took an early lunch to drive mom home from an appointment, since her dr was late and dad had to leave for work (+50 EXP for parking in the hospital lot) and had a nice little lunch with her, and then came back to work and this client decided to go insane, and it feels like I stepped outside and got immediately hit by a tornado

The Ultimate Guide to Choosing a Cybersecurity Service Provider

In today's digital age, cybersecurity is paramount. As businesses and individuals increasingly rely on technology, the need for robust cybersecurity measures has never been greater. Whether you're a small business owner or a large corporation, finding the right cybersecurity service provider is crucial to safeguarding your data and operations. In this comprehensive guide, we'll explore the world of cybersecurity service providers, their expertise, and how to make an informed choice.

Cybersecurity Service Provider: Your Shield Against Cyber Threats

Cybersecurity service providers are the unsung heroes of the digital world. They are the guardians of your sensitive information, protecting it from cyber threats, hackers, and malicious actors. Here's a closer look at what they do:

Understanding the Role of Cybersecurity Service Providers

Cybersecurity service providers offer a wide range of services, including:

Threat Detection and Prevention: They employ advanced tools and techniques to identify and neutralize cyber threats before they can cause harm.

Incident Response: In the event of a security breach, cybersecurity experts spring into action to contain the damage and restore normalcy.

Vulnerability Assessment: They regularly assess your systems and networks for vulnerabilities and recommend patches or updates.

24/7 Monitoring: Many providers offer round-the-clock monitoring to ensure that your defenses are always up.

Employee Training: Some providers offer cybersecurity training to your staff, reducing the risk of human error.

Why You Need a Cybersecurity Service Provider

In today's hyper-connected world, the consequences of a cyberattack can be devastating. Here's why you should consider partnering with a cybersecurity service provider:

Data Protection: They safeguard your sensitive data, including customer information, financial records, and intellectual property.

Business Continuity: In the face of cyber threats, having a cybersecurity plan in place ensures that your business operations can continue without major disruptions.

Legal and Regulatory Compliance: They help you adhere to data protection laws and industry regulations, avoiding costly fines and legal troubles.

How to Choose the Right Cybersecurity Service Provider

Selecting the right cybersecurity service provider is a critical decision. It's not just about finding a provider; it's about finding the perfect fit for your unique needs. Here's a step-by-step guide to making the right choice:

Assess Your Needs

Evaluate Your Assets: Take stock of your digital assets and identify what needs protection.

Risk Assessment: Assess the potential risks and vulnerabilities your organization faces.

Budget Considerations: Determine how much you can allocate to cybersecurity services.

Research and Shortlist

Gather Recommendations: Seek recommendations from peers and industry experts.

Online Research: Use search engines and cybersecurity forums to research potential providers.

Evaluate Providers

Expertise and Experience: Look for providers with a proven track record and experience in your industry.

Services Offered: Ensure that the services offered align with your needs, whether it's network security, cloud security, or compliance services.

Client Testimonials: Read reviews and testimonials from other clients to gauge their satisfaction.

Request Proposals

Contact Providers: Reach out to your shortlisted providers and request detailed proposals.

Ask Questions: Don't hesitate to ask questions about their approach, team, and pricing.

Make Your Decision

Compare Proposals: Evaluate the proposals, considering all aspects.

Trust Your Instincts: Choose a provider that not only meets your technical requirements but also aligns with your company's values and culture.

FAQs About Cybersecurity Service Providers

What Is the Cost of Cybersecurity Services?

The cost of cybersecurity services varies depending on your needs and the provider. It's essential to get customized quotes to determine the exact cost for your organization.

Can Small Businesses Benefit from Cybersecurity Providers?

Absolutely! Small businesses are often targeted by cybercriminals due to their perceived vulnerability. Cybersecurity service providers offer tailored solutions to protect small businesses effectively.

Do Cybersecurity Providers Offer 24/7 Support?

Many providers do offer round-the-clock support to address security incidents promptly. However, the level of support may vary, so it's crucial to clarify this with your chosen provider.

How Long Does It Take to Implement Cybersecurity Measures?

The implementation timeline depends on the complexity of your systems and the services you require. Some measures can be implemented quickly, while others may take more time for a comprehensive rollout.

Are Cybersecurity Providers Compliant with Data Protection Regulations?

Reputable cybersecurity providers prioritize compliance with data protection regulations. However, it's essential to verify this with your chosen provider and ensure they meet your specific compliance needs.

What Should I Do in the Event of a Cybersecurity Breach?

If you experience a cybersecurity breach, contact your provider immediately. They will initiate an incident response plan to mitigate the damage and prevent further breaches.

Conclusion

Choosing the right cybersecurity service provider is a crucial step in safeguarding your digital assets and maintaining the trust of your customers. By following the steps outlined in this guide and considering your unique needs, you can make an informed decision that strengthens your organization's cybersecurity posture.

Remember, in the digital world, prevention is always better than cure. Partnering with a trusted cybersecurity service provider is your best defense against the ever-evolving landscape of cyber threats.

Ransomware is proliferating across America, disabling computer systems of corporations, city governments, schools and police departments. This month, attackers seeking millions of dollars encrypted the files of 22 Texas municipalities. Overlooked in the ransomware spree is the role of an industry that is both fueling and benefiting from it: insurance. In recent years, cyber insurance sold by domestic and foreign companies has grown into an estimated $7 billion to $8 billion-a-year market in the U.S. alone, according to Fred Eslami, an associate director at AM Best, a credit rating agency that focuses on the insurance industry. While insurers do not release information about ransom payments, ProPublica has found that they often accommodate attackers’ demands, even when alternatives such as saved backup files may be available.

The FBI and security researchers say paying ransoms contributes to the profitability and spread of cybercrime and in some cases may ultimately be funding terrorist regimes. But for insurers, it makes financial sense, industry insiders said. It holds down claim costs by avoiding expenses such as covering lost revenue from snarled services and ongoing fees for consultants aiding in data recovery. And, by rewarding hackers, it encourages more ransomware attacks, which in turn frighten more businesses and government agencies into buying policies.

“The onus isn’t on the insurance company to stop the criminal, that’s not their mission. Their objective is to help you get back to business. But it does beg the question, when you pay out to these criminals, what happens in the future?” said Loretta Worters, spokeswoman for the Insurance Information Institute, a nonprofit industry group based in New York. Attackers “see the deep pockets. You’ve got the insurance industry that’s going to pay out, this is great.”

A spokesperson for Lloyd’s, which underwrites about one-third of the global cyber-insurance market, said that coverage is designed to mitigate losses and protect against future attacks, and that victims decide whether to pay ransoms. “Coverage is likely to include, in the event of an attack, access to experts who will help repair the damage caused by any cyberattack and ensure any weaknesses in a company’s cyberprotection are eliminated,” the spokesperson said. “A decision whether to pay a ransom will fall to the company or individual that has been attacked.” Beazley declined comment.

Fabian Wosar, chief technology officer for anti-virus provider Emsisoft, said he recently consulted for one U.S. corporation that was attacked by ransomware. After it was determined that restoring files from backups would take weeks, the company’s insurer pressured it to pay the ransom, he said. The insurer wanted to avoid having to reimburse the victim for revenues lost as a result of service interruptions during recovery of backup files, as its coverage required, Wosar said. The company agreed to have the insurer pay the approximately $100,000 ransom. But the decryptor obtained from the attacker in return didn’t work properly and Wosar was called in to fix it, which he did. He declined to identify the client and the insurer, which also covered his services.

“Paying the ransom was a lot cheaper for the insurer,” he said. “Cyber insurance is what’s keeping ransomware alive today. It’s a perverted relationship. They will pay anything, as long as it is cheaper than the loss of revenue they have to cover otherwise.”

Worters, the industry spokeswoman, said ransom payments aren’t the only example of insurers saving money by enriching criminals. For instance, the companies may pay fraudulent claims — for example, from a policyholder who sets a car on fire to collect auto insurance — when it’s cheaper than pursuing criminal charges. “You don’t want to perpetuate people committing fraud,” she said. “But there are some times, quite honestly, when companies say: ’This fraud is not a ton of money. We are better off paying this.’ ... It’s much like the ransomware, where you’re paying all these experts and lawyers, and it becomes this huge thing.”

Insurers approve or recommend paying a ransom when doing so is likely to minimize costs by restoring operations quickly, regulators said. As in Lake City, recovering files from backups can be arduous and time-consuming, potentially leaving insurers on the hook for costs ranging from employee overtime to crisis management public relations efforts, they said.

“They’re going to look at their overall claim and dollar exposure and try to minimize their losses,” said Eric Nordman, a former director of the regulatory services division of the National Association of Insurance Commissioners, or NAIC, the organization of state insurance regulators. “If it’s more expeditious to pay the ransom and get the key to unlock it, then that’s what they’ll do.”

As insurance companies have approved six- and seven-figure ransom payments over the past year, criminals’ demands have climbed. The average ransom payment among clients of Coveware, a Connecticut firm that specializes in ransomware cases, is about $36,000, according to its quarterly report released in July, up sixfold from last October. Josh Zelonis, a principal analyst for the Massachusetts-based research company Forrester, said the increase in payments by cyber insurers has correlated with a resurgence in ransomware after it had started to fall out of favor in the criminal world about two years ago.

One cybersecurity company executive said his firm has been told by the FBI that hackers are specifically extorting American companies that they know have cyber insurance. After one small insurer highlighted the names of some of its cyber policyholders on its website, three of them were attacked by ransomware, Wosar said. Hackers could also identify insured targets from public filings; the Securities and Exchange Commission suggests that public companies consider reporting “insurance coverage relating to cybersecurity incidents.”

Even when the attackers don’t know that insurers are footing the bill, the repeated capitulations to their demands give them confidence to ask for ever-higher sums, said Thomas Hofmann, vice president of intelligence at Flashpoint, a cyber-risk intelligence firm that works with ransomware victims.

Ransom demands used to be “a lot less,” said Worters, the industry spokeswoman. But if hackers think they can get more, “they’re going to ask for more. So that’s what’s happening. ... That’s certainly a concern.”

In the past year, dozens of public entities in the U.S. have been paralyzed by ransomware. Many have paid the ransoms, either from their own funds or through insurance, but others have refused on the grounds that it’s immoral to reward criminals. Rather than pay a $76,000 ransom in May, the city of Baltimore — which did not have cyber insurance — sacrificed more than $5.3 million to date in recovery expenses, a spokesman for the mayor said this month. Similarly, Atlanta, which did have a cyber policy, spurned a $51,000 ransom demand last year and has spent about $8.5 million responding to the attack and recovering files, a spokesman said this month. Spurred by those and other cities, the U.S. Conference of Mayors adopted a resolution this summer not to pay ransoms.

Still, many public agencies are delighted to have their insurers cover ransoms, especially when the ransomware has also encrypted backup files. Johannesburg-Lewiston Area Schools, a school district in Michigan, faced that predicament after being attacked in October. Beazley, the insurer handling the claim, helped the district conduct a cost-benefit analysis, which found that paying a ransom was preferable to rebuilding the systems from scratch, said Superintendent Kathleen Xenakis-Makowski.

