Category Archives: International

Игроки всегда ценят удобный и стабильный доступ к играм. Для этого идеально подходит зеркало Вавады, которое позволяет обходить любые ограничения, обеспечивая доступ ко всем бонусам и слотам.

67% of Hotel Websites Expose Guest Data, Study Finds

Posted on by

According to new research from cybersecurity company Symantec, 67% of hotel websites are leaking customer reservation details and other personal information. Candid Wueest, the company’s principal threat researcher, tested more than 1,500 hotels in 54 countries, including low-cost to high-cost hotels, as well as both chain and independent hotels.

buy tobradex online desiredsmiles.com/wp-content/uploads/2023/10/tobradex.html no prescription pharmacy

symantec hotel data exposureWhen a customer uses a hotel’s website to book a room, the site usually creates and sends them a link so that the customer can directly access  and manage their reservation.

buy desyrel online desiredsmiles.com/wp-content/uploads/2023/10/desyrel.html no prescription pharmacy

According to Symantec, part of the problem is that third-party advertisers on hotels’ booking websites and web analytics companies (which track web traffic) can access customers’ bookings because they also get those links. This means that advertisers and analytic companies – including any potential malicious actors among their employees – could access and steal the information that the customer entered when booking a room, and even change or cancel the reservation.

Symantec also found that more than a quarter of the hotel websites examined do not send secure, encrypted links in their confirmation emails. Encrypted links prevent anyone trying to hijack a customer’s data from being able to see that data. If a customer received a confirmation email while using an unprotected WiFi (a public network in a café or an airport, for example), a cybercriminal could intercept that customer’s emails and use the unencrypted hotel booking link to access the customer’s booking. Some of these automatically generated links also contain details like customers’ email addresses in the web address, which makes accessing their information even easier for cybercriminals.

Additionally, many hotel websites are vulnerable to a type of cyberattack called “brute forcing,” where an attacker can use the customer’s email address and guess their booking number to gain access to the reservation and personal information. In some cases, Symantec found that hotel websites did not even require an email address to access customers’ reservation information via brute forcing. Though this method would not be useful to gain access to large amounts of customer data, attackers could use it to target individuals, like a specific CEO or conference attendee.

Wueest noted that hotels have thus far been slow to respond to these data exposure risks, and some have not responded at all. When he alerted the hotels’ data privacy officers to the problems in their sites, 75% responded, and those who did took an average of 10 days. Hotels and their information security staff should promptly assess their booking processes to ensure they are minimizing the risk of potential data leaks and breaches.

buy elavil online desiredsmiles.com/wp-content/uploads/2023/10/elavil.html no prescription pharmacy

By leaving these gaps in their websites’ security, they are endangering their customers and opening themselves up to risk, including potential liabilities and reputational damage.

Symantec recommends that hotels use encrypted links, and ensure that the automatic links generated do not include information like customers’ email addresses. It also recommends that customers use Virtual Private Networks (VPNs, services that protects users’ internet traffic) when booking or accessing their reservations using public WiFi to prevent any cyberattacker from intercepting any information that would provide a way in.

The report should also serve as a reminder that corporate employees’ personal devices and personal information are popular targets for cybercriminals and can be especially vulnerable to risks while traveling. Any time an employee exposes their devices to unprotected networks or, in this case, insufficiently protected websites, it leaves both the employee and their employer at risk. Even if an employee is using their own device to conduct business, it still endangers their employer because it may expose valuable business information. Cybercriminals have particularly used the hospitality industry as a hunting ground for such attacks, for example, targeting individuals using hotel WiFi, tricking them into downloading malicious software and stealing their information or spying on their internet activity.

Tackling Risk Management Contradictions in India

Posted on by

India is a country of nearly 1.3 billion, and according to the United Nations 2017 World Population Prospects, has one of the most robust working populations of people between 21 and 35 in the world. Should India’s risk management profession grow along with the country’s population (projected to eventually top China as the most populous), it will usher in an industry-wide change that we are only first catching a glimpse of now.

I have been involved with risk management (and related areas) in India for nearly 15 years. As an Indian, I do not believe we as a whole are naturally attuned to formal risk management. And I’m not alone in this belief, as Dr. Viswanathan Ragunathan, CEO and general manager of the Varalakshmi Foundation said during the RIMS Risk Forum India 2018:

“We are obviously a contradiction. We are, at once, eternal optimists and fatalistic. At one level you can relate to what I’m saying in that Indians do not take too much risk in their day-to-day lives. Yet anyone who has taken the Mumbai trains knows…it’s almost as if we have a death wish.”

That contradiction is symbolic of the state of the profession in India. One of the main challenges we will face is the evolution of the profession within a country and culture firmly rooted in tradition. Risk professionals in India need to constantly reinvent themselves to be seen as valuable to their organizations. Here are three tips Indian risk managers should be keeping in mind in order to provide value to their organizations. And while these suggestions might initially be unique to the region, they may also apply to the global risk management community.

Tip 1: Keep Systems Relevant. Apply the risk management system or process relevant to the business, otherwise, there is no motivation to follow it. An effective risk manager will know their organization from the inside out. Play to your strengths and address whatever weaknesses exist. This will require buy-in from the C-Suite, but demonstrating that it was selected with the company in mind will help sell it.

Tip 2: Know The New Philosophy. The broader outlook has changed from “risk management methodology,” (such as frameworks and templates) to a focus on the active driving of modification measures for key risks throughout the organization.

online pharmacy cozaar with best prices today in the USA

This means creating “risk-based cultures” inside organizations–a global trend but one that doesn’t happen overnight. There’s no one right way to do it, but at its core, it involves embracing the position of “we” (the company) versus “the risk” (or external factor).

online pharmacy cellcept with best prices today in the USA

You might even introduce the risk management system you selected from the prior step, depending on its accessibility.

Tip 3: Demonstrate Humility. There are several instances where a risk manager has acted on early warning signals and quickly mitigated the threat. Despite those successes, the risk manager’s role is not that of a figurehead and probably should not take full credit for all the results.

online pharmacy isotroin with best prices today in the USA

Sharing the kudos among the CEO and stakeholders, as well as subordinates (if you’re fortunate enough to lead a team), satisfies the unwritten conditions of both the national and professional cultures.

Risks can arise from anywhere within or outside an organization. CEOs are not always as clued in as risk managers regarding what is emerging. Therefore, it is our job to implement ERM programs that facilitate scenario-based workshops. This will help the CEO and stakeholders identify and mitigate at least the “known unknowns”

Generally, if risk managers do their due diligence, then a situation will have been prevented from the outset. And if something is missed, then the famous Indian term, “Jugaad” helps us. But Jugaad is something for another post.

Q&A with RIMS 2019 Keynote Speaker Dr. Erin Meyer

Posted on by

The RIMS 2019 opening keynote address will be delivered by Dr. Erin Meyer, a professor at the INSEAD school of international business in France, and the author of the Culture Map: Breaking Through the Invisible Boundaries of Global Business. She discussed with Risk Management Monitor the concept of “culture mapping,” and how her upcoming address in Boston will provide risk managers with methods to assess cultural rituals and differences before conducting international business.

Download today’s RIMScast episode for Dr. Meyer’s full interview and a deeper dive into culture mapping.

Risk Management Monitor: What will you discuss in the keynote address at RIMS 2019?

Erin Meyer: I will be talking about globalization and how it is impacting our effectiveness when we work internationally.

Risk professionals might be supervising a building code in Indonesia or leading a global team made up of Brazilians and Polish people, for example, and what it means to communicate effectively or make decisions can vary from one country to another.

buy bactroban online familyvoicesal.org/resources/images/jpg/bactroban.html no prescription pharmacy

I will be presenting a “culture mapping” model that will help participants decode how these cultural differences are impacting their own effectiveness and then think about strategies for working in a more efficient way.

buy amaryl online familyvoicesal.org/resources/images/jpg/amaryl.html no prescription pharmacy

RMM: What has your experience with risk managers been like?

EM: I’ve noticed that risk professionals were usually in situations where – if they were working internationally – they were collaborating with just one other country at a time. But that has changed recently. In the last couple of years, they’ve often been in these multicultural environments and that’s where the culture mapping tool becomes so important.

When working in a multicultural team, you’ll find that different members have totally different impressions of the same country that they’re working in. This is all part of the concept of what I call “cultural relativity” – where we might have totally different impressions of what’s going on, based on our own cultural perspective. We will explore all this in the keynote.

RMM: What details of your research have surprised you?

EM:  We’ve researched expatriate failure rates and looked at people moving from one country to another who had to return home early because they weren’t able to integrate into their new society. And what came up is the highest failure rate was not “Americans moving to China” or “Japanese moving to the Netherlands,” for example.

buy female cialis online familyvoicesal.org/resources/images/jpg/female-cialis.html no prescription pharmacy

It was Americans moving to the UK.

And I think that’s very interesting because it represents something called “cultural dissonance,” which arises when we think the other culture is the same as ours because of external indicators, like language. For example, when Americans start working with the British and they’re all speaking the same language and eating the same food they assume things will not be so different from their home country.

RMM: Does that make them seem too lax in their work?

