[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ]
* New threat metrics motivate integrators to offer enhanced solutions
* Healthcare industry has an alarming mobile security gap
* Failing fraud line in £35m revamp: Victims of conmen will be able to track police progress online
* Target : Group wants to make Hampton Roads as invulnerable to hackers as possible
* 5 Call Center Security Tips For Protecting Customer Data and Preventing Breaches
* Netskope report reveals 4.1% of enterprises have sanctioned cloud apps laced with malware
* 10 best cloud SLA practices
* UW-led research team wins $7.5M MURI grant to defend against advanced cyberattacks
* Intel and HyTrust figures indicate confidence in software defined data centre
* Target’s Cyber Insurance: A $100 Million Policy vs. $300 Million (So Far) In Costs
* EU data protection reforms expected to be finalised on 14 April
* The Linux Foundation launches Linux-based Civil Infrastructure Platform
* How CERN Fights Hackers
* Are You Really Empowered to Manage Cybersecurity Risks Affecting Your SAP Systems?
* Cyber insurance rates could rise 30% in 2016 for large health care, point-of-sale retailers: Willis Towers Watson
* Surge in cyber attacks on the energy sector
* Lack of backup tech hinders next-generation database adoption
* 90% malicious domains hosted in US, Germany
* Nuclear Drops Tor Runs and Hides
* How to tailor your incident response to the value of your data
New threat metrics motivate integrators to offer enhanced solutions
With the landscape of risk mitigation evolving into a multi-disciplined exercise involving business units, IT and security, traditional systems integration firms like the Aronson Security Group (ASG) out of Seattle are taking bold steps to better serve the market by creating a separate Security Risk Management Services (SRMS) group within its company.
Moving beyond its traditional systems integration and consulting offerings, ASG will provide research, assessment and strategic planning to end user clients and also work with technology vendors to help them better understand the market needs.
While doing their due diligence and research for this shift in the ASG profile, Aronson, and his two principals in this venture, William Plante and Wendi Walsh, considered the drivers that were forcing CSOs and C-suite executives to reassess their risk picture and response.
Alignment with the business values and drivers is certainly a critical element of managing risk at the enterprise level.
Bacco admits that as the security professional has matured and aligned itself more with the risk side of the business, understanding who owns risk and how to react to threats remains a work in progress.
That is one of the drivers for ASG’s approach.
A recent Gartner study regarding the emerging face of enterprise risk management emphasizes how today’s security and risk professional must think of his or her mission in more non-traditional ways.
That means in the future CSOs will be judged just as heavily on the process as they will the end-result.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=90d9a3ab42&e=20056c7556
Healthcare industry has an alarming mobile security gap
“In 2013, 8% of doctors used mobile devices to manage in-patient data.
In 2014, the numbers of doctors relying on mobile devices grew to 31%.
By 2015, it was 70% of doctors,” Skycure noted in its second Mobile Threat Intelligence report, compiled by taking into consideration worldwide threat Intelligence data based on tens of thousands of devices and millions of monthly security tests from July through December 2015 (both consumer and enterprise devices).
But 28 percent of doctors have patient data stored on their mobile device, and 14 percent of those don’t use a passcode to protect the device (and the data on it).
In addition to this, 11 percent of them use older versions of mobile OSes that sport high-severity vulnerabilities.
Also, 65% of doctors share patient data via SMS text message, 46% via picture messaging and 33% via WhatsApp.
The latter option might not be so worrisome in light of the recent addition of default end-to-end encryption to the WhatsApp chat, but if either the healthcare professional or the recipient of the message has enabled unencrypted cloud backups of the messages, the information in the messages is not secure from third parties.
Add to this the fact that cyber attackers can trick healthcare practitioners into risky user behavior (such as sending passwords and sensitive patient data), as well as a lack of extreme mobile security measures, and you have devices that are ideal targets for hackers who are after patient data.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=d7b809ce68&e=20056c7556
Failing fraud line in £35m revamp: Victims of conmen will be able to track police progress online
Users of the Action Fraud website will be able to see how their case is progressing, as well as view the latest scams around the UK through crime-mapping.
