business

now browsing by tag

 
 

#deepweb | Online communication tools keep business dialogues going for travel players

Source: National Cyber Security – Produced By Gregory Evans

Web-conferencing and instant messaging tools are seeing greater usage among travel and tourism trade players who are determined to keep business dialogue alive as the appeal of face-to-face meetings diminish against a backdrop of Covid-19 infection fears.

Sheryl Lim, founder of Singapore-based travel agency Travel Wander, found herself turning to online presentations to keep her regular clientele informed on new adventure tours and destinations as well as reach out to potential new customers.

https://www.ttgasia.com/
Businesses turn to digital communication tools to continue operations remotely amid Covid-19

“Our usual marketing efforts involve conducting product presentations at specific venues but as soon as Covid-19 happened, people started to refrain from going out or meeting other people,” Lim recalled.

“We were in a fix because as a small company, we cannot stop moving and must keep up our marketing efforts. Out of sight, out of mind, as the saying goes, so we must maintain contact with our customers and the marketplace now so that when travel confidence returns, they will consider Travel Wander for their travel planning.”

With print or radio ads priced out of her budget, she turned to web-conferencing tools.

“The travel planning business is a very personal one, where clients prefer meeting face-to-face. But the pandemic has presented us with an unusual situation, and webinars are a good solution that enables us to keep up with sales and marketing communications,” she said.

Travel Wander conducted its first presentation two weeks ago, focusing on the joy of active holidays. The content, delivered through slides and a narration, explained what active holidays were all about, and dispelled myths around such tours. Six people attended it. A week later, a webinar on Sarawak drew 10 people.

Lim has planned a third on Kazakhstan this week, and aims to conduct a weekly session and is working on improving the format to facilitate conversations. The webinars are promoted to regular clients who then spread the word within their social circle.

The product webinars have allowed Lim to determine which destinations were more popular, based on webinar sign-up performance.

For other travel companies that are already utilising web-conferencing, the current pandemic has underscored the value of this mode of communications.

Adam Kamal, general manager of Malaysia’s Suka Travel, said his team is now working remotely from home, relying on WhatsApp video conferencing to address urgent matters, on top of their usual web-conferences with overseas suppliers and outstation agents.

The remote work arrangement was necessary as the government had on Monday evening issued an order to temporarily shutter businesses and restrict movement to fight against Covid-19.

Adam said he introduced and encouraged web-conferencing when he joined the agency last November, and applauded the convenience and cost savings it offers.

“Web-conferencing allows our partners to pull up documents, charts and pictures as they speak. (It also) saves time and costs as we can do meetings virtually. If it were face-to-face meetings, we would have to rent space to hold a seminar and pay for light refreshments,” he said.

Bayu Buana Travel Services Indonesia, which now has 50 per cent of its staff working from home, is encouraging continued reliance on web-conferencing tools to keep dialogues open with airline partners and clients during these trying times.

Agustinus Pake Seko, president director of Bayu Buana Travel Services Indonesia, said his team is familiar with web-conferencing, as there are regular online global meetings with BCD Travel, which the company is part of.

https://www.ttgasia.com/
Laurens: companies are waking up to the benefits of digital transformation amid Covid-19 

Laurens van den Oever, CMO at research firm ForwardKeys, opined that the “one good thing to come out of the coronavirus” is the emphasis on the value of “how to be savvier with our digital offerings, such as travel alerts, impact reports and newsletters”.

“In every business, you need to invest in the necessary tools and equipment for your team. Different time zones, cultural barriers, epidemics and pandemics should not impede the running of your business nor throw you into the Dark Ages,” Oever said.

The ForwardKeys team relies on a suite of communication services, such as Zoom, Slack, WhatsApp and webinars/web information sessions for internal interaction, and Zoom mostly by its analysts to connect with external clients.

“These have helped us a lot (in maintaining business communications, especially now) with all the travel limitations and tradeshow cancellations due to the (outbreak),” he added. – Additional reporting by S Puvaneswary and Mimi Hudoyo

Source link
——————————————————————————————————

The post #deepweb | <p> Online communication tools keep business dialogues going for travel players <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#school | #ransomware | Oregon Business – Data Risk

Source: National Cyber Security – Produced By Gregory Evans

Small businesses face a heavy risk when it comes to cyber security. The best defense relies on an active, educated employer.


