The ALS Group Risk Management Articles

You thought everything was in its right place. Firewalls are properly configured, systems are patched on a scheduled basis, anti-virus is up-to-date… but something has gone wrong and your network has been breached. Your employee or customer’s Personally Identifiable Information (“PII”) has been taken, or worse, been made public…but what happens next?

Ransomware strikes. Your critical data files have been encrypted and your business grinds to a halt. You have the choice to spend countless hours rebuilding from backups (if you were diligent enough to ensure they will work) or you can pay the perpetrator to unlock your files. This is the scenario many, many firms and individuals are facing now that ransomware is spreading like wildfire through malicious emails, “malvertising” campaigns and exploit kits.

Ransomware seems to be everywhere and is one of the latest cyber crime tactics being utilized by cyber criminals to extort money from companies. This malicious code can lock or encrypt your network files or PC until a hefty fee is paid. It can infect your PC, server, network files, and or backup systems and can enter your network through an infected email attachment, downloaded file, or a vulnerability in a network service.

The breadth of data breaches is widening and now your personal computer network may be a target. Company executives, small business owners, investors, and others who tend to access sensitive or financial data from their home computer or mobile device may be at risk for a personal data breach.

The adage that information is power seems to carry more weight now than ever before. Healthcare is moving towards data driven analytics, mobile banking is hitting its stride, and sports at all levels are utilizing advanced statistics to improve competition. However, one major downfall is that all this data must be stored somewhere, thereby creating a risk of breach to the data holder. Hackers are well aware that information is power and data breaches seemingly occur at non-stop rates.

The recent cyber security breach to Sony Studios should make companies think more carefully about areas of susceptibility in the company. The focus here is “employee data” – now while this has reverberated in the motion picture industry it should make the average company a bit more cautious with employee data systems.

It’s everyone’s favorite time of year again.  The department stores and commercials have already begun to advertise Christmas gifts, and it is not even Thanksgiving.  As exciting as the holidays can be, we sometimes forget to think about the risks that go hand in hand with  the holiday season, including credit card hacking and fires starting from decorations or cooking.