Industry Hot News (6029)
Wear a smartwatch and you could cause a data breach that brings your organization to its knees. Install an anti-virus product on any one of your endpoints and you could compromise the security of key enterprise applications.
Smartwatches and certain anti-virus products are just a small sample of the growing number of shocking application security threats. Just like more familiar application security threats such as code injection, cross site scripting and buffer overruns, the threats they pose can be critical.
This article discusses five emerging application security threats:
- PIN and password inference software
- Mobile app collusion
- Anti-virus software
- Voice-activated attacks
Zscaler is warning organizations to plan ahead for security threats and network performance issues linked to coverage of the Olympic Games, which commence on 5th August in Rio.
Cybercriminals are aware that users will be searching for convenient ways to stay up-to-date with the latest sporting action, forcing enterprises to roll out revised security policies that ensure the security of users watching, searching for, or downloading associated sporting coverage.
Most critically, organizations need to consider their exposure to phishing and malware attempts, exploitation of mobile applications and how this will impact business continuity. ThreatLabZ research from past events found that 80 percent of ‘Olympic’ web domains were found to be scams or spam, pinpointing the need for increased business vigilance.
The legal profession is transforming itself, especially in the area of compliance. Lawyers are an invaluable part of a compliance program. They provide important perspective and understanding of risk, they help a company to assess and navigate legal risks and they interface with regulators and enforcement agencies.
The most effective compliance programs usually are built around a strong partnership between a chief compliance officer and a general counsel. They are natural partners, assuming that egos do not get in the way, and should work together to advance the company’s compliance program.
Lawyers have two very specific benefits that should be incorporated into an effective compliance program.
Charleston, W.Va. — If you were affected during the June storms and have questions about legal issues such as repair contracts, working with contractors, replacing wills and other legal documents, you might be eligible to get free legal counseling from a group of West Virginia lawyers who have volunteered limited legal help.
Disaster legal Services provides legal assistance to low-income individuals who, prior to or because of the disaster, have little recourse to legal services as a consequence of a major disaster.
A partnership among the Federal Emergency Management Agency (FEMA), the West Virginia State Bar, and Legal Aid of West Virginia provides eligible callers 24/7 access to a toll free legal hotline, 877-331-4259. Callers may leave a message and will be matched with a local attorney.
Local legal aid providers might help you with:
- Assistance with FEMA and other government benefits available
- Assistance with life, medical, and property insurance claims
- Help with home repair contracts and contractors
- Replacement of wills and other important legal documents lost or destroyed in the disaster
- Consumer protection issues such as price-gouging and avoiding contractor scams in the rebuilding process
- Counseling on mortgage-foreclosure problems
- Counseling on landlord-tenant problems
There are some limitations on disaster legal services. For instance, if a case might produce a fee, or where attorneys are paid as part of a court settlement, you’ll be referred to a local lawyer.
Understanding how the business climate is changing will allow to you start looking at how you may need to change your recovery and resiliency strategies.
I was recently talking with my father who was in the convenience store and gasoline distribution business his entire career. We were talking about planning and how the business climate changes over time. He mentioned that when pay-at-the-pump devices first came to stations, his company resisted implementing them. Their convenience store model was to get customers to walk into the store to pay so they would purchase additional items. Their money was not made on gas sales, but on the sale of store items (beverages, candy, etc.). My father was an advocate of putting the new pumps in. He saw it as being more important than just having customers walk into the store, but instead making sure that customers were comfortable using the store for both gas purchases and quick stops for other items. If they got in the habit of using a different store to get gas because of pay-at-the-pump, they would likely stop at that store for drinks and other items as well. The result: a lost customer.
Do you know how your business climate may be evolving? Do your current processes or paradigms still meet customer needs and desires? In previous blogs and presentations, we have encouraged those in continuity planning to learn about their business processes. Understanding how the business climate is changing – and how business processes and functions may be changing along with that – will allow to you start looking at how you may need to change your recovery and resiliency strategies.
Consider the items below as you identify how your business may be changing.
We know that ransomware is a menace for just about everyone, but the health care industry has been hit unusually hard by this particular type of attack. In fact, according to Solutionary’s Security Engineering Research Team (SERT) Quarterly Threat Report for Q2 2016, the health care industry represented 88 percent of all ransomware detections during the second quarter.