On March 9, 2018, the Oregon Clinic discovered an unidentified party had accessed an email account. The data breach gave attackers access to names, birth dates, medical information, and in some cases, the social security numbers of patients and staff. 

The clinic was able to recover from the attack, and went on to offer patients impacted by the breach one full year of identity monitoring services. 

But other businesses which have been subjected to cyberattacks face more dire consequences.



According to a recent study by insurance carrier Hiscox, the average cost to a business when it is subjected to a cyberattack is around $200,000. 

Small businesses suffer most from these costly attacks. Due to the massive price tag associated with an infringement, 60% of small businesses go out of business within six months of being victimized, according to the National Center for the Middle Market. 

Attackers target small businesses for a variety of reasons. Some try to gain access to employee and client information, such as email accounts, bank numbers and social security numbers. Hackers also install ransomware, which, as the name implies, will hold a network hostage until the business owner pays a fee to be released. 



Hackers also target servers to create a “zombie” network, which uses a business server as a launching pad to conduct other attacks to avoid detection. 

Other attackers, especially ones from foreign governments, take over a network to mine for bitcoins. 

Close to 50% of all cyber attacks are perpetrated against small businesses, which hackers often perceive as low-hanging fruit. According to a report compiled by Verizon, nearly half of small businesses reported a data breach in the past two years. 



Despite the likelihood of an attack, and the relative risk involved, less than half of small business owners reported spending money on cyber security last year. 

This is in part because maintaining a good cybersecurity defense is costly. Unlike virus protection, a business cannot simply install a defensive program against cyberattacks and remain safe.

“The demand for these cybersecurity professionals is so high that the price they command for their services is also very high,” says Dr. Wayne Machuca, lead instructor for Mt. Hood Community College’s cybersecurity program. “This precludes small and medium-sized businesses from being able to afford and adequately staff around their cybersecurity needs.” 



There are 4,600 cybersecurity job openings in Oregon, according to cybersecurity employment website CyberSeek. Despite Oregon’s reputation as a state with a heavy tech sector, there are twice the number of cybersecurity job openings as there are qualified professionals to fill them. 

Ruth Swain is the interim director of the Small Business Development Center at Mt. Hood Community College, which helps small businesses protect themselves against cyber threats through the Oregon Center for Cybersecurity. 

With Machuca’s help, the center has developed a program which allows students in their last year of school to provide training and cybersecurity expertise to small businesses owners and their employees free of charge. 

“We worked with the interns and instructors here to come up with a cybersecurity prevention checklist for small businesses,” says Swain. “The advising is free, so we are encouraging businesses to sign up.”

The program was awarded a grant from the National Science Foundation, and Machuca says they have used the grant money to replicate the program along with its sister colleges.  “It’s really exciting stuff,” he says. 



Skip Newberry, president and CEO of the Technology Association of Oregon and executive sponsor of Cyber Oregon, an organization dedicated to delivering the latest cybersecurity information and best practices to businesses, says businesses which cannot afford a cybersecurity professional on staff should train employees to recognize cyberattacks. 

“The first and best defense is adequate training for employees,” he says. “In this day and age, anyone who uses technology should be trained in how to spot phishing and spear phishing attempts, and best practices for managing passwords, which is how the vast majority of cyber breaches occur within small businesses.”

Much of the training is preventative, but if an attack has occurred, the most important thing for a business is not to keep silent. 


To subscribe to Oregon Business, click here.

Source link

The post #school | #ransomware | Oregon Business – Data Risk appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Quantzig Explains Why Fortune 500 Companies Are Using Web Crawling to Transform Critical Business Functions

Source: National Cyber Security – Produced By Gregory Evans

LONDON–(BUSINESS WIRE)–Mar 12, 2020–

Quantzig, a global data analytics and advisory firm, that delivers actionable analytics solutions to resolve complex business problems revamps its web analytics solutions portfolio and expands its web analytics capabilities beyond web scraping and web monitoring.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20200312005266/en/

Today leading companies across industries are focusing their resources on mining different types of data to make well-informed decisions. But most are unaware of the fact that a huge trove of data is readily available on the web. A detailed analysis of these data sets can help businesses to extract actionable insights that aid decision-making.

