Category Archives: Technology Risk

Игроки всегда ценят удобный и стабильный доступ к играм. Для этого идеально подходит зеркало Вавады, которое позволяет обходить любые ограничения, обеспечивая доступ ко всем бонусам и слотам.

RIMS Session Highlights Cyber Security Concerns

Posted on by

Cyber security has become an increasingly important topic not only for individuals but for companies as well. I guess that’s why the cyber security session at RIMS 2011 was one of the most popular of the day, with seats filled and attendees lining the walls.

“Cyber Security: Covering Your Assets” featured a panel of industry experts, including Mark Greisiger, president of NetDilligence; Robert Parisi, senior vice president of Marsh; Richard Billson of Zurich North America Commercial and Victoria Telford, director of global insurance and risk management for Hanesbrands.

Billson called for more stringent cyber security actions, noting that “$3 trillion daily moves over network connections.”

Greisiger, referenced a shocking 2010 forensics study from Verizon Security Consultants, which claims:

  • 70% resulting external bad actors (hackers, malware)
  • 48% caused by insiders and a large part of this (90%) deliberate
  • 61% of datat breach discovered by 3rd parties NOT by the company itself
  • 96%of incidents were avoidable with simple controls

As for top perils, Greisiger noted the following:

  • Hacking (SQL injection)
  • Laptop loss
  • Backup tape loss
  • Staff mistakes (“probably 50% of the losses we see” according to Greisiger)
  • DDoS attacks (denial of service)
  • Business partner mishaps and breach

Why the problem of data breaches? Greisiger states:

  1. Most businesses collection more information than necessary and that data is often stored for too long (California laws are trying to do away with retailers asking for zip code – they do reverse indentification and bombard customers with marketing)
  2. Websites are very porous and need constant care
  3. IDS (detection) is very weak (intrusion detection software)

Greisiger concluded with a strong message, stating that with data loss and cyber security threats, “it’s not if but when it happens. It may have already happened to your company.”

Scary thought indeed.

Cloud Computing: Convenience Versus Confidence

Posted on by

Cloud computing has become a convenient and cost efficient way for companies to store data while using remote, shared servers located in the “cloud.” But what is cheap and easy, isn’t always safe.

Take Amazon.com, for example. The company branched out into the cloud computing business five years ago and has since offered computing resources to thousands of businesses — most of them small with a low likelhood of having data backup and recovery services (bad risk management!).

Last week, that lapse in risk management was felt after Amazon.com’s cloud services crashed, disrupting web services for companies as large as Pfizer and as small as FourSquare.

The Amazon interruption, said Lew Moorman, chief strategy officer of Rackspace, a specialist in data center services, was the computing equivalent of an airplane crash.

online pharmacy arava with best prices today in the USA

It is a major episode with widespread damage. But airline travel, he noted, is still safer than traveling in a car — analogous to cloud computing being safer than data centers run by individual companies.

online pharmacy azithromycin with best prices today in the USA

As of this morning, many of the affected sites are back online, though “some historical data might be missing,” according to Chartbeat, a company that monitors the online presence of websites.

The risks of cloud computing is not a new topic among business owners, CIOs and risk managers — far from it. For years, talk has circled regarding privacy, compliance and legal issues. One recent article in PC World examines the risks of cloud computing. It covers topics such as who accesses your data, regulatory compliance and (probably most importantly) data loss and recovery.

online pharmacy zoloft with best prices today in the USA

Corporate cloud computing is expected to grow rapidly, by more than 25% a year, to $55.5 billion by 2014, according to International Data Corporation estimates. And as the popularity of cloud computing grows, so will the potential risks. With that in mind, companies are wise to evaluate such perils and plan for what could go wrong with such a modern technology marvel.

