IT Flushes Out Risk Factors ...

Computerworld -

Peter Morgan, vice president of marketing at OpenPages Inc.

... to minimize their effects on the business. "The key goal of operational risk is not to eliminate it but to give visibility to it," says Patrick O'Brien, director of product management at OpenPages Inc. in Waltham, Mass. After all, he deadpans, "things will go wrong." But if you can identify risk variables in advance, monitor them and measure their ramifications, you can mitigate or even avoid them, suggests Peter Morgan, vice president of marketing at OpenPages. Morgan says the company's suite of governance, risk and compliance management software can ingest data from finance, operations and sales management systems and warn corporate execs when the business is teetering into dangerous territory. For example, a new operational risk management module, called OpenPages ORM, can determine when employee turnover in a manufacturing operation is going to hamper production and will automatically signal the folks in human resources to beef up recruiting efforts for assembly-line workers before the situation becomes critical. Morgan says that IT will also be getting domain-specific views of risk awareness via a separate module that's expected to be ready by midyear. Pricing for the OpenPages software starts at about $2,000 per seat.

Todd Underwood, chief operations and security officer at Renesys Corp.

You can monitor for BGP injection ...
... attacks, although you can't prevent them. You read here in the Jan. 30 issue that "there isn't a darn thing you can do" to protect yourself from attackers exploiting the Border Gateway Protocol and hijacking your IP addresses. Well, that's not completely true. You can't stop evildoers from stealing lists of IP addresses via the BGP injection method. But Todd Underwood, chief operations and security officer at Renesys Corp. in Manchester, N.H., contends that you can do something about what he calls "network identity theft." His company's Routing Intelligence service monitors whether your IP addresses are being advertised as belonging to an inappropriate network. It can alert you in as little as five minutes after an incident takes place, Underwood says. If you do receive an alert, you will need to contact the Internet service provider used by the bad guy. The ISP's duty is to shut down the attacker, says Underwood. He warns that the BGP injection threat "is scary, and it's not fictional." So do something. The Renesys service starts at $1,000 monthly per named user, who is generally your network admin.
Government funding helps kick-start ...
... user-focused IT management institute in Kentucky. Not yet officially launched, the Infrastructure