“They sat down with our technology director and said, ‘This is what’s affected, and this is what it would take to re-create,’” said Xenakis-Makowski, who has since spoken at conferences for school officials about the importance of having cyber insurance. She said the district did not discuss the ransom decision publicly at the time in part to avoid a prolonged debate over the ethics of paying. “There’s just certain things you have to do to make things work,” she said.

Company That Routes Billions of Text Messages Quietly Says It Was Hacked

A company that is a critical part of the global telecommunications infrastructure used by AT&T, T-Mobile, Verizon and several others around the world such as Vodafone and China Mobile, quietly disclosed that hackers were inside its systems for years, impacting more than 200 of its clients and potentially millions of cellphone users worldwide. 

The company, Syniverse, revealed in a filing dated September 27 with the U.S. Security and Exchange Commission that an unknown "individual or organization gained unauthorized access to databases within its network on several occasions, and that login information allowing access to or from its Electronic Data Transfer (EDT) environment was compromised for approximately 235 of its customers."

A former Syniverse employee who worked on the EDT systems told Motherboard that those systems have information on all types of call records. 

Syniverse repeatedly declined to answer specific questions from Motherboard about the scale of the breach and what specific data was affected, but according to a person who works at a telephone carrier, whoever hacked Syniverse could have had access to metadata such as length and cost, caller and receiver's numbers, the location of the parties in the call, as well as the content of SMS text messages.

"Syniverse is a common exchange hub for carriers around the world passing billing info back and forth to each other," the source, who asked to remain anonymous as they were not authorized to talk to the press, told Motherboard. "So it inevitably carries sensitive info like call records, data usage records, text messages, etc. […] The thing is—I don’t know exactly what was being exchanged in that environment. One would have to imagine though it easily could be customer records and [personal identifying information] given that Syniverse exchanges call records and other billing details between carriers."

The company wrote that it discovered the breach in May 2021, but that the hack began in May of 2016. 

Do you work or used to work at Syniverse or another telecom provider? Do you have more information about this breach? We’d love to hear from you. Using a non-work phone or computer, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, OTR chat at [email protected], or email [email protected].

Syniverse provides backbone services to wireless carriers like AT&T, Verizon, T-Mobile, and several others around the world. The company processes more than 740 billion text messages every year and has “direct connections” to more than 300 mobile operators around the world, according to its official website. Ninety-five of the top 100 mobile carriers in the world, including the big three U.S. ones, and major international ones such as Telefonica, and America Movil, are Syniverse customers, according to the filing. 

To give perspective as to Syniverse’s importance, due to a maintenance update in 2019, Syniverse lost tens of thousands of text messages on Valentine's Day, which meant that the text messages were lost in transit and only delivered months later. Syniverse routes text messages between different carriers both in the U.S. and abroad, allowing people who are on Verizon’s network to communicate with customers who use another carrier. It also manages routing and international roaming between networks, using the notoriously insecure SS7 and Diameter protocols, according to the company's site.  

"The world’s largest companies and nearly all mobile carriers rely on Syniverse’s global network to seamlessly bridge mobile ecosystems and securely transmit data, enabling billions of transactions, conversations and connections [daily]," Syniverse wrote in a recent press release. 

"Syniverse has access to the communication of hundreds of millions, if not billions, of people around the world. A five-year breach of one of Syniverse's main systems is a global privacy disaster," Karsten Nohl, a security researcher who has studied global cellphone networks for a decade, told Motherboard in an email. "Syniverse systems have direct access to phone call records and text messaging, and indirect access to a large range of Internet accounts protected with SMS 2-factor authentication. Hacking Syniverse will ease access to Google, Microsoft, Facebook, Twitter, Amazon and all kinds of other accounts, all at once."

That means the recently discovered and years-long data breach could potentially affect millions—if not billions—of cellphone users, depending on what carriers were affected, according to an industry insider who asked to remain anonymous as he was not authorized to speak to the press. 

"With all that information, I could build a profile on you. I'll know exactly what you're doing, who you're calling, what's going on. I'll know when you get a voicemail notification. I'll know who left the voicemail. I'll know how long that voicemail was left for. When you make a phone call, I'll know exactly where you made that phone call from," a telecom industry insider, who asked to remain anonymous as he was not authorized to speak to the press,  told Motherboard in a call. "I’ll know more about you than your doctor."

A slide from a Syniverse presentation deck. (Image: Syniverse)

But the former Syniverse employee said that the damage could be much more limited. 

"I feel it is extremely embarrassing but likely not the cause of significant damage. It strikes me as a result of some laziness, as I have seen security breaches happen like this a few times," the former employee said. "Because we have not seen anything come out of this over five years. Not saying nothing bad happened but it sounds like nothing did happen." 

"Seems like a state-sponsored wet dream," Adrian Sanabria, a cybersecurity expert, told Motherboard in an online chat. "Can't imagine [Syniverse] being a target for anyone else at that scale." 

The hack is already raising the alarm in Washington.

“The information flowing through Syniverse’s systems is espionage gold," Sen. Ron Wyden told Motherboard in an emailed statement. "That this breach went undiscovered for five years raises serious questions about Syniverse’s cybersecurity practices. The FCC needs to get to the bottom of what happened, determine whether Syniverse's cybersecurity practices were negligent, identify whether Syniverse's competitors have experienced similar breaches, and then set mandatory cybersecurity standards for this industry.”

“The information flowing through Syniverse’s systems is espionage gold”

In particular, Motherboard asked Syniverse whether the hackers accessed or stole personal data or cellphone users. Syniverse declined to answer that question. 

Instead, the company sent a statement that echoed what it wrote in the flining. 

"As soon as we learned of the unauthorized activity, we implemented our security incident response plan and engaged a top-tier forensics firm to assist with our internal investigation. We also notified and are cooperating with law enforcement. Syniverse has completed a thorough investigation of the incident which revealed that the individual or organization gained unauthorized access to databases within its network on several occasions and that login information allowing access to or from its EDT environment was compromised for certain customers," the statement read. "All EDT customers have had their credentials reset or inactivated, even if their credentials were not impacted by the incident. We have communicated directly with our customers regarding this matter and have concluded that no additional action is required. In addition to resetting customer credentials, we have implemented substantial additional measures to provide increased protection to our systems and customers." 

Syniverse disclosed the breach in an August SEC filing as the company gearing to go public at a valuation of $2.85 billion via a merger with M3-Brigade Acquisition II Corp., a special purpose acquisition company (SPAC). In the document, the company wrote that it "did not observe any evidence of intent to disrupt its operations or those of its customers and there was no attempt to monetize the unauthorized activity. Syniverse did not experience and does not anticipate that these events will have any material impact on its day-to-day operations or services or its ability to access or process data. Syniverse has maintained, and currently maintains, cyber insurance that it anticipates will cover a substantial portion of its expenditures in investigating and responding to this incident."   

It's not a household name among customers, but Syniverse is one of the largest companies in the world when it comes to the cellphone infrastructure that helps more well-known companies like Verizon or AT&T to run on a day-to-day basis. 

"It is actually surprising that more stuff like this has not happened, considering what a mess Syniverse has become in recent years," the former Syniverse employee told Motherboard in 2019, referring to the Valentine's Day text messaging incident.  

The FBI and the FCC did not immediately respond to a request for comment. The Cybersecurity and Infrastructure Agency (CISA) declined to comment. 

AT&T, T-Mobile, Vodafone, Telefonica, China Mobile, and America Movil did not respond to a request for comment. Verizon declined to comment. 

Subscribe to our new cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.

Company That Routes Billions of Text Messages Quietly Says It Was Hacked syndicated from https://triviaqaweb.wordpress.com/feed/

How CPAs helped save businesses during COVID-19

As the COVID–19th Pandemic changed the business environment, customers turned to their CPAs to keep their businesses alive. CPAs offering Client Advisory Services (CAS) were well positioned to help clients in difficulty stabilize and reposition their business. The term CAS can encompass everything from outsourced accounting to outsourced CFO and controller services to management consulting services. Have CPAs who offer CAS real–Time Knowing about their clients ‘finances, which gives them the opportunity to offer a better strategic perspective on their clients’ business. For example, CPAs working with customers in affected sectors used CAS to enable their customers to re-imagine what is possible.

Let restaurants cook

About 75% of Nick Swedberg’s customers are restaurants and small craft breweries in Minnesota. These types of companies were “some of the hardest hit” during the pandemic shutdown, he said.

To help his customers stay in business, Swedberg, a partner at Boyum Barenscheer in Bloomington, Minnesota, advised them on a variety of solutions, such as: to–walk Sales and deliveries. Since they had planned to start deliveries to replace In–person while eating, they had to deal with questions about the profitability and feasibility of moving, including analysis of employee compensation, auto insurance and handling tips, which are highly regulated in his state. He was able to do this with Excel, “set up some advanced formulas so there are only a few key metrics” that he had to adjust to test possible outcomes for different scenarios, he said.

Swedberg also helped its clients reach out to local government leaders for temporary exemptions from regulations. For example, some of its restaurant owner customers got permission from their cities to expand outdoors when indoor eating was banned. One city had a restaurant take over a city parking lot, while another closed its main street to allow al fresco dining. When a customer of a brewery owner asked the local health authority if beer delivery could be legalized, the board worked with the company to make it happen possible.

Swedberg supported this process by quantifying how the special permits sought by customers could save their restaurants and the jobs of their employees, and help them make convincing arguments on the spot Government.

As customers got more creative, Swedberg helped them implement their ideas. For example, a Mexican restaurant owner turned half of its space into a market where customers could buy salsa, meat, and other ingredients that they could use in preparing meals at home. As Swedberg predicts, the pivot cost has been minimal, the restaurant business has gotten a boost, and the market has done well. “It was fun to see how it comes to fruition,” he said. On the flip side, another client decided not to pursue their plans to convert their space into a home for four types of restaurants when the projected cost was too high.

“My job is to get them to put their thoughts in order and then come up with a real financial forecast,” to see if their plans were viable, Swedberg said. “Do you remember in math when you had to convert a word problem into an equation?

Maintaining the health of service-related practices

Sandy Shecter, CPA, CGMA, is the company-wide director of Rehmann Solutions, a division of 900–person Rehmann with branches in three federal states. Based in Detroit, Shecter has customers of doctors, dentists, and surgical centers that range in size from one provider to 350+. Their opening ability and patient volumes were impacted when many states ordered closures last spring.

Shecter stepped in to help clients apply for the Paycheck Protection Program and other loans or grants. Your company also worked with clients to provide data and forecasting for decision making on management issues such as: B. to provide employee leave; introducing new ways to work with patients, such as B. Telemedicine; and solving critical technology problems, such as cybersecurity or the complete outsourcing of a customer’s IT department.

Your company also assists with a variety of outsourced services, including recruiting to reduce staff costs, technology expertise that enables telemedicine, and outsourced bookkeeping and bookkeeping. “Providing these services on an outsourced basis enables customers to customize their usage as needed,” she said.

At the end of September 2020, most of Shecter’s customers were almost back In front–pandemic Patient level, but predicts permanent change. Your strategic planning with customers includes options such as making greater use of patient portals for communication and switching return–office Employees too the end–Location locations.

She advises CPAs to think beyond compliance and focus on delivering more to clients in terms of business consulting. “The pandemic underscored the value that customers place on us real–Time Information that they can use to manage their business, “she said.” This is really crucial. “For example, your customers often ask her for help with cash flow management, debt aging analysis, and budget recalculation and monitoring.

Finding the key to real estate sustainability

When rental income declined during the pandemic, Brandon Hall, CPA, who served as his clients’ outsourced CFO, conducted real estate portfolio research for clients of real estate investors to see how they could improve rental income performance. He also developed the tax minimization and costs–Demarcation Strategies to help them improve cash flow.

Hall, the CEO of 24–employees The Real Estate CPA firm of Raleigh, NC creates custom dashboards for clients using Google Sheets, spreadsheets that are easy to access and collaborate with for both him and his clients. It is possible to enter the customer’s QuickBooks online accounting data live into this dashboard. “The dashboard keeps track of what’s important to the customer,” said Hall, which usually includes information about utilization. budget–to–costs, Rehab expenses, cash income from a cash investment in real estate, return on equity and internal rate of return.

Hall was initially concerned about the economic uncertainty the pandemic was causing, as he hadn’t seen a similar disruption in his career. His business coach gave advice that he uses with his own customers and recommends other practitioners: Create a financial plan for the next 12 months that will be in one– to two–month Tranches and set the expected financial performance metrics for each tranche. Decide what action to take if you miss your metrics by 10%, 20%, and so on – for example, staff or expense savings. Once you hit your metrics, no changes will be made necessary.

Just having a plan of what to do when outcomes are good and bad can reduce customer stress and improve their response to setbacks, Hall said. “You cannot control the economy, but you can control how you react to it,” he said.

Help construction companies build stronger businesses

In northern Colorado, due to the dynamism of the local economy, the pandemic had minimal economic impact on construction customers, said Ralph Shinn, CPA / PFS, partner at nine–employees ClearPath consultant in Fort Collins. Surprisingly, the real challenge for these customers was to hire enough workers or contractors as some decided to stop working and start receiving unemployment benefits during the pandemic. When this forced clients to postpone some projects, the company helped them use that time as an opportunity to reevaluate their hiring practices.

The company also helped its customers bill and invoice additional expenses related to the pandemic or prepare quotes that include additional expenses related to the pandemic, such as the cost of personal protective equipment required on construction sites, and the additional mileage and vehicle fees that employees incur when carpooling is no longer feasible. “Lots [clients] didn’t take that cost into account, “Shinn said.

Shinn’s practice has too Professional–Services Customers ranging from physical therapists to companies providing hospital administration services. Many of these customers were unfamiliar with remote working, so Shinn’s company, which has been using remote working for more than 20 years, offered them free training on the remote control–work Environment and access to the cloud–based Packages it uses. “We wanted to show them that work in one cloud–based and a paperless environment can make businesses more efficient, effective and profitable, “Shinn said. The company also offered advice on the tax benefits of setting up home offices and training remote workers.

CPAs can step in when customers struggle

In uncertain times, many clients not only seek tax and accounting help, but also business advice. As companies grappled with the economic upheaval caused by the pandemic, CPAs stepped in to identify customers’ needs based on their existing knowledge of their companies. Offering CAS services can strengthen the role of CPAs as trusted business advisors who can provide practical and effective solutions to business challenges and valuable advice on how to make the most of opportunities.

source https://seedfinance.net/2021/08/12/how-cpas-helped-save-businesses-during-covid-19/

Staff returning to the office? Here’s why confidential shredding should be top of your priorities

With government restrictions beginning to lift and workers returning to the office, what do business leaders need to consider to make the transition as smooth as possible? We say confidential shredding needs to be at the top of your priorities.

Businesses are likely to handle a significant amount of confidential information on a day to day basis. Whether it’s about accounts, clients or employees, this data could cause a variety of problems for a businesses’ operation and, in a worst-case scenario, lead to serious legal action or a hefty fine.

With this in mind, we’re sharing five reasons business leaders must prioritise confidential shredding and document security when returning to the office:

Data protection laws

Since May 2018, businesses in the UK must comply with the General Data Protection Regulation (GDPR). This regulation has been implemented in all local privacy laws across the entire EU and EEA region. It applies to all companies selling to and storing personal information about citizens in Europe.

GDPR means that EU and EEA citizens have greater control over their personal data and can be assured that their information is being securely protected. According to the GDPR directive, ‘personal data’ means any information related to a person such as a name, a photo, an email address, bank details, updates on social networking websites, location details, medical information, or a computer IP address.

GDPR applies to all businesses and organisations established in the EU, regardless of whether the data processing takes place in the EU or not. If your company offers goods and or services to citizens in the EU, it is subject to GDPR.

Under the legislation, companies that work with personal data should appoint a data protection officer or data controller in charge of GDPR compliance. Any businesses which fail to comply face severe penalties of up to 4% of their annual global revenue or 20 million Euros, whichever is greater.

Hot desking

With some workers not returning to the office full time and accommodating more socially distanced workplaces, hot desking is likely to be popular when staff return to the office. This will mean that many team members will not have dedicated workspaces and cannot be 100% certain that any documents they leave on their desk will not be seen or read by others.

Without these dedicated workspaces, business leaders must impose a clean desk policy for all those hot desking in the workplace. Meaning all documents, notes, business cards, post-it notes, and removable media are removed and disposed of correctly. Confidential shredding is an effective way of removing this risk and ensuring all the information is correctly removed at the end of each day.

Training needs

Many businesses will have hired new staff over the past 12 months who are perhaps yet to visit the physical office. This will mean training gaps on the relevant confidential information procedures within the organisation.

Since the GDPR came into play, organisations created policies, procedures and guidance to ensure compliance. These must be kept up to date and in line with how staff work (e.g. combined in office and at home working). Employers should review their current cybersecurity framework and adapt to cover the new working from home reality.

Organisations should then update existing and new staff to understand their responsibilities under the GDPR whilst in the office. Holding training sessions and creating regular lines of communication for employees to ask questions and report any concerns should be a priority.

If you’re unsure about your own responsibilities under the GDPR regulations, speak to your data protection officer, cybersecurity team, IT department or business leaders and request further information.

Reduce hazards

Using a confidential shredding company every week, fortnight or four weeks means you will not have bags of paper all around your office space. Excessive paper waste can be a hazard as not only could it easily catch fire, but it can also cause trip and slip hazards. Business leaders need to keep these risks at a minimum, so regular paper waste collection should be considered essential.

On top of these physical hazards, a lot of paperwork will contain data and information considered sensitive. Account data, expenses receipts, and personnel files are particularly sensitive, and if any of this is stolen, it can lead to severe problems for a business or its employees. Having these files shredded professionally helps prevent data theft and identity theft, ensuring a company and its employees are not put in any unnecessary danger.

Reduced time in the office

With many workplaces now offering flexible working after staff have proven they can do their job from the comfort of their home over the past 12 months, this means employees will be spending less time in the office. Some workplaces may even only open their physical office spaces on certain days of the week. This means that business leaders need to have set procedures to manage confidential information and ensure it’s regularly removed and managed when staff are in and out of the office.

Experts recommend speaking with any existing confidential waste management partners and potentially change current plans based on the days and times staff will be in the office. The number of collections may need to be changed due to reduced time spent in the office, but more off-site collections could be required to manage any confidential information printed by staff at home.

Mike Cluskey, Managing Director at Go Shred, said: “Safely managing confidential information is essential for all businesses, especially with the change in ways we are now working. A security breach could be a big hit to any business and result in a hefty fine.

“Taking the necessary precautions to understand the types of confidential waste created within your business and creating a policy to manage this is a simple step that could benefit you later down the line.

“As staff begin to return to the office, now is the perfect time for businesses to take a look at their current procedures and how these can be improved. And if employees are working in a more flexible manner combining at home and in the office working, speaking to your providers about off-site shredding so you can properly keep up with your confidential waste management.”

We have a wealth of experience in this field, so if you’re looking to learn more about how we can help you during this time, contact us today.

Click: www.goshred.co.uk

Telephone: 0333 200 4468

Webroot doesn’t take up space

So you have a lot of space for your music, archives, photographs, and motion pictures. Where a large number of our rivals depend on downloading malware definitions straight to your gadget, we store them in the cloud. This permits Webroot to keep up a little endpoint specialist that introduces quick, checks quick, and advantages from a more powerful danger library than our rivals, Feel more secure online our assurance.

What Smarter Webroot Cybersecurity can do for you?

Identity theft protection

Did you know particular malware exists that is equipped for checking your web perusing leaning and notwithstanding recording your keystrokes? Webroot Support ensures your usernames, account numbers, and other individual data against keyloggers, spyware, and other online dangers focusing on profitable individual information.

Secure browsing with real-time anti-phishing

According to data from a leading cell phone carrier, phishing was the main-primary cause behind 90% of breaches in 2017. Websites, emails and other communications designed as if from reputable businesses can steal login credentials or implant malware on your device.

US-based company

Webroot’s award-winning customer service is 100% in-house, offering industry-leading support and product assistance. Webroot Support is Colorado-based and adheres to a “follow-the-sun” approach with offices spanning the globe, so there’s someone there to assist you at any time, day or night.

Lightning fast scans

Webroot scans take about 20 seconds. That’s up to 60x faster than competing products, while still offering superior protection. Plus, with cloud-based updates, your internet security is always up to date with high protection.

Webcam protection

Whether its built-in hardware or an accessory, webcams can be especially vulnerable to cyber-crime, giving hackers eyes and ears wherever you access your device. Internet security software is your surest safeguard against threats like Trojan malware hijacking your webcam.

Satisfaction guaranteed

You trust your digital security supplier to keep a portion of your most delicate information safe from culprits. In return for that trust, we offer a 70-day, no-questions-asked money-back guarantee. No credit card required.

In Today’s World Internet roaming everywhere. It has allowed us to communicate with each other around the world and to do business with people anytime anywhere. Going online is a great step for businesses to take as it allows them to reach more people for a larger client base and expand their operations. In the same way, the internet also exposes them various cyber threats. Threats aimed to destroy their systems and steal information that could be used for identity theft. Businesses, specifically small to medium sized ones, should make sure that they are protected from these threats. That’s why our recommendation is Webroot Antivirus Software in this video we provide some benefits about Webroot and I’m 100% sure you never heard about of these benefits. Our Webroot Customer Service is available for 24/7 and we hired professional expertise with good knowledge and they can give you a better suggestion with 100% satisfaction.

Original Source: https://johnwicktechoffici.wixsite.com/webroot-support/post/webroot-does-not-take-up-space

Tricks That Will Assist You To Choose the Right Cybersecurity Provider for Your Business in Las Vegas

Cyber insecurity must never be ignored when discussing some of the challenges that face most businesses in the present world. You have to understand that if a hacker gets into your servers and download some information about the company, it is something that can cause negative impacts. It is for this reason that no firm can afford not to do all that it takes to protect its servers from cybersecurity threats. Working with the managed security service providers is the perfect option since you can rest ascertained they have all that it takes to perform the work. The text focuses on the tricks that will help you choose the right cybersecurity provider for your business in Las Vegas.

The first thing that you have to concentrate on is the technology that the company in question uses to protect your servers against cyber-attacks. Confirm that you will engage the security partner who has multiple cybersecurity technologies since it shows that they are prepared to fight any security threats. Furthermore, you should attest to it that the company is certified to use such technologies so that you can rest ascertained they have the knowledge needed to use it for the benefit of your business. See the best information now!

Confirm that you will want to know the duration the managed security service provider has been in the sector before you choose them for the work. You have to understand that the longest-serving company can be the best for the work since they must have mastered the essential skills for the task. You can find the details regarding the years of experience for the service provider from their internet site. Be excited to our most important info about enterprise security las vegas.

The worst mistake most businesses make is that of not checking the content of the contracts when engaging a cybersecurity firm. You have to check what will happen if you are not happy with the services of the company and you want to take the contract from them. Furthermore, there is a need to check the length of the contract the company is asking you to sign with them. The best thing is working with the firm whose terms of the contract are favorable for you so that you do not have to cling on to a cybersecurity company whose services and not okay for your business. Learn more about cyber security at https://www.huffingtonpost.com/entry/why-cybersecurity-is-everyones-business_us_58a490c0e4b0e172783aa34f , follow the link.

Lastly, make an effort of visiting the internet site of the company to know what their clients are saying about the quality of their security services. Verify you will work with the managed security service provider whose customers have shown some happiness with the quality of functions they received.

How Cybersecurity Can Get a Big Boost from Insurance Data

Managing risk is one thing, but cyber-insurance can also help set the standard for cybersecurity across industries. Cyber-liability protection is growing fast — and there’s a lot of potential — but there are some big questions too. “If you ask insurers right now what is the common criteria for denying a cyber-insurance policy, I don’t think anybody will be able to give a real good answer,” cyber-risk modeler Matt Honea stated Monday in Insurance Journal. “A robust market will be able to answer that.” A robust cyber-insurance market can also be a catalyst for better — even comprehensive — cybersecurity. This is increasingly important; just look at the government entity that insures deposits in U.S. banks, the FDIC, which gets hacked as much as 54 times in two years, according to an Office of the Inspector General report last week. And cybercrime is expensive, costing victimized organizations about $11.7 million each per year — up 62 percent from past five years ago — per an Accenture and Ponemon Institute report released last month. But cyber-insurance may already be a bigger industry than you think. No Substitute for A Good Defense Cyber-insurance is the most rapidly growing form of coverage among U.S. companies, The Wall Street Journal reported last month. Policies mostly protect against financial losses — some even help clients with prevention — but responsibility still rests within the targeted organization. “Insurance shouldn’t be seen as a replacement for good cybersecurity measures,” WSJ stated. “Data breaches and cyberattacks can cause lasting damage that is difficult to recoup.” For that, we needn’t look beyond the myriad cities suing Equifax related to a high-profile data breach earlier this year. Suits include allegations of fraud and failure to protect consumers, as Chicago Tribune coverage noted; legal action also looks to impose penalties — and even seeks restitution. So, again, cybercrime is expensive — in a lot of ways. But as the market for cyber-liability insurance grows, insurers still face obstacles. Taking Coverage “Insurers need to stay creative with the coverage and pricing,” Chris Nyce of global auditor KPMG stated in PropertyCasualty360.com last month. How providers cover cyber-liability will depend on what the insured client needs. Meanwhile organizations should seek a qualified cyber-insurance broker who can get them the right coverage, according to Nyce. They must stay current on threats and coverages, bearing in mind that there will always be cyber-risk. Yet, despite that ever-present risk, there’s no legal requirement to report a cyberattack. This is a tremendous opportunity for cyber-insurance to encourage clients to share information about attacks, which could make us all safer. We’re All In This Together “When you have a robust cyber market, you have this thing called economic efficiency, where, by raising the awareness about security, you actually lead to overall improved security,” Honea stated in Insurance Journal, citing the increased use of, and eventual mandate to wear, seat belts. “There’s less deaths per car accident because people are required to wear seat belts — ultimately more people live and pay into the system.” A big problem with not sharing information after an attack — especially in the form of quietly capitulating to a hacker’s demands — is that the victim must trust the cyber-criminal not to strike again, often through backdoors left in the wake of an attack. (Good luck with that.) Plus a discrete payment to hackers can mark you as “a preferred future target.” So notifying authorities in the wake of a cyberattack can be very important, just like other cybersecurity basics, such as properly managing employee passwords — or the extremely retro precaution of backing up your data on tape. But there’s still more than cyber-insurance can do. Cyber-Salvation Is In Shared Data Trusted insurers could evaluate a client’s cybersecurity, assessing successful defenses against recent attacks, and lowering cyber-insurance premiums to incentivize good cyber-hygiene, according to Honea. Insurers can also use the data for more comprehensive attack modeling, eventually analyzing the breadth of major cyberattacks at the national level. “If you have a mature market, and there’s a standard or some way for reporting not only attacks, but attempted attacks,” Honea said, “we’ll see that insurance can be a really good catalyst for collecting this information.” Follow Derek on Twitter: @DKlobucher More From SAP Business Trends: Why You Might Not Recognize Cybersecurity In A Few Years Will A Digital Renaissance Save Cybersecurity? How to Quickly Implement — And Benefit From — Your New HR Cloud Solution http://bit.ly/2hPOdUC #SAP #SAPCloud #AI

New NAR Member Benefit Provides Cyber Liability Insurance

With real estate companies increasingly a target of cybercrime, brokers have yet another responsibility and must be vigilant about protecting the company’s assets, its agents, its clients and its reputation.

Malware, hacks and data loss are real threats in the real estate industry, where high-value transactions and sensitive customer information are a prime target for hackers.

Between 2016 and 2017, cyberattacks targeting the real estate industry increased by 480 percent. In addition, fraudulent real estate transactions increased by 5,000 percent, resulting in losses that grew from $19 million in 2016 to $969 million in 2017.

After all, just one hack can send a real estate company into a tailspin. In fact, 60 percent of small businesses close within six months of a data breach, according to the National Cyber Security Alliance.

Given the costs—both financial and reputational—associated with being victimized by a cyberattack, brokers simply can’t afford to not protect themselves.

Enhanced Coverage & Premium Discounts Realizing the risks its members were facing, the National Association of REALTORS® (NAR) sought a solution that would complement E&O insurance policies and provide a greater level of coverage brokerages need to protect their business in the event of cyberattack or fraud.

The National Association of REALTORS® partnered with CyberPolicy® to create a customized cyber liability insurance program designed to meet the unique needs of real estate professionals. It offers members-only features and assistance to help recover quickly from the devastating losses often incurred during a cyberattack or fraud, and allows companies to restore operations and get back to business.

With CyberPolicy, members can compare, quote and buy cyber liability insurance from select first-class carriers through an entirely paperless quoting and binding process. The liability insurance coverage addresses fraud, including hacking, phishing and ransomware.

Among the exclusive NAR member benefits:

– Higher coverage limits than traditional cyber liability policies for third-party/client phishing fraud. If hackers impersonate a broker or agent and set up fake accounts to send false money wiring instructions to buyers, the insurance will cover reimbursement of the client’s losses stemming from that phishing fraud. – Premium discounts and credits – Independent contractors: Agents working under a broker are automatically covered under the policy. – Telephone Consumer Protection Act (TCPA) Defense covers lawsuits alleging violation of CAN-SPAM and TCPA (“Do Not Call/Text”). – No retroactive date. Viruses or malicious code could be inactive for months before causing actual damage. Even if they were on the computer before the effective date of the policy and discovered after the policy’s effective date, NAR members are still covered and protected by the insurance policy.

Recovery Support Insurance providers have a step-by-step strategy in place to support brokers throughout the process of recovering from a cyberattack.

For instance, during the first 24 – 48 hours, brokers receive legal support to guide them through the breach, IT forensics professionals analyze the attack, and data recovery experts restore data.

To restore operations and help a company maintain its reputation, public relations specialists step in to rebuild the company’s standing of responsibility and reliability. Brokers can also recoup lost income when a company’s operations are interrupted. In addition, the policies provide credit monitoring to clients who were affected.

For the longer term, brokers can anticipate ongoing legal defense and payments for legal fees; obtain reimbursement for lawsuits, settlements and fines; and receive a cybersecurity plan to prevent future hacks.

Same-Day Coverage Choosing and purchasing cyber insurance is simple and can be done during a short call with licensed advisors. They ask specific questions about the firm and its vulnerabilities, and discuss the saving and exclusive coverage available to NAR members. Within five minutes, they’re able to put together an appropriate policy that addresses a real estate company’s specific needs, and NAR members can receive coverage that begins within 24 hours.

Brokers can visit NAR.realtor/RealtorBenefits/CyberPolicy to learn more. To receive the full benefits, REALTORS® must mention their NAR membership when contacting CyberPolicy.

Despite having an insurance policy in place, brokers still need to stay on top of cybersecurity by taking the proper precautions to protect against cyberattacks and by providing ongoing education to agents to minimize risk.

The REALTOR Benefits® Program is the exclusive member benefits program of the National Association of REALTORS®, bringing savings and special offers just for NAR members. In one year alone, over 800,000 REALTORS® gained an edge by leveraging at least one REALTOR Benefits® Program offering, saving $63 million on member benefits from industry-leading companies. Program partners are carefully selected and understand the unique needs of real estate professionals. Learn more and save by visiting NAR.realtor/RealtorBenefits.

The post New NAR Member Benefit Provides Cyber Liability Insurance appeared first on RISMedia.

New NAR Member Benefit Provides Cyber Liability Insurance published first on https://thegardenresidences.tumblr.com/

Guest Post: Underwriting D&O Risks for Coronavirus (COVID-19)-Related Exposures

John F. McCarrick

As I have noted in prior posts, among the many implications from the current coronavirus outbreak is the possibility that the pandemic might result in D&O claims. This possibility in turn has a number of D&O insurance underwriting implications. In the following guest post, John F. McCarrick, a partner in the White & Williams law firm, takes a look at these possible underwriting implications. A version of this article previously was published as a White & Williams client alert. I would like to thank John for allowing me to publish his article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers.

  Among the many dramatic changes to Americans’ personal and professional lives during the past few weeks has been the noticeable absence of established guidelines and information on how to conduct business in this markedly-changed environment.

We’ve been reading with great interest blog posts and articles published by several of the law firms that regularly represent large companies in corporate America, and which provide counsel regarding new areas of focus and change in order for directors and officers (D&O) of public companies to effectively conduct their duties, as well as to minimize their potential liability exposure to Securities Exchange Commission (SEC) scrutiny and private civil litigation relating to the COVID-19 pandemic. This type of advice can be helpful to D&O underwriters trying to assess the readiness of prospective D&O risks for dealing with the expected litigation fallout from the COVID-19 pandemic.

At this early point in time, other than a few unique sets of facts, the kinds of shareholder D&O cases we’ve seen so far relating to COVID-19 (e.g., a pharmaceutical company falsely claiming to have already developed a vaccine for COVID-19 or the cruise line that was employing misleading sales practices related to the outbreak)[1] aren’t likely to be widely replicated. Moreover, as a practical matter, with respect to historical practices and disclosures, it would seem difficult to plausibly allege that a particular director or officer had prior knowledge about, or reasonable anticipation of, the COVID-19 pandemic, given how quickly this has developed since January 2020.