If you are looking for ways to extract actionable insights from websites through automation, a web crawling service is the best method to go about it.Request a FREE proposalto gain comprehensive insights.

Quantzig’s web analytics solutions leverage cutting web crawling techniques technologies and revolutionary analytics methodologies that inform your marketing decisions by collecting, measuring, and visualizing customer activity on web portals. Using insights gained from web crawling, you can build, optimize, and deliver experiences that are engaging, relevant, and personalized.

According to Quantzig’s web analytics experts, “We offer real-time updates on pricing, product availability and other details of products across eCommerce websites by crawling them at custom intervals, thereby helping you make smarter, real-time decisions to stay competitive.”

Through our holistic web analytics solutions, we help businesses architect and implement an integrated data-driven approach to address the most pressing challenges faced by them. Book a FREE solution demo to learn more about our offerings.

Quantzig’s Web Crawling Solutions Cover the Following Functionalities

1. Competitor Price Monitoring

Cutting-edge yet easy to use competitor price monitoring solutions empower you to look at your competitor’s price deviations in real or near real-time.

Still unsure about how advanced web analytics can help your business? Talk to our analytics experts for comprehensive insights.

2. Data Augmentation & Enrichment

Our unique approach to web crawling enables businesses to leverage proprietary data aggregation platforms and robust deep-learning models, to analyze product data sets, enabling e-commerce executives and brand managers to detect counterfeit products.

3. Product Listing Monitoring

The product catalog is crawled using web crawling techniques to extract data that can provide insights on why a product performs the way it does. This can help businesses in better targeting the audience through personalized offerings.

[FREE Webinar Alert]: Join us to gain detailed insights on why you should factor-in cannibalization while calculating the ROI generated from your marketing campaigns. Book a seat now! https://bit.ly/2TDFAzQ

About Quantzig

Quantzig is a global analytics and advisory firm with offices in the US, UK, Canada, China, and India. For more than 15 years, we have assisted our clients across the globe with end-to-end data modeling capabilities to leverage analytics for prudent decision making. Today, our firm consists of 120+ clients, including 45 Fortune 500 companies. For more information on our engagement policies and pricing plans, visit: https://www.quantzig.com/request-for-proposal

View source version on businesswire.com:https://www.businesswire.com/news/home/20200312005266/en/

CONTACT: Press Contact

Quantzig

Anirban Choudhury

Marketing Manager

US: +1 630 538 7144

UK: +44 208 629 1455

Our Global Offices

KEYWORD:

INDUSTRY KEYWORD: TECHNOLOGY MARKETING COMMUNICATIONS DATA MANAGEMENT

SOURCE: Quantzig

Copyright Business Wire 2020.

PUB: 03/12/2020 09:55 AM/DISC: 03/12/2020 09:55 AM

http://www.businesswire.com/news/home/20200312005266/en

Source link
——————————————————————————————————

The post #deepweb | <p> Quantzig Explains Why Fortune 500 Companies Are Using Web Crawling to Transform Critical Business Functions <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cyberfraud | #cybercriminals | How Veterans Affairs CISO Approaches Risk, Recruiting Talent and Proving Cyber’s Business Value

Source: National Cyber Security – Produced By Gregory Evans

Paul Cunningham sees some similarities between his first stint in government service—flying helicopters  as a lieutenant commander for the U.S. Navy—and his current role as chief information security officer at the Veterans Affairs Department.

“Risk management—from the aviation and cybersecurity perspectives—are pretty important,” Cunningham told Nextgov, speaking from his office at VA’s headquarters in Washington, D.C. “You want to drive down risk to as close to zero as you can.”

