During the World Economic Forum’s annual summit, commonly referred to as the Davos Summit, a large number of world leaders and influential people gather to discuss various topics of global concern. The 2013 summit, held in January, saw the introduction of the 2013 Global Risk Report, presented by the Risk Response Network.
See this link for the full report: http://reports.weforum.org/global-risks-2013/
The report categorizes risk in the following way:
• Economic
• Environmental
• Geopolitical
• Societal
• Technological.
It is interesting to note that technology is listed as one of the 5 categories. This confirms the growing realisation that Technology is no longer a support function in our lives. It is a core function and has been for some time now. By the same token, it is likely that IT and related technology are core to your firm. Without it, your firm will not exist.
Risks are measured based on two criteria:
• The Impact (if the risk were to occur)
vs.
• Likelihood (to occur in the next 10 years)
The Technology chart in the Global Risk Report, lists one of the main risks as the “Massive Incident of data fraud / theft”. The description for this is defined as:
“Criminal or wrongful exploitation of private data on an unprecedented scale”
To put this into perspective, this risk rated as high as, the risk of “Mineral resource supply vulnerability”. The risk of data and identity theft is hence considered a very real threat across the globe and should be viewed as such within each business. As a conveyancer with loads of personal data in your possession, you are by default a soft target. Individuals are equally so and we therefore need to be careful about the ease with which we divulge our own personal information.
The theft of the data residing in a single bank practice would qualify as a “Massive Incident”. These institutions will need to implement programs to curb this risk, which means the requirements will be passed on to the firms. Some have already started to. In addition, the Protection of Personal Information Act will require the same.
As a business partner of banks, one needs to be asking the following questions: How does the risk of data and identity fraud impact my firm, and what should I do about it. The short answer; implement a management system that will ensure the security of your information. The good news is that there are tools available to do this with minimal impact to your business.
Start the process sooner rather than later to ensure that:
• Your clients are put at ease that their information is in safe hands
• You retain a good relationship with the bank
• Your firm avoids making headlines for the wrong reasons.
Contributed by Keyphase Technologies.
Keyphase Technologies was founded in 2010, with specific focus on Information Security Management. The ComplianC Software from Keyphase is targeted at PoPI, enabling law firms to comply with the least amount of effort. Dedicated to helping our clients to comply with legislation, we design, implement and automate the business processes required for compliance. Read more at keyphase.co.za, or send an email to info@keyphase.co.za