Under such generic facts, it’s difficult to imagine, for example, that a court would conclude that a board breached its Caremark duties[2] by not already having a supply chain backup plan or other specific, operational plan in place to deal with a future pandemic. That said, the Delaware Supreme Court’s decision in Marchand v. Barnhill[3] last year was a wake-up call to boards that might otherwise operate in a business-as-usual environment when they should know otherwise. In that case, the company’s ice cream production operations had been significantly impacted by a listeria outbreak. The court faulted the board for failing to implement “any system to monitor [the ice cream company’s] food safety performance or compliance.” Our corporate partners published a post on that decision.

Given the uncertainty in the financial markets about the future course and long-term economic impact of the COVD-19 pandemic, the current equity market volatility does not appear to be distinguishing among the companies or industries where the market is driving down stock prices across the board. Of course, that is likely to change in the coming weeks as the market tries to sort out post-COVID-19 winners and losers. (We already expect that airlines, travel and hospitality companies will be on the losers list, and that supply-side companies like Amazon, Target, Walmart and other providers of household goods are likely to be winners.)

That self-evident assessment tells us almost nothing about what corporate management should be expected to do now that the COVID-19 pandemic is here, including how management should be addressing this new reality going forward. Of course, how management intends to address this new operating environment is of keen interest to the D&O underwriters being asked to insure those risks.

With all of that in mind, here are some questions a D&O underwriter might now ask before underwriting a public company D&O risk in the COVID-19 era:

Board Issues

Is your board changing the frequency and manner of its full board and committee meetings? Has it formed any new committees to promote rapid-response decision-making as external developments warrant?

How does your board define “informed decision-making” in this new environment, and what internal or external resources are being brought in to help keep the board informed?

What protocols does the company (including the board) have in place with respect to continuity planning? What plans has the company made for the possibility that senior members of management – including the CEO, COO and CFO – become ill and are unable to function effectively? What arrangements, if any, are being taken to insulate more medically-vulnerable members of the board or senior management (including based on age or underlying medical condition) from the risk of viral infection? What disclosure obligations does the company believe it has with respect to these continuity planning issues?

How do the board members communicate with each other, especially when individuals are working remotely? Private email? Text? Is the company’s general counsel advising board members about the discoverability of privately-sourced communications relating to board business?

Company Risk Management

What changes in travel policies or intra-company personnel engagement has the company made? Does the company have concern that any of these changes adversely impact the company’s continuing obligations under employment laws and, if so, what steps has the company taken to reconcile these changes with its legal employment obligations?

How does the company plan to balance its HIPAA obligations to its employees with notice obligations to other employees regarding positive COVID-19 employee tests, or the onsite presence of an individual who has been exposed to other COVID-19-positive individuals?

Is the company changing any aspect of its executive compensation, including the timing or amount of equity-based grants, in light of ongoing market uncertainty about the continuing accuracy of historical earnings guidance? A related question could go to possible changes to permissible trading of company stock by insiders.

Is the company considering changes to its disclosures regarding internal controls and external audit functions given the potential for reduced access to the company’s premises while COVID-19 pandemic movement restrictions are in place?

Financing/Liquidity

Is the company considering material developments with respect to its interest in adding debt, either in the form of loans or debt securities, to address prospective liquidity issues?

Does the company have a plan to reduce operations in the event of a continuing economic decline negatively impacting the company, including a wind-down plan, which has been vetted by wind-down experts and legal advisors?

Is the company considering any changes to its existing programs relating to share dividends, stock buybacks or cash management?

Disclosure Considerations

Are there prior disclosures, including those relating to supply chain logistics, or customer demand, that the company will be changing in light of current market conditions? Are there suppliers or customers that represent a viable bankruptcy risk to your business?

Is the company anticipating its practical or financial inability (or that of a counterparty) to comply with contractual obligations in light of COVID-19 business restrictions or economic dislocation? Does the company expect “force majeure” principles to excuse such performance? How does the company plan to disclose those issues to investors and to the SEC?

Cybersecurity Considerations

What are your plans for addressing the potential for increased cybercrime due to a remote access workforce (if applicable), including data breaches through employees’ remote access devices?

Is the company undertaking any efforts to reconsider its system’s capacity and integrity to be able to operate under a new working model?

On a going-forward basis, Caremark and disclosure claims are more likely to be evaluated on the basis of what companies and boards have learned from what has happened to date, and how well they address or disclose all of the facts and risks attendant to their reactions to what has happened, as well as future plans. There may also be risk where companies inaccurately blame the COVID-19 virus for adverse developments at their company where the real problem was mismanagement or just plain bad executive conduct. And of course, there’s D&O risk if and to the extent the current market volatility leads to bankruptcy filings.

With respect to securities fraud class actions, a significant disconnect between the market’s understanding of a public company’s business plans and how that business is actually being managed is often the critical factor in anticipating stock price volatility and the potential for securities class actions.

D&O underwriters cannot – and do not – expect that the public company risks they underwrite will never experience a D&O claim, and especially a shareholder class action or derivative claim. However, underwriters and their policyholder counterparts would benefit from a candid dialogue and a shared understanding about the insurable risk profile of public companies in the midst of the COVD-19 pandemic, and even before there’s any consensus about the future path of the financial and economic dislocation the pandemic is already causing.

Buckle up, folks.

___________________________

If you have questions or would like further information, please contact John McCarrick ([email protected]; 212.714.3072) or another member of the Financial Lines Group.

As we continue to monitor the novel coronavirus (COVID-19), White and Williams lawyers are working collaboratively to stay current on developments and counsel clients through the various legal and business issues that may arise across a variety of sectors. Read all of the updates here.

________________________________

[1] Hat tip to Kevin LaCroix and The D&O Diary (www.dandodiary.com) for flagging these two recently-filed lawsuits.

[2] So-called “Caremark” claims are claims that directors breached the fiduciary duty of loyalty by not making “a good faith effort to oversee the company’s operations.” See In re Caremark Intern. Inc. Derivative Litigation, 698 A.2d 959 (Del.Ch. 1996).

[3] 212 A.3d 805 (Del. 2019); see also, e.g., In re Clovis Oncology, Inc. Derivative Litig., C.A. No. 2017-0222-JRS (Del. Ch. Oct. 1, 2019).(holding that the board of a pharmaceutical company “comprised of experts” and that “operates in a highly-regulated industry” should have understood the negative implications of “red flags” raised with respect to performance of the company’s drug in clinical trials).

  Guest Post: Underwriting D&O Risks for Coronavirus (COVID-19)-Related Exposures published first on http://simonconsultancypage.tumblr.com/

Cyber Security Checklist: How To Ensure Business Data Is Protected?

How Do You Ensure That Your Business Is Guarded Enough?

You need to ask the right questions to enable to build an appropriate Cyber Security strategy for your organization. The first step in Digital Asset Management is asking the right question and identifying the root cause.

The following is a checklist of questions as a starting point for securing the valuable data your small business manages.

Where will your data be Stored?

How secure is your data? What security protocols are in place, so you’ll feel comfortable that breaches are less likely? Is it too easy for you to log on and get to the data? What encryption is used to protect the Data during transmission and at rest?

Do you perform regular backups? Be sure you know how often your data is backed up and how the company ensures there is more than one Backup, and that there are clean Backups not infected with malware.

How we can recover our digital assets from the Incident with less impact on our day to day operation with simple backup Practices?

How fast can a backup be restored? It’s a misconception that having a good backup means systems can come back to a functioning state in just a click of a button. It is recommended doing backup drills just like you do fire drills. When your business is closed, have your cloud provider restore your system from backup and see how long it takes.

How frequent are your service outages and how long do they last? If you don’t have access to your data, your business may experience downtime. You can calculate the cost of downtime per hour by just adding labour costs per hour to the revenue lost per hour. How much downtime can you afford?

In-Short We Must Answer These Questions

Do we have an in-place Business Continuity Plan that meets Business Requirements?

How much time do we have to get services running after an incident?

What is an acceptable amount of data loss?

When was the last time we test our backup by restoring?

IT Security should be a priority for all the companies and no company can be 100% protected from security threats. Here is an Audit Checklist to help small Business for a security Assessment.

Top 10 Cyber Security Audit Checklist

1. Protect End User Devices

Keep Your Operating Systems Updated:

Your operating system needs to be set for automatic updates whether you run on Windows or Mac. Turning off computers at nighttime or rebooting promotes the installation of updates. System updates are especially important for server operating systems where all patches and updates need be reviewed and updated on a recurring schedule.

Antivirus Updates : Firms need to ensure that anti-virus programs are updated frequently and devices are scanned on a set schedule in an automated fashion into a workstation. In larger companies, workstations should be configured to report the status of the antivirus updates to a centralized server which can push out updates automatically when required.

Firewall setup : Serving as a gatekeeper between your company’s servers and also the outside world – firewalls keep external threats out whereas alerting you by diverting outgoing information. Having an effective business class firewall is important for cyber security.

2. Protect Your Network And Servers

Be cautious about wireless networks and closely monitor remote access to the network.

Have a strong password policy:

Encourage passwords with least eight characters with a combination of upper and lower case letters, numbers and special characters.

Use Automatic Screen Lock:

When a digital computer or mobile device has been idle for some minutes it should be set to automatically lock the screen to stay prying eyes out of the system.

Connect Securely:

Connect securely to the firm’s information resources either by utilizing a VPN or other secure connection. Do not do any confidential work on public WiFi and only connect to WiFi for firm work if it is sure to be authentic.

3.Keep Your Data Safe

Implementing a daily backup procedure is a easy way to safeguard crucial Business data. Setting permissions and using encryption will also help.

Encrypt Backup Data:

Firms should encrypt any backup media that leaves the office and validate that the backup is complete and usable. Firms should frequently review backup logs for completion and restore files randomly to confirm they’ll work once required.

Dispose of Data/Equipment Properly:

All physical files and draft documents with personally identifiable information that is no longer needed should be securely disposed. Workstations and different mobile equipment used for processing client information should be totally reformatted.

4. Minimize Administrator Privilege

Allowing workstations to run in administrator mode exposes machines to further security threats and would possibly result in the complete network being infected, thus regular work shouldn’t be done on a computer in administrative mode.

5. Secure File Send

Firms should standardize tools that allow for the secure causing and receiving of client files. All personnel ought to be educated on victimisation the firm’s portal or encrypted email answer for any file containing confidential information.

6. Update IT Policies

Firms should review IT/computer usage policies and provide employees reminder for all new and updated policies. Beyond traditional Computer and Internet Usage policies, firms should include adding wording on BYOD (Bring Your Own Device), Remote Access, Privacy, and Encryption where appropriate.

7. Have A Breach Response Plan

You should have a security incident response plan in place where there’s concern that firm information has been compromised. This would be in a written format that would include educating personnel on how to document the events leading up to the breach discovery, notifying appropriate firm/external IT personnel of the breach so they will take necessary steps to prevent it, and be developing an internal and external communications plan.

