Are you like me where you get paranoid using public ATM’s and paying for gas with your card at the pump? I am sketched out about ATM / credit card skimmers that scammer’s place on public machines to trace your personal information. I stumbled across this video on Facebook. This is in Europe, but it doesn’t matter, this can happen anywhere. Be vigilant my friends!
This October is Cyber Security Awareness Month, an event co-sponsored by the Department of Homeland Security (DHS) and the National Cyber Security Alliance (NCSA) in order to raise awareness of the importance of cyber security issues. While the event is designed to highlight some of the nation’s cyber security precautions, as well as how to be prepared in the event of a national cyber security incident, much of the focus is on good cyber security practices for the average individual.
Specifically, the groups are trying to promote their “Stop. Think. Connect.” and Stay Safe Online campaigns—efforts that teach good cyber security in terms everyone can understand. In order to encourage your employees to practice good cyber security, review the following lessons with them:
- Password Security: More powerful computers have given criminals the ability to crack passwords easily. Passwords with a mix of capitalized and lowercase letters—as well as numbers, symbols and other special characters—are much harder to crack. And, though it should go without saying, make sure your employees don’t write their passwords down in plain sight in their work spaces.
- Phishing Scams: A number of different scams could fall into this category, but they all have commonalities that your employees should be aware of. Never open an email from an unknown source, and never click on a link in an email unless both the sender and the link can be trusted.
- Software Updates: Security patches are designed to fix known vulnerabilities. Make sure your employees download the latest security patches when they become available.
Those wishing to participate in this year’s activities can find a number of resources available online, or contact me for further cyber security materials.
This past Wednesday I was part of a panel for an educational workshop to discuss innovative ways to protect small businesses from cyber crime.
On the panel was an FBI Special Agent who shared FBI insights on fighting cyber crime. Akilah Kamaria from Blue Fields Digital Intelligence shared strategies organizations can use to prepare for and respond to a cyber incident. I shared information on cyber liability and data breach insurance and its role in helping to protect companies from cyber crime losses.
Special thanks to Akilah Kamaria for allowing inviting me to participate. Also, to Gal-A Photography for the professional photos:
Thank you for putting on such an important and great event!
Two former FBI agents from Travelers Insurance Investigative Services hack into a typical business website and download sensitive data in a matter of minutes to demonstrate how quickly a cyber attack can happen:
Research shows that cyber criminals and hackers are attacking smaller “Main Street” companies who are often less prepared to prevent and respond to an attack.
Cyber insurance can protect companies before an event takes place by helping supply them with risk management tools and advice and access to other professionals in the data security community that can help with their information security.
Check out the full story: http://travl.rs/1WvPHQq
Have questions about cyber insurance? Interested in learning more about the various coverage’s included within a cyber insurance policy? Want to see what it would cost you to pick up cyber insurance for your business? Contact your insurance broker or me today to talk more.
How clever is your password? If it’s on the list below, your password is just as easily stolen as it is remembered. Protect yourself by making sure you’re not using one of the top 25 most commonly stolen passwords of 2015, as determined by IT security firm SplashData.
To create a more secure password, make sure you are not relying only on numbers, and try to avoid simple keyboard patterns. You may also want to avoid easy-to-find information such as birthdays, favorite sports teams and addresses. Attempt to create a password that is eight or more letters long, and avoid using the same password for multiple access points.
According to the 2015 Small Business & Cybersecurity survey, 81% of small business owners think that cyber security is a concern for their small businesses, while 94% either frequently or occasionally think about cyber security issues.
Surprisingly, only 42% of respondents had invested in cyber security protection in the past year, despite the fact that 31% of these businesses had experienced either a successful or attempted cyber attack.
It’s possible that small business owners might simply be spreading themselves too thin. About 83% of small business owners said that they handle cyber security themselves. But given the threat, it was surprising to discover that 95% of small business owners don’t have cyber insurance.
One more stat, 1 in 5 companies uses a cloud services provider. If cloud data is breached, the hiring company (aka your business) is still primarily responsible.
Cyber insurance can offer third-party (cyber liability) and first-party (cyber crime expense) insurance coverage. Most, if not all insurance carriers, have developed cyber security / data breach insurance programs tailored to small businesses.
If you’re interested in exploring the costs of a cyber liability / data breach insurance policy, please contact me to discuss. I have more than several carriers we can quote this coverage with.
According to IBM’s 2014 Cyber Security Intelligence Index, over 75 percent of the cyber attacks the company monitored in 2013 targeted the following five industries:
1. Finance and insurance (23.8 percent)
2. Manufacturing (21.7 percent)
3. Information and communication (18.6 percent)
4. Retail and wholesale (6.2 percent)
5. Health and social services (5.8 percent)
Every day, more than 1 million people become victims of cyber crime. Cyber criminals look for the weak spots and then attack, no matter how large or small the organization. Cyber attacks can result directly from deliberate actions of hackers, or attacks can be unintentionally facilitated by employees—for example, if they click on a malicious link.
Check out these 3 reasons why hackers love your small business:
Travelers Insurance Company has joined the ranks of other major carriers such as The Hartford in writing coverage for technology companies. Travelers Global Technology President Ronda Wescott and Chief Underwriting Officer Mike Thoma provide their perspective:
If you have a Life Science or Software and Information Technology Company and would like a review of your current insurance portfolio, feel free to contact me anytime. I can help market your coverage’s with all the major carriers specializing in this sector.
Some of the most common insurance coverage’s important to the Life Science or Software and Information Technology industry are:
- Commercial General Liability
- Professional Liability (Errors & Omissions)
- Workers’ Compensation
- Commercial Automobile
- Commercial Umbrella/ Excess Liability
- Cyber Liability & First Party Data Privacy Expense
- Directors and Officers Liability (D&O)
- Employment Practices Liability
- Fiduciary Liability
- Kidnap and Ransom
- Group Medical Insurance
- Group Life and Disability
Today I stumbled on a business blog post from Chubb that really grabbed my attention. This was regarding disposal of computers, laptops and any other electronic equipment that may contain personal information about employees, clients or customers. Make sure that the information has been completely destroyed!
Here’s the post……“Trashing Bytes of Information”
When you dispose of this type of equipment, it is not enough to simply delete the information from the hard drive or format the disk. Instead, you should overwrite, or wipe, the hard drives and disks. You can do this by purchasing a wipe disk software program that conforms to Department of Defense requirements.
If you dispose of equipment without taking the proper steps to destroy the information, it could still be accessible and this may constitute a data breach. Your business may be subject to the same fines, penalties and regulatory notification requirements as if your systems had been infiltrated by a hacker.
Techniques for Removing Information
Deleting information is not effective. It removes pointers to information on your device, but it does not remove the information. Do not rely on the deletion method you routinely use when working on your device, whether moving a file to the trash or a recycle bin or choosing “delete” from a menu. Even if you “empty” the trash, the information is still there. It can be retrieved.
Overwriting is effective on all computing devices. It puts random data in place of your information, which cannot be retrieved because it has been obliterated. There are software programs and hardware devices available that are designed to erase your hard drive, CD or DVD—but because these programs and devices have varying levels of effectiveness, it is important to carefully investigate your options.
3. Physical Destruction
Physical destruction is the ultimate way to prevent others from retrieving your information. Of course, you should physically destroy the device only if you do not plan to give it to someone else. Specialized services will disintegrate, burn, melt or pulverize your computer drive and other devices. If for some reason you do not wish to use a service, it is possible for you to destroy your hard drive by drilling nails or holes into the device yourself or even smashing it with a hammer. Never burn a hard drive, put it in the microwave or pour acid on it.
See more on this subject at: Cyber Liability Safely Disposing of Your Devices
As a modern day business owner, you have likely felt the push to become more web-involved. The Internet seems to be where businesses are concentrating efforts, whether they involve revamping your website to keep up with the competition or creating social media accounts to attract a new audience. Of course, charting a new business course presents new risks. Navigating the Internet can be difficult enough when dealing with multiple accounts, email marketing and search engine optimization, but you’re also responsible for protecting the information that you store there. Cyber liability insurance may be the answer.
- In 2008, almost 50% of businesses reported they had 1 to 5 cyber risks.
- The most expensive cyber risk incidents involve fraud, which averages a loss of almost $500,000.
- In 2008, the most common cyber risk businesses faced were viruses, followed by inside abuse and then laptop theft.
- In 2012, 36% of the business industry experienced a data breach.
To understand what protection cyber risk insurance provides, you must first understand the risk you face as a business. Cyber attacks don’t necessarily occur in the ether of Internet. Cyber attacks can also include computer hardware problems, communication media errors, system backup and operating system errors and even errors and fraud invoving internal people like system administrators.
A company can face three common types of cyber risks:
- Natural: The most common errors and losses result from severe weather. For example, a lightning strike or power surge can severely damage or destroy an entire database.
- Human error: These unintentional acts can involve something as simple as leaving a laptop that has access to patient medical records, at the airport.
- Intentional: This involves illegal criminal activity and can occur outside the organization, by hackers or criminals, or inside the organization.
No matter what kind of cyber attack you experience, the consequences of an attack can be expensive. In addition to retrieving information and establishing new cyber protocols, many companies have to perform clean-up efforts with a customer base. Cyber liability insurance can help with each step of recovery.
Source: Trusted Choice