Climate Change is Real and Hurts Our Industry
While many aspects of managing environmental risks are very complicated, sometimes the direct relationship of a cause and its effect is clear.
In October of 1948, a historic air inversion over Donora, Pa., acted like an upside down fish bowl and trapped a layer of pollution from the local zinc and steel plants. Sulfuric acid, nitrogen dioxide, fluorine and other poisonous gases that usually were dispersed into the atmosphere mixed with fog to create a deadly smog. Twenty people died and 7,000 became ill, some seriously. Sixty years later, the New York Times described it as “one of the worst air pollution disasters in the nation’s history.” (Nov. 1, 2008)
As I tell my friends, “if you want to be a climate change denier, do it quietly, alone, so others don’t know how foolish you are!”
Dr. Devra Davis, director of the Center for Environmental Oncology of the University of Pittsburgh Cancer Institute, after a long study, concluded that the pollutants trapped by stagnant air were the primary cause of deaths (Pittsburgh Gazette, Oct. 21, 2008).
While the science behind climate change is on a much larger scale than the Donora smog, the cause and effect are still the same. When we put a lot of “bad stuff” into the environment over a period of time, we are not going to like the results.
And who puts that “bad stuff” in the environment? Man does. We do. Climate change is man made, man caused. As I tell my friends, “if you want to be a climate change denier, do it quietly, alone, so others don’t know how foolish you are!”
In the recently concluded National Climate Assessment, White House Science Advisor John Holdren said, “The study is the loudest and clearest alarm bell to date signaling the need to take urgent action to combat the threats to Americans from climate change.” If you need more persuading, read the report here.
Most of us probably studied something other than science in school. That is not a reason to dismiss science. Science gave us a cure for polio, put a man on the moon and an iPhone in your pocket.
I can only guess at the motivations of some politicians who think climate change is a hoax, but we are an industry that studies facts, patterns and prior results. When you study the facts about climate change, I have no doubt you will be in agreement — climate change is real. It is happening.
Changing weather patterns are having an effect on our business. Droughts, wildfires, hurricanes, etc. … I understand energy fuels our economy. I would not advocate not using oil, coal or gas, which all generate emissions. I just believe they need to be used in a cleaner way. At the same time, wind, solar and nuclear have a role to play as well.
Not dealing with the issue of climate change has and will continue to have an adverse effect on our business.
When our industry sounds an alarm, people usually listen. It is time to clang the alarm.
Read all of Joe Boren’s Risk Insider contributions.
6 Non-Cyber Risks for Technology Companies
The Risk List is presented by:
5 & 5: Rewards and Risks of Cloud Computing
Cloud computing lowers costs, increases capacity and provides security that companies would be hard-pressed to deliver on their own. Utilizing the cloud allows companies to “rent” hardware and software as a service and store data on a series of servers with unlimited availability and space. But the risks loom large, such as unforgiving contracts, hidden fees and sophisticated criminal attacks.
ACE’s recently published whitepaper, “Cloud Computing: Is Your Company Weighing Both Benefits and Risks?”, focuses on educating risk managers about the risks and rewards of this ever-evolving technology. Key issues raised in the paper include:
5 benefits of cloud computing
1. Lower infrastructure costs
The days of investing in standalone servers are over. For far less investment, a company can store data in the cloud with much greater capacity. Cloud technology reduces or eliminates management costs associated with IT personnel, data storage and real estate. Cloud providers can also absorb the expenses of software upgrades, hardware upgrades and the replacement of obsolete network and security devices.
2. Capacity when you need it … not when you don’t
Cloud computing enables businesses to ramp up their capacity during peak times, then ramp back down during the year, rather than wastefully buying capacity they don’t need. Take the retail sector, for example. During the holiday season, online traffic increases substantially as consumers shop for gifts. Now, companies in the retail sector can pay for the capacity they need only when they need it.
3. Security and speed increase
Cloud providers invest big dollars in securing data with the latest technology — striving for cutting-edge speed and security. In fact, they provide redundancy data that’s replicated and encrypted so it can be delivered quickly and securely. Companies that utilize the cloud would find it difficult to get such results on their own.
4. Anything, anytime, anywhere
With cloud technology, companies can access data from anywhere, at any time. Take Dropbox for example. Its popularity has grown because people want to share large files that exceed the capacity of their email inboxes. Now it’s expanded the way we share data. As time goes on, other cloud companies will surely be looking to improve upon that technology.
5. Regulatory compliance comes more easily
The data security and technology that regulators require typically come standard from cloud providers. They routinely test their networks and systems. They provide data backups and power redundancy. Some even overtly assist customers with regulatory compliance such as the Health Insurance Portability and Accountability Act (HIPAA) or Payment Card Industry Data Security Standard (PCI DSS).
1. Cloud contracts are unforgiving
Typically, risk managers and legal departments create contracts that mitigate losses caused by service providers. But cloud providers decline such stringent contracts, saying they hinder their ability to keep prices down. Instead, cloud contracts don’t include traditional indemnification or limitations of liability, particularly pertaining to privacy and data security. If a cloud provider suffers a data breach of customer information or sustains a network outage, risk managers are less likely to have the same contractual protection they are accustomed to seeing from traditional service providers.
2. Control is lost
In the cloud, companies are often forced to give up control of data and network availability. This can make staying compliant with regulations a challenge. For example cloud providers use data warehouses located in multiple jurisdictions, often transferring data across servers globally. While a company would be compliant in one location, it could be non-compliant when that data is transferred to a different location — and worst of all, the company may have no idea that it even happened.
3. High-level security threats loom
Higher levels of security attract sophisticated hackers. While a data thief may not be interested in your company’s information by itself, a large collection of data is a prime target. Advanced Persistent Threat (APT) attacks by highly skilled criminals continue to increase — putting your data at increased risk.
4. Hidden costs can hurt
Nobody can dispute the up-front cost savings provided by the cloud. But moving from one cloud to another can be expensive. Plus, one cloud is often not enough because of congestion and outages. More cloud providers equals more cost. Also, regulatory compliance again becomes a challenge since you can never outsource the risk to a third party. That leaves the burden of conducting vendor due diligence in a company’s hands.
5. Data security is actually your responsibility
Yes, security in the cloud is often more sophisticated than what a company can provide on its own. However, many organizations fail to realize that it’s their responsibility to secure their data before sending it to the cloud. In fact, cloud providers often won’t ensure the security of the data in their clouds and, legally, most jurisdictions hold the data owner accountable for security.
Risk managers can’t just take cloud computing at face value. Yes, it’s a great alternative for cost, speed and security, but hidden fees and unexpected threats can make utilization much riskier than anticipated.
Managing the risks requires a deeper understanding of the technology, careful due diligence and constant vigilance — and ACE can help guide an organization through the process.
To learn more about how to manage cloud risks, read the ACE whitepaper: Cloud Computing: Is Your Company Weighing Both Benefits and Risks?