Latest news with #riskmanagement
Forbes
9 hours ago
- Business
- Forbes
Perils of 'The Precautionary Principle' in Environmental Law
Risk management prism - Getty Creative getty In a rare show of unity on May 29, 2025, The U.S. Supreme Court justices ruled 8-0 in favor of limiting the scope of the National Environmental Policy Act (NEPA) The court recognized that despite many noble intentions, the law has been misapplied as an ideological stalling tool against not only resource extraction projects but also renewable energy projects. All court justices appeared to acknowledge that there is a big difference between responsible environmentalism and environmental obstructionism. This case is particularly notable since it involved a fossil fuels pipeline project in Utah and the three liberal justices could have used this as a way to make a statement on the salience of climate change. Yet, all justices rightly recognized that the law has been misapplied, albeit there was a less strident concurrence submitted by the three liberal justices in the case. While at its surface this decision may be about 'process' but there is an underlying realization by the justices that modern environmentalism has become risk averse beyond a 'broad zone of reasonableness.' The court has indirectly taken a swipe at the 'precautionary principle' which emphasizes taking proactive measures to protect the environment in the face of uncertainty. The origins of this principle can be found in the German concept of Vorsorgeprinzip, which by some measures is better translated as the 'foresight principle.' Such a translation suggests a positive anticipatory action rather than a negative status quo decision, but the essential element is social risk aversion in the context of environmental harm. Yet it is important to note that the absence of evidence of harm is not the same thing as evidence of the absence of harm. The United Nations Conference on Environment and Development (Rio Summit), in 1992, put forward an 'Agenda for the 21st Century' (called Agenda 21) where 'Principle 15,' enshrined this precaution as follows: 'In order to protect the environment the Precautionary Approach shall be widely applied by States according to their capabilities. Where there are threats of serious or irreversible damage, lack of full scientific certainty shall not be used as a reason for postponing cost- effective measures to prevent environmental degradation.' Although this principle has normative value as an ethical aspiration, operationalizing it in the context of maintaining social order in a complex environment of competing goals is next to impossible. For example, if we followed this principle to its core, there would be no process of clinical trials for drug development. Nevertheless, the precautionary principle provides an alternative to reactive decision-making, which might cause irreversible harm to Earth's ecosystems and the communities who rely on those natural resources. Ecological concerns such as climate change might also fall into this category. However, communicating risks to the public in such circumstances of fear and activism can lead to 'social amplification' as was argued by geographer Roger Kasperson in his seminal work on this topic. Uncertainty and doubt become a defining excuse for inaction or a 'precautionary pause,' as has been argued in cases for moratoria for various technologies (which I have argued elsewhere need to be considered on a case-by-case basis). Lack of 'enough' data, and hence the need for more research or expertise, has often been used as a stalling tool. Such interventions span the full spectrum of views around our ecological predicament. On the one hand, uncertainty arguments on impacts are used by the fossil fuel industry to perpetuate the status quo around carbon emissions. On the other hand, many environmentalists have used uncertainty about the safety of nuclear technology to call for its phase- out. If we keep unpacking arguments for and against a particular technology, the conversation spirals into a battle of uncertainties. Precaution operates on a spectrum, as with any human endeavor, and the 'precautionary principle' cannot be used as an excuse for indefinite inertia in a world with competing challenges. Caution is in order, but indeterminate precaution is an untenable postulate that can lead to 'paralysis by analysis.' In their landmark book the 1983, Risk and Culture, Mary Douglas and Aaron Wildavsky alerted us to the deceptive objectification of risk. Ultimately, risk in a complex world of competing and intersecting phenomena is a socially constructed phenomenon. Going back to the Bible, they note that the dietary laws of Leviticus may have stemmed from some degree of medical materialism but were ultimately about a cultural delineation of boundaries and the social construction of risk. Another curious insight from Douglas and Wildavsky's work is how 'dirt' is a form of disruption to socially constructed order and, even when it is harmless— or perhaps even helpful in the case of nutrient transfer to arable land— it is deemed impure and repugnant. The authors of this classic collaboration between an anthropologist (Douglas) and a political scientist (Wildavsky) maintained that, strategically, keeping a balance between anticipating harm and trusting resilience is the essence of managing risk. The law of diminishing returns can be applied to this process, whereby each marginal risk prevention effort does not reap concomitant rewards. Douglas and Wildavsky showed that excessive safety targeted at a particular technology like nuclear power implementation could undermine overall systems' safety because alternatives can appear more attractive than they actually are when considering the full scale and scope of return on investment. The economic marginalization of nuclear power is an intriguing case in point. Massive safety upgrade requirements to existing nuclear power plants have rendered them uneconomical, thereby making the climate mitigation targets more challenging to reach in the short- term as other low carbon sources are up- scaled. For functional purposes, a systems science approach is needed to consider the way forward for evaluating risks. For a certain narrow class of outcomes that could lead to system-wide 'ruin,' even in low probabilities, risk analyst Nassem Taleb (author of the bestselling Incerto series of books including The Black Swan) has argued that the precautionary principle can be applied for decisions. However, defining 'ruin' remains subjective as apocalyptic narratives can too easily be used in environmental activism for this purpose in areas like GMOs or nuclear energy. Instead of such subjectivity which would again take us down the paralysis path, what is more appropriate is to have an incrementalist approach to adaptive decision-making that can quickly act on specific contingencies emerging. The Australian researcher Jayden Hayman has suggested such an adaptive management approach to environmental regulatory decisions on controversial developments such as deep-sea mining. Coming back to the implications of the Supreme Court verdict, regulatory agencies will now be able to have more effective rulemaking without the constant shadow of cascading lawsuits that are predicated on a misapplication of the precautionary principle. One of my mentors from graduate school days, law professor Daniel Esty argued for such 'optimal environmental governance' approach to improving regulatory performance in a seminal paper many years back. Indeed, even environmental organizations recognized the challenge of operationalizing precaution, particularly around biodiversity conservation. The International Union for Conservation of Nature (IUCN) recognized that inevitably there would be a 'value-based balancing' of tradeoffs involved in operationalizing the precautionary principle. Paradoxically, precaution when applied with specious slippery slope arguments, itself can lead to perilous outcomes for societal innovation and sustainability.
Associated Press
3 days ago
- Business
- Associated Press
BankRadar Partners with Delfi to Bring Real-Time Balance Sheet Intelligence to Banks of All Sizes
NEW YORK--(BUSINESS WIRE)--May 28, 2025-- BankRadar, a performance analytics and incremental growth advisory firm, has announced a strategic partnership with Delfi to bring Delfi's powerful real-time risk simulation tools to a broader network of banks, credit unions and investor groups. This collaboration will empower financial institutions to dramatically reduce risk and make more informed decisions regarding Asset-Liability Management (ALM). The announcement follows Delfi's debut at the 2024 Finovate Fall Conference, where Delfi was awarded 'Best Of Show' for solving the need for proactively managing asset and liability portfolios. The Delfi platform transforms traditional ALM processes by allowing financial institutions to instantly simulate the before-and-after effects of balance sheet decisions using their own key performance indicators, offering actionable insights that eliminate the delays, inefficiencies and high costs associated with conventional methods. 'Delfi is revolutionizing balance sheet management, accelerating growth, and creating substantial cost savings for financial institutions of all sizes,' said Thomas Penton, Founder/ CEO of BankRadar. 'While competitors remain trapped in a purely reactive ALM model with elevated risk exposure, Delfi's data analytics and true artificial intelligence unlocks opportunities to defend margins and enhance performance and valuation.' By integrating Delfi into its advisory ecosystem, BankRadar is ensuring that institutions of all sizes have access to technology that was once reserved for large, resource-rich banks. Banks and credit unions implementing Delfi's secure platform can eliminate hundreds of hours of manual data analysis and shift to proactive risk and portfolio management, ultimately delivering smarter, faster, and more confident financial decisions. 'BankRadar's extensive industry network will amplify our reach among the financial leaders we aim to serve,' said Daniel Ahn, co-founder and CEO of Delfi. 'Their reputation for identifying and partnering with truly groundbreaking fintech innovators made them an ideal collaborator for us. We're already seeing impressive results from early adopters, with institutions enjoying more strategic responsiveness and earning stability to market volatility.' Institutions interested in secure access to Delfi Essentials can contact the BankRadar team at View source version on CONTACT: Patrick Guilshan [email protected] 678-781-7232 KEYWORD: NEW YORK UNITED STATES NORTH AMERICA INDUSTRY KEYWORD: TECHNOLOGY FINANCE FINTECH CONSULTING BANKING PROFESSIONAL SERVICES SOFTWARE DATA ANALYTICS DATA MANAGEMENT ARTIFICIAL INTELLIGENCE SOURCE: Delfi Copyright Business Wire 2025. PUB: 05/28/2025 10:04 AM/DISC: 05/28/2025 10:04 AM