At an enterprise as large as VA, eliminating risk entirely is impossible because it’s simply too big. VA currently employs some 404,000 people across 170 hospitals, 1,200 clinics and 130 cemeteries across more than 25,000 acres of property. VA manages the largest medical network in the country—providing care to approximately 10 million veterans annually—and each year processes about $120 billion in financial transactions. VA’s Office of Information Technology alone is comprised of several thousand federal IT professionals, managing programs and overseeing networks across the country.

“If we were a private-sector company, we’d be in the Fortune 10 or Fortune 5, on par with companies like that,” Cunningham said. “We’ve got to start thinking like a business in those kinds of numbers alone. We want to show cyber has a business value.”

That’s where risk management comes into play. In government, you want to spend the money you’re budgeted, and a common sense approach to risk management helps a CISO determine where best to obligate funding.

“If we have one more dollar to spend, do we spend it on training employees on phishing scams or invest it in our firewall?” Cunningham said. In IT security decision-making, Cunningham said you first acknowledge risk and either accept it at face value, attempt to mitigate that risk or add value to the accepted risk. Decisions on whether to implement new technologies like artificial intelligence or internet-of-things medical devices, are weighed against other factors, such as total cost of ownership, security risks and potential returns on investment.

Cunningham became VA’s CISO in January 2019, having served in the same capacity at the Energy Department for 7 years and more than a year as a branch director for the U.S. Immigrations and Customs Enforcement. The stakes at VA are high, he said, because millions of veterans depend on the agency for health care, support, small business loans, education services, disability benefits and other services. Cunningham, a veteran himself—along with approximately 60% of VA OIT’s staff—said veterans sacrificed a lot to earth those rights and services, and their experience receiving those services should be as seamless as possible.

Yet delivering quality, timely services to veterans requires a bit of a balancing act. VA, like all agencies, has to comply with numerous federal laws, regulations—and as of late—an increasing number of binding operational directives from the Homeland Security Department. Cunningham called DHS “first among many” in terms of cybersecurity partner agencies across civilian government. It’s at this three-way intersection of compliance, cybersecurity and customer experience where Cunningham really earns his paychecks.

“When I look at it, it’s the balance of how quick we can serve veterans and reduce their burden, but what are the things we have to do to meet our federal requirements and what makes sound sense,” Cunningham said. “We still do compliance chasing, but we’re putting measures and metrics on priorities. Our job is to service the veterans. If we’re not looking at that first, then we’re probably missing the mark.”

For all the talk of silos in government, VA’s executives work closely with each other and meet often. In matters of IT and cybersecurity, the CIO and deputy CIO steer the rudders, while C-suite executives meet at least weekly to address governance matters on issues like architecture, finance, requirements and acquisition. The governance board meetings also serve as a time to get buy-in on potential solutions, and for executives to address big-mission items.

The biggest right now is VA’s transition to a new electronic health records system designed to be interoperable with the Pentagon’s electronic health records system. The multibillion-dollar Cerner Millennium platform, originally scheduled for a March launch, was delayed last month to July after clinicians asked to be trained on a full version of the system.

Cunningham said VA wants to learn from the challenges the Defense Department experienced rolling out their health records system “to help us slingshot” to their own successful rollout. While executives from both agencies are partnering together to ensure interoperability between both systems, Cunningham said the partnership will extend into the digital realm, sharing threat indicators and having the “full force of DOD protecting our network as well.”

On the horizon, Cunningham foresees the government’s tech workforce challenge as a major obstacle. Technology, he said, “is moving faster than the budget cycle can support,” and it is becoming increasingly difficult to recruit tech talent to the government ranks. Data from the Office of Personnel Management suggests VA is among the most challenged agencies when it comes to recruiting young tech talent. There may be no singular solution to this challenge, but Cunningham said increased partnership with the private sector—creating a sort of revolving door where techies move in and out of government with relative ease—may improve the government’s outlook.

“We’ve got to look at where we can partner with the private sector, for them to train people who can feed our machine and our people can feed back out in a more porous manner, so people don’t feel like they’re taking a big hit,” Cunningham said, noting the salary discrepancy between private and public sectors. “If you’re young and want hands-on experience, getting in the federal space is one way to do it.”

