The ALS Group Risk Management Articles

Organizations that are seeking process efficiency and an edge on their competitors look toward technology to support their business plans. Often, new technology advancements will enhance an organization’s performance but unfortunately, the introduction of new software, systems and processes open them up to (unanticipated) cyber-related risk and exposures.

October is National Cyber Security Awareness Month, an annual campaign to raise awareness about cyber security, with 2016 marking its 13th year. If you’ve been following our posts, then you know that we place a great deal of importance on cyber security and strategic planning to mitigate cyber risk every month of the year. However, given the special occasion, now is the perfect time to rethink and enhance your personal and company security measures.

It doesn’t take a cyber risk expert to realize that the retail industry is a prime target for hackers, and that some of retail’s most iconic brands have made front-page, breaking news when it comes to millions of lost or stolen data records. Primary Cardholder Information (PCI) is extremely valuable amongst those on the “Darknet,” once described by PC Magazine as “the hidden, anonymous underbelly of the searchable Web.” Since larger retailers handle these records in the hundreds of thousands to millions, hackers are looking for any entry point into their networks to extract credit card and customer account data.

Do you save-up your frequent-flier miles in anticipation of your next business trip, family vacation, or points’ spending spree? What if the next time you logged into your account, you found the points balance displaying a big, round zero?

As Cyber Risk continues to evolve, it is becoming very evident that while it is spread over a variety of industries, the types of Cyber Risks are specific to each industry and play a major role in their level of exposure. The healthcare sector in particular, is targeted most heavily by hackers and malicious campaigns due to the private nature and black market value of the data. Personally Identifiable Information (PII) and Personal Health Information (PHