‘Pokemon Go’ Phenomenon Provides More Opportunities for Cyber Criminals

Since it’s release in the beginning of July, ‘Pokemon Go’ has been at the top of the download lists on app stores. However, it’s release has been limited to the U.S., Australia, New Zealand and Germany so far.

The lack of a global release by Nintendo is what is making users vulnerable. Since it isn’t available everywhere, users may be tempted to download it from unverified third-party app stores, exposing them to malicious apps.

Cyber criminals can repackage the ‘Pokemon Go’ app and turn it into malware.

Read more.

Tips for Protecting Yourself and Your Company From a Cyber Breach

An IT professional, especially a Cyber Security professional, knows the importance of creating a system that is free from vulnerability and able to function well without a Cyber Threat looming over it. This means that your system must be prepared against just about everything.

One of the first steps to protecting your system is to implement regular Cyber Security checks to make sure that every nook and cranny in your system and/or network are protected. Making sure that the correct systems are in place and that they are functioning properly is a good way to start. Also be sure to check that the settings of those systems have not been tampered with, that strong verification tools are being used and that strong passwords are also being used.

Whether or not you have good Cyber Security tools in place already, it is always important to constantly check your system with penetration tests. This is an active test that will see if hackers can get in. You will be much better off by allowing a friendly hacker attempt to access your files than by avoiding it and having a cyber criminal give it a go.

Vulnerability assessments are also an important part of a strong cyber defense. Along with penetration testing, a vulnerability assessment will let you know which parts of your system are weakest in general so you know where more time needs to be spent strengthening your defenses.

Aside from that, the importance of training your staff effectively cannot be emphasized enough. Many breaches could have been avoided with a properly trained staff that implemented good security practices. When it comes to the day-to-day defense of your system, this is perhaps one of the most important. In fact, human error accounts for the vast majority of data breaches with numbers often ranging between 80% and 90%. Hackers need only find the weakest person with access to your system to work their way in.

Check your network protection settings. Many companies offer guests access to their networks. Because of the ever changing nature of new threats that pop up daily, this is one area where you cannot afford to tolerate any lax measures. When adjusting your settings, be sure to err on the side of caution rather than convenience. You can address ease of use at a later time.

For more information on Cyber Security and how to secure your system, click here.

‘Major Cyber Breach of 44,000 FDIC Customers Triggered by Former Employee’s Mistake

via Federal News Radio

A leading technology official in the House says a former Federal Deposit Insurance Corporation employee inadvertently triggered a major cyber breach that compromised 44,000 customers’ data.

Rep. Lamar Smith (R-Texas), chairman of the Science, Space and Technology Committee says a former FDIC employee breached the information of 44,000 FDIC customers more than a month ago.

In an April 8 letter obtained by Federal News Radio, Smith said a departing FDIC employee was transferring files from an office computer onto a personal storage device and “inadvertently” copied sensitive customer data from more than 44,000 individuals.

Continue reading

For more information on Cyber Security and how we can help secure your data, click here.

CFDA Calls for Investigation Into Sellers of $88M Worth of Improperly Refrigerated Vaccines

22-March-2016

The China Food and Drug Administration (CFDA) is working with local government officials to investigate the sale of $88 million worth of improperly refrigerated vaccines.

Could this have been prevented? Yes. Regulated Health Care Agency compliant technology for receiving real time notifications just like alerts received in response to unusual banking activity is now available for the vaccine industry.  More importantly, unusual vaccine storage events anywhere in he world such as vaccine temperature excursions can be detected and produce real-time alerts to most mobile devices anywhere in the world. Available alerts can provide early warnings of impending Health Authority violations for the storage of vaccines.

So what’s preventing government health authorities from mandating the same “smart technology” for protecting temperature sensitive vaccines and ultimately ensuring safe “banking” of public vaccine supply? Is $88M worth of improperly refrigerated vaccines a reason to consider a solution that provides real-time notifications of imminent excursions that could prevent vaccine losses? The technology that provides continuous monitoring of pharmaceuticals and vaccines with unprecedented accuracy and reliability is now available.

To learn more about PharmaWatch and how to receive a free demonstration for viewing PharmaWatch features, remotely viewing stored vaccines, biopharmaceuticals or possible unusual vaccine storage activity from anywhere in the world, please visit our PharmaWatch page by clicking here.

Tips to Manage Hospital Cyber Security Risks

When the topic of Cyber Security is raised, the immediate entities needing protection that come to mind are banks, corporations, retail chains, government agencies, healthcare organizations, etc. and with good reason. According to Identity Theft Resource Center (ITRC), organizations around the world suffered more than 700 data breaches in 2015.

Of those 700 data breaches, 277 were suffered in the medical/healthcare sector. Healthcare organizations are entrusted with highly sensitive personal data including medical information, medical expenses, dates of birth and the physical addresses of patients.

Therefore, here are a few tips to help hospitals manage their cyber security risks.

Read now.

How we can help you with your cyber security needs.

The Importance of Cybersecurity Insurance

The purpose of Cyber Insurance is to mitigate losses from a variety of cyber incidents such as data breaches, business interruption and network damage. Instituting a Cyber Insurance program could help reduce the number of successful cyber attacks by promoting the implementation of preventative measures and promoting best practices based on the current level of self-protection.

Many companies, however, choose to forego Cyber Insurance policies citing the perceived high cost of those policies, confusion about what they cover and the uncertainty that their organization will suffer a cyber attack. As reported daily in news around the world, cyber attacks are a very real and every growing threat. Cyber Risk must be managed not only by implementing a strong cyber security program, but also by acquiring a cyber insurance policy to further protect your organization from the cost of losses due to a cyber breach.