Top 10 Ways Businesses Can Protect Consumers

Posted on by

In a world where customers are frequently being taken advantage of online, a business’s top priority is to protect their most prized asset: the client. With that in mind, the Online Trust Alliance (OTA) has issued its Top 10 recommendations for 2011 to help businesses protect consumers from being fooled. The list includes techniques that businesses can use to help their customers (and even their employees) from deceptive and malicious online threats. Here are the top five:

  1. Upgrade all employees to the most current version of browsers that have integrated phishing and malware protection and privacy controls including support of “Do Not Track” mechanisms and controls. Such controls provide users the control on third party data collection, usage and data sharing of their online browsing activities, while balancing out the value of ad supported online services. Encourage consumers to update their browsers by notifying them of insecure and outdated browsers.
    buy imuran online healthdirectionsinc.com/flash/swf/imuran.html no prescription pharmacy

    In addition consider terminating support for end-of-life browsers with known vulnerabilities by preventing log-ons and providing instructions to upgrade.

  2. Establish and maintain a Domain Portfolio Management program that includes monitoring look-a-like or homograph-similar domains and tracking renewals to prevent “drop catching” of expiring domains. Domain locking is recommended to help guard against unintended changes, deletions or domain transfers to third parties.
    buy xifaxan online healthdirectionsinc.com/flash/swf/xifaxan.html no prescription pharmacy

    Such programs and practices can help protect a company’s brand assets and consumers from landing on look-alike sites compromising trademarks and trade names.

  3. Adopt Email Authentication including both SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) to help reduce the incidence of spoofed and forged email, helping to prevent identity theft and the distribution of malicious malware from tarnishing your brand reputation. Authenticated email allows ISPs, mailbox providers and corporate networks an added ability to block deceptive email, reduce false positives and protect online brands and sites from deception.
  4. Encrypt all data files containing customer profiles, email address and or PII, which are transmitted externally or stored on portable devices or media including flash and USB drives.
  5. Upgrade to Extended Validation Secure Socket Layer Certificates (EVSSL) for all sites requesting sensitive information including registration, e-commerce, online banking and any data which may request PII or sensitive information.  Use of EVSSL certificates help to increase consumer confidence of your online brand. When an EVSSL is presented, the address bar turns green providing the user a higher confidence level the site and company they are visiting is a legitimate business.

“The Internet has become a foundation of commerce, communication and community. As such, business and government have a shared responsibility to take steps to curb cybercrime and online abuse,” said Senator Joe Lieberman. “There are a lot of simple, common-sense steps that both businesses and consumers can take to make them more secure.

buy wellbutrin online healthdirectionsinc.com/flash/swf/wellbutrin.html no prescription pharmacy

I applaud OTA’s efforts to promote practices which enhance the internet’s integrity, privacy, security and resiliency.” Click for the complete list of OTA’s top 10 recommendations.

The Cost of a Data Breach

Posted on by

Six years ago, The Ponemon Institute conducted its first “Cost of a Data Breach” study in the United States. Since then, the independent research firm has expanded into the United Kingdom, Germany, France and Australia. This most recent study focuses on actual data breach experiences of 51 U.S. companies from 15 different industry sectors.

The results of Ponemon’s 2010 study, which were released this month, find that:

  • For the first time, malicious or criminal attacks are the most expensive cause of data breaches and not the least common one
  • Organizations are more proactively protecting themselves from malicious attacks
  • Companies’ investments in finding and remediating data breaches may be paying off
  • For the third straight year, direct costs accounted for a larger proportion of overall data breach costs

Other important findings include: more organizations favor rapid response to data breaches, and that is costing them greatly; for the fifth year in a row, data breach costs have continued to rise (the average cost of a data breach in 2010 increased to $7.2million, up 7% from $6.8million in 2009); breaches by third-party outsourcers are becoming slightly less common but much more expensive; more companies had better-than-average security postures, and those organizations enjoyed much lower data breach costs.

buy cellcept online orthomich.com/img/blog/jpg/cellcept.html no prescription pharmacy

The report points to popular and effective technologies that are currently available to secure data both within an organization and among business partners.

buy periactin online orthomich.com/img/blog/jpg/periactin.html no prescription pharmacy

They include:

  • Encryption (including whole disk encryption and for mobile devices/smartphones)
  • Data loss prevention (DLP) solutions
  • Identity and access management solutions
  • Endpoint security solutions and other anti-malware tools