Check AML crypto online: USDT AML check BTC, ETH and 65+ coins. Receiving funds of illegal origin could lead the risk of having your funds frozen. The USDT is being tested for scams, mixers, darknet market, ransom, gambling and other crimes.

The Deadliest Car Bombs

Posted on by

On the 10-year anniversary of September 11, we took a look at some of the deadliest terrorist attacks in history. Those attacks that have been most spectacular in nature — such as the unique means used in 9/11 and the U.S.S. Cole bombing and horror of rampages such as those in Mumbai and Norway — have been the most memorable in recent times. But a majority of the deaths that have ever been attributed to terrorism have come during old-fashioned car bombs.

To illustrate just how deadly some of the worst car bombs have been, FreeInsuranceQuotes.com created an infographic that catalogs the devastation. Above is a snapshot of the image. You can find the full version after the jump.

Continue reading

The Anatomy of Data Risk Management

Posted on by

As we posted yesterday, Saturday, January 28, is Data Privacy Day. Keeping with that theme, we think it’s important to focus on data risk management. Brian McGinley, senior vice president of data risk management at Identity Theft 911 offers this well-written piece on the timely topic.

Think of data as a living organism.

Just like a human body, data has various components and life support systems that must be maintained to ensure the whole thrives and survives. You can think of a data risk specialist as a doctor trying to keep the organism healthy through its various life stages.

Data, our hypothetical patient, (you’re welcome Star Trek fans) needs a safe and healthy environment, a supportive lifestyle and good hygiene. Just as a doctor has to consider external threats (“do you smoke?”) so does the data risk manager.

Let’s look at what this all means, and how this philosophy can be applied to your businesses policies and practices.
Data, our hypothetical patient, has three basic forms: paper, electronic and human memory.  A good data risk management plan must consider all three.

Controlling paper and electronic data is what we think of most when considering data security. This is your standard (or what should be standard) security policy, access controls procedures, system audits, and the like. It’s where security planning meets IT.

Human memory is a little more elusive. Education, security training and a reward-demotion plan can help control human errors, as can confidentiality agreements, and project-specific security contracts. These are the tools of teachers and lawyers. Generally speaking, there are four key rules to protecting data in all its forms:

  1. Be stingy with sensitive data, internally and externally;
  2. Provide access to data on a need-to-know basis;
  3. Provide access only to that specific data, rather than entire data sets;
  4. Be deliberate in how data is handled, used and shared.

Data has a life cycle. If your data doesn’t, it should. Whether it’s government secrets or an online shopper’s credit card number, data is received or created within your company’s computer systems. It is used, maintained and stored. It is archived or destroyed. That data, in all cases, has three basic states: in action, in motion or at rest. Take the credit card number example: that information can be used, the card charged, or moved to another computer system, or archived. Use, motion, rest.

There are four fundamental rules regarding the life cycle of data:

  1. If the organization doesn’t need it, don’t collect it.
  2. If data must be collected, collect only what is needed.
  3. If data is needed, control it and encrypt it.
  4. When data is no longer needed, get rid of it – SECURELY.

Now that we know what data looks like (paper, electronic, mnemonic) and how it lives (in action, in motion, at rest) we should consider those external threats, namely data breaches. A data breach is an incident (or series thereof) in which sensitive, protected or confidential information has potentially been viewed, stolen or used with unauthorized access. This can be a hacker attack, an internal company mistake that results in exposed information or, in some cases, corporate or government espionage. A data breach can be anything that jeopardizes data.

These threats range from simple user negligence, operating or systemic issues, all the way to highly complex criminal attacks launched against your organization. As anyone who follows the tech news knows, sensitive consumer and business information has become a criminal commodity.
With this hostile environment in mind, it is imperative for the business to plan and prepare not only for the protection of their information, but also for the response and recovery of their data and business in the event of a data breach. For a data manager or security professional to fail to issue such a warning would be akin to that doctor not asking about smoking.

At the end of the day, data as an organism is more than an extended metaphor. It’s a means to look at your company’s data products in an abstract way and understand how it operates. This, in turn, will allow you to develop the proper health plan. Just like with our health, there is no single wonder pill. But there are data doctors out there who can analyze your businesses’ risk posture and recommend ways to get it in shape.

 

The Emerging Risks of 2012

Posted on by

In our February issue of Risk Management magazine, we highlighted seven of the key risks that companies will face in the coming year. These, we claim, are the risks that “if they don’t keep you up at night, might bring down your company.”  We have no delusions that this list is comprehensive or that all its elements are even applicable to everyone. But it provides a good overview of some major trends that all risk managers should at least think about. (Subscribers should receive their print issue any day now, the rest of you can catch it online February 1.)

Of course, we weren’t the only ones to come up with a list of 2012’s top risks. Among others, one organization that did was insurance broker Willis. Its subject experts did write ups on 18 different areas of risk. There are links to each in their “WillisWire Emerging Risks Round-up.”

Protecting Your Business from Cybercrime

Posted on by

Saturday, January 28, is Data Privacy Day, a day designed to promote awareness about privacy and education about best privacy practices. With that in mind, we decided to devote today’s and tomorrow’s posts to data privacy and how companies can achieve more secure, robust methods to dealing with the ever-present risk of cyber crime and data theft. Today’s post is by Tim Francis, business insurance management and professional liability and cyber insurance lead for Travelers.

IT departments play a pivotal role in identifying and mitigating exposures to cyber threats. However, there are risks that exist outside the company network. Businesses may be overlooking other points of vulnerability where a hacker can potentially attack, including but not limited to company cell phones, smart phones, tablets, laptops and other mobile devices. Every type of technology brings the potential for a cyber crime. Even if every employee is securing their personal and work technologies constantly, information can be compromised.

Institutions that understand the commitment necessary to create a robust anti-fraud program have a plan in place that involves numerous security options. This includes proper breach response planning, establishing information, and insurance protection. Corporate risk managers can be a valuable asset to their companies by becoming part of the planning process. They can also activate their professional networks and refer their companies to other advisers for additional guidance including lawyers, crisis communications specialists and other professionals.

Corporate risk managers should also advise their companies on the importance of employee engagement as part of a cyber risk management plan. When employees understand the potential impact on the company (possibly including their job security) they are likely to be more willing to take the necessary precautions to protect company information by following established protocols for information security. Employees should understand the costs associated with addressing a breach including having to install credit monitoring for hacking victims, liability expenses and potentially losing business and even deterring new business opportunities from prospective clients who get wind of security failures. Getting full buy-in and participation for mitigating cyber risk from the top down in an organization can make a significant impact on reducing cyber exposures.

Operating without a cyber risk management plan could have a crippling effect on a company’s reputation. The way in which companies respond to cyber threats can be scrutinized by clients, stakeholders and the public, especially because victims are often directly impacted by slow response. For example, if a company does not respond quickly, victims of the crime may miss opportunities to cancel credit cards and alert their banks about suspicious activity. The window for fraudulent activity can be prolonged by companies that are unprepared to deal with a cyber breach. With a strategy in place for responding to a cyber event, businesses can execute against their plan and focus on getting back to business as usual.

As cyber attacks dominate headlines, companies must make efforts to properly secure both their technology and networks. Recent media reports have identified major companies, organizations and governmental entities across the U.S. as unfortunate examples of what can happen when a business is unprepared for a cyber crisis. Corporate risk managers can help their companies to adapt their risk management strategies and practices so that their employees and their customers remain ahead of emerging cyber risks.