Fall World 2017

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 30, Issue 2

Full Contents Now Available!

Nearly every day you read about a new malicious attack on computer networks of vital businesses around the world, and the attacks do not seem to be slowing down. 

According to reports, malware volume skyrocketed in 2016--more than 800 percent when compared to 2015--and that number coninues to rise.

The most recent attack, WannaCry, targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin currency. The attack reportedly locked hundreds of thousands of computers in more than 150 countries, and demanded a $300 payment to restore the encrypted files.

...

http://mspmentor.net/blog/securing-weakest-link-educate-end-users-about-cyber-risks

5 Key Changes on the Way

Although nearly a year away, the EU’s new General Data Protection Regulation (GDPR) is fast-approaching for multinational companies, and the clock is ticking to ensure compliance. The changes coming will have far-reaching implications for global businesses: any company operating in the EU must comply or face steep financial penalties.

It’s hard to believe that we’re now less than one year out from the implementation of a major change to data protection laws in Europe: The General Data Protection Regulation, or GDPR.  It is the result of four years’ work by the European Union (EU) to standardize privacy laws and protect residents of the EU from the misuse of their personal data and data breaches in an increasingly digital world.

Most of the personal data protection laws in the EU haven’t been updated since the 1995 Data Protection Directive. In 1995, only one percent of the European population was using the internet. Now, not only is the majority of the global economy digital, but many companies are operating globally and processing personal data across borders. The EU Parliament established the GDPR framework as a way to update and harmonize the laws specific to the usage of millions of individuals’ data.

...

http://www.corporatecomplianceinsights.com/need-know-gdpr/

Monday, 24 July 2017 15:15

What You Need to Know about GDPR

For retailers, the specter of big data is one that is constantly looming. Companies are working hard delving into the omni-channel arms race as they try to fend off behemoths like Amazon. Some companies are going so far as to deploy massive amounts of resources into developing their own big data solutions in an attempt to go toe-to-toe with the retail giant.

The natural question that retailers face is what exactly they need to build in-house vs. what they can, and probably should, outsource to vendors.

With the proliferation of the software-as-a-service (SaaS) model, it’s becoming increasingly simpler and faster to deploy new solutions in an enterprise setting. This naturally results in ever-increasing innovation in the industry, as old solutions are easily replaced with the more novel and more effective ones in mere weeks.

...

http://www.datacenterknowledge.com/archives/2017/07/21/big-data-technology-house-vs-outsource/

The Business Continuity Institute

Global economic losses resulting from natural disasters during the first half of 2017 were estimated at US$53 billion – 56% lower than the 10-year average of US$122 billion, and 39% lower than the 17-year average of US$87 billion. This is according to Aon Benfield's Global Catastrophe Recap: First Half of 2017 Report. Meanwhile, insured losses were preliminarily estimated at US$22 billion – 35% lower than the 10-year average of US$34 billion, and 12% lower than the 17-year average of US$25 billion.

According to the report, the severe convective storm peril was the costliest disaster type on an economic basis (nearly US$26 billion) during the first half of 2017, comprising 48% of the loss total. The majority of these losses (US$23 billion) were attributable to events in the United States. These types of events also caused the majority of insurance losses (US$17+ billion), comprising 78% of the loss total, and with nearly US$16 billion attributable to widespread hail, damaging straight-line winds, and tornadoes in the US.

Natural disasters claimed at least 2,782 lives during the first half of 2017, the lowest figure since 1986 and significantly below the long-term (1980-2016) average of 40,867. Flooding was the deadliest peril during the period, being responsible for at least 1,806 deaths.