And big firms will be able to report up to 1,000 cyber crimes at once to the central fraud system being developed by IBM in a £7 million-a-year contract.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=b35bb1f614&e=20056c7556
Target : Group wants to make Hampton Roads as invulnerable to hackers as possible
Scott Phillpott took the stage of the Virginia Cyber Symposium he organized last month with a decidedly analog means of remembering his speech: hand-written note cards, the result of a targeted hack the week before that rendered his family’s computers and iPhones useless, costing him about $20,000 to clean up and install high-end security in his home in hopes that it doesn’t happen again.
The all-volunteer group that counts business, academia and at least one city, Virginia Beach, among its ranks, wants Hampton Roads to be the first “cyber-hardened” region in the country.
In other words, if cyberwarfare took the form of physical missiles and bombings instead of sneak attacks via computer servers, imagine those missiles and bombs evaporating before they could do damage within the area.
The group’s first goal is building awareness, much of which centers on educating people about what to be wary of — be it phishing emails or otherwise innocuous links that could infect their systems — and being a business referral resource.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=05ca50ff04&e=20056c7556
5 Call Center Security Tips For Protecting Customer Data and Preventing Breaches
Tip 1. Have strong Q&A security protocols in place
Tip 2. Control access at document level
Tip 3. Provide ongoing agent education
Tip 4. Use multiple layers of protection
Tip 5. Enforce a strong password policy
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e8d749ae75&e=20056c7556
Netskope report reveals 4.1% of enterprises have sanctioned cloud apps laced with malware
Netskope, the leading cloud access security broker, today announced the release of the February 2016 Netskope EMEA Cloud Report on enterprise cloud app usage and trends.
According to the report, the fourth quarter of 2015 saw the highest number of cloud apps in use in all enterprises to date.
On average, employees used 769 different cloud apps within a given enterprise organisation, a 26.5% increase from the previous report.
In addition, the report found that 4.1% of enterprises have sanctioned cloud apps laced with malware, such as worms and Trojans.
Considering that unsanctioned apps represent the majority of an enterprise’s total cloud app footprint (at 95%), report findings indicate IT may have an even larger scope of cloud app-based malware in enterprises than initially realised.
The report found that many users can unknowingly spread malware through sync and share mechanisms in the cloud storage apps they use.
As these cloud apps have many connected endpoints which users rely on to sync, share and collaborate on content, malware rapidly spreads throughout an organisation in a short period of time, creating a dangerous attack fan-out effect.
Additional findings
* Microsoft Office 365 eclipses Google in cloud app usage
* Enterprise cloud apps aren’t ready for European Union General Data Protection Regulation
Breakdown of cloud apps by industry
The report found that of the average 769 cloud apps in use per enterprise, 88% of these apps are not enterprise-ready and lack key functionalities such as security, audit and certification, service-level agreement, legal, privacy, financial viability and vulnerability remediation.
Within specific verticals, technology and IT services lead in number of cloud apps in use, averaging 794 apps per enterprise.
Healthcare and life sciences had the second-highest total, with 773 cloud apps.
Average cloud apps per enterprise by app category
Among the top categories in terms of number of cloud apps per enterprise, including those that are not enterprise-ready, marketing had the highest total.
While some marketing apps do not hold sensitive data, many do contain personally identifiable information about users, their Web usage and their buying preferences.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=22ee6f297b&e=20056c7556
10 best cloud SLA practices
1) Specify roles and responsibilities of all parties with respect to the SLA, and, at a minimum, include agency and cloud providers.
2) Define key terms, such as dates and performance.
3) Define clear measures for performance by the contractor.
4) Specify how and when the agency has access to its own data and networks.
5) Specify the following service management requirements
6) Provide for disaster recovery and continuity of operations planning and testing, including how and when the cloud service provider is to report such failures and outages to the agency.