EM: They don’t give culture itself as much thought, and the consequence can be that they are perceived as incompetent [by the new colleagues]. So when you’re looking at the culture map – which we’ll be talking about during the keynote – it’s often those small differences that cause problems. Awareness of those differences is crucial.

RMM: How has technology created communication challenges?

EM: When we’re working at a distance we can lose the visual cues that help us, even in our own culture, to understand what’s going on. And when we bring in technology we all lose those visual cues – especially when you consider conference calls, for example. So, in some ways that kind of brings us back to a more standard communication platform but it does make things complicated because of course, we have different ideas about how to use technology in different parts of the world.

RMM: In the Culture Map, you discuss how even the use of email – merely to sum up a discussion – can lead to miscommunication or even an insult. How can that happen?

EM: If you get off of the phone with someone in India, for example, and put into writing everything that was decided and you send it, that might be considered an indication that you don’t trust the recipient. And I think that’s where working at a distance complicates things because if we’re in the same room we might feel that something wasn’t going well. But we’re working a distance, so we make these “errors” and it might hurt the relationship without even realizing it.

Former NSA Director Talks Cybersecurity, Insurance at Advisen Conference

Posted on by

NEW YORK—Advisen’s Cyber Risk Insights Conference, held during Cyber Week, featured risk management professionals and more than 18 panels and sessions on Oct. 25. The keynote was delivered by Adm.

buy apixaban online achievephysiorehab.ca/wp-content/uploads/2023/10/jpg/apixaban.html no prescription pharmacy

Michael S. Rogers, former Navy commander of U.S. Cyber Command and Director of the National Security Agency (NSA), under the administrations of  Presidents Obama and Trump. Rogers discussed rising cyber threats and offered advice to providers and consumers as they assess their cyber insurance policies.

“For insurers, you need to be prepared, because the list of actors is growing and the threat is growing,” Rogers said. “Don’t build on a strategy [where you believe] things are getting better.”

He also put a particular spotlight on the fact that there is no universally accepted guideline for cyber threats when considering acts of war. Cyber, he said, differs from traditional triggers because there’s typically no physical injury or loss of life.

“You have these wholly different international views, because nation-states in western democracies do not have ownership of the web,” he said. “They do not control their citizens and control the flow of data,” as opposed to countries with greater control of information.

buy bactroban online achievephysiorehab.ca/wp-content/uploads/2023/10/jpg/bactroban.html no prescription pharmacy

“Because you have these broad, polar views it’s been difficult at times, on an international level, to get a consensus on what a framework be like to set a cybersecurity standard,” which Rogers added, could help define how a cyber attack might be considered an act of warfare.

buy strattera online achievephysiorehab.ca/wp-content/uploads/2023/10/jpg/strattera.html no prescription pharmacy

He proposed an approach that could start nations on a path to a universally accepted guideline: “Can get we get a smaller subset of issues to coalesce around a core group of principles, start small, and build from there? I think we’ll have success that way.”

Rogers noted that he is a proponent and believes incentivization may be the key to keeping businesses safer and maintaining lower premiums, using features of the automotive industry as an example.

“Automatic brakes and safer vehicles, for example, were an incentive for the buyer and the seller,” he said. “Production and consumption were all incentivized to make better decisions. I don’t know if it will work [with cyber insurance]. It’s all about risk.”

Rogers’ insight dovetailed along with the new information from the eighth annual Advisen cyber survey that Zurich Insurance released at the opening of the conference.

The percentage of companies that purchase cyber insurance, either via stand-alone policies or endorsements, has increased 40 points since 2011. This year’s results show a 10% increase from 2017, the largest year-over-year increase since its inception.

“Cyberrisks continue to change and businesses continue to look for ways to protect themselves from those risks,” said Paul Horgan, head of North America Commercial Insurance for Zurich North America. “These survey results provide a critical snapshot of the attitudes, concerns and actions of risk managers. It is our responsibility to respond to their needs and concerns with innovative services and solutions.”

Survey results show the two most influential factors driving cyber insurance purchases in the past year:

  • regulatory changes such as the European Union’s (EU) General Data Protection Regulation (GDPR), and
  • business continuity risks such as the Dyn distributed denial of servicer (DDoS) attack, WannaCry and NotPetya events. These caused significant losses to businesses around the world, shutting down network systems and in many cases slowing or actually halting business operations.

The Advisen data reflects a stark contrast to the feedback from last year’s survey, which found that just 10% of respondents identified business interruption as the primary reason for purchasing cyber insurance and that purchase growth had gone stagnant after a steady six-year increase from 35% to 65%.

These factors were two of the top emerging cyberrisks identified by Risk Management magazine in early 2018.