacks against Australian government agencies; to the numerous hacking scandals plaguing the 2020 US election race.
But it’s not just the largest organisations who are at risk of cyber attacks – many organisations and businesses moving to work-from-home arrangements earlier this year fell victim to opportunistic cyber criminals, making the most of easy access to remote IT systems.
In September, global IT and tech news site ZDNet, reported that there had been a “sharp rise in sophisticated hands-on hacking campaigns” in 2020, with the first half of the year showing more incidents than all of 2019.
The findings came from a report from cyber security company Crowdstrike, and were based on “potential hands-on intrusions” identified by their research team.
“The first half of 2020 saw 41,000 intrusions, a higher figure than the 35,000 detected during all of 2019, according to the company,” Danny Palmer, author of the ZDNet article reported.
“Hands-on campaigns are based around hackers gaining access to the network – often via leaked or stolen credentials to an employee account or an exposed RDP server – then using the legitimate access those accounts or systems offer to move across the network, gradually securing the means to gain more and more access.”
This type of “hands-on” cyber crime is often much more difficult to identify than larger-scale hacks, as access is being gained from a legitimate source or account.
“It used to be that this type of sophistication was reserved for nation-state-backed hacking groups, but now it’s regularly demonstrated by cyber criminal gangs too.”
But even before remote working became the norm this year, business experts were acutely aware of the increasing risks of cyber crime.
According to the ninth Allianz Risk Barometer report, released in January this year, “Cyber incidents” outranked “Business interruption” by 2% as “the most important business risk globally”, for the first time in the reports’ history.
Rising to first place from its previous ranking of 15th place just seven years ago, this shows that an increased reliance on IT systems and data, as well as the rising number of high-profile incidents, has made businesses (and the boards that govern them) more aware of their digital vulnerabilities.
But how can businesses stay on top of these risks, to reduce the regularity and severity of incidents?
According to a recent article from Andrew Tillett, Political Correspondent for the Australian Financial Review, the Australian Government, along with the Australian Cyber Security Centre, believe that the best way to reduce cyber incidents is to report, and share them.
“To counter the proliferation of online threats – which range from crudely worded criminal scams exploiting the COVID-19 pandemic through to persistent attacks by foreign governments – the Morrison government has unveiled a $1.7 billion cyber security strategy,” Tillett writes.
“The strategy includes hiring an extra 500 cyber spies, greater information sharing of cyber threats, new powers for the cutting-edge Australian Signals Directorate to step in and protect computer networks and obligations for critical infrastructure providers to strengthen their cyber security defences.”
Under this new cyber security strategy, critical infrastructure providers in Australia – including banks, defence contractors, and power and telecommunications companies – will be obligated to report cyber security incidents to the Australian Cyber Security Centre for greater transparency.
This is on the back of the Centre finding that the private sector has been underreporting cyber incidents, to the detriment of their peers.
“The centre’s threat report, released last month, showed the agency responded to 2266 cyber incidents in 2019-20, with federal and state governments responsible for 35 per cent of reports,” Tillett writes.
While Australian Cyber Security Centre head Abigail Bradshaw believes this could be due to private entities wanting to “protect commercial reputation” or “concern about market response”, her message is clear: reporting cyber breaches not only protects you, it will also protect the “next victim”.
So who is responsible for tracking and reporting cyber incidents within large organisations? And what’s the best way to ensure cyber risks are managed to avoid major security breaches and incidents occurring in the first place?
According to Adam Collins, Chief Product Officer at Camms, cyber risk management should be a top-down approach, with board directors and business leaders identifying key cyber risks which can then be managed, tracked and ultimately reported, for rapid responses and transparency.
“With the increasing numbers of cyber crime, and Government mandates for cyber risk reporting on the horizon, now is the time to manage your risk in a systemised and transparent way,” Adam said.
“Visibility of cyber risks at the right levels, including the very top, is essential to managing risk and ensuring that those responsible for compliance have all the information they need.
“This requires an integrated system, like Camms.Risk, that can provide large organisations with a consistent view of how all risks, including cyber and IT, are maintained and controlled; a simplified approach to compliance across key regulatory frameworks related to information security; and the ability to respond to cyber and IT breaches quickly to keep key stakeholders informed.”
Camms.Risk is an intelligent and flexible risk management software that provides critical insights and decision making in a fast paced, ever-changing business environment. It’s the best tool to manage risk, including cyber and IT risks.
Principal Consultant, GRC