Category Archives: Security

Want to scan your crypto wallet for risks? Check: AML crypto BTC, USDT, ETH. Checking cryptocurrency wallets for dirty money.

Body Scanners Installed in L.A., Tested in Other Locations

Posted on by

Security scanners that screen passengers entering stations and terminals are being tested around the country and have been installed in subway stations in Los Angeles. The Associated Press reported that the machines scan for both metallic and non-metallic objects. They can detect suspicious items from a distance of 30 feet and are capable of scanning more than 2,000 passengers per hour. About 150,000 passengers ride on the Metro’s Red Line daily and the subway system counted more than 112 million rides last year, the AP said.

The New York Times reported that the federal government has been studying the technology for 15 years. The Transportation Security Administration (TSA) partnered with the Los Angeles transit agency on the project, helping the agency test and vet security technologies. The devices purchased are made by the company Thruvision and can be placed at locations throughout the transit system, officials said.

According to the Times:

Officials in Los Angeles said that riders need not worry that their morning commute would turn into the sort of security nightmare often found at airports or even sporting events. The portable screening devices, which will be deployed later this year, will “quickly and unobtrusively” screen riders without revealing their anatomy and without forcing them to line up or stop walking, they said.

“We’re looking specifically for weapons that have the ability to cause a mass casualty event,” Alex Wiggins, the chief security and law enforcement officer for the Los Angeles County Metropolitan Transportation Authority, said Tuesday. “We’re looking for explosive vests, we’re looking for assault rifles. We’re not necessarily looking for smaller weapons that don’t have the ability to inflict mass casualties.”

On Aug. 14 the scanners were tested in the Port Authority Bus Terminal in Manhattan, where in December a man set off a crude pipe bomb in an underground subway passageway, injuring himself. It is estimated that the Port Authority serves about 8,000 buses and 225,000 commuters daily.

As the Risk Management Monitor reported, the TSA also tested body scanners in New York’s Penn Station in Manhattan in February and has conducted tests at Union Station in Washington, D.C., and at a New Jersey Transit station during Super Bowl XLVIII, the AP said.

Cyber’s Human Side

Posted on by

People are often tired, distracted and overworked. They are bound to make mistakes, inadvertently overlook policies and procedures and have quick lapses in judgement—forgetting hours and hours of training.

Human error is a significant problem when it comes to managing cyber exposures. Most cyber surveys point to people as the root cause of a breach.

buy tretiva online medilaw.com/wp-content/uploads/2015/03/jpg/tretiva.html no prescription pharmacy

The Information Commissioner’s Office (ICO) compiles statistics about the main causes of reported data security incidents. In its first 2018 quarterly report, four of the five top causes reported to them involved human errors:

  1. Loss or theft of paperwork – 91 incidents
  2. Data posted or faxed to incorrect recipient – 90 incidents
  3. Data sent by email to incorrect recipient – 33 incidents
  4. Insecure web page (including hacking) – 21 incidents
  5. Loss or theft of unencrypted device – 28 incidents

James Bone, author of the “Cognitive Hack: The New Battleground in Cybersecurity…the Human Mind,” will lead a RIMS webinar Aug. 23 that explores the cognitive risk framework. Bone asks: are risk professionals considering the “human element” in their cyber risk management plan?

According to Bone, “The purpose of creating the cognitive risk framework is to begin to educate risk professionals about the need to incorporate the human element into their risk programs, to identify areas where human error or lapses can cause significant damage, and then design effective solutions.”

Bone points to the airline and automotive industries as examples where the value of human element risk management planning has already been realized. “Automation in cockpits, navigation systems, lane assistance technology and, even something as simple as the seatbelt demonstrate organizations’ and industries’ attention to human error risk mitigation.”

“All of us have a limit in our ability to work and focus at a very detailed level for long periods of time,” Bone said. “The ability to design a work environment that simplifies the work that people do will help reduce risk.

buy flomax online medilaw.com/wp-content/uploads/2015/03/jpg/flomax.html no prescription pharmacy

And, while human error is a piece of the cyber risk management puzzle, it isn’t the only human element cyber concern. Human routine, tendencies and employee processes are constantly monitored by cyber predators. “A sophisticated hacker can spend up to 18 months to two years setting their strategy to attack your organization,” he said. “They are studying the rhythm of the workflow and the movement of data across the firm. They gain a tremendous advantage by just sitting silently and watching.

buy renova online medilaw.com/wp-content/uploads/2015/03/jpg/renova.html no prescription pharmacy

Implementing a cognitive risk framework is no easy task. The key is data. “A lot of data is mislabeled, making it difficult for risk professionals to see the connection between an end result and the human behavior that caused it. In order to use data to its fullest, it needs to be properly categorized with descriptors that allow risk professionals to be able to leverage it,” Bone said.