8. Educate Employees

Security education is as vital as skilled accounting CPE and may be needed annually. In addition to reviewing the firm policies, employees should be educated on current cybersecurity attack methods such as phishing and threats as well as ransomware and social engineering used by hackers to get access to a user’s pc. Email Awareness Training: Personnel needs to be reminded to be sceptical, of emails they did not expect and are out of character. Staff needs to be reminded how to hover over an email link before clicking or to look at email properties to see if the sender’s email address matches. They additionally need to be regularly reminded to not click on or open suspicious attachments, instead of sending them to the IT team to review if there is any concern. If there are any questions on a link in an email, it’s better to go to the web site directly by typing the address into a browser than to risk clicking on the link.

9. Cybersecurity Insurance

Many companies will do all the proper things with reference to data security and still fall victim to a hacker, so to protect against that possibility they should consider cybersecurity insurance. The cost of this insurance has return down significantly within the last decade and companies ought to valuate each first-party insurance to hide the firm’s direct losses ensuing from the breach (downtime, the recreation of knowledge, direct remedy costs) and third-party insurance to hide any damages to client’s whose information might are compromised.

10. Migrate Your Data To The Cloud

Using Cloud-based Services for your small business makes it easy to access your data from anywhere at any time. It also has the benefit of being more easily secured by adjusting settings and permissions and most cloud-based services have strong encryption standards. Migrate your data to the cloud.

Faulty Iowa App Was Part of Push to Restore Democrats’ Digital Edge

The faulty smartphone app behind the chaotic aftermath of Iowa’s Democratic caucuses was the work of a little-known company called Shadow Inc. that was founded by veterans of Hillary Clinton’s unsuccessful presidential campaign, and whose previous work was marked by a string of failures, including a near bankruptcy.

The app grew out of a broader push by Democrats, backed by tens of millions of dollars in donor money, to match the Republicans’ prowess in digital advertising and organizing after the 2016 election. Much of the energy and investment have gone into enterprises that are intended to both boost the Democrats’ digital game and turn a profit, like Shadow.

Yet instead of showcasing how far the Democrats had come since the 2016 defeat, the disarray surrounding the Iowa caucuses raised new questions about how the party hopes to compete in 2020 with the Trump campaign, a digital juggernaut that is churning out ads and raising record sums of money.

“It’s the exact opposite of the Trump team approach — bring the engineers in house, figure out exactly what we need, we build it, we test it, we own it,” said David Goldstein, chief executive of Tovo Labs, a progressive digital consulting firm.

Given less than two months to build an app for reporting caucus results to the Iowa Democratic Party, Shadow produced technology that proved difficult to download and use and ended up delivering incorrect tallies. Iowa’s Democrats blamed a “coding issue” in the app, and the party said it would resort to a time-consuming manual tally based on information called in by precinct chairs or pictures sent on their smartphones — the same ones on which they could not make the app work.

With the wait on results dragging into Tuesday evening, many in the party began dissecting what turned the Democrats’ first contest of the 2020 election into a chaotic display, starting with Shadow, and its main backer, Acronym, a progressive nonprofit that is focused on helping Democrats regain their digital edge.

Shadow, in a tweet, said, “We sincerely regret the delay in the reporting of the results of last night’s Iowa caucuses and the uncertainty it has caused.” But the company offered no explanation for what went wrong, though Democratic officials said that data had been incorrectly transmitted from the app to a central database, and that many users had been unable to follow the complicated process for installing the app on their phones.

The fallout spread quickly on Tuesday. Nevada, which like Iowa holds caucuses instead of a primary election, said it was abandoning plans to use Shadow’s app. The Biden campaign, which had hired Shadow to help it reach voters, announced that it had cut ties with the company last year.

Founded in 2017, Acronym quickly became a darling of the Democratic donor class with its talk of restoring the digital advantage that the party had enjoyed under President Barack Obama, and that it was seen to have lost in Mrs. Clinton’s 2016 campaign. David Plouffe, the well-connected former Obama campaign manager, joined Acronym’s board. Its founder, Tara McGowan, a former journalist, was the subject of glowing profiles, one of which called her “the Democrats’ Most Dangerous Digital Strategist.”

For a time, Acronym appeared poised to deliver on its promise. Late last year, it unveiled a plan to spend $75 million on digital advertising to counter President Trump’s early spending advantage in key battleground states.

Months earlier, it also quietly invested millions of dollars in a nearly bankrupt company called Groundbase, a tech firm that renamed itself Shadow soon after.

The firm had been founded by a pair of Clinton campaign veterans, Gerard Niemira and Krista Davis, with an initial investment from another progressive nonprofit, Higher Ground Labs. But its main technology, a texting platform designed for campaigns, failed to catch on as users complained that it was slow and cumbersome.

The failure left the firm perilously underfunded, and it was close to shutting down when Acronym stepped in with an infusion of cash, and a plan to refocus Groundbase specifically on developing mobile technology for campaigns.

The new money brought new projects. There was an email app and a program called Lightrail, which was being built to help the Democratic Party centralize its data.

There were also new clients. According to the most recent campaign filing reports, Shadow earned roughly $150,000 last year working for the Nevada and Wisconsin state Democratic parties and three presidential campaigns — those of former Vice President Joseph R. Biden Jr., Pete Buttigieg, former mayor of South Bend, Ind., and Senator Kirsten Gillibrand of New York, who dropped out of the race in August.

Shadow’s work for the Biden campaign involved the texting technology and digital advertising consulting aimed at small dollar donors, said campaign staffers. But the texting program was particularly problematic, they said, pointing to potential security concerns.

An aide to Mr. Biden, who spoke on the condition of anonymity to avoid alienating other Democrats, said the campaign had used Shadow to text voters ahead of its campaign kickoff in Philadelphia last year. But the technology “did not pass our cybersecurity checklist.”

Still, when Iowa Democrats, on the advice of the national party, abandoned plans to have caucus results called in by phone because of security concerns and instead build an app, Shadow won the contract. State records show the Iowa Democrats paid the firm $63,183 in two installments. It was unclear on Tuesday whether there had been a competitive bidding process for the work.

Regardless of how it got the job, Shadow was put into a race that engineers at the most well-resourced tech giants, like Google, said could not be won. There was simply not enough time to build the app, test it widely to work out major bugs and then train its users.

Shadow was also handicapped by its own lack of coding know-how, according to people familiar with the company. Few of its employees had worked on major tech projects, and many of its engineers were relatively inexperienced.

Two people who work for Acronym, speaking on the condition of anonymity because they did not want to risk their jobs, acknowledged that the app had problems. It was so rushed, they said, that there was no time to get it approved by the Apple store. Had it been, it might have proved far easier for users to install.

Instead, the app had to be downloaded by bypassing a phone’s security settings, a complicated process for anyone unfamiliar with the intricacies of mobile operating systems, and especially hard for many of the older, less tech-savvy caucus chairs in Iowa.

The app also had to be installed using two-factor authentication and PIN passcodes. The information was included on worksheets given to volunteers at the Iowa precincts tallying the votes, but it added another layer of complication that appeared to hinder people.

In the end, only one-quarter of the 1,700 precinct chairs successfully downloaded and installed the app, according to a Democratic consultant who spoke on the condition of anonymity to avoid losing work. Many who resorted to calling in the results found that there were too few operators to handle the calls.

Some also took pictures of the worksheets they had been given — the PINs fully visible — and tweeted them out in frustration. Had the app worked, the information might have given trolls or hackers a chance to download the program and tamper with it.

In the lead-up to the caucuses, officials at the state party and the D.N.C. made an effort to keep Shadow’s involvement a secret, asking with no apparent irony that even the name of the company be withheld from the public, arguing that hackers could not attack what they did not know existed. But the relative obscurity meant that the app would not be subject to independent testing for bugs.

By Tuesday morning, it appeared that some of the people involved with developing and launching the app were trying to hide their connection to Shadow. At least one employee had removed the company from her LinkedIn profile, and two others had hidden their photos and personal details online.

Acronym, for its part, removed a mention of its role in developing the app from its website. In its place, the Acronym website now states that the organization “invested” in Shadow.

from WordPress https://mastcomm.com/faulty-iowa-app-was-part-of-push-to-restore-democrats-digital-edge/

How to Find Cyber Security Company Malaysia on the Web

Primarily, it's less known that you may have a livelihood in cyber protection at all. It's a valuable asset. Cyber security is a issue that is complex but ICS-CERT, advisers and providers can sees assistance.

Successful incident response processes can reduce the threat of future episodes occurring. Students may pursue cyber security levels or inside a atmosphere.

You may also work independently as companies require the requirement for safety experts. There are An option similarly. By means of example, a lot of businesses desire to protect their information out.

Web-based attacks are experienced by 64% of associations. Therefore discounts should be reimbursable in tort it is simple to show real losses. Although as much as I'm aware, security businesses may have their HQ in 1 location, They'd have a variety of sites.

It should tell how you would be moving ahead in establishing your company venture. You must go and an excellent name has been generated by it. As an example, you can choose to acquire.

Cyber Security Company Malaysia - Overview

You're able to find a winning style in a speedy time and in an affordable cost. Due to this, we have been operating with a range of the experts accessible to tailor made products and solutions to fulfill with the condition of shipping. It's an issue of finding out who possess the vulnerabilities which could possibly be exploited when these items are cataloged to achieve the results.

The class utilizing forensic tools to recoup information and provides the opportunity to examine a lot of tools available on the marketplace that's open. It is they hard to discover and take a time to handle that's the most. You may study from the comfort of your dwelling and do not have to get concerned about travelling to campus.

It may be used to allow a person. There are a problem, for example, if a company that's one of only a few that generates a widget for a particular weapon system should be given a contract because the U.S. is planning to go to war, which business is shown to be vulnerable to a cyberattack that could possibly lower its capacity to furnish troops crucial components. If not managed properly could offer cyber criminals.

The 5-Minute Rule for Cyber Security Company Malaysia

1 such program is supplied through FraudWatch International. Please note that SWIFT clients can choose to contract. You want to discover the US variant of a site and if you are in Malaysia, you may use a VPN.

When security tools need to be managed with controllers or in many areas it's easy to bypass measures or cause your systems to become out of sync. "Then many don't have the right procedure of tackling things, you have got to pay for the whole ecosystem in cybersecurity," he explained. Access controls such as logins might be required, but slow.

Join us about the way for those demonstrations by TUV Rheinland cyber security company malaysia specialists it's likely to fasten your company from the current cyberthreats. Everybody needs to comprehend the need to set passwords for accounts. Get prepared make a determination and to ask questions.

The Extortion Economy: How Insurance Companies Are Fueling a Rise in Ransomware Attacks

New Post has been published on https://www.aheliotech.com/blog/the-extortion-economy-how-insurance-companies-are-fueling-a-rise-in-ransomware-attacks/

The Extortion Economy: How Insurance Companies Are Fueling a Rise in Ransomware Attacks

This story was originally published by ProPublica.

Even when public agencies and companies hit by ransomware could recover their files on their own, insurers prefer to pay the ransom. Why? The attacks are good for business.

  On June 24, the mayor and council of Lake City, Florida, gathered in an emergency session to decide how to resolve a ransomware attack that had locked the city’s computer files for the preceding fortnight. Following the Pledge of Allegiance, Mayor Stephen Witt led an invocation. “Our heavenly father,” Witt said, “we ask for your guidance today, that we do what’s best for our city and our community.”