Steve Bowen, Impact Forecasting director and meteorologist, said: "The financial toll from natural catastrophe events during the first six months of 2017 may not have been historic, but it was enough to lead to challenges for governments and the insurance industry around the world. This was especially true in the United States after the insurance industry faced its second-costliest first half on record following a relentless six months of hail-driven severe weather damage. In fact, nearly eight out of ten monetary insurance payouts for global disasters were related to the severe convective storm peril. Other events – such as Cyclone Debbie in Australia, flooding in China and Peru, wildfires in South Africa, and a series of windstorms in Europe – led to notable economic damage costs. As we enter the second half of the year, much of the focus will be on whether an El Niño officially develops. Such an event could have a prominent influence on weather patterns and associated disaster risks."

The report highlights that the US recorded 76% of the global losses sustained by public and private insurance entities during the first half of 2017, while EMEA (Europe, Middle East and Africa) and Asia-Pacific (APAC) each accounted for 10%.

Around 42% of the global economic losses during this time period were covered by insurance, above both the near- and medium-term average of 32% and due to the fact that the majority of losses occurred in the US However, insurance take-up rates continued to grow in other areas, notably Asia-Pacific (APAC) and the Americas.

Adverse weather has consistently been a top ten threat for business continuity and resilience professionals, according to the Business Continuity Institute’s annual Horizon Scan Report. In the latest edition, more than half of respondents to a global survey expressed concern about the prospect of this type of disruptive event materialising. When you analyse the results further to only include respondents from countries where these types of events are relatively frequent, countries such as the United States, the level of concern increases considerably.

The Business Continuity Institute

IT professionals believe that compliance and regulation and the unpredictable behaviour of employees will have the biggest impact on data security, according to a survey commissioned by HANDD Business Solutions.

The UK study found that 21% of respondents say regulations, legislation and compliance will be one of the two greatest business challenges to impact data security. The General Data Protection Regulation (GDPR) is causing real concern among professionals in their bid to be compliant by the deadline in less than 12 months. GDPR will not only raise the privacy bar for companies across the EU, but will also impose extra data protection burdens on them.

HANDD CEO and Co-Founder, Ian Davin, commented: “Companies must change their mindset and look at data, not as a fungible commodity, but as a valuable asset. Data is more valuable than a pot of gold, which puts companies in a challenging position as the stewards of that data. C-suite executives must understand the data protection challenges they face and implement a considered plan and methodical approach to protecting sensitive data.”

Worryingly, 41% of those surveyed assign the same level of security resources and spend for all company data, regardless of its importance. Analysing and documenting the characteristics of each data item is a vital part of its journey through an organization. A robust data classification system will see all data tagged with markers defining useful attributes, such as sensitivity level or a retention requirement and ensuring that an organization understands completely which data requires greater levels of protection.

While 43% of those surveyed think that employees are an organization’s greatest asset, more than a fifth (21%) believe that the behaviour of employees and their reactions to social engineering attacks, which can trick them into sharing user credentials and sensitive data, also poses a big challenge to data security.

Danny Maher, CTO at HANDD, commented: “Employees are probably your biggest asset, yet they are also your weakest link, and so raising user awareness and improving security consciousness are hugely important for companies that want to drive a culture of security throughout their organization.”

Storage is also a key problem area, with more than a third (35%) citing that ensuring data is stored securely, and whether it's on premise or in the cloud, as their biggest challenge and most likely to keep them awake at night. A data record’s classification will enable a company to make these decisions, automatically and definitively dictating its location and whether an encryption policy should apply.

Having stored data to comply with its security policy, an organization must ensure that an access management system is in place, which understands roles and responsibilities and allows users to see only the information that they need. In HANDD’s survey, less than half (45%) of IT professionals are confident that they have an identity access management process in place which dictates that users must have different privileges depending on their roles and responsibilities, while 15% have no access management system in place at all.

Data breaches, and the disruptive impact they can have on an organization, are the second greatest concern for business continuity and resilience professionals, according to the Business Continuity Institute's latest Horizon Scan Report. 81% of respondents to a global survey expressed concern about the prospect of a breach occurring, making it essential that organizations have mechanisms in place to reduce the chances of a breach occurring, and also have plans in place to respond to such an incident and help lessen its impact.