US Bans Component Makers From Selling Parts to ZTE

The US Commerce Department has prohibited component makers from selling to ZTE. The action has caused the stock of various component makers to drop. Acacia Communications Inc. (NASDAQ: ACIA) receives 30% of its total revenue from ZTE and saw its stock drop over 30%. Oclaro Inc (NASDAQ: OCLR), received 18% of its revenue from ZTE and experienced a drop of over 15%.

Implementing ISO 31000:2018 and  assessing risk is one method of mitigating the effects of losing a supplier. Clause 6.4.2 tasks the organization with identifying uncertainties. Geopolitical activities would be  indicators of emerging risks. The recent political change in the USA would need to be evaluated. Clause 6.5 discusses risk treatment. In this case diversification of the customer base to mitigate the loss of a single customer could be undertaken by the organizational leadership. Insurance against geopolitical events would also be a way of reducing the impact of losing customers.

Structural issues with the organization my continue for many years before a geopolitical event may disrupt your business. We recommend assessing risks and opportunities periodically during the business cycle and taking long and short term measures to exploit upside risk while minimizing downside risk.

Canary Islands Hit By More Than 70 Tremors

La Palma has experienced 70 small quakes between Monday and Wednesday between 1.5 and 2.6 on the Richter scale.

A statement by the government given to Express.co.uk:

“Given the increase in seismic activity recorded on the island of La Palma, the Ministry of Territorial Policy, Sustainability and Security of the Government of the Canary Islands, in application of the Special Plan for Civil Protection and Emergency Care for Volcanic Risk (PEVOLCA), has convened tomorrow Friday, February 16, a meeting of the Scientific Committee of Evaluation and Monitoring of Volcanic Phenomena.

“On the agenda of the meeting, which will be chaired by the Deputy Minister of Environment and Security, Blanca Delia Pérez, will be to discuss the precursors and parameters of seismic activity on the island in recent weeks; assess the activity and evolution forecast, and appoint the sole representative of the Steering Committee.

“The Scientific Committee for Evaluation and Monitoring of Volcanic Phenomena is formed, in addition to the Government of the Canary Islands and representatives of the General State Administration, by the National Geographic Institute (IGN); the Superior Council of Scientific Investigations (CSIC); the Canarian Volcanological Institute (Involcan); the Geological and Mining Institute of Spain (IGME); State Meteorological Agency (AEMET); Spanish Institute of Oceanography (IEO); specialists of the two Canarian universities (ULPGC and ULL) and representatives of other prestigious institutions in the study and research of volcanology in the Canary Islands.

Bill Bans US Government Use Of Huawei or ZTE

  • HR 4717 prohibits the US government from procuring  “covered telecommunications equipment or services”
  • Equipment made by Huawei Technologies Company or ZTE Corporation
  • an entity that uses any equipment, system, or service that uses covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system.

A recently introduced bill in the US House of Representatives threatens to ban the use of ZTE and Huawei equipment by the government. It also prohibits contractors who use equipment made by those companies. Portfolio diversification is important in investing and business. A diverse portfolio of services would allow a supplier to continue doing business in the event of a product embargo. Supply chain risk should become part of your risk register for business continuity.

Contact us if you need assistance with establishing or updating your ISO 22301 program. Our certified professionals can assist with your business continuity needs.

USGS warns of 8 California volcanoes

  • USGS has classified California volcano hazard zones
  • Very-high threat: Mount Shasta, Lassen Volcanic Center and Long Valley Volcanic Region
  • High threat: Clear Lake Volcanic Field, Medicine Lake Volcano and Salton Buttes
  • Moderate threat: Ubehebe Crater and Coso Volcanic Field

The International Volcanology Assembly is meeting August 14-18 with planned fieldtrips to some volcanic hot spots along with symposia covering a broad variety of volcanological fields with plenary speakers emphasizing integrative and intersecting themes. There will be much discussion over the very high threat volcanoes in the area.

