People have been asking how many different mailing newsletter I produce. Here’s a link to page that lists the IT Security Lists I produce, with subscribe links: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=e68cb005cc&e=20056c7556
\nSubscribe to any you are interested in.
\nRegards
\nPaul<\/p>\n
* Trillium Mutual Launches Data Breach and Cyber Coverage for Agriculture and Commercial Lines
\n* European Commission presents EU-US Privacy Shield
\n* CISOs Still Frozen Out of the Boardroom
\n* Sweden no longer on high terror threat alert
\n* A major red flag about security could threaten the entire IoT
\n* Is your Security Awareness Program Culturally Sensitive? (And does it matter?)<\/p>\n
Trillium Mutual Launches Data Breach and Cyber Coverage for Agriculture and Commercial Lines
\nMarch 3, 2016, LISTOWEL ON, – Trillium Mutual Insurance Company is pleased to announce that it has partnered with The Boiler Inspection and Insurance Company of Canada (HSB BI&I) to launch two new products designed specifically for small to medium sized commercial and agricultural operations.
\nData Compromise Coverage helps businesses notify and assist affected individuals following a breach of personally identifying information.
\nThis coverage provides indemnity for first party expenses as well as third party costs of defence, settlement and judgement.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=ebdf685d52&e=20056c7556<\/p>\n
European Commission presents EU-US Privacy Shield
\nThe European Commission \u2013 the executive body of the European Union \u2013 issued the legal texts that will put in place the EU-US Privacy Shield, a new framework for protecting the fundamental rights of Europeans where their data is transferred to the United States and ensure legal certainty for businesses.
\nThe new framework reflects the requirements set by the European Court of Justice in its ruling from 6 October 2015.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=2769c02902&e=20056c7556<\/p>\n
CISOs Still Frozen Out of the Boardroom
\nAccording to a study by ISACA and RSA Conference, 82% of cybersecurity and information security professionals polled in the survey report that their board of directors is concerned or very concerned about cybersecurity, but only one in seven (14%) CISOs reports to the CEO.
\nThis gap between belief and actions at the highest levels of management is playing out in an environment where 74% of security professionals expect a cyber-attack in 2016 and 30% experience phishing attacks every day, according to the ISACA\/RSA Conference State of Cybersecurity study.
\n\u201cWhile there are signs that C-level executives increasingly understand the importance of cybersecurity, there are still opportunities for improvement,\u201d said Jennifer Lawinski, editor-in-chief, RSA Conference. \u201cThe majority of CISOs still report to CIOs, which shows cybersecurity is viewed as a technical rather than business issue.
\nThis survey highlights the discrepancy to provide an opportunity for growth for the infosec community in the future.\u201d
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=c0d090ca4e&e=20056c7556<\/p>\n
Sweden no longer on high terror threat alert
\nSweden’s Security Service said it had decided to move the country back down to a lower threat level after consulting with the country’s military and intelligence agencies.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=69607b02ae&e=20056c7556<\/p>\n
A major red flag about security could threaten the entire IoT
\nAT&T’s Cybersecurity Insights Report, which included a survey of more than 5,000 enterprises worldwide, found that 85% of enterprises are in the process of or are planning to deploy IoT devices, but only 10% feel confident that they can secure those devices against hackers.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=b830f9ffd6&e=20056c7556<\/p>\n
Is your Security Awareness Program Culturally Sensitive? (And does it matter?)
\nA security awareness program is probably the first line of defense against modern threats to IT systems and company data.
\nAlthough more and more advanced technical measures must always be in place to ensure the detection and, if possible, the prevention of intrusions, it is extremely important for businesses to make sure employees are aware of possible threats and of how some of their actions could result in severe vulnerabilities for their employer.
\nAn organization\u2019s security culture depends on the identification of proper ICT policies based on risk assessment and management, and in taking a holistic view that includes communicating and holding accountable everyone for procedures in place across the organization; it needs to ensure that all essential personnel are aware of how to avoid security-related incidents, as new threats and vulnerabilities, data breaches as well as attack patterns trends are always emerging.
\nIt is important for everyone in the business to understand their roles and responsibilities in such situations that often require them to make good judgment decisions quickly.
\nThey shall know what to do and what actions to take when a security incident does happen, but they should also be able to recognize signs that something is not right.
\nTherefore, investing in security awareness training is worth the time and money, as it mainly helps to do just that to reduce risk and prevent material losses.
\nAll users can become human-centric controls for an effective defense thanks to consistent \u201csecurity awareness training (SAT),\u201d which can be achieved through both formal and informal programs, that educate every staff members in the workplace to understand the ICT risks and make better security decisions.
\nBeing culturally sensitive doesn\u2019t mean simply translating content into the local language, but it means to recognize what issues are important to the groups targeted and on what issues or information could a possible intruder leverage to solicit information from employees.
\nIn fact, for example, as spear phishing techniques become more advanced, and intruders become smarter in crafting realistic e-mails, they could exploit the eagerness of some employees to respond quickly to a customer inquiry or to comply immediately with a request from an official.
\nIn some countries, privacy laws might be stricter, and a request for personal information would quickly flag a potential problem while in other nations, a request coming from a colleague even of the most sensitive nature would be honored without questions.
\nThe study by the Center for Information Systems and Technology, Claremont Graduate University shows that \u201cIncreasing globalization trends and the decreasing costs of technologies and communication make global expansion a viable solution for many information technology (IT) organizations.
\nIt is crucial for companies with multiple worldwide locations to take an intercultural perspective to address employee needs and attitudes towards information security (InfoSec) training programs and compliance with InfoSec best practices.
\nIf cultural differences are well understood in advance, the organization can tailor its security training to increase comprehension and adoption by a global workforce.\u201d
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=e73e9146b9&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If you know someone else who would be interested in this Newsalert, please forwarded this email.
\nIf you want to be added to the distribution list, please click this: Subscribe to this list (http:\/\/paulgdavis.us3.list-manage.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage2.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=1435ce22ce)<\/p>\n
Update subscription preferences (http:\/\/paulgdavis.us3.list-manage.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
People have been asking how many different mailing newsletter I produce. Here’s a link to page that lists the IT Security Lists I produce, with subscribe links: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=e68cb005cc&e=20056c7556 Subscribe to any you are interested in. Regards Paul * Trillium Mutual Launches Data Breach and Cyber Coverage for Agriculture and Commercial…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1204","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1204","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1204"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1204\/revisions"}],"predecessor-version":[{"id":3691,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1204\/revisions\/3691"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1204"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1204"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1204"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}