What might be the ultimate risk management machine, is called a ‘High Reliability Organization’ (HRO). HRO can be thought of as a very advanced version of continuous quality improvement that extends to the performance of an entire organization. Two…

Risk practitioners tend to categorize risks based on the level of knowledge about the occurrence (known or unknown) and the level of knowledge about the impact (known or unknown).[1]  Known risks can be prioritized by level of impact and…

Healthcare security professionals today are directly impacted by the reality of a rapidly changing environment. The security function, as with many others, is being asked to do more with less, while addressing a frightening range of new and increasing…

Wikipedia defines social engineering, in the context of information security, as the “psychological manipulation of people into performing actions or divulging confidential information.” Our increasing reliance on vast networks of digital technology for information storage, research, controls, and transactions…

The climax of the Academy Awards is imminent, with the announcement of the Best Picture unfolding on the stage. A PricewaterhouseCooper employee has just two red envelopes left in her briefcase. She inadvertently pulls the wrong one, and Faye…