Think about that number for a moment. Ransomware seems to be everywhere, yet, 88 percent of detections were in one industry. Education and finance were second and third, at 6 and 4 percent, respectively.
Now, it must be noted that we may not be getting the full picture, as Solutionary threat intelligence communication manager Jon-Louis Heimerl told SC Magazine, after pointing out that the analysis was based on actual ransomware activities:
AUSTIN, Texas – Two important deadlines are ahead for Texans who are considering a loan through the U.S. Small Business Administration for recovery from the May-June storms and flooding.
Most survivors who registered with FEMA for disaster assistance were contacted by the SBA with information on the agency’s low-interest disaster loans, as well as instructions on how to complete the loan application.
The deadline to submit the application for physical damage is Aug. 10. The deadline for businesses to submit a loan application for economic injury is March 11, 2017.
The SBA is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property, offering low-interest disaster assistance loans to businesses of all sizes, private nonprofit organizations, homeowners and renters.
Survivors may apply online using the electronic loan application via SBA’s secure website at disasterloan.sba.gov/ela.
Disaster loan information and application forms are also available from SBA’s customer service center by calling 800-659-2955 or emailing email@example.com. Individuals who are deaf or hard‑of‑hearing may call 800-877-8339. For more disaster assistance information or to download applications, visit sba.gov/disaster.
Completed applications should be mailed to:
U.S. Small Business Administration
Processing and Disbursement Center
14925 Kingsport Rd.
Fort Worth, TX 76155
SBA loan applications should be submitted even as disaster survivors await an insurance settlement. The loan balance is reduced by the settlement. SBA loans may also be available for losses not covered by insurance.
The SBA encourages Texans who suffered damage or loss from the May-June storms and flooding complete the SBA loan application they received. There is no obligation to take a loan if offered. If approved, and a survivor does not accept the loan, it may make one ineligible for additional federal assistance.
Homeowners may borrow up to $200,000 from SBA to repair or replace their primary residence.
Homeowners and renters may borrow up to $40,000 to repair or replace personal property.
Businesses may borrow up to $2 million for any combination of property damage or economic injury. SBA offers low-interest working capital loans—called Economic Injury Disaster Loans—to small businesses and most private nonprofit organizations of all sizes.
# # #
FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.
Download fema.gov/mobile-app to locate open shelters and disaster recovery centers, receive severe weather alerts, safety tips and much more.
Your organization probably already has more data than it knows what to do with. Yet, it's quite likely you're overlooking, disregarding, unaware of, or unable to access important information that could directly affect analyses and business outcomes.
It doesn't matter what your universe of data is -- enterprise data or a combination of internal and external data sources -- important nuggets of information may be missing.
"Companies are collecting more data, but often struggle with what to do with it," said Dave Hartman, president and founder of technology advisory firm Hartman Executive Advisors. "Data can be extremely overwhelming in its raw form."
U.S. hotel group Kimpton Hotels & Restaurants and U.K. mobile operator O2 both recently acknowledged potential data breaches. In Kimpton's case, the attack appears to be similar to other recent point-of-sale breaches at hotel chains including Hyatt, Omni, Starwood and Hilton, while in O2's case an undisclosed number of customer accounts were exposed by password reuse.
Kimpton Hotels yesterday announced that it was "recently made aware of a report of unauthorized charges occurring on cards that were previously used legitimately at Kimpton properties."
"As soon as we learned of this, we immediately an investigation and engaged a leading security firm to provide us with support," the company stated. "We are committed to swiftly resolving this matter. In the meantime, and in line with best practice, we recommend that individuals closely monitor their payment card account statements."
(TNS) - With the recent, long-awaited arrival of the Elizabethtown Fire Department’s new custom-built engine, the focus of the department will now be shifting from the “pound of cure” to the “ounce of prevention,” in the form of a community risk reduction program.
“You’ve heard the saying ‘if it’s predictable, it’s preventable’,” said Fire Chief Nick West. “We can predict the potential for fires, so now we’re looking at ways to prevent them.”
The community risk reduction program is comprised of three components: