CDC Issues Coronavirus Guidance for Businesses
The Centers for Disease Control and Prevention (CDC) has published interim guidance for businesses and employers to plan and respond to Coronavirus Disease 2019 (COVID-19).

Recommended strategies for employers to use now:

• Actively encourage sick employees to stay home.
• Separate sick employees.
• Emphasize staying home when sick, respiratory etiquette and hand hygiene by all employees.
• Perform routine environmental cleaning.
• Advise employees before traveling to take certain steps.

Additional Measures in Response to Currently Occurring Sporadic Importations of the COVID-19:

Employees who are well but who have a sick family member at home with COVID-19 should notify their supervisor and refer to CDC guidance for how to conduct a risk assessment of their potential exposure. cstoredecisions.com

Coronavirus Fears Reverberate Across Global Economy
The stock market had its worst week since 2008, signaling that one of the longest expansions in history could be ending. Policymakers said they were ready to act.

Investors, fearing that the spread of the coronavirus is tipping the global economy into a recession, handed the stock market its largest weekly loss since the 2008 financial crisis on Friday amid worries that one of the longest economic expansions in history may be coming to an end. nytimes.com

Retailers go into business triage mode as coronavirus enters the U.S.
The fallout from the coronavirus outbreak has so far been minimal for American retailers, but some near-term and potentially much worse long-term disruption is expected as the disease spreads to the U.S.

The potential impact on U.S. retail includes:

Shortages: Incidents of out-of-stocks of many medical supplies, particularly hand sanitizers, face masks and antibacterial wipes, have been reported in recent days. Consumers have also been seen stocking up on bottled water, toilet paper, dry goods and medications.

Supply chain disruptions: Many industries also rely heavily on factories in China for parts and materials, and that could affect sourcing from other regions. Retailers and manufacturers face potential delays and increased air freight as China is expected to take months to return to full capacity.

Fear of public places - Tourism revenues - Work-travel restrictions - Scams - Macro slowdown: The stock market last week had its worst week since 2008, signaling that one of the longest expansions in history could be ending. retailwire.com

Coronavirus is already impacting malls
Growing unease around the spread of COVID-19, a disease caused by a member of the coronavirus family, is already keeping people from public spaces and thinning store traffic, according to a report last week from Coresight Research. Some 27.5% of U.S. respondents told Coresight that they're avoiding public areas at least to some extent, and 58% plan to if the outbreak worsens here, Coresight found.

Of those who have altered their routines, more than 40% say they are "avoiding or limiting visits to shopping centers/malls" and more than 30% are avoiding stores in general, according to the report.

Shopping centers and malls are the third most likely to be shunned, just behind public transportation and international travel, Coresight said. For those most likely to change their daily habits if the situation gets worse, avoiding malls becomes their first priority, with 74.6% expecting to limit such visits. retaildive.com

How coronavirus may accelerate the future of work
The coronavirus is forcing enterprises to rethink the way they do business and dust off policies for security, business continuity, and remote workers. Chances are that some of these efforts will stick. The coronavirus outbreak may speed up the evolution of work and ultimately retool multiple industries as everything from conferences to collaboration to sales and commercial real estate are rethought.

The Centers for Disease Control in the US indicated that quarantines and other measures are likely in the US. Travel abroad and to conferences has also been limited and impacted other businesses ranging from airlines to restaurants to retail.

Simply put, the coronavirus scare may just show us a better way to work. How enterprises navigate the coronavirus and changes to work will be telling. One thing is certain: The coronavirus is likely to mean the definition of business, as usual, will change.  zdnet.com

Covid-19: How can your supply chain respond?
Speaking recently at the Retail Industry Leaders Association (RILA) LINK2020 supply chain conference, David Shillingford, chairman of the data and analytics company Resilience360, outlined possible near- and long-term impacts and best practices going forward. dcvelocity.com

FMI Coronavirus Resources and Preparedness Checklist

Coronavirus: Effective strategies and tools for remote work during a pandemic

Coronavirus having major effect on tech industry beyond supply chain delays (free PDF)

Coronavirus 2020 tech conference cancellations list - Dozens Cancelled
 

Sneak Peek: Trends & Technologies to Expect at ISC West
Building on 2019’s trends of smarter integrations, machine learning and artificial intelligence, the 2020 show promises huge leaps in cyber security, access control, cloud-based security, and ML & AI.

Since last year’s show, all industries have been placing a greater emphasis on the integration of smarter technologies. The capabilities of cyber security, machine learning and artificial intelligence are emerging, allowing security personnel to better understand how their businesses are operating. Additionally, advancements in cloud-based security and access control are helping end users create a future-ready, efficient and secure environment, helping to protect their people and assets better than ever before. So, what can we expect to learn more about at ISC West? Read on to learn more about the main trends and technologies. sdmmag.com

String of Sonoma County retail heists part of a trend targeted by
new state task force
The high-profile string of thefts is part of a broader Bay Area and California crime trend - organized heists from retailers - increasingly tied to an online black market, where name-brand clothes especially are proving lucrative for crooks and difficult for investigators to trace.

“The biggest thing with the Lululemon stuff is that none of it is serialized, there’s no way to track this," said Santa Rosa Police Sgt. Dave Marconi, who oversees the agency’s property crimes unit. “A lot of those stores have a hands-off policy to keep their employees safe, which I agree with, but at the same time, the people who are committing the crimes also know that and that allows them to be a bit more brazen."

Quick escapes needed

Locally, the crimes have targeted areas with shopping centers or stores near highways offering quick escape - like the recent grab-and-go robberies at Petaluma clothing retailers, including two thefts in January at the American Eagle Outfitters at the Petaluma Village Premium Outlets that amounted to a total of $13,000 worth of stolen merchandise, authorities said. The outlet mall is located next to Highway 101.

The pattern, repeated far and wide across the state, has spurred the creation of a California Highway Patrol task force charged with identifying organized retail theft rings and the distributors who drive the black market for the stolen goods, said CHP Lt. Kevin Domby, who oversees the Bay Area-based unit.

Protecting employees

The organized thefts are prompting retailers to create a stronger line of defense while at the same time adopting policies to protect their employees, said Rachel Michelin, the president of the California Retailers Association.

Big box retailers are increasingly hiring security guards for their stores to deter thieves from targeting their businesses in the first place and to quickly relay information to police when they do.

Lululemon a target - Finding a balance pressdemocrat.com

Retailers blame some fraud on easy resale online
Michigan Retailers Association wants to require sites to delist stolen items
The Michigan Retailers Association wants to hold online marketplaces accountable in an effort to combat the sale of stolen goods. One of its top priorities this year is convincing the Legislature to update the state law on organized retail crime.

William Hallan, the president of the retailers group, said that while no legislation has been introduced, the goal is to require the operator of an online marketplace to delist an item if it’s determined to be stolen, and to create a system to report fraudulent items and verify that they were stolen.

It would have the benefit of protecting retailers as well, he said. “It won’t be as lucrative to steal property from retailers if it’s not so easy to sell that on the secondary market."

The National Retail Foundation’s 2019 study of organized retail crime found that the surveyed businesses lost $703,320 on average for every $1 billion in annual sales. One-quarter reported a significant increase in organized retail crime at their companies, while 43% reported a slight increase in the previous 12 months. msu.edu

HB 488: New ORC legislation in Georgia targeting gift card fraud and organized theft with new investigative tools and offenses
HB 488, authored by Rep. Martin Momtahan (R-Dallas), amends Titles 10 and 16 relating organized retail crime. Among other things, the bill addresses gift card fraud and organized theft with new investigative tools and offenses.

Rep. Josh McLaurin (D-Atlanta) expressed concerns about the minimum sentences in the bill, as well as the need for a mens rea requirement for participation in an organized theft scheme. Rep. Ed Setzler (R-Acworth) offered an amendment to create a $500 floor for gift card thefts triggering investigative tools and organized retail fraud, which was adopted. Rep. Bob Trammell (D-Luthersville) offered an amendment to effectuate the mens rea point made by Rep. McLaurin, but the amendment was lost.

Rep. Trammell offered an additional amendment to change a reference to $20,000 to $24,999, which was also lost. Rep. Trammell offered a third amendment to change the mandatory minimum sentence range from 5-20 years to 2-20 years, which was also lost. The Subcommittee recommended the bill Do Pass with the Setzler amendment and be sent to the full Committee.  Read the bill here. jdsupra.com

What the CFO's Are Reading:
CFOs See Tech Grabbing Larger Share of a Shrinking Budget

- "Management expectations in the coming year may outstrip finance’s resources," said The Hackett Group.

- The Hackett Group’s study, “Balancing Cost Reduction with Adding Value"

Each year, it seems as if finance is asked to do more with less. This year will be no different, according to the 2020 Finance Key Issues research from The Hackett Group. Most finance executives expect to see a 3.4% decline, on average, in finance’s operating budget. At the same, other parts of the organization continue to expect finance to provide more value to them.

The five biggest enterprise “asks" of finance in 2020, all of which were ranked as highly important by a majority of executives, were:

- Support enterprise cost-efficiency improvement
- Support enterprise growth strategies
- Enable/augment enterprise analytics capability
- Enable enterprise digital transformation
- Support enterprise customer-centricity

The high expectations are helping to drive an increase of 5% to 10% in the share of the finance operating budget dedicated to technology. The uptick is the first in 10 years, said The Hackett Group. “Our research shows that executives are setting aggressive year-over-year targets for digital technologies’ adoption."

Study respondents projected a rise of 26% in the adoption of data visualization tools, 24% in RPA implementations, 20% in migration to next-gen cloud-based core finance applications, and an 18% increase in the adoption of advanced analytics solutions. cfo.com

Resilience360 Annual Risk Report Reveals Impacts of 2019 Supply Chain Disruptions
Predicts 2020 Supply Chain Risks
The annual Risk Report from supply chain risk management platform Resilience360 summarizes the significant supply chain challenges of the last 12 months and analyzes their impact.

Over the past year, Resilience360 analytics identified thousands of major events that resulted in significant supply chain disruptions. These included industrial fires and explosions, industrial action, civil unrest and protests, port disruptions, cargo and border delays, trade disputes, production halts, and natural disasters.

In addition, the annual Risk Report predicts the Top 10 supply chain risks for 2020: a summary of threats that deserve particular attention throughout 2020 and beyond.

Eight of the ten predictions from the 2019 Resilience360 Risk Report created significant disruptions to supply chains over the last 12 months. sdcexec.com
 

Senior LP & AP Jobs Market

Supply Chain Distributor to Grocery Market
Asset Protection Director job posted for McLane in Temple, TX
Responsible for directing and administering security operations and initiatives to help ensure the safety and security of all McLane teammates and locations. This position works closely with and supports local leadership to ensure the safety and security of McLane teammates, guests and property.

McLane Company, Inc. is one of the largest supply chain services leaders in the United States, providing grocery and foodservice solutions for convenience stores, mass merchants, drug stores and chain restaurants. Through McLane Grocery and McLane Foodservice, McLane operates over 80 distribution centers and one of the nation’s largest private fleets. The company buys, sells and delivers more than 50,000 consumer products to nearly 110,000 locations across the U.S. mclaneco.jobs.net

Sr. Director, Voice Theft/Fraud job posted for Comcast in Greenwood Village, CO
Responsible for strategic leadership, planning, managing and coordinating across business, technical, and legal teams all strategic activities in the areas of voice network fraud assurance and risk management. Conducting a variety of governmental legal request tracebacks and investigations associated with cross voice platforms at Comcast. Manages professional employees and/or analysts and business support/technical staff. Has accountability for managing financial risks from voice fraud. Responsible for the development of voice fraud & security recommendations to facilitate the protection of subscribers, networks and company property and assets. jobs.comcast.com

 

Walgreens Mobile App Leaks Personal Data
Walgreens says their investigation determined that an internal application error allowed certain personal messages from Walgreens that are stored in a database to be viewable by other customers using the Walgreens mobile app. Once they learned of the incident, "Walgreens promptly took steps to temporarily disable message viewing to prevent further disclosure and then implemented a technical correction that resolved the issue." securitymagazine.com

FBI unit recovered $300M of $3.5B in reported cybercrime losses last year
A special unit inside the FBI, The Recovery Asset team, an IC3 unit established by the FBI in February 2018, helped victims of cybercrime recover $300 million of the roughly $3.5 billion in reported losses in 2019, according to a top bureau official.