7) Describe any applicable exception criteria when the cloud provider’s performance measures do not apply (e.g., during scheduled maintenance or updates).
8) Specify metrics the cloud provider must meet in order to show it is meeting the agency’s security performance requirements for protecting data (e.g., clearly define who has access to the data and the protections in place to protect the agency’s data).
9) Specifies performance requirements and attributes defining how and when the cloud service provider is to notify the agency when security requirements are not being met (e.g., when there is a data breach).
10) Specify a range of enforceable consequences, such as penalties, for non-compliance with SLA performance measures.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=6435e89342&e=20056c7556
UW-led research team wins $7.5M MURI grant to defend against advanced cyberattacks
A University of Washington-led research team has won a $7.5 million, five-year Multidisciplinary University Research Initiative (MURI) grant from the Department of Defense to better model and mount defenses against stealthy, continuous computer hacking attacks known as “advanced persistent threats.”
The UW-led team will develop a new and comprehensive scientific framework to understand advanced persistent threats and mathematically represent adversarial cyber interactions.
Using statistical modeling, adaptive game theory, machine learning and control and systems theory, they aim to model the strategic interactions between these stealthy malware attacks and cyber defense mechanisms to combat them.
The highly competitive MURI program complements other DoD basic research efforts by supporting multidisciplinary teams with larger and longer awards in carefully chosen research topics identified for their potential for significant and sustained progress.
The MURI team also includes UW co-investigator and electrical engineering associate professor Maryam Fazel and researchers from the University of California, Berkeley; the University of California, Santa Barbara; Georgia Tech and the University of Illinois.
The award was granted through the Office of Naval Research.
Initial research efforts were also funded by the National Science Foundation’s Cyber-Physical Systems Program.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=3c189c00c4&e=20056c7556
Intel and HyTrust figures indicate confidence in software defined data centre
2016 may well be the year where the software defined data centre (SDDC) will become a fixture in the US, according to a study released by Intel and HyTrust.
According to the report, which polled the views of more than 500 senior business executives, 65% of respondents – and 66% from the C-suite – expect increased adoption in this area, while 62% of CxO respondents argue there will be faster deployment in 2016, while roughly half expect greater tangible benefits (49%) and more adoption for network virtualisation (48%) respectively.
41% of those polled expect better alignment of security strategies specifically to address the SDDC, while half (50%) see greater use of public cloud and 38% see workloads traversing hybrid clouds and utilising hyper-converged infrastructure respectively.
6% of those polled said a data centre outage would either be ‘likely’ or ‘most likely’ with the move to SDDC, while more than two thirds (67%) argue a data breach would be the highest concern.
Loss of operational efficiencies (59%), lack of automation and orchestration (58%) and compliance or audit failure (58%) were also seen as likely issues.
Almost three quarters (74%) of the C-suite polled said they expect to see security as less of an obstacle to greater SDDC adoption, but despite this many of those polled do not have any illusions about the dangers of security.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=4ee5a2eea8&e=20056c7556
Target’s Cyber Insurance: A $100 Million Policy vs. $300 Million (So Far) In Costs
According to its public filings, Target’s cyber insurance policy contained a $50 million sublimit for settlements with payment card networks.
In 2015, Target entered into settlement agreements with all four of its major credit card providers, which are in various stages of court approval.
Visa, for example, cut a $67 million deal with Target.
MasterCard later entered into a $19 million settlement.
But Target hasn’t disclosed whether its settlements with the credit card companies will come from a portion of the cyber insurance, subject to the sublimit, or if those settlements will be funded by other sources (such as its corporate general liability policy or from its operations).
The “hard” costs covered by cyber insurance oftentimes are only the tip of the iceberg.
Cyber policies don’t usually cover intangible harm like lost sales, plummeting customer goodwill and trust or damage to the brand.
Most policies also exclude some forms of major attacks like state-sponsored espionage or ransomware – which has been on the rise especially in the healthcare industry.
