Take a casual stroll in Manhattan and you can't help but notice that construction is booming. Cranes, scaffolding, and sidewalk sheds are everywhere. And this isn’t just a New York City phenomenon. Ground-up construction and renovation projects are picking up all across the country. Low interest rates and favorable building conditions are resulting in a surge in real estate & development projects.
Ransomware strikes. Your critical data files have been encrypted and your business grinds to a halt.
a) spend countless hours rebuilding from backups (if you were diligent enough to ensure they'll work) or
b) pay the perpetrator to unlock your files?
Now that ransomware is spreading like wildfire through malicious emails, "malvertising" campaigns, and exploit kits, many firms and individuals face this exact scenario.
More than 80% of companies don’t manage risk effectively. Is yours one of them?
A 2014 survey by a non-profit business research firm found that fewer than 20 percent of executives say their companies effectively manage risk. Companies will often have a process in place to identify and monitor risks. But they fall short when it comes to actually implementing practices to manage those risks as part of the overall strategic plan.
Liability claims related to improper removal of snow and ice are frequent, and in many cases, severe. Many of the claims originate from elderly people sustaining injuries from slips and falls from which they never fully recover. In other words … BIG CLAIMS!
Most companies today opt to distribute their employees’ W-2 tax forms electronically; either through email or some type of download service. Because these forms contain a good deal of Personally Identifiable Information (“PII”), such as name, address, social security number and salary information – cyber thieves are using several simple, yet, tried-and-true methods to fraudulently obtain them.
In our previous posts in this series, we introduced Enterprise Risk Management (ERM) as a “portfolio view” of risk and discussed various aspects of implementing ERM: roles, culture, a framework and preparing your organization. Now, we’ll begin looking at the “big picture” viewpoint of risk, starting with identifying and prioritizing risks. In the ERM process, management (1) determines acceptable levels of risk, (2) identifies and measures risks throughout the entire organization and aggregates the results, and (3) determines if the aggregated results exceed the acceptable levels. Risk Appetite and Risk Tolerance are the expressions of the “acceptable levels” of risk.
Organizations today must regard cyber breaches not as a possibility, but as an inevitable fact of life. In this environment, it’s crucial to have a cyber liability insurance policy that adequately covers the potential loss and offers payment or reimbursement for response costs. Understanding what’s covered by the policy well before a breach occurs and building that knowledge into your company’s incident response plan is critical.
2016 was a big year for ransomware. It saw a massive increase in ransomware events and payouts to criminals, which, most experts say, only exacerbates the issue.
A 2015 report by the Herjavec Group (an Information Security company) noted that the total cost of ransomware reached $1 billion in 2016. With new “strains” of ransomware spreading worldwide (such as the Russian “spora”), we should all be on high alert for this business-impacting cyber threat.
In our previous blog posts, we introduced Enterprise Risk Management (ERM) as a strategic discipline that affords a “portfolio view” of risk; outlined how to establish roles and context for ERM implementation; and how to establish a risk-aware culture and develop an ERM framework