Author Archives: Hilary Tuttle

About Hilary Tuttle

Hilary Tuttle is the managing editor of the Risk Management Monitor and Risk Management magazine.
Игроки всегда ценят удобный и стабильный доступ к играм. Для этого идеально подходит зеркало Вавады, которое позволяет обходить любые ограничения, обеспечивая доступ ко всем бонусам и слотам.

RIMS Presents Top Risk Management Awards

Posted on by
Janice Ochenkowski RIMS Award

Janice Ochenkowski was presented with the Harry and Dorothy Goodell Award by RIMS Executive Director Mary Roth and President Richard Roberts.

 

NEW ORLEANS—At today’s RIMS 2015 Annual Conference & Exhibition Awards Luncheon, RIMS, the risk management society, announced the winners of its top industry awards.

Janice Ochenkowski, international director of global risk management at Jones Lang LaSalle, received the society’s most prestigious honor, the Harry and Dorothy Goodell Award for furthering the goals of RIMS and the risk management discipline through outstanding service and achievement.

Victoria Nolan Heart of RIMS Award

The Ron Judd “Heart of RIMS” award for outstanding performance in furthering risk management at the chapter level was presented to Victoria Nolan, risk and benefits manager at Clean Water Services and an active member of the RIMS Oregon Chapter.

Three individuals received the RIMS Rising Star Award, which honors up-and-coming risk management professionals under the age of 35 or with less than seven years of experience in the industry. Anna Bendgen, risk management specialist at Sedgwick, Andrew Bent, senior advisor, EH&S risk at Suncor Energy Inc., and Yelena Urcia, senior global insurance analyst at The AES Corporation, were recognized for their exceptional initiative, volunteerism, professional development, achievement, and leadership potential.

RIMS and Business Insurance magazine presented the 2015 Risk Manager of the Year® Award to Kathleen M. Ireland, vice president of global risk management at IBM.

Richard Rabs, immediate past chair of the RIMS External Affairs Committee, was presented with the Richard W. Bland Memorial Award for commitment in the area of legislation or regulation.

This year’s Cristy Award, for the highest marks on the three exams required to earn the Associate of Risk Management designation, went to Michael Grosso, risk analyst at Bimbo Bakeries USA.

RIMS Inducts Three Industry Legends into Risk Management Hall of Fame

Posted on by

NEW ORLEANS—Today, Gary E. Bird, James D. Hinton and Reginald A. Pitchford were recognized as the 2015 inductees to the Risk Management Hall of Fame (RMHF), a joint venture between AIG and RIMS that celebrates risk professionals who have made exceptional contributions to advancing the discipline.

“With an eye on the future, it’s important that we remember the risk management leaders who have laid the groundwork, generously volunteered their experiences and demonstrated an unwavering commitment to advancing the profession,” said RIMS Executive Director Mary Roth. “Gary, James and Reginald are shining examples of this industry’s best and it is a privilege to announce their induction into the Risk Management Hall of Fame.”

“Throughout their professional careers, these industry leaders have gone above and beyond to make significant achievements in risk management,” said Rob Schimek, President and CEO of the Americas for AIG. “It is truly an honor to recognize them for their success.”

gary bird

Before his death on September 11, 2001, Gary Bird served as director of risk management at the Phelps Dodge Corporation and senior vice president of construction risk management at Marsh & McLennon. He also authored the first three editions of The Wrap-Up Guide, an internationally recognized series that explores strategies and best-practices for managing liability policies designed to serve as all-encompassing insurance for all contractors and subcontractors. For his contributions to the field, IRMI changed the name of its annual construction risk management award in his honor, annually celebrating a risk or safety manager who has implemented an innovative risk management program for a construction project with the Gary E. Bird Horizon Award.

Jim Hinton

James “Jim” Hinton spent 33 years managing risk with the Hospital Corporation of America (HCA) and its predecessor companies and served as president of Health Care Indemnity, Inc., HCA’s captive insurance company. In addition to developing innovative loss prevention programs, he lobbied successfully with industry colleagues to change the legal environment by investing heavily in tort reform efforts. Hinton also dedicated much of his life to leading a number of charities dedicated to aiding individuals with cerebral palsy and other disabled adults, spurred by his son’s struggle with the disorder. In recognition of his dedication to both risk management and social service, the James D. Hinton Memorial Captive Insurance Volunteer Award was created and awarded to Jim after his death in 2012 for his outstanding leadership within the captive insurance community.

reginald pitchford

After serving in the Royal Air Force medical service during World War II, Reginald Pitchford worked his way up in the Canadian risk and insurance fields, becoming a champion of risk management in Manitoba and the RIMS Manitoba Chapter (MARIMS) before it even achieved chapter status in 1976. His work as corporate risk manager at United Grain Growers Insurance Department was characterized by his belief that a primary risk function established a strong foundation, ultimately leading to one of the first successful applications of a series of risk processes that would later be called Enterprise Risk Management. In the early years of MARIMS, he was critical in its growth, serving as chapter president while also holding the position of president of the Insurance Institute of Manitoba and sitting on the Council of the Insurance Institutes of Canada, and taught during the 1960s and ’70s as a Fellow of the Insurance Institute of Canada.

Cyberattacks Targeting Big Companies Up 40%

Posted on by

Five out of six companies with more than 2,500 employees were targeted in cyberattacks in 2014, representing a 40% increase last year, according to Symantec’s annual Internet Security Threat Report. But by no means does that imply big businesses are the primary target: 60% of all targeted attacks struck small- and medium-sized organizations.

The spear-fishing and fraudulent email scams deployed in these hacks have also become more effective. Overall, 14% less email was used to infiltrate an organization’s network, yet 2014 saw a 13% increase in attackers as the cause of a data breach, and the total number of breaches rose from 253 in 2013 to 312 in 2014. This notable increase in precision is a clear indication that companies are not updating their defenses to match current threats.

Fortifying against cyberbreach continues to demand even more concerted effort as malicious actors grow more sophisticated, introducing more and better malware to their campaigns. “While advanced targeted attacks may grab the headlines, non-targeted attacks still make up a majority of malware, which increased by 26% in 2014,” Symantec reported. More than 317 million new pieces of malware were created last year, meaning almost a million new threats were released daily.

Changes in the top causes of data breach offer both good and bad news. While 13% more cyberbreaches were caused by attackers and breaches due to insider theft increased 3%, Symantec found that 15% fewer were due to accidental exposure, theft or loss.

Check out the infographics below for more of Symantec’s findings and insights on how hackers operate:

Symantec 2015 Internet Security Threat Report

Symantec Path of a Cyber Attacker

 

Guarding Against PoSeidon and Other Point-of-Sale Breaches

Posted on by

According to Cisco’s Security Solutions team, there is a new malware family targeting point-of-sale (PoS) systems, infecting machines to scrape memory for credit card information and send the payment card data to servers for harvesting and, likely, resale. This malware, which the group has nicknamed PoSeidon, works like this:

Unlike other PoS memory scrapers that store captured payment card data locally until attackers log in to download it, PCWorld reported, PoSeidon communicates directly with external servers and can update itself automatically, and also has defenses against reverse engineering.

PoS malware using the “memory scraping” technique also caused the Home Depot and Target data breaches. In the latter, hackers were able to save names, credit card numbers, expiration dates, security codes from the backs of cards and encrypted PINs when at least 40 million customers swiped at in-store registers.

“The new PoSeidon malware has retailers on alert, particularly as the frequency and relative ease with which POS system breaches are occurring is forcing them to take a closer look at their IT infrastructure and reassess how secure it actually is,” said Andrew Avanessian, EVP of consultancy and technology services at security firm Avecto. “It is also prompting many to ask, what will it take to get ahead of these attacks?”

Avanessian believes the answer is clear: a more defense-in-depth approach to security. “While perimeter technologies like firewalls can prevent against certain types of external attack, it cannot block malware that has already found its way onto endpoints within an organization,” he explained.

buy abilify online metabolicleader.com/p7pmm/img/jpg/abilify.html no prescription pharmacy

“With a multi-layered security strategy that incorporates solutions like patching, application whitelisting and privilege management, organizations can more effectively protect against the spread of malware, defending their valuable assets and ultimately their reputation.”

As I wrote in the March 2014 issue of Risk Management, the adoption of EMV chip technology presents one of the most promising ways to increase PoS security. Already common in Europe, EMV technology—named for its founders, Eurocard, MasterCard and Visa—utilizes embedded chips that, unlike magnetic strips, make it nearly impossible to counterfeit cards. In Europe, 81% of cards have EMV chips, and countries that have adopted the technology saw sharp declines in credit card fraud. Meanwhile, the United States accounts for 27% of worldwide credit transactions, but sees 47% of card fraud.

As organizations roll-out chip and pin technology across the country, these breaches may start to decline, Avanessian agrees, but he urges a more holistic approach to fighting PoSeidon and other PoS malware. “EMV (or chip-and-pin) will absolutely help stop card fraud, however, retailers should not become complacent and think this is the silver bullet they have been waiting for,” he said. “Yes it will help stop fraud once the details have been stolen, but it does not stop businesses from being breached. Companies gather a huge amount of data about their patrons, such as names and addresses, and this data is still valuable to fraudsters.

buy lexapro online metabolicleader.com/p7pmm/img/jpg/lexapro.html no prescription pharmacy

Unless retails take a multi-layer defense-in-depth approach to security, they will still get breached.”

To prevent consumers from losing and shopping elsewhere, Avanessian believes it is critical to evolve the means of combatting cyberattack just as the means of hacking has changed. “In our experience, retailers are still relying on antiquated ‘detection’-based technologies to keep the bad guys out. They all spent hundreds of thousands of dollars on detection, yet they still get breached,” he said.

buy arimidex online metabolicleader.com/p7pmm/img/jpg/arimidex.html no prescription pharmacy

“The world has changed, the players have changed, cyberattacks are now a trillion dollar industry—the approach has to change.”