Tonya Ugoretz, a deputy assistant director in the cyber division at the FBI, said Monday the Internet Crime Complaint Center (IC3) responded to more than 467,000 complaints in 2019, up from 351,937 complaints in 2018. Each one of the nearly 500,000 complaints submitted to the FBI was analyzed by an individual human who then determined whether to begin an investigation and, in some cases, try to recover stolen funds, Ugoretz said. cyberscoop.com

SEC Recommendations to Protect Against Cybersecurity Threats
The Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (“OCIE") issued a detailed report on January 27, 2020 regarding various ways for organizations to safeguard data and protect against security and data breaches. Cyber threat actors are now invading data in a more sophisticated manner than ever before, and implementation of the SEC’s recommended practices are essential in order to protect from outside vulnerabilities.

Organizations should strive to implement as many of the SEC’s recommended protection measures as possible. Ensuring that senior members of an organization are leading the initiative in increased awareness about cybersecurity threats through training of employees will lead to greater cyber safety for the overall organization. jdsupra.com

New Cybersecurity Approach From Academia
University Fools Hackers into Sharing Tactics

New Rapidly Growing Field: Deception Technology

Researchers at the University of Texas have found a way to bamboozle malicious hackers into giving away their secrets.

The DEEP-Dig (DEcEPtion DIGging) method tricks hackers onto a decoy site set up to record whatever sneaky tactics are thrown at it. This information is then fed into a computer, where it is analyzed to produce clues on how to identify and fend off future hacking attacks.

Furtively obtaining information from hackers that can later be used against them is a rapidly growing cybersecurity field known as deception technology. This cunning approach encourages those working in cybersecurity to view cyber-attacks in a whole new light.

“There are criminals trying to attack our networks all the time, and normally we view that as a negative thing," said Dr Kevin Hamlen, Eugene McDermott Professor of Computer Science.

“Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They’re providing us data about what malicious attacks look like. It’s a free source of highly prized data."

Privacy restrictions can make it difficult for researchers to obtain sufficient data on attackers' tactics to create effective defense strategies. DEEP-Dig functions like a spy in the attacking camp, gathering up valuable real-time information on how hackers strike.

“We’re using the data from hackers to train the machine to identify an attack," said Ayoade. “We’re using deception to get better data." infosecurity-magazine.com

Educating Educators: Microsoft's Tips for Security Awareness Training
Microsoft's director of security education and awareness shares his approach to helping train employees in defensive practices.

RSA Conference 2020 - San Francisco - The process of developing and implementing a cybersecurity awareness program is tricky. How do you enforce regular trainings? How do you convince employees to change their behaviors? How do you teach best security practices when the people in your organization are using more applications and services on a daily basis?

"We're asked to do a lot of things; we're pulled in many directions," said Ken Sexsmith, who heads up security education and awareness at Microsoft, in a session at this week's RSA Conference. "We're using the same technology, but we're busy doing multiple things. We have to find ways to get people interested and motivated to do things differently than they've done." darkreading.com

New CISO View Report Highlights the Importance of Risk Reduction for Robotic Process Automation
A new report, “The CISO View: Protecting Privileged Access in Robotic Process Automation," shares recommendations from information security executives at Global 1000 enterprises. The CyberArk report discusses how to securely drive innovation through robotic process automation (RPA).

Less than half of organizations have a privileged access management strategy in place for digital transformation technologies, like RPA. The CISO View examines attack techniques and provides practical advice from early RPA adopters on how organizations can mitigate the risks associated with non-human privileged access, including providing robots with more privileges than required to perform functions and tasks. The report recommends tightening access to RPA tools and mandating secure practices for developing robot scripts and emphasizes integrating RPA and enterprise security technologies in order to automate the management of credentials and detect misuse. securitymagazine.com

A European Strategy for Data - The EU Commission reveals its data strategy
“Shaping Europe’s digital future" and a White Paper on Artificial Intelligence.

What Companies Need to Know to Comply with the NY SHIELD Act