Defending Against the Cyberrisk of Malicious Insiders

An overwhelming number of businesses increasingly see their greatest cyber threats coming from within, but figuring out what to do about the risk poses a formidable gap, according to a recent study from Mimecast. The email and data security company found that 90% of organizations globally consider malicious insiders a major threat to security, yet 45% report they are ill-equipped to cope with the risk. Indeed, one in seven IT security decision-makers view malicious insiders as their number one threat.

Current measures to guard against this risk may still leave significant exposure, and IT managers appear to know it. Those who say they are very equipped on cybersecurity feel virtually just as vulnerable to insider threats as those who believe they are not equipped at all (16% vs. 17%), “indicating that the risk of malicious insiders trumps perceptions of security confidence,” Mimecast reported.

Mimecast recommends the following strategies to guard against the risk of malicious insiders:

  1. Assign role-based permissions to administrators to better control access to key systems and limit the ability of a malicious insider to act.
  2. Implement internal safeguards and data exfiltration control to detect and mitigate the risk of malicious insiders when they do strike, to cut off their ability to send confidential data outside the network.
  3. Offer creative employee security training programs that deter potential malicious insiders in the first place and help others to spot the signs so they can report inappropriate activity to their managers. Then, back that up with effective processes to police and act swiftly in the event of an attack.
  4. Nurture a culture of communication within teams to help employees watch out for each other and step in when someone seems like they’ve become disenchanted or are at risk of turning against the company.
  5. Train your organization’s leadership to communicate with employees to ensure open communication and awareness.

Check out more of the study’s findings in the infographic below:

mimecast_5-tips-to-defend-infographic

Aquisition Integration for Logistics and Cargo Insurance

chess-game
During my 36 years in the marine insurance industry, one of the most common issues has been failure to properly integrate acquisitions into cargo logistics insurance programs—which can result in gaps in cargo insurance coverage. Old habits die hard, however, and this is particularly true in logistics operations.

When an organization acquires a new company, there is a choice. The buyer can allow the acquisition to continue to operate independent of its logistics program (rarely is cargo insurance left independent) or fully integrate them into the buyer’s logistics and cargo insurance programs. The most common occurrence is full integration into the buyer’s logistics and cargo insurance programs for cost savings and continuity.

If the independent logistics option is chosen for the acquisition, it is still critical to perform a detailed gap analysis of the logistics SOPs (Standard Operating Procedures) used by the acquisition to assure their program does not present unique exposures not currently considered or addressed in the buyer’s program. The most objective and effective gap analysis should be performed by an outside consultant working with the buyer’s designated logistics representative.

A risk management representative is not required but may wish to attend. The consultant must have extensive experience in logistics audits as well as a clear understanding of implications of the terms and conditions of the cargo policy. This team will create a gap analysis report that details variances from best practices and the key drivers in the buyer’s logistics program that are critical to the marine cargo insurance program. This also allows the buyer’s cargo program to be adjusted for any unique requirements of coverage by the acquisition to assure there are no coverage gaps.

Importance of SOPs
It is worth a moment to address SOPs for logistics and security for shipping and storing goods in the due course of transit. Formal SOPs are critical to assure compliance, and proper measurement of compliance. SOPs also provide continuity of logistics’ programs so learned processes and shipping lane specific issues are not lost when there is a change in personnel.

In instances when the buyer decides for full integration, the process is much the same as described above for the independence option for logistics by the acquisition. The most important difference is that the gap analysis details the variances between the acquisition and the buyer’s logistics program SOPs and rates the findings into levels of importance for timely adoption; critical, second tier and third tier variances. The critical issues require adoption as soon as possible while the other variances can be corrected over the course of time.

It is important to complete a followup audit(s). If there are critical issues, a followup audit might be completed after the buyer has been advised that the critical variances have been finalized, to independently confirm compliance has been obtained if deemed appropriate. Regardless, a one-year audit is recommended to examine all the variances in the gap analysis to determine the level of compliance to correct all originally identified variances.

Again, old habits and processes die hard. You will often hear, “We always did it this way.” It is important during the gap analysis to integrate local issues required as needed, as long as it does not compromise the goal of the SOP. The integrations, especially acquired foreign companies, can be difficult, involving politics by other units of both companies outside of the logistics, security and risk management units. It is critical that senior management of both the buyer and the acquisition company have “full buy-in” on the integration process to overcome the political infighting that can develop.

The best analogy of this process would be a chess game—complex and variable with many moving, interrelated parts.

Warning: Deer Crossing Ahead

With Oct. 1 just days away, it’s that time of the year, when deer, elk and moose become more active in the United States, increasing the risk of collisions. In fact, the risk of hitting one of these large animals doubles during the months of October, November anddeer-crossing December, according to State Farm.

This is no small matter, as these accidents can cause significant injury and damage. In fact, the average cost per claim nationally for 2015-2016 was $3,995.08, down slightly from $4,135 in 2014-2015. In its annual ranking, State Farm identifies the state where a driver is most likely to have a claim from a deer, elk or moose collision as West Virginia, where the odds are 1 in 41. The state where such a collision is least likely (excluding Hawaii) is Arizona, where odds of getting into such an accident are 1 in 1,175.

“We know there is an increased risk of collision with deer around dawn and dusk, and also during the October-December breeding season,” Chris Mullen, director of technology research at State Farm said in a statement. “However, drivers should be engaged, alert and on the lookout at all times, because you never know when you may need to react to a deer or any other obstacle that may suddenly be in your path.”

In its 2015-2016 study, State Farm found that the top five states where a driver is most likely to have a claim from a collision with a deer, elk or moose are:
deer-collision-ranking

Safety tips for drivers:

  • Slow down, particularly at dusk and dawn
  • If you see one deer, be prepared for more to cross the road
  • Pay attention to deer crossing signs
  • Always buckle up, every trip, every time
  • Use your high-beams to see farther, except when there is oncoming traffic
  • Brake if you can, but avoid swerving, which could result in a more severe crash
  • Remain focused on the road, scanning for hazards, including animals
  • Avoid distractions, like devices or eating, which could cause you to miss seeing an animal
  • Do not rely on products such as deer whistles, which are not proven effective
  • If riding a motorcycle, always wear protective gear and stay focused on the road ahead.

Ransomware Threats Jump 300%

Businesses have seen a huge increase in ransomware threats—300% from 2015, according to the FBI, which also reports there were 2,400 ransomware complaints in 2015. In addition to its growing frequency, the means of attack have also improved significantly, as hackers get better at social engineering and at developing malware.
ransomware1

Unlike other types of cyberattack, ransomware attacks are not about extracting data, they are about freezing access, holding businesses functionally hostage, according to Risk Management. When this type of malware infects a system, it encrypts files and documents and demands a ransom, typically in the form of digital currency such as bitcoin, in exchange for a decryption key.

The most frequent targets of attacks, 23%, were government entities, according to Hiscox. The category of business services was second at 18% and finance and insurance institutions followed with 13% of the attacks.
ransomware2
Because the encryption can be crippling and circumventing it is difficult, the FBI advises that businesses may be better off paying the ransom, especially if the company’s system backup has also been infected.
ransomware3