Target’s experience with cyber insurance isn’t uncommon.
It’s a fast-growing and evolving market with dozens of underwriters offering coverage.
With the increase in headline-grabbing breaches and the sophistication of cybercriminals, demand for coverage is high and business brisk.
Total cyber insurance premiums paid in 2014 were about $2.5 billion and the market is expected to reach $7.5 billion by 2020.
In comparison, cybercrime costs the global economy about $400 billion per year and that number isn’t expected to slow anytime soon.
If there’s a lesson to be taken from Target’s experience, it’s that not all cyber insurance policies are created equal.
While cyber coverage can be an important risk allocation tool, it is only one piece of a much larger puzzle.
Organizations need to start with an overall cyber risk analysis – looking not only at IT risks but at exposure to governance, regulatory and legal liability – to fully assess and identify the most likely risks in the event of a cyber event and consider the coverage that best fits their own risk profile.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=65a5c3afa0&e=20056c7556
EU data protection reforms expected to be finalised on 14 April
The new General Data Protection Regulation (GDPR) (261-page / 1.31MB PDF) and a new Data Protection Directive for police and criminal justice authorities were endorsed by national governments within the EU in a vote held by the Council of Ministers.
The Council’s approval of the texts means that the new laws could be finalised by the European Parliament on 14 April.
The Regulation contains wide-ranging changes to EU data protection laws.
Organisations will be under a greater obligation to undertake privacy impact assessments and to consider privacy when designing new products and services.
Many organisations will need to appoint a dedicated data protection officer.
Updated rules on data transfers will also apply.
In addition, organisations will be subject to tougher data security rules and a new data breach notification framework.
Data protection authorities will be able to impose fines of up to 4% of the global annual turnover of businesses that are responsible for serious breaches of the Regulation.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=7096f8d10b&e=20056c7556
The Linux Foundation launches Linux-based Civil Infrastructure Platform
SAN DIEGO — The Linux Foundation announced today at the Embedded Linux Conference & OpenIoT Summit a new project: The Civil Infrastructure Platform (CIP).
This, an open-source framework, is meant to provide the foundation needed to deliver essential services for civil infrastructure and economic development on a global scale.
And what, you ask, is a Civil Infrastructure Platform.
According to the CIP FAQ, it’s “Any technical systems responsible for supervision, control, and management of infrastructure supporting human activities, including, for example, electric power generation and energy distribution, oil and gas, water and wastewater, healthcare, communications, transportation, and community management.
These systems deliver essential services, provide shelter, and support social interactions and economic development.
They are society’s lifelines.”
Specifically, CIP aims to work upstream with the Linux kernel and other open-source projects to establish a “base layer” of industrial-grade software.
This base layer will enable the use of software building blocks that meet industrial and civil infrastructure safety, security, and reliability requirements.
As an open-source software project built collaboratively across industries, the platform aims to address the major challenges civil infrastructure projects face:
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=9680bd07d2&e=20056c7556
How CERN Fights Hackers
Lueders, a computer security officer, told Motherboard in a phone call that CERN has to keep tabs on around 40,000 bring-your-own-devices from professors, technicians, and other workers; academics and engineers also connect to systems remotely.
The organization’s two main data centres in Switzerland and Hungary have around 100,000 hard-drives and 13,000 servers in total.
Then there’s the LHC’s computing grid, spread across North America, Europe, and Asia, which reprocesses data generated by the experiments.
Control systems for equipment need to be secure as well, and CERN hosts around 10,000 websites.
CERN sees more advanced attacks a few times a year, Lueders added.
Overall, hacking attempts don’t seem to come from any particular part of the world.
One way CERN has bolstered its defenses is by adopting white hat hackers to test the organization’s limits.
Once approved, university students get the green light to hack CERN systems in order to uncover vulnerabilities.
CERN has also trained around 120 engineers, technicians, and programmers in penetration testing, Lueders added.