Cunningham also stressed the importance of role-based cyber training. Every employee, Cunningham said, has to be trained to be cyber and privacy warriors, but a standard one-size-fits-all cyber training isn’t enough. Employees require training relevant to their specific duties, and VA organizes a variety of summits and campaigns to “keep it at the forefront.”

“We’re trying to teach them habits that empower them without distracting from their jobs,” Cunningham said.

For aspiring CISOs, Cunningham recommends rounding out those resumes. A variety of career experiences is typically better suited for a CISO role than someone who has been in a singular role, Cunningham said. Further, while technical chops are great, they are not necessarily required for a policy-heavy role.

“For someone who wants to be a CISO, go read a job description and see what you can’t answer well, and then move your career to fill in those voids,” Cunningham said. 

Source link

The post #cyberfraud | #cybercriminals | How Veterans Affairs CISO Approaches Risk, Recruiting Talent and Proving Cyber’s Business Value appeared first on National Cyber Security.

View full post on National Cyber Security

Coronavirus Raises New Business Continuity, …

Source: National Cyber Security – Produced By Gregory Evans

What happens when understaffed security teams at home and abroad are sequestered in physical quarantine zones?

(image by Romolo Tavani, via Adobe Stock)

(image by Romolo Tavani, via Adobe Stock)

Cyberattackers are barraging businesses with phishing lures touting fake info about the Coronavirus. And although the lures may be fake, the security and business continuity threats that some IT departments are preparing for are quite real. One big question: If workers are sequestered in physical quarantine zones, will IT and SecOps be able to continue? 

Initially, businesses may dismiss this risk until the virus reaches their regions. However, the risk is more prevalent as the IT supply chain becomes more global and organizations rely on overseas IT services — from help desks to 24/7 SOC-as-a-service. The concern is not just that workers themselves may get infected by the virus; the concern is that employees, contractors, and service providers’ workers who are not infected could nevertheless be quarantined for being in physical proximity to the infected individual. 

“If you’ve got 200 workers working in one place and one of them presents themselves with the illness, it’s pretty likely the government is going to quarantine everybody,” says Edward Minyard, senior consultant at IP Architects, who was an Accenture consultant working with Mexico City on pandemic prevention during the H1N1 virus spread in 2019. “And the current [quarantine] protocol is for 14 days. So that can have a material impact on folks’ planning.

“If you’ve got a large outsourced facility, for example, for your security management, or any facilty with a large number of people in it, you probably don’t want to bring 100 people together and put them in a small room unless you yourself have some evidence that they have not been affected. … And the second part of the challenge is they may not be able to get there. Or even want to go there.”

Minyard says his American clients are beginning to consider the secondary impact they may feel if the virus further expands in, for example, India, a source of so many IT services. (Although India shares its norther border with China, it has thus far experienced only three confirmed cases of the virus, according to the World Health Organization, all of which are in Kerala, a western coastal state that does not border China.)

Nevertheless, Indian businesses have reported disruptions because of the stoppages in shipments from China, where over 45,000 confirmed infections and over 1,000 deaths have been reported, and many millions are in quarantine. All the way over in Barcelona, Mobile World Congress — the world’s biggest trade show for the mobile phone industry — was canceled just one week before it was set to start. 

Ths same challenges also apply to telecoms, electric companies, “and all the others that maintain the networks that are supposed to be supporting the rest of us,” Minyard says.

“From the perspective of business continuity and continuity of operations, this is a real thing,” he says. “This is not speculation. This is going on, and we don’t know how bad it’s going to be. Should you have all your eggs in one basket … I’d be thinking of a different plan.” 

IT security departments, already short-staffed, could be stressed even further than most other teams. And that’s something about the coronavirus that cyberattackers will surely capitalize on — just as they have already.  

Phishing Extravaganza 
Cybersecurity companies have been spilling over with detections and reports of phishing messages that use coronavirus-related lures. The messages include malicious links and attachments and download a variety of malware, from Emotet to wipers to remote access Trojans (RATs).  

The World Health Organization issued a warning about such scams.

Trustwave reported an Office 365 credential-stealing attack, which used a lure appearing to be from the Centers for Disease Control and Prevention (complete with CDC logo and legitimate display address) and the subject header “New case confirmed in your city.”  

