For many employers, performance evaluations have become obsolete and for others they still exist, but only as a small part of a much grander process. Unfortunately, the annual performance evaluation by itself seldom provides any benefit, is often dreaded by managers and employees alike, and can be incredibly time consuming.
You take steps to protect your business from perils such as fire and theft. But how do you start to understand a risk that you cannot see and perhaps have never experienced?
READ THE ARTICLE
Our update for December highlights malware, data breaches, a bomb scare, and more.
READ THE ARTICLE
Know the essentials before deciding.
You take steps to protect your business from perils such as fire and theft. But how do you start to understand a risk that you cannot see and perhaps have never experienced? This is the predicament that many business executives are facing and the nature of cyber risk. As businesses become more connected and dependent on online systems and vendors, the risk of a data breach or crippling business disruption goes up. If you rely on email and access to the internet to conduct everyday business, you're at risk.
This month's Threat Intelligence Report is about a large hotel chain that reports an “unauthorized access” to its customer database since 2014, exposing data of 500 million guests; a vulnerability in a postal service site that left 60 million customers exposed for more than a year; a third-party vendor breach that exposes data of millions of healthcare patients; a new report that profiles notorious MageCart cyber criminals; court documents that reveal first-ever indictment on ransomware charges; and a bundled pack that makes SamSam and other ransomware easier for hackers to obtain and deploy.
In this new Threat Intelligence report, we discuss some of the latest cyber risks, including Chinese involvement in U.S. hardware hacks; a study that reveals the ease at which criminals are using legitimate email credentials; a Canadian university that recovered $10.9 million in an $11.8 million fraud scheme; millions of voter registration records listed for sale ahead of the 2018 mid-term elections; companies impersonated by hackers in phishing schemes; and ransomware-as-a-service that is now offering exploit kits to users.
Regardless of your company’s size or mission, the legal costs associated with a D&O lawsuit can be crippling for both an organization and its leadership. To complicate matters, D&O liability can come from a variety of sources, and claims can arise without warning. While D&O insurance provides a last line of defense for organizations and their leadership teams, the best way to protect against D&O claims is to avoid them altogether. Understanding the main sources of D&O liability can go a long way in avoiding costly legal action.
Two recently discovered security flaws could allow hackers to bypass regular security measures and obtain normally inaccessible data. The flaws, referred to as Meltdown and Spectre, are both caused by design flaws found in nearly all modern processors. These vulnerabilities can be exploited to access all of the data found in personal computers, servers, cloud computing services and mobile devices.
The European Union’s new General Data Protection Regulation (GDPR) becomes effective on May 25, 2018. The European Union (EU) enacted these rules to create uniform data protection rules for all member states. In its view, a unified set of rules and standards would allow EU citizens more control over their personal information. The new rule will also have a global impact on any company that offers goods or services to EU residents or monitors their behavior (e.g., tracking their buying habits). The ruling will impact U.S. firms that collect, store or process EU customer data.
In a previous article, we discussed what consumers should do in the wake of the breach of data at Equifax. But what about its effects on businesses? Businesses have a significant responsibility to protect their customers’ personally identifiable information (PII). Failure to do so could lead to lawsuits, loss of trust, loss of revenue, and even loss of the business.
This year, there are a lot of scary statistics related to social engineering fraud. A 2017 Federal Bureau of Investigation (FBI) Public Service Announcement stated that between January 2015 and December 2016 there was a 2,370 percent increase in identified exposed losses by social engineering. Social engineering can be a very effective way for a criminal to steal your digital assets, and organizations should do everything they can to protect them.
Send a Message
Find a Location