The eruption of Eyjafjallajökull in 2010 shut down European airspace for a week. The International Air Transport Association estimated that the impact was $200 million per day and the total loss for the industry was around $1.7 billion. Over 95,000 flights were cancelled during this time.

Can your business continue to function with air travel disruptions? Do you have alternate transportation available? These are questions that should be asked when establishing a Business Continuity Plan. California businesses should take this time to revise their list of BCP risks. An eruption could disrupt business travel and impact airlines and their supply chain.

If your small business does not have a Business Continuity Plan, now is a great time to get started. Contact us today to speak to one of our implementation specialists.

Initial Coin Offerings Hold New Risks

  • Almost $50M in ETH stolen in a month
  • SEC rules crypto currencies are securities
  • ICOs now need securities registration

Cryptocurrencies and Blockchain hold many potential benefits in the economy of tomorrow. Businesses may choose to accept payment in Cryptocurrency as an alternative to credit cards, checks, or ACH. Ethereum is a decentralized computing platform and blockchain. Within Ethereum there is a crypto currency, Ether. There is also a way of issuing smart contracts.

Thieves love anything of value. Almost $50M in ETH has been stolen in multiple incidents. One recent trend is to exchange Cryptocurrency for future services in an Initial Coin Offering. The SEC announced today that ICOs are securities.

The SEC said in its report it has decided not to bring civil charges at the end of its probe into The DAO, but instead use the case as a cautionary tale for the market.

Cryptocurrencies and ICOs are a new frontier. This newness means that risks are still unknown. Where there is great risk there is great reward. Remember to tread carefully in this new territory.

Defend against Industrial Espionage if laptop ban extended

Homeland Security has banned laptops in the cabins of US bound flights from 10 airports in the Middle East and Africa. Rumors are circulating that the ban will extend to European airports. This will be a major inconvenience to business travelers, but can also result in losses to companies.

Valuables such as laptops or camera equipment should not go in checked luggage. Airport employees, including those in security, are known for stealing from checked luggage. Trust European airport employees as you would their US counterparts. Theft of company equipment is annoying and costly for a large cap corporation, but could be crippling for a microcap company.

Another downside of a potential laptop ban is the loss of billable hours. Over half of employees prefer to work on the plane. The National Trade and Tourism Office reports 4.9 million passengers flew overseas and 1.9 million travelled to Europe. If they were unable to work on the plane, the total number of billable hours lost at an average of $76/hr. could be as high as $500M.

Productivity issues are small compared to FBI information that says economic espionage costs US businesses nearly $500B per year. Laptops transported in checked luggage are excellent targets for IP theft. The FBI and other officials know that US allies have a history of spying on private sector companies. The French version of the CIA enabled France to win a $1B contract to supply military equipment to India by learning about competing bids. Stealing bid pricing is convenient, but marketing plans, customer lists, supplier lists, and other material could give a competitor an edge or a new competitor could enter the market if certain information fell into the wrong hands.

No commercial measures are foolproof, but these are some hints to help you prevent foreign officials from accessing your data:

  • Do not have data on your computer that could someone could access in the luggage screening area
  • Your hard drive can be copied by authorities
    • If your drive is unencrypted they now have all your files
    • If your drive is encrypted they try to break the encryption or guess your password
  • Consider carrying a “burner” laptop for your business trip
    • Chromebooks or Windows 10S systems that use only a web browser are a better option
    • Do not have the browser remember your password
    • Do not check “remember me” when logging into a site
    • If authorities decide to keep your laptop it’s only a financial inconvenience
  • Enable BitLocker encryption on Windows
  • Enable FileVault encryption on MacOS
  • Forensic tools can recover deleted files or a formatted hard drive
    • Delete files using a multi-pass tool
    • Commercial and open source options available
  • Keep your antivirus and security patches up to date
    • Antivirus only works on known viruses
    • Governments may have unique variants
    • There are places on your computer antivirus cannot reach
  • Hardware added to your computer can log your keystrokes or take pictures of your screen
    • Antivirus will not protect you

Large companies will always be the primary target, but small businesses may be a target of convenience. A little advance planning can go a long way to securing your assets from professional spies.