Proofpoint discovered a credential-stealer that capitalized on panic with a lure claiming that a secret cure existed and that the government was using the disease as a government bioweapon.

Proofpoint, as well as Cisco Talos, reported messages purporting to provide tips for virus protection; these appeared to be sent not only by official government organizations, but by businesses’ upper management. These messages were used to steal credentials, drop malware like Emotet and — in lures specifically targeting the manufacturing and shipping industries — the Nanocore RAT. 

Related Content:

 

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad … View Full Bio

More Insights

Click here for the Source link

The post Coronavirus Raises New Business Continuity, … appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Google’s New Messaging App To Unify Gmail, Drive, And Hangouts…And Other Small Business Tech News

Source: National Cyber Security – Produced By Gregory Evans KRAKOW, POLAND – 2019/01/23: In this photo illustration, the Google Hangouts logo is seen displayed … [+] on an Android mobile phone. (Photo Illustration by Omar Marques/SOPA Images/LightRocket via Getty Images) LightRocket via Getty Images Here are five things in technology that happened this past week […] View full post on AmIHackerProof.com

#nationalcybersecuritymonth | Why Cyber risk is the number one business risk in 2020

Source: National Cyber Security – Produced By Gregory Evans

In January the Information Commissioner’s Office (ICO) fined DSG Retail Limited (DSG) £500,000 after a ‘point of sale’ computer system was compromised as a result of a cyber-attack, affecting at least 14 million people.

An ICO investigation found that an attacker installed malware on 5,390 tills at DSG’s Currys PC World and Dixons Travel stores between July 2017 and April 2018, collecting personal data during the nine-month period before the attack was detected.

The company’s failure to secure the system allowed unauthorised access to 5.6 million payment card details used in transactions and the personal information of approximately 14 million people, including full names, postcodes, email addresses and failed credit checks from internal servers.

Because the data breach occurred before the General Data Protection Regulation (GDPR) came into effect, DSG were found to have breached the earlier Data Protection Act 1998.

The ICO cited poor security arrangements and a failure to take adequate steps to protect personal data. This included vulnerabilities such as inadequate software patching, absence of a local firewall, and lack of network segregation and routine security testing.

The ICO said that the contraventions in this case were so serious that they imposed the maximum penalty under the previous law, but the fine would inevitably have been much higher under the GDPR.

The ICO considered that the personal data involved would significantly affect individuals’ privacy, leaving affected customers vulnerable to financial theft and identity fraud. The ICO received 158 complaints between June 2018 and November 2018 from DSG’s customers. As of March 2019, the company reported that nearly 3,300 customers had contacted them directly in relation to this data breach.

The ICO stressed that while cyber-attacks are becoming more frequent, organisations still have responsibilities under the law to take serious security steps to protect systems, and most importantly, people’s personal data.

This incident will have cost DSG a great deal, both in direct costs to deal with the breach, and also in terms of its reputation.  DSG  may also face claims from its customers – especially given the ICO’s findings of poor security.

Given such incidents  it’s unsurprising that the threat of cyber attacks is keeping many business leaders up at night and sadly, if business leaders aren’t worried, then they aren’t paying attention. In fact, the latest Allianz Risk Barometer 2020 from insurers Allianz – which identifies the top corporate risks for 2020 – highlights cyber risk as the number one business risk for 2020.  Seven years ago cyber risk was ranked just 15th.

A top priority for all businesses in 2020 must be to take all reasonable and practicable steps to make their businesses as cyber risk proof and as resilient as possible.  There’s plenty of guidance and support available – the National Cyber Security Centre (NCSC) promotes cyber essentials which should be a first port of call for any SME (https://www.cyberessentials.ncsc.gov.uk/about).

Businesses should also consider whether they should take out cyber insurance.  It should not be assumed cyber risks are covered in your existing insurance policies.

A number of cyber policies are now available and a specialist insurance broker should be able to assist you and help explain what’s available and what is and what is not covered.   Such policies can help protect against financial losses (including for business interruption, privacy breach costs, cyber extortion, hacker damage, and media liability) but many also offer assistance at the time of an incident e.g. by providing cyber forensic support.