Traditional commercial general liability and property insurance policies typically exclude cyber risks from their terms, leading to the emergence of cybersecurity insurance as a “stand alone” line of coverage.  That coverage provides protection against a wide range of cyber incident losses that businesses may suffer directly or cause to others, including costs arising from data destruction and/or theft, extortion demands, hacking, denial of service attacks, crisis management activity related to data breaches, and legal claims for defamation, fraud, and privacy violations.

The development of new cyber risk scenarios, models and simulations could help promote a further understanding of how a cyber attack can cross infrastructure sectors and where opportunities for risk mitigations might exist.

Protecting yourself and your organization has never been more important and as system breaches are reported daily, urgency is of the essence.

For more information on Cino Ltd’s Cyber Security and Cyber Insurance programs, call us at 516.932.0317 ext 312 or email us at info@cinoltd.com.

Cino Security Presenting at 89th CMAA World Conference Expo in San Diego

Cino Ltd. is proud to announce that we will be presenting at the 89th CMAA World Conference Expo in San Diego on February 25, 2016. This is an exclusive opportunity to hear from our Cyber Risk and Compliance Specialist, Fred J. Santarsiere.

 

About Fred:

Fred has over 22 years of information security experience and holds a large array of industry security and technical certifications. He has extensive experience in system auditing and is often consulted in the areas of security infrastructure remediation, penetration testing, IT governance, risk management, disaster recovery and information security and compliance within the Hospitality industry.

 

Fred Santarsiere

 

 

Fred also leads Cino Ltd.’s Incident Response Teams (IRT), which includes the Cyber Forensics Investigations Division. His expertise is frequently sought after by the military to serve as an instructor of the NIST Risk Management Framework, CISSP, CEH and CHFI (Computer Hacking Forensics Investigator) courses.

Fred has also served as an NYPD officer and U.S. Army Special Operations team member. He has extensive knowledge of HIPPA and PCI-DSS compliance and the ISO 27001 standard.

His certifications include:

  • CHFI – Compter Hacking Forensics Investigator
  • CISA – Certified Information Systems Auditor
  • CAP – Certified Authorization Professional
  • SSCP – Systems Security Certified Practitioner
  • CISSP – Certified Information Systems Security Professional
  • CEH – Certified Ethical Hacker
  • CISM – Certified Information System Manager
  • Various Microsoft Certifications: MCSA, MCSE, MCITP and MCT
  • Various Cisco Certifications: CCENT, CCNA and CCNA Wireless
  • Various CompTIA Certifications: A+, Net+, Security+, SMBEN and SMBAN

For more information regarding Fred and/or his presentations, please contact Diana Samudio at 516.932.0317 ext 308 or email her at dsamudio@cinoltd.com.

10 Tips to Protect Your Organization from Cyber Breaches in 2016

As we begin 2016, many businesses and organizations are taking what they’ve learned in 2015 and developing strategies to ensure that 2016 is just as, if not more, successful. One important thing to remember while planning ahead, aside from increasing the bottom line, is to include Cyber Security best-practice resolutions.

A major lesson learned in 2015 is that hackers and identity thieves are not only growing in number, but they are growing more emboldened with each successful breach and show no signs of slowing down in 2016.

For this reason a culture of Cyber Security is essential in every business, especially small to medium-sized businesses. Employees and customers alike should be educated on existing threats, particularly those they are exposed to, as well as how to protect themselves from a breach.

Here are 10 tips to help protect yourself and your business in 2016:

1) Create or update our information security and governance policy.

2) Update and test your plan annually. Include penetration testing, along with a simulated data breach event.

3) Annual employee education should be the number 1 priority. Individuals, not hackers, are the cause of most data breaches,

4) Define the proprietary/sensitive information for your business, confirm which employees need access to it and then train those employees on it.

5) Use at leas 14-character passwords including lower and uppercase letters, numbers and signs. Change your passwords every 90 days. A great password tip is to write and easy-to-remember sentence or phrase.

6) Complete regular software updates and patches. Most hacking events leverage old flaws that already have been addressed but proper patches have not been applied.

7) Emphasize the importance of protecting employees and customers when connecting to the Internet. Do not use public wi-fi except with encryption or over a VPN.

8) Know about and understand state and federal breach notification laws, which can significantly impact your business.

 

For information on developing a Cyber Security Program for yourself or your business visit our Cyber Security page or contact us at 516.932.0317 ext 312.

Protected: Cyber Security & Cyber Threat Presentation

This content is password protected. To view it please enter your password below:

Cino Ltd. CEO Joseph Saracino Interviewed by Newsday

We are extremely proud to announce that our very own Joseph Saracino, CEO of Cino Ltd. Companies, was recently interviewed by Christine Giordano of Newsday.

As founder and CEO of Cino Ltd. Companies, Joseph has been at the forefront in the fight against cyber crime. His knowledge base and experience qualify him as a top consultant in the Cyber Security field as his specialty is assessing and exposing the vulnerabilities in a system and then putting the most effective security counter measures in place to protect the data contained within.

 

As more people become aware of the rising threat of cyber breaches, the interest in cyber education and security grows as well. As this is Cyber Security Awareness Month, we’ve been providing advice and tips from several organizations on how to secure your system from a data breach.

This week, Cino Ltd. CEO Joseph Saracino will be providing you with the knowledge and  necessary actions to be taken that will help you avoid becoming yet another casualty in the war against cyber crime.

Click here to read the Newsday article featuring Joseph Saracino.

For more information on our Cyber Security offerings, click here.

Send Joseph your questions or comments by emailing him at safe@cinoltd.com.