National Post
3 days ago
- Business
- National Post
MetricStream to Unveil its AI-First Future, Reimagining GRC at the 13th Annual GRC Summit in London
Article content SAN JOSE, Calif. — MetricStream, the global leader in governance, risk, and compliance (GRC) solutions, today announced that it will unveil its AI-first GRC strategy at the upcoming 13th Annual GRC Summit in London, taking place June 10–12, 2025. The three-day event will bring together several hundred GRC leaders and industry experts to explore the transformative impact of generative and agentic AI in GRC, along with the critical importance of resilience in a volatile risk and regulatory environment. Article content Article content This year's Summit will feature exclusive hands-on workshops on June 10. Over the following two days, more than 40 in-depth sessions and speakers will cover topics including the risks and opportunities of AI in GRC and GRC for AI, operational resilience, enterprise risk management, regulatory compliance, audit best practices, third-party risk, IT risk, and cyber risk management. Article content 'Our new AI-first strategy that incorporates agentic and generative AI capabilities represents a leap forward in how organizations can anticipate, adapt, and act on risks, regulations, and audit needs with unprecedented speed and accuracy,' said Gaurav Kapoor, Co-Founder and Vice Chairman, MetricStream. 'We are making GRC simpler, faster, smarter, for millions of people around the world who participate and drive its outcomes.' The Summit will feature keynote addresses from renowned industry leaders, interactive panel discussions, hands-on workshops, and networking opportunities with GRC professionals from around the world. Article content Attendees this year include GRC leaders from Standard Chartered Bank, London Stock Exchange Group, UBS, Glencore, Nordea, Nationwide Building Society, Fitch Ratings, and others. Confirmed speakers include: Article content The Summit will also feature the 2025 GRC Journey Awards, celebrating individuals, customers, and partners who are at the forefront of guiding their organization's GRC Journey, advocating for GRC programs, and attaining exceptional business outcomes through GRC practices. Previous winners include Shell, Siemens Energy, Volvo Car Corporation, Petronas, Nordea, and CBRE. Article content Registration is open for three power-packed days. Article content All opinions and knowledge shared are those of speakers who are industry-renowned experts, not representing or related to any organization or firm. Article content About MetricStream Inc. Article content Article content Article content Article content Contacts Article content Article content
Associated Press
3 days ago
- Business
- Associated Press
As Congress Meets Cyber Experts in Silicon Valley, Centraleyes Delivers a Platform for Efficiency and Collaboration
At Stanford, lawmakers and tech leaders weigh upstream accountability, smarter compliance, and the future of cyber threat sharing. 'While policy shifts are debated in Washington and beyond, we see organizations already moving toward smarter and more connected risk management.'— Yair Solow NEW YORK, NY, UNITED STATES, May 28, 2025 / / -- On May 28, the House Homeland Security Committee will hold a field hearing at Stanford University's Hoover Institution, bringing together lawmakers and leading voices from companies like Google Cloud and Palo Alto Networks to examine the future of U.S. cybersecurity. One key question on the table: how can we 'flip the economic model' of cybersecurity? That phrase, now circulating in D.C. and industry circles, reflects a growing call to rethink how responsibility is shared. The idea is to shift more responsibility upstream to those who build and deploy digital infrastructure. In legacy models, end users absorb the bulk of the operational and financial risk. But that imbalance is drawing fresh scrutiny. And it's not just about who pays for security. It's about how information flows and how responsibility is distributed across the cybersecurity lifecycle. Which is why this hearing couldn't come at a more pivotal moment. Congress is also considering whether to renew the Cybersecurity Information Sharing Act (CISA), a 2015 law that allows private companies and government agencies to share cyber threat intelligence without legal risk. Without it, that flow of information could dry up right when we need it most. The hearing's bipartisan panel includes Chair Mark Green (R-TN) and Rep. Bennie Thompson (D-MS). Experts from Google Cloud, Palo Alto Networks, and Stanford will be in the conversation as well. Expected themes include stronger alignment between regulators and innovators, regulatory streamlining, and secure modernization of public systems. The Centraleyes AI-powered GRC platform reflects this market evolution. It enables public and private organizations to: - Map and track regulatory frameworks in real-time. - Identify and quantify risks using autonomous AI-driven registers. - Automate remediation workflows across internal teams and external vendors - Share risk insights and evidence across frameworks, regions, and reporting bodies A shift is underway in how cybersecurity is being governed, implemented, and understood. No longer confined to IT departments or regulatory checklists, cybersecurity is becoming a matter of national resilience. As regulatory expectations evolve and cyber threats grow more complex, both government and industry are being challenged to rethink the foundations of collaboration. About Centraleyes Centraleyes provides the underlying infrastructure organizations need to manage cybersecurity risk and compliance in a more connected, accountable ecosystem. As the focus shifts toward upstream responsibility and smarter regulation, the platform supports this transition with tools for real-time risk visibility, regulatory tracking, and cross-team coordination. It's used by public and private sector teams to keep pace with evolving standards and to build security programs that are both agile and auditable. The company's approach reflects a broader industry trend: less complexity, more automation, and better collaboration between the systems and people responsible for security. Jacob Zakay Centraleyes email us here Legal Disclaimer: EIN Presswire provides this news content 'as is' without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
Associated Press
4 days ago
- Business
- Associated Press
New KnowBe4 Report Reveals Local Governments Face Surge in Ransomware Attacks with Minimal Resources
Security awareness training significantly lowers phishing vulnerability as understaffed state and local governments seek low-resource risk management TAMPA BAY, Fla., May 27, 2025 /PRNewswire/ -- KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, today released new research highlighting the critical cybersecurity challenges facing state, local, tribal, and territorial (SLTT) governments. The report details how government organizations have become prime targets for cybercriminals while simultaneously facing severe resource constraints. The data reveals that despite being the third most-targeted sector by ransomware in 2023, over 80% of SLTT organizations operate with fewer than five employees dedicated to cybersecurity. This staffing shortage coincides with a dramatic increase in cyberattacks, as evidenced by a 313% rise in security incidents reported in the MS-ISAC's 2022 survey. The situation is worsened by the recent cut of $10 million in federal funding for the Center for Internet Security (CIS), which supports crucial information sharing networks for government agencies. Human error, often exploited through social engineering, remains the most common entry point for cyberattacks in 70-90% of cases. The limited staffing and resources highlight the need for cost-effective and low-maintenance tools to support government entities. KnowBe4's 2025 Phishing by Industry Benchmarking Report found that a year of security awareness training can reduce an organization's phishing susceptibility from approximately 33.1% to just 4.1% after one year of implementation. These findings underscore that effective human risk management offers resource-constrained organizations a powerful and affordable defense against the rising tide of cyberthreats. Key findings from the report: 'The data tells an alarming story about state and local government cybersecurity readiness,' said Erich Kron, Security Awareness Advocate at KnowBe4. 'As these organizations grapple with constrained budgets and outdated infrastructure, they remain prime targets for cybercriminals. The surge in ransomware attacks underscores the need to build a more resilient security culture. It's crucial to prioritize human risk management, which has proven to be a powerful tool to counteract these rising challenges.' To download the 'State and Local Cybersecurity: Facing New Burdens Amid Rising Threats' report, visit here. About KnowBe4 KnowBe4 empowers workforces to make smarter security decisions every day. Trusted by over 70,000 organizations worldwide, KnowBe4 helps to strengthen security culture and manage human risk. KnowBe4 offers a comprehensive AI-driven 'best-of-suite' platform for Human Risk Management, creating an adaptive defense layer that fortifies user behavior against the latest cybersecurity threats. The HRM+ platform includes modules for awareness & compliance training, cloud email security, real-time coaching, crowdsourced anti-phishing, AI Defense Agents, and more. As the only global security platform of its kind, KnowBe4 utilizes personalized and relevant cybersecurity protection content, tools and techniques to mobilize workforces to transform from the largest attack surface to an organization's biggest asset. Media Contact: Kathy Wattman SVP of Public Relations [email protected] 727-474-9950 View original content to download multimedia: SOURCE KnowBe4 Inc.
