risk management

Home/Tag: risk management

The Trend from 2019 You Didn’t Expect

Biggest trend in 2019 - Executives let their IT departments determine the risk level of the entire company. What actually happened in 2019? Increase in Ransomware Increase in Business Email Compromise Increase in compliance driven by clients Increase in compliance driven by EU and (incoming… California) What should you be doing in 2020? Avoiding phishing and social engineering attempts Using a password manager AND not repeating your passwords Use multi-factor and advanced biometrics when available Shocked by any of this? [...]

Losses due to recent strains of ransomware; Option A= $62million? or Option B = $310million?

Both sound like bad options, but the choice is obvious. The recent reports of “Bad Rabbit” attacks have put ransomware top of mind in the cybersecurity world. Bad Rabbit is certainly not the first of its kind; in fact, it’s not even the first this year. The ransomware dubbed “Petya” was first discovered in 2016 and morphed into the still more dangerous “NotPetya” in March of 2017. NotPetya wreaked havoc for thousands of users worldwide, taking advantage of weaknesses in [...]

Bad Rabbit Did a Bad Bad Thing

New Ransomware Bad Rabbit is Wreaking Havoc Bottom Line Up Front: Preparation is your best friend to defend against Ransomware – get a backup system now for your company’s network and your personal computer On October 24th, the U.S. Computer Emergency Readiness Team announced reports of a new ransomware infecting computers around the world. This attack is the third major international ransomware campaign in 2017 alone, with NotPetya and WannaCry preceding it. These fittingly ominous names represent the widespread damage [...]

Is Cyber Risk Management Like Seat Belts of the 70’s?

In light of the recent string of large-scale cyber attacks we’ve been hearing about in the news, there is an important conversation to be had. Do we care enough? Why have Equifax, Deloitte, and others been able to continue about their business with relatively little consequence amidst devastating security breaches? Has the increasing frequency and scale of cyber attacks desensitized us to the gravity of such breaches? For every cyber attack we see in the news, there are thousands more [...]

The SEC announces its 2017 examination priorities

Attention to those in the financial industry, particularly, Broker/Dealers, Investment Advisers and Firms involved with Pension Funds and Seniors; OCIE is focused on you. The SEC's National Examination Program (NEP) of the Office of Compliance Inspections and Examinations (OCIE) announced that its examination priorities in 2017 will focus on three general areas including retail investors, risks specific to elderly investors and retirement investing, and assessing market-wide risks. Taken directly from the SEC website, "Cybersecurity - OCIE will continue its ongoing [...]

Carrots and Sticks – Incentivized Cybersecurity Measures

The Economist argues that, "Incentives need to change for firms to take cybersecurity more seriously." http://www.economist.com/news/leaders/21712138-software-developers-and-computer-makers-do-not-necessarily-suffer-when-their-products-go Businesses need both carrot and stick with regard to cybersecurity measures. Yes, legislation will force companies to do the bare minimum; but leaders need to see the upside of creating a thorough cyber risk management program which will make sharing of cyber breaches and mistakes more palatable for corporate boards. A small investment in cybersecurity can pay huge dividends in the future. There are simple [...]

How Much Cybersecurity Do You Need?

With data breaches going public daily and an endless amount of threats being present to nearly every organization, executives are left looking for answers. Can you defend against every threat to your organization? More importantly, is it possible to identify them all on a continual basis? The truth is that you don’t defend against every single threat. You can’t even try or it would burn a hole in the organizations budget faster than you can imagine. In order to be [...]

The Cost of Data Breaches Continue to Rise

Data breaches in 2014 made major headlines as large organizations such as Sony, Neiman Marcus and The Home Depot were compromised. 2015 has proven to be no different with BlueCross, Anthem and Ashley Madison joining the crowd. The biggest issue; however, is that the headlines only show the big fish, ones who can likely recover. What goes unnoticed are the other 1,400+ organizations who have been compromised in the past two years. This has led many C-Level executives of small [...]

Cyber insurance regulations: Senate probes federal data breach protections bill

Cyber insurance is becoming a significant market force that will drive improved cyber security for both companies and by extension the consumers and the nation as a whole. It is more than just an instrument to transfer risk, it provides incentives to understand and mitigate risks. To wit, attached is a summary of the most recent Senate hearing: U.S. Sen. Jerry Moran (R-Kan.), chair of the Subcommittee on Consumer Protection, Product Safety, Insurance, and Data Security, held a hearing March [...]