Such policies do pay out – last year the Association of British Insurers revealed that 99% of claims made (207) on ABI-member cyber insurance policies in 2018 were paid – this is one of the highest claims acceptance rates across all insurance products.

As the NCSC advise:

“Organisations that are considering cyber insurance should understand that it will not protect you from an attack, but it may provide you with additional resources during and after an incident. So cyber insurance can be considered as an additional risk management tool, but do take time to:

  • understand the scope and scale of the cover provided
  • ensure that you are able to meet any operational requirements placed on you by the insurer”

As always when buying insurance you need to read the fine print of the cover. Crucially you must also ensure you meet any security or other IT requirements placed on you by the insurer.  If you have pre-existing IT issues you knew or ought to have known about and these lead to a breach of security you are unlikely to be covered.

Insurance is not a panacea, of course. You need to implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks your organisation faces.  This is required by the General Data Protection Regulation (GDPR) in any event where you process personal data.

Ensuring your business is protected against cyber security risks should be a recurring New Year’s resolution, no matter what type of business you run.


Simon Stokes

Simon Stokes is a Partner with law firm Blake Morgan . He leads the firm’s technology practice in London and specialises in information technology law.

Source link

The post #nationalcybersecuritymonth | Why Cyber risk is the number one business risk in 2020 appeared first on National Cyber Security.

View full post on National Cyber Security

#school | #ransomware | Cyberattack on Morial Convention Center has little immediate effect on events there, but problems may grow | Business News

Source: National Cyber Security – Produced By Gregory Evans The Ernest N. Morial Convention Center, one of the cornerstones of New Orleans’ multibillion-dollar tourism economy, is the latest victim in a string of cyberattacks against city and state computer systems that have had serious consequences for government officials and the public. New Orleanians were left […] View full post on AmIHackerProof.com

Cyber Threats Worry Small Business Executives

Source: National Cyber Security – Produced By Gregory Evans

Cyber threats are concerns for many small and medium-sized business executives entering 2020, AppRiver’s “Q4 Cyberthreat Index for Business Survey” revealed.

Cyber threats represent top concerns for many small and medium-sized business (SMB) executives entering 2020, according to the “Q4 Cyberthreat Index for Business Survey” from cybersecurity solutions provider AppRiver.

Key findings from AppRiver’s survey included:

  • 79 percent of SMB executives and IT decision-makers named potential cyber threats as “a top-of-mind concern.”
  • 72 percent noted a successful cyberattack likely would be harmful to their business.
  • 66 percent said they believe cyberattacks “are prevalent on a business such as their own.”
  • 45 percent said they believe their business is vulnerable to imminent cyberattacks.

Furthermore, AppRiver’s survey indicated that 62 percent of SMBs plan to increase their cybersecurity budgets in 2020. The survey also showed that most SMBs have cybersecurity strategies and areas in which they plan to invest next year.

Technology Improvement, Training Are Top Cybersecurity Priorities for SMBs in 2020

Technology improvement (58 percent) ranked first among the top areas in which SMBs plan to invest for cybersecurity improvement in 2020, AppRiver’s survey revealed. Meanwhile, training (57 percent) ranked second, followed by conducting regular reviews of security defenses (50 percent), adding in-house security talent (35 percent) and outsourcing security tasks or partnering with an MSP (30 percent).

Ultimately, SMBs — regardless of industry — are susceptible to cyberattacks. But with support from MSSPs, these businesses could bolster their security posture and combat cyberattacks both now and in the future.

Approximately 32 percent of SMB IT security operations are supported by MSSPs, according to the “2019 Global State of Cybersecurity in Small and Medium-Sized Businesses” study of roughly 2,200 SMBs conducted by password management software provider Keeper. This study also showed that 70 percent of SMBs leverage MSSPs for firewall monitoring or management or intrusion prevention systems.


Return Home

Source

The post Cyber Threats Worry Small Business Executives appeared first on National Cyber Security.

View full post on National Cyber Security

#cyberfraud | #cybercriminals | Business Bulletin: 10 New Year’s resolutions to help you avoid scams

Source: National Cyber Security – Produced By Gregory Evans

Q: What advice and resolutions may BBB offer to consumers in 2020?