  Witt and the council members also sought guidance from City Manager Joseph Helfenberger. He recommended that the city allow its cyber insurer, Beazley, an underwriter at Lloyd’s of London, to pay the ransom of 42 bitcoin, then worth about $460,000. Lake City, which was covered for ransomware under its cyber-insurance policy, would only be responsible for a $10,000 deductible. In exchange for the ransom, the hacker would provide a key to unlock the files.

  “If this process works, it would save the city substantially in both time and money,” Helfenberger told them.

  Without asking questions or deliberating, the mayor and the council unanimously approved paying the ransom. The six-figure payment, one of several that U.S. cities have handed over to hackers in recent months to retrieve files, made national headlines.

  Left unmentioned in Helfenberger’s briefing was that the city’s IT staff, together with an outside vendor, had been pursuing an alternative approach. Since the attack, they had been attempting to recover backup files that were deleted during the incident. On Beazley’s recommendation, the city chose to pay the ransom because the cost of a prolonged recovery from backups would have exceeded its $1 million coverage limit, and because it wanted to resume normal services as quickly as possible.

  “Our insurance company made [the decision] for us,” city spokesman Michael Lee, a sergeant in the Lake City Police Department, said. “At the end of the day, it really boils down to a business decision on the insurance side of things: them looking at how much is it going to cost to fix it ourselves and how much is it going to cost to pay the ransom.”

  The mayor, Witt, said in an interview that he was aware of the efforts to recover backup files but preferred to have the insurer pay the ransom because it was less expensive for the city. “We pay a $10,000 deductible, and we get back to business, hopefully,” he said. “Or we go, ‘No, we’re not going to do that,’ then we spend money we don’t have to just get back up and running. And so to me, it wasn’t a pleasant decision, but it was the only decision.”

  Ransomware is proliferating across America, disabling computer systems of corporations, city governments, schools and police departments. This month, attackers seeking millions of dollars encrypted the files of 22 Texas municipalities. Overlooked in the ransomware spree is the role of an industry that is both fueling and benefiting from it: insurance. In recent years, cyber insurance sold by domestic and foreign companies has grown into an estimated $7 billion to $8 billion-a-year market in the U.S. alone, according to Fred Eslami, an associate director at AM Best, a credit rating agency that focuses on the insurance industry. While insurers do not release information about ransom payments, ProPublica has found that they often accommodate attackers’ demands, even when alternatives such as saved backup files may be available.

  The FBI and security researchers say paying ransoms contributes to the profitability and spread of cybercrime and in some cases may ultimately be funding terrorist regimes. But for insurers, it makes financial sense, industry insiders said. It holds down claim costs by avoiding expenses such as covering lost revenue from snarled services and ongoing fees for consultants aiding in data recovery. And, by rewarding hackers, it encourages more ransomware attacks, which in turn frighten more businesses and government agencies into buying policies.

  “The onus isn’t on the insurance company to stop the criminal, that’s not their mission. Their objective is to help you get back to business. But it does beg the question, when you pay out to these criminals, what happens in the future?” said Loretta Worters, spokeswoman for the Insurance Information Institute, a nonprofit industry group based in New York. Attackers “see the deep pockets. You’ve got the insurance industry that’s going to pay out, this is great.”

  A spokesperson for Lloyd’s, which underwrites about one-third of the global cyber-insurance market, said that coverage is designed to mitigate losses and protect against future attacks, and that victims decide whether to pay ransoms. “Coverage is likely to include, in the event of an attack, access to experts who will help repair the damage caused by any cyberattack and ensure any weaknesses in a company’s cyberprotection are eliminated,” the spokesperson said. “A decision whether to pay a ransom will fall to the company or individual that has been attacked.” Beazley declined comment.

  Fabian Wosar, chief technology officer for anti-virus provider Emsisoft, said he recently consulted for one U.S. corporation that was attacked by ransomware. After it was determined that restoring files from backups would take weeks, the company’s insurer pressured it to pay the ransom, he said. The insurer wanted to avoid having to reimburse the victim for revenues lost as a result of service interruptions during recovery of backup files, as its coverage required, Wosar said. The company agreed to have the insurer pay the approximately $100,000 ransom. But the decryptor obtained from the attacker in return didn’t work properly and Wosar was called in to fix it, which he did. He declined to identify the client and the insurer, which also covered his services.

  “Paying the ransom was a lot cheaper for the insurer,” he said. “Cyber insurance is what’s keeping ransomware alive today. It’s a perverted relationship. They will pay anything, as long as it is cheaper than the loss of revenue they have to cover otherwise.”

  Worters, the industry spokeswoman, said ransom payments aren’t the only example of insurers saving money by enriching criminals. For instance, the companies may pay fraudulent claims — for example, from a policyholder who sets a car on fire to collect auto insurance — when it’s cheaper than pursuing criminal charges. “You don’t want to perpetuate people committing fraud,” she said. “But there are some times, quite honestly, when companies say: ’This fraud is not a ton of money. We are better off paying this.’ … It’s much like the ransomware, where you’re paying all these experts and lawyers, and it becomes this huge thing.”

  Insurers approve or recommend paying a ransom when doing so is likely to minimize costs by restoring operations quickly, regulators said. As in Lake City, recovering files from backups can be arduous and time-consuming, potentially leaving insurers on the hook for costs ranging from employee overtime to crisis management public relations efforts, they said.

  “They’re going to look at their overall claim and dollar exposure and try to minimize their losses,” said Eric Nordman, a former director of the regulatory services division of the National Association of Insurance Commissioners, or NAIC, the organization of state insurance regulators. “If it’s more expeditious to pay the ransom and get the key to unlock it, then that’s what they’ll do.”

  As insurance companies have approved six- and seven-figure ransom payments over the past year, criminals’ demands have climbed. The average ransom payment among clients of Coveware, a Connecticut firm that specializes in ransomware cases, is about $36,000, according to its quarterly report released in July, up sixfold from last October. Josh Zelonis, a principal analyst for the Massachusetts-based research company Forrester, said the increase in payments by cyber insurers has correlated with a resurgence in ransomware after it had started to fall out of favor in the criminal world about two years ago.

  One cybersecurity company executive said his firm has been told by the FBI that hackers are specifically extorting American companies that they know have cyber insurance. After one small insurer highlighted the names of some of its cyber policyholders on its website, three of them were attacked by ransomware, Wosar said. Hackers could also identify insured targets from public filings; the Securities and Exchange Commission suggests that public companies consider reporting “insurance coverage relating to cybersecurity incidents.”

  Even when the attackers don’t know that insurers are footing the bill, the repeated capitulations to their demands give them confidence to ask for ever-higher sums, said Thomas Hofmann, vice president of intelligence at Flashpoint, a cyber-risk intelligence firm that works with ransomware victims.

  Ransom demands used to be “a lot less,” said Worters, the industry spokeswoman. But if hackers think they can get more, “they’re going to ask for more. So that’s what’s happening. … That’s certainly a concern.”

  In the past year, dozens of public entities in the U.S. have been paralyzed by ransomware. Many have paid the ransoms, either from their own funds or through insurance, but others have refused on the grounds that it’s immoral to reward criminals. Rather than pay a $76,000 ransom in May, the city of Baltimore — which did not have cyber insurance — sacrificed more than $5.3 million to date in recovery expenses, a spokesman for the mayor said this month. Similarly, Atlanta, which did have a cyber policy, spurned a $51,000 ransom demand last year and has spent about $8.5 million responding to the attack and recovering files, a spokesman said this month. Spurred by those and other cities, the U.S. Conference of Mayors adopted a resolution this summer not to pay ransoms.

  Still, many public agencies are delighted to have their insurers cover ransoms, especially when the ransomware has also encrypted backup files. Johannesburg-Lewiston Area Schools, a school district in Michigan, faced that predicament after being attacked in October. Beazley, the insurer handling the claim, helped the district conduct a cost-benefit analysis, which found that paying a ransom was preferable to rebuilding the systems from scratch, said Superintendent Kathleen Xenakis-Makowski.

  “They sat down with our technology director and said, ‘This is what’s affected, and this is what it would take to re-create,’” said Xenakis-Makowski, who has since spoken at conferences for school officials about the importance of having cyber insurance. She said the district did not discuss the ransom decision publicly at the time in part to avoid a prolonged debate over the ethics of paying. “There’s just certain things you have to do to make things work,” she said.

  Ransomware is one of the most common cybercrimes in the world. Although it is often cast as a foreign problem, because hacks tend to originate from countries such as Russia and Iran, ProPublica has found that American industries have fostered its proliferation. We reported in May on two ransomware data recovery firms that purported to use their own technology to disable ransomware but in reality often just paid the attackers. One of the firms, Proven Data, of Elmsford, New York, tells victims on its website that insurance is likely to cover the cost of ransomware recovery.

  Lloyd’s of London, the world’s largest specialty insurance market, said it pioneered the first cyber liability policy in 1999. Today, it offers cyber coverage through 74 syndicates — formed by one or more Lloyd’s members such as Beazley joining together — that provide capital and accept and spread risk. Eighty percent of the cyber insurance written at Lloyd’s is for entities based in the U.S. The Lloyd’s market is famous for insuring complex, high-risk and unusual exposures, such as climate-change consequences, Arctic explorers and Bruce Springsteen’s voice.

  Many insurers were initially reluctant to cover cyber disasters, in part because of the lack of reliable actuarial data. When they protect customers against traditional risks such as fires, floods and auto accidents, they price policies based on authoritative information from national and industry sources. But, as Lloyd’s noted in a 2017 report, “there are no equivalent sources for cyber-risk,” and the data used to set premiums is collected from the internet. Such publicly available data is likely to underestimate the potential financial impact of ransomware for an insurer. According to a report by global consulting firm PwC, both insurers and victimized companies are reluctant to disclose breaches because of concerns over loss of competitive advantage or reputational damage.

  Despite the uncertainty over pricing, dozens of carriers eventually followed Lloyd’s in embracing cyber coverage. Other lines of insurance are expected to shrink in the coming decades, said Nordman, the former regulator. Self-driving cars, for example, are expected to lead to significantly fewer car accidents and a corresponding drop in premiums, according to estimates. Insurers are seeking new areas of opportunity, and “cyber is one of the small number of lines that is actually growing,” Nordman said.

  Driven partly by the spread of ransomware, the cyber insurance market has grown rapidly. Between 2015 and 2017, total U.S. cyber premiums written by insurers that reported to the NAIC doubled to an estimated $3.1 billion, according to the most recent data available.

  Cyber policies have been more profitable for insurers than other lines of insurance. The loss ratio for U.S. cyber policies was about 35% in 2018, according to a report by Aon, a London-based professional services firm. In other words, for every dollar in premiums collected from policyholders, insurers paid out roughly 35 cents in claims. That compares to a loss ratio of about 62% across all property and casualty insurance, according to data compiled by the NAIC of insurers that report to them. Besides ransomware, cyber insurance frequently covers costs for claims related to data breaches, identity theft and electronic financial scams.