Organizations with risk frameworks that fail to incorporate the human element are, in his opinion, acting on assumptions. “They are assuming people will be able to follow thousands of policies and procedures with perfect accuracy every time,” he explained. “We shouldn’t assume that people won’t be distracted at work and click on phishing emails. We shouldn’t assume that people will change their passwords as frequently as we want them to. We shouldn’t and can’t be afraid to incorporate new ideas and solutions to improve routines or, at least, make them more difficult to track.”

People are the common denominator. They are not perfect by any means, but incorporating a cognitive risk framework can be a valuable advantage that allows organizations to stay ahead of human element risks while identifying opportunities to improve processes and increase productivity.

Traveling? It’s No Time To Protest

Posted on by

Traveling for business to a foreign country has its assumed risks.

online pharmacy mobic with best prices today in the USA

Typical details like language barriers and exchange rates can be daunting enough, but businesses should be mindful of the potential effects of a protest or demonstration near their employees’ hotels or destinations.

It is easy to imagine attending a conference in another country where a protest is occurring right in front of your conference center. While many are peaceful, some can become violent and there may be legal issues to consider as well.

online pharmacy fildena with best prices today in the USA

Regardless of whether it is related to your visit, the experience can be confusing and unnerving.

Businesses must consider how to prevent their employees from getting stuck in the wrong place at the wrong time; in addition to the disorientation, there can be severe repercussions for being even seemingly involved in a foreign demonstration. Laws and protocols about protests vary from country to country, and guilt—even by association—can have disastrous consequences.

online pharmacy levofloxacin with best prices today in the USA

To ensure your employees know how to successfully circumvent a demonstration, check out the infographic below by On Call International, which gives advice on how visitors should conduct themselves and stay safe in the event of a protest—particularly a violent one.

Data Breach Risk: What’s Next?

Posted on by

Ten years ago, many companies didn’t even ask about using encryption to protect data. Over the years, that has changed. More security and privacy professionals began to see it as an option in their cybersecurity defense.

buy desyrel online medilaw.com/wp-content/uploads/2015/03/jpg/desyrel.html no prescription pharmacy

Then it eventually became a necessary component of most companies’ security strategies and the use of encrypted laptops became a condition precedent for many cyber and privacy insurance policies.

Now, after strengthening their cybersecurity with encryption and other measures, companies need to identify the next potential data exposure points where bad actors can likely turn their attention. One overlooked vulnerability is the visual display of sensitive data on screens.

Protect Visual Privacy
Not every risk management, security and IT professional is familiar with visual hacking, but they should be.

Visual hacking is the unauthorized capturing of sensitive, private or confidential information for unauthorized use. It can include visually stealing information from someone’s phone screen, viewing information left on a printer at work or other opportunities of information that is in plain sight. Very likely, it is already happening to workers in your organization.

It is commonplace for professionals who travel for work to access sensitive corporate material on the go. They could be riding on a train, plane or bus and simply open their laptops, giving those seated next to them full view of their work. In these situations, no one can be certain they are not exposing sensitive information—even something simple like a network username. It is not likely such a road warrior can be aware at all times whether another person is viewing or capturing what’s on their screen.

A study conducted by the Ponemon Institute revealed that 87% of mobile workers have caught someone looking over their shoulder at their laptop in a public space. Yet, despite this potential risk, more than half of mobile workers surveyed said they took no steps to protect important information while working in public.

Visual privacy risks don’t just exist outside the office. A worker who steps away from his or her computer or has a screen facing a public walkway can also expose highly sensitive data to onlookers.

Reduce Your Risk
As with any risk, companies should evaluate the severity and potential frequency of visual privacy exposures to better understand their risk. An insurance broker can help determine if insurance coverage is available for these risks or if insurance premium credits may be available for implementing additional safeguards.

There are other steps any organization can take to reduce the risk of visual hacking. Working with IT departments and information-security officers, companies can implement small, easy changes to existing policies and procedures.

For example, companies can deploy privacy filters on laptops or mobile devices that darken screen data when viewed by onlookers from the side. These filters can also be fitted on device screens in an office to help limit the views of potential insider threats. For example, a receptionist should likely have such a privacy screen in place if his or her screen can be viewed by visitors.

Clean-desk policies should also be in place. Such a policy can reduce the display of sensitive information in printed and electronic forms when workers are away from their desks.

buy champix online medilaw.com/wp-content/uploads/2015/03/jpg/champix.html no prescription pharmacy

Workers should also be printing or storing sensitive information in locked areas and use crosscut shredders to destroy sensitive material.

buy aricept online medilaw.com/wp-content/uploads/2015/03/jpg/aricept.html no prescription pharmacy

Finally, because visual privacy can only exist if workers adhere to policies, training is obviously important. Workers should be trained on the importance of visual privacy and being aware of their surroundings. They should also receive regular training on an organization’s privacy policies and associated safeguards.

Tackle Uncertainty with Certainty
Visual privacy may seem like an additional, unnecessary risk management burden to bear. But, like any other potential threat to sensitive data, it deserves attention. After all, a visual hack can leave no trace of when, where or how it happened—and such uncertainties may become problematic when addressing a data breach.