Due Diligence

The Shifting Cyber Threat Landscape

An image of a lock followed by colorful tendrils.

With the rapid acceleration of cloud software, Internet of Things (IoT) and advancements in FinTech, the financial and technology industries saw significant increases in cyberattacks over the past year. Attackers find vulnerabilities in supply chains and software, capitalize on lax security updates and use social engineering to manipulate end-users.

As hackers become more creative in their subversive techniques, businesses need to become more proactive in educating their workforce and stepping up their cyber incident response plans. Businesses should consult with their vendors, third-party suppliers and stakeholders in every business unit to ensure continuity, mitigate risk and verify that security measures are being employed and regularly updated.    

Below are summarized findings from the recent NTT Security Global Threat Intelligence Report that focus specifically on the finance and technology sectors in the Americas, which account for the most highly targeted attack sectors in this region. Recommendations from the National Institute of Standards and Technology Framework are included here as well. Organizations can also look to the Department of Homeland Security’s National Cyber Incident Response Plan for guidance on dealing with and addressing cyber incidents. 

Finance and Technology Top the List of Targets

Attacks to the finance sector nearly tripled, accounting for 43 percent of attacks compared with 15 percent the previous year. Attacks targeted at the technology industry sector increased to 27 percent of attacks, up from 11 percent in the previous year. For comparison, manufacturing was the most attacked sector in 2016, with 23 percent of attacks, but has since fallen to five percent of attacks in 2017.

Stacy Mendoza, Digital Marketing Specialist

8 Keys to Ensure Ethical Sourcing Standards

An image of gears with text overlay that has ethical statements.

In my last blog, I spoke about ethical sourcing and the many benefits it can have for your company. Seems like a no-brainer, right? When attempting to put in a plan to obliterate unethical practices in your supply chain, it starts to be risky business. The best way to mitigate risk is to set up a solid plan and be diligent about following through with it. 

In my research to find a clear plan to mitigate unethical practices, I found a slew of proposed methods. Unfortunately, I felt that many of them seemed too simple—basically, too easy and too good to be true. I finally came across a solid and thorough plan proposed by Declan Kearney, the founder of 360° Supplier View, who shares tips with companies to ensure ethical sourcing practices in their supply chain.

Do Your Research

Make sure you do your research on your suppliers…and their suppliers. With myriad complex regulations now put in place, go out and learn from case studies and the resources that will act as a survival guide as you attempt to research your vendors and suppliers.

Stay Away from the Fat Cat

Assess whether the higher-ups in your supplier organization are well known or politically aligned. These individuals are more susceptible to bribery or corruption.

Hailey Corr, Junior Editor and Marketing Associate, Outsource and SIG

The Business Case for Ethical Sourcing Practices

Ethical sourcing best practices.

In my time working in the sourcing sphere I have become passionate about ethical sourcing. Mexico, where I have lived for nearly eight years, is where many companies source cheap, nearshore labor and is a resource for bilingual, cost-saving talent. I have witnessed unethical sourcing practices in my time here and I am always looking to educate myself and others on the benefits of ethical sourcing. As companies chase better costs to remain viable, the possibility of building a supply chain with poor ethical practices increases. Ensuring ethical sourcing practices in your supply chain can be labor intensive but the benefits are immense.

According to the  Chartered Institute of Purchasing & Supply (CIPS), ethical sourcing is the process of ensuring the products being sourced are obtained in a responsible and sustainable way, that the workers involved in making them are safe and treated fairly and that environmental and social impacts are taken into consideration during the sourcing process. Ethical sourcing also means the procurement process respects international standards against criminal conduct and human rights abuses and responds to these issues immediately if identified. 

The good news is that  84 percent of businesses report having a supplier code of conduct  in place to ensure ethical sourcing practices.

Hailey Corr, Junior Editor and Marketing Associate, Outsource and SIG

Sports Contract Negotiations: A Holdout that Worked

With global sports industry revenues over $145Bn and growing at a rate of 3.7% over the past 4 years, it is evident now more than ever, that behind the tackles and buzzer beaters, sports remains a business. Negotiations in business are usually governed by several tangible measurable data points that are indicative of future performance. Given below are a few aspects that are unique to negotiations in the sports industry:

Ajay Perumal, Senior Associate, GEP

Do Your Homework to Meet Regulatory Demands

The global regulatory environment is heating up – and not just because it's summer. As government enforcement actions capture headlines, corporate leaders are rightfully concerned about whether their due-diligence strategy can hold up to the increased scrutiny. Richard Girgenti, KPMG LLP's National and Americas leader for Forensic Advisory Services, wrote in an article in Metropolitan Corporate Counsel recently, that the rapid and ongoing nature of regulatory changes, the array of agencies involved in bringing enforcement actions and the aggressiveness with which they are enforcing such actions are resulting in "record fines and penalties, class action lawsuits, lost earnings and reputation damage." Girgenti would know, having more than three decades of experience – not just in advising organizations but in conducting investigations and overseeing policies on the enforcement agency side of the coin. So, what does he see as some of the top of mind issues for corporate leaders who want to stay out of hot water with regulators?

Three Enforcement Areas that Demand Enhanced Due Diligence

Mark Dunn, Segment Leader, Entity Due Diligence and Monitoring, LexisNexis