  During the underwriting process, insurers typically inquire about a prospective policyholder’s cyber security, such as the strength of its firewall or the viability of its backup files, Nordman said. If they believe the organization’s defenses are inadequate, they might decline to write a policy or charge more for it, he said. North Dakota Insurance Commissioner Jon Godfread, chairman of the NAIC’s innovation and technology task force, said some insurers suggest prospective policyholders hire outside firms to conduct “cyber audits” as a “risk mitigation tool” aimed to prevent attacks — and claims — by strengthening security.

  “Ultimately, you’re going to see that prevention of the ransomware attack is likely going to come from the insurance carrier side,” Godfread said. “If they can prevent it, they don’t have to pay out a claim, it’s better for everybody.”

  Not all cyber insurance policies cover ransom payments. After a ransomware attack on Jackson County, Georgia, last March, the county billed insurance for credit monitoring services and an attorney but had to pay the ransom of about $400,000, County Manager Kevin Poe said. Other victims have struggled to get insurers to pay cyber-related claims. Food company Mondelez International and pharmaceutical company Merck sued insurers last year in state courts after the carriers refused to reimburse costs associated with damage from NotPetya malware. The insurers cited “hostile or warlike action” or “act of war” exclusions because the malware was linked to the Russian military. The cases are pending.

  The proliferation of cyber insurers willing to accommodate ransom demands has fostered an industry of data recovery and incident response firms that insurers hire to investigate attacks and negotiate with and pay hackers. This year, two FBI officials who recently retired from the bureau opened an incident response firm in Connecticut. The firm, The Aggeris Group, says on its website that it offers “an expedient response by providing cyber extortion negotiation services and support recovery from a ransomware attack.”

  Ramarcus Baylor, a principal consultant for The Crypsis Group, a Virginia incident response firm, said he recently worked with two companies hit by ransomware. Although both clients had backup systems, insurers promised to cover the six-figure ransom payments rather than spend several days assessing whether the backups were working. Losing money every day the systems were down, the clients accepted the offer, he said.

  Crypsis CEO Bret Padres said his company gets many of its clients from insurance referrals. There’s “really good money in ransomware” for the cyberattacker, recovery experts and insurers, he said. Routine ransom payments have created a “vicious circle,” he said. “It’s a hard cycle to break because everyone involved profits: We do, the insurance carriers do, the attackers do.”

  Chris Loehr, executive vice president of Texas-based Solis Security, said there are “a lot of times” when backups are available but clients still pay ransoms. Everyone from the victim to the insurer wants the ransom paid and systems restored as fast as possible, Loehr said.

  “They figure out that it’s going to take a month to restore from the cloud, and so even though they have the data backed up,” paying a ransom to obtain a decryption key is faster, he said.

  “Let’s get it negotiated very quickly, let’s just get the keys, and get the customer decrypted to minimize business interruption loss,” he continued. “It makes the client happy, it makes the attorneys happy, it makes the insurance happy.”

  If clients morally oppose ransom payments, Loehr said, he reminds them where their financial interests lie, and of the high stakes for their businesses and employees. “I’ll ask, ‘The situation you’re in, how long can you go on like this?’” he said. “They’ll say, ‘Well, not for long.’ Insurance is only going to cover you for up to X amount of dollars, which gets burned up fast.”

  “I know it sucks having to pay off assholes, but that’s what you gotta do,” he said. “And they’re like, ‘Yeah, OK, let’s get it done.’ You gotta kind of take charge and tell them, ‘This is the way it’s going to be or you’re dead in the water.’”

  Lloyd’s-backed CFC, a specialist insurance provider based in London, uses Solis for some of its U.S. clients hit by ransomware. Graeme Newman, chief innovation officer at CFC, said “we work relentlessly” to help victims improve their backup security. “Our primary objective is always to get our clients back up and running as quickly as possible,” he said. “We would never recommend that our clients pay ransoms. This would only ever be a very final course of action, and any decision to do so would be taken by our clients, not us as an insurance company.”

  As ransomware has burgeoned, the incident response division of Solis has “taken off like a rocket,” Loehr said. Loehr’s need for a reliable way to pay ransoms, which typically are transacted in digital currencies such as Bitcoin, spawned Sentinel Crypto, a Florida-based money services business managed by his friend, Wesley Spencer. Sentinel’s business is paying ransoms on behalf of clients whose insurers reimburse them, Loehr and Spencer said.

  New York-based Flashpoint also pays ransoms for insurance companies. Hofmann, the vice president, said insurers typically give policyholders a toll-free number to dial as soon as they realize they’ve been hit. The number connects to a lawyer who provides a list of incident response firms and other contractors. Insurers tightly control expenses, approving or denying coverage for the recovery efforts advised by the vendors they suggest.

  “Carriers are absolutely involved in the decision making,” Hofmann said. On both sides of the attack, “insurance is going to transform this entire market,” he said.

  On June 10, Lake City government officials noticed they couldn’t make calls or send emails. IT staff then discovered encrypted files on the city’s servers and disconnected the infected servers from the internet. The city soon learned it was struck by Ryuk ransomware. Over the past year, unknown attackers using the Ryuk strain have besieged small municipalities and technology and logistics companies, demanding ransoms up to $5 million, according to the FBI.

  Shortly after realizing it had been attacked, Lake City contacted the Florida League of Cities, which provides insurance for more than 550 public entities in the state. Beazley is the league’s reinsurer for cyber coverage, and they share the risk. The league declined to comment.

  Initially, the city had hoped to restore its systems without paying a ransom. IT staff was “plugging along” and had taken server drives to a local vendor who’d had “moderate success at getting the stuff off of it,” Lee said. However, the process was slow and more challenging than anticipated, he said.

  As the local technicians worked on the backups, Beazley requested a sample encrypted file and the ransom note so its approved vendor, Coveware, could open negotiations with the hackers, said Steve Roberts, Lake City’s director of risk management. The initial ransom demand was 86 bitcoin, or about $700,000 at the time, Coveware CEO Bill Siegel said. “Beazley was not happy with it — it was way too high,” Roberts said. “So [Coveware] started negotiations with the perps and got it down to the 42 bitcoin. Insurance stood by with the final negotiation amount, waiting for our decision.”

  Lee said Lake City may have been able to achieve a “majority recovery” of its files without paying the ransom, but it probably would have cost “three times as much money trying to get there.” The city fired its IT director, Brian Hawkins, in the midst of the recovery efforts. Hawkins, who is suing the city, said in an interview posted online by his new employer that he was made “the scapegoat” for the city’s unpreparedness. The “recovery process on the files was taking a long time” and “the lengthy process was a major factor in paying the ransom,” he said in the interview.

  On June 25, the day after the council meeting, the city said in a press release that while its backup recovery efforts “were initially successful, many systems were determined to be unrecoverable.” Lake City fronted the ransom amount to Coveware, which converted the money to bitcoin, paid the attackers and received a fee for its services. The Florida League of Cities reimbursed the city, Roberts said.

  Lee acknowledged that paying ransoms spurs more ransomware attacks. But as cyber insurance becomes ubiquitous, he said, he trusts the industry’s judgment.

  “The insurer is the one who is going to get hit with most of this if it continues,” he said. “And if they’re the ones deciding it’s still better to pay out, knowing that means they’re more likely to have to do it again — if they still find that it’s the financially correct decision — it’s kind of hard to argue with them because they know the cost-benefit of that. I have a hard time saying it’s the right decision, but maybe it makes sense with a certain perspective.”

The post The Extortion Economy: How Insurance Companies Are Fueling a Rise in Ransomware Attacks appeared first on Emsisoft | Security Blog.

Original Post from Krebs on Security Author: BrianKrebs

Imperva, a leading provider of Internet firewall services that help Web sites block malicious cyberattacks, alerted customers on Tuesday that a recent data breach exposed email addresses, scrambled passwords, API keys and SSL certificates for a subset of its firewall users.

Redwood Shores, Calif.-based Imperva sells technology and services designed to detect and block various types of malicious Web traffic, from denial-of-service attacks to digital probes aimed at undermining the security of Web-based software applications.

Image: Imperva

Earlier today, Imperva told customers that it learned on Aug. 20 about a security incident that exposed sensitive information for some users of Incapsula, the company’s cloud-based Web Application Firewall (WAF) product.

“On August 20, 2019, we learned from a third party of a data exposure that impacts a subset of customers of our Cloud WAF product who had accounts through September 15, 2017,” wrote Heli Erickson, director of analyst relations at Imperva.

“We want to be very clear that this data exposure is limited to our Cloud WAF product,” Erickson’s message continued. “While the situation remains under investigation, what we know today is that elements of our Incapsula customer database from 2017, including email addresses and hashed and salted passwords, and, for a subset of the Incapsula customers from 2017, API keys and customer-provided SSL certificates, were exposed.”

Companies that use the Incapsula WAF route all of their Web site traffic through the service, which scrubs the communications for any suspicious activity or attacks and then forwards the benign traffic on to its intended destination.

Rich Mogull, vice president of product at Kansas City-based cloud security firm DisruptOps, said Imperva is among the top three Web-based firewall providers in business today.

According to Mogull, an attacker in possession of a customer’s API keys and SSL certificates could use that access to significantly undermine the security of traffic flowing to and from a customer’s various Web sites.

At a minimum, he said, an attacker in possession of these key assets could reduce the security of the WAF settings and exempt or “whitelist” from the WAF’s scrubbing technology any traffic coming from the attacker. A worst-case scenario could allow an attacker to intercept, view or modify traffic destined for an Incapsula client Web site, and even to divert all traffic for that site to or through a site owned by the attacker.

“Attackers could whitelist themselves and begin attacking the site without the WAF’s protection,” Mogull told KrebsOnSecurity. “They could modify any of the security Incapsula security settings, and if they got [the target’s SSL] certificate, that can potentially expose traffic. For a security-as-a-service provider like Imperva, this is the kind of mistake that’s up their with their worst nightmare.”

Imperva urged all of its customers to take several steps that might mitigate the threat from the data exposure, such as changing passwords for user accounts at Incapsula, enabling multi-factor authentication, resetting API keys, and generating/uploading new SSL certificates.

Alissa Knight, a senior analyst at Aite Group, said the exposure of Incapsula users’ scrambled passwords and email addresses was almost incidental given that the intruders also made off with customer API keys and SSL certificates.

Knight said although we don’t yet know the cause of this incident, such breaches at cloud-based firms often come down to small but ultimately significant security failures on the part of the provider.

“The moral of the story here is that people need to be asking tough questions of software-as-a-service firms they rely upon, because those vendors are being trusted with the keys to the kingdom,” Knight said. “Even if the vendor in question is a cybersecurity company, it doesn’t necessarily mean they’re eating their own dog food.”

#gallery-0-5 { margin: auto; } #gallery-0-5 .gallery-item { float: left; margin-top: 10px; text-align: center; width: 33%; } #gallery-0-5 img { border: 2px solid #cfcfcf; } #gallery-0-5 .gallery-caption { margin-left: 0; } /* see gallery_shortcode() in wp-includes/media.php */

Go to Source Author: BrianKrebs Cybersecurity Firm Imperva Discloses Breach Original Post from Krebs on Security Author: BrianKrebs Imperva, a leading provider of Internet firewall services that help Web sites block malicious cyberattacks, alerted customers on Tuesday that a recent data breach exposed email addresses, scrambled passwords, …