But despite his job title, Lueders says he is not responsible for computer security at CERN. “I’m doing more or less the whole portfolio: I’m doing protection/prevention, I’m doing detection, and I’m doing response.
However, I’m not responsible for computer security at CERN.
I decline this responsibility,” he said.
Instead, everyone has to patch and secure their own devices, and perhaps their own larger systems too, or delegate that task to somebody else if they don’t feel capable. “If you are running a database, you are responsible for securing the database,” Lueders said.
That also applies to web servers, control panels, and individual computers.
“People are used to having a certain liberty to choose what technology they would like to employ, the hardware they would like to run, the operating system they would like to use, and the applications they would like to install.”
If not, the vibrancy of CERN’s community is under threat. “If we don’t do this we will force them into a corner, and all the intelligence, all the creativity will be killed,” Lueders said.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=371fe00b5a&e=20056c7556
Are You Really Empowered to Manage Cybersecurity Risks Affecting Your SAP Systems?
A recent independent study conducted by the Ponemon Institute, “Uncovering the Risk of SAP Cyber Breaches,” revealed some startling information about the threat of a SAP cyber breach and how companies are managing the risk of information theft, modification of the data and disruption of business processes.
First, nearly 76 percent of respondents said their senior leadership understands the importance and criticality of SAP installations to profitability.
However, 63 percent of respondents also said C-level executives underestimate the risks associated with insecure SAP applications.
The majority of the respondents believe it is difficult to secure SAP systems.
One possible reason is a lack of clear ownership over these systems.
When asked which function was most accountable for security, 25 percent claimed that no one group was responsible.
Meanwhile, 21 percent said IT infrastructure was responsible, 19 percent said a dedicated SAP security team and 18 percent said information security.
Risk executives, audit professionals and boards of directors all collected less than 10 percent of the vote.
When asked what was most important for achieving security, 83 percent of respondents indicated that detecting zero-day vulnerabilities is vital for their organizations.
Despite this thirst for security knowledge, most organizations don’t believe they have the power to detect an incident.
About 47 percent of respondents were “not confident” or claimed “no confidence” that they could detect a breach within a year if their company’s SAP platform was compromised.
Because the threat to business-critical information is increasing, it is essential for companies to separate myths from reality.
These myths typically fall into three different categories:
Myth One: SAP systems are only accessible internally within the organization’s network.
Myth Two: Only SAP production systems should be audited.
Myth Three: Patch and change management process provide adequate security controls.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=22bc7fdd5b&e=20056c7556
Cyber insurance rates could rise 30% in 2016 for large health care, point-of-sale retailers: Willis Towers Watson
The withdrawal by American International Group Inc. from some monoline site pollution markets “will result in increased competition” as other carriers look to pick up the displaced business, losses arising from the explosion last August in the Chinese port of Tianjin could reach $6 billion and some retailers could expect cyber insurance rates to rise 30% this year, Willis Towers Watson plc said in a report announced Thursday.
Electronic medical record.In Marketplace Realities 2016 Spring Update, Willis Towers Watson revealed its predictions on rate changes for several commercial lines this year.
All dollar figures are in U.S. currency.
“Cyber renewals are seeing primary premiums increases of 5% to 15% for most buyers and 15% to 30% for [point of sale] retailers and large health care companies with no losses – with additional increases on excess lawyers,” stated Willis Towers Watson, formed by the recent merger of commercial brokerage Willis Group plc with Towers Watson & Co.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=d61aecef14&e=20056c7556
Surge in cyber attacks on the energy sector
A new survey conducted by Dimensional Research, which was carried out in November 2015, assessed cyber security challenges faced by organizations in the energy sector.
Study respondents included over 150 IT professionals in the energy, utilities, and oil and gas industries.
Key findings
Energy executives were more than twice as likely to believe their organization detected every cyber attack (forty-three percent) than nonexecutives (seventeen percent).
In the last 12 months, seventy-eight percent of the respondents said they experienced a cyber attack from an external source, and thirty percent have seen an attack from an inside employee.