A: As the New Year begins, it’s an important time to think about simple changes we can make to ensure that this New Year is better than the last. The Better Business Bureau offers 10 New Year’s resolutions to help you avoid scams, and prevent identity theft and be a smarter consumer in 2020.

Remember, being a savvy consumer is ultimately about staying one step ahead of scammers. The way to do that is to take your time and do your research before making a decision. The scammers are counting on you to be too busy to take these simple steps to protect yourself. By taking a few minutes to implement these tips, you can outsmart scammers and fraudsters.

 

BBB’s Top Ten New Year’s Resolutions for a Consumer-Savvy 2020:

1. Implement a credit freeze. A credit freeze is the best way to protect yourself from financial identity theft because it restricts access to your credit file, making it impossible for identity thieves to apply for a new line of credit in your name. Best of all, it’s now free to freeze and thaw your credit when required.

2. Use technology to block robocalls and other telemarketing calls. Nomorobo, a call blocking feature, can disconnect known telemarketers or scammers from your VoIP landline after one ring. It’s free for landlines; a nominal fee for cell phones. Go to www.nomorobo.com to begin. Also, make sure you register your phones with www.donotcall.gov.

3. Review your permissions and privacy settings on social media. If you’ve signed into an app or website using your social media credentials or taken a fun quiz on social media, you may have unwittingly given permission to third-party apps to access your personal information and contacts. On Facebook, go to “settings” and “apps and websites” to review.

4. Warn others and stop fraudsters by reporting scams to the BBB Scamtracker webpage. www.BBB.org/Scamtracker is a crowd-sourced website where you can report if you’ve been contacted by a scammer. Since reports are plotted on a map, you can also use Scamtracker to find out what’s happening in your area. Please report new scam activity that is not posted. In turn, Scamtracker reports help BBB educate the public with more in-depth reports. You may view these studies at www.bbb.org/scamstudies.

5. Check out businesses and charities first. Conduct research before you buy or donate to make sure you’re working with a reputable company or charity. Check out companies at bbb.org and a full report on charities at give.org. BBB accredited businesses and charities have been evaluated by BBB, and meet and promise to maintain standards.

6. Use secure payment methods. A scammer’s favorite way to steal your money is by asking you to pay with either a gift card or a money wire transfer, such as Money Gram or Western Union. Why? Because these payment methods are irreversible. Credit card payments are more secure and recommended. If fraud is suspected, the charge can be disputed. If you receive a request from someone claiming to be from the IRS, Social Security or a debt collector, it is a scam. If anyone request that you pay with a gift card or a money wire transfer; it is a red flag of caution.

7. Use a unique and complex password for every online account. Consider a pass phrase, which is simply a long password made up of from a collection of multiple words, making them both easier to type and remember. Poor, easy-to-guess passwords are one of the most common ways cyber attackers can hack into your online accounts. If it’s too difficult to remember multiple passwords, consider a password manager. Then, you’ll only have to remember one unique and complex password instead of many.

8. Enable multi-factor authentication whenever it is available. Multi-factor authentication is when you are granted access to an online account only after you have successfully provided two or more pieces of evidence, such as your password and a unique code generated by your smartphone, emailed or texted to you. With multi-factor authentication, if hackers do steal your user name and password, they still can’t access your account.

9. Monitor your existing financial accounts. Gone are the days when you waited for your credit card statement to come in the mail for you to review. Sign up for online access so you can review your financial accounts periodically. Also, take advantage of free text message alerts to notify you of activity, remind you when payments are due, etc.

10. File your taxes early. One common fraud during tax season is identity theft. Scammers use stolen identity to file taxes and redirect refunds. Protect yourself and file early when possible. Visit bbb.org to find accredited tax preparers in your area.

Jim Winsett of the BBB.

Jim Winsett is president of the Better Business Bureau in Chattanooga

Source link

The post #cyberfraud | #cybercriminals | Business Bulletin: 10 New Year’s resolutions to help you avoid scams appeared first on National Cyber Security.

View full post on National Cyber Security