When most businesses think cyber crime, they imagine brute force threats from foreign agents or highly advanced hacker teams. Executives tend to think that external forces well beyond their control make up the vast majority of security loopholes.
What does the new order do?
On May 11th 2017, President Trump issued the new, signed cybersecurity executive order that demands each federal agency and department head will be held accountable for cybersecurity risk to their enterprises; an initiative to better protect the federal government's critical data and systems. It outlines the cyber-risk reporting requirements that they must adhere to and names the framework that they'll use as the standard.
The cyber security world evolves at a breakneck pace. For those not following closely, new developments can be unexpected and downright scary.
Multiple sources reported yesterday that hackers encrypted files on computers belonging to the city of Newark and have demanded $30,000 worth of Bitcoin to restore them.
Ransomware strikes. Your critical data files have been encrypted and your business grinds to a halt.
a) spend countless hours rebuilding from backups (if you were diligent enough to ensure they'll work) or
b) pay the perpetrator to unlock your files?
Now that ransomware is spreading like wildfire through malicious emails, "malvertising" campaigns, and exploit kits, many firms and individuals face this exact scenario.
Last month, Risk.net, a UK-based website that covers operations risk at financial services firms, released its list of top 10 operational risks for 2017. It's no surprise that financial services companies face many of the same risks that businesses in all industries face.
So what are those top three risks and how can organizations combat them?
Cyber risk continues to evolve at a breakneck pace.
Insurers are working to keep up by customizing policies and endorsements based on the size and business model of the insured. At last week’s third annual International Cyber Risk Management Conference, Matthew Davies, Assistant Vice President of Chubb Insurance Company of Canada, outlined a few key points on what cyber security practices a small organization to already have in place when looking to procure cyber insurance.
In 2015 The Internet Crime Complaint Center received 288,012 complaints of cyber attacks totaling more than $1.07 billion in reported losses. Those numbers are based only on incidents that were reported to the FBI. When we talk about cyber risk, data theft, and the threat of Ransomware, we usually focus on prevention strategies. But being prepared to respond quickly and efficiently when an event does occur is just as important to operations recovery, cost reduction, and reputation management.
Most companies today opt to distribute their employees’ W-2 tax forms electronically; either through email or some type of download service. Because these forms contain a good deal of Personally Identifiable Information (“PII”), such as name, address, social security number and salary information – cyber thieves are using several simple, yet, tried-and-true methods to fraudulently obtain them.
Organizations today must regard cyber breaches not as a possibility, but as an inevitable fact of life. In this environment, it’s crucial to have a cyber liability insurance policy that adequately covers the potential loss and offers payment or reimbursement for response costs. Understanding what’s covered by the policy well before a breach occurs and building that knowledge into your company’s incident response plan is critical.