Forty-four percent of the respondents indicated they have not gathered enough information to identify the sources of cyber attacks on their organizations.
Nearly one-fourth (twenty-two percent) of the respondents admitted their organizations do not have business processes to identify sensitive and confidential information.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=f94f05e5a4&e=20056c7556
Lack of backup tech hinders next-generation database adoption
While there is immediate and increasing interest in evolving infrastructure to support distributed, scale-out databases and cloud databases, a lack of robust backup and recovery technologies hinders adoption.
A new Datos IO survey examines IT leaders’ concerns and benefits cited on the rising demand for distributed applications and adoption of scale-out databases, including MongoDB and Cassandra (Apache and DataStax).
Key findings
75%+ of respondents predict the next-generation database will influence organizational growth in the coming 24 months.
80%+ of enterprise IT and database professionals believe deployment of a next-generation database will grow 2x+ by 2018.
The majority of apps (54%) deployed on a next-generation database are analytics related, with business management, IoT and security apps close behind.
MongoDB and Cassandra lead distributed database deployment, followed by cloud-native databases from Microsoft and Amazon.
89% of enterprise IT database professionals declared that backup and recovery (as a function of storage) is critical for production applications.
61% of enterprise IT and database professionals cite poor backup and recovery solutions available today as preventing adoption of next-generation database technology.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=891874e722&e=20056c7556
90% malicious domains hosted in US, Germany
Creation of malicious DNS infrastructure rebounds to near record levels in the last quarter of 2015, according to Infoblox Inc.
Infoblox researchers also found that 92 per cent of newly observed malicious domains in Q4 were hosted in either the United States or Germany.
The Index in Q4 2015 increased to 128-near the record high of 133 established in Q2 2015.
This is a rise of 49 per cent from Q4 2014, and an increase of five per cent from the previous quarter, meaning the number of malicious domains is increasing from quarter to quarter and year to year.
While Angler continues to lead DNS exploit kit activity, RIG-an older kit that has been far back in the pack in usage during previous quarters-surged into second place.
Infoblox analysis of RIG activity in 2015 shows that it began using domain shadowing techniques similar to those pioneered by Angler to defeat reputation-based blocking strategies.
This indicates that as exploit kits are updated in coming years, there may be a reappearance of past threats in a new guise or location.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=f26a4da843&e=20056c7556
Nuclear Drops Tor Runs and Hides
Exploit kits are constantly compromising users, whether it’s via malvertising or compromised websites, they are interacting with a large amount of users on a daily basis.
Talos is continuously monitoring these exploit kits to ensure protection, analyze changes as they occur, and looking for shifts in payloads.
Yesterday we observed a new technique in the Nuclear kit and found a new payload and technique we’ve not seen before.
It’s been awhile since we’ve discussed Nuclear so let’s start with an overview of how users are infected.
Like most exploit kits it has a couple of key components: a gate, a landing page, and an exploit page with payload.
Let’s start by describing the gate that we have been observing associated with Nuclear and specifically this instance associated to a novel payload.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=6ed67a6e68&e=20056c7556
How to tailor your incident response to the value of your data
Organisations need to map their incident response plans against the value and associated risk of different types of data
Here are the key steps that can be followed to ensure you assess the value of your data and can implement processes to protect it adequately:
Take stock of all your data
Classify and identify the high risk, high worth data
Map and track this data within the organisation
Share the hierarchy with relevant teams
Tailor the crisis management plans
Educate staff
Understanding the worth of your assets – beyond the ‘bricks and mortar‘ – is an important step on the road to more effective security protection and response strategies.
It not only means that you can implement that right safeguards around your data, but also that the response fits the magnitude of the breach.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=2aff955214&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If you know someone else who would be interested in this Newsalert, please forwarded this email.
If you want to be added to the distribution list, please click this: Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
Unsubscribe from this list (http://paulgdavis.us3.list-manage1.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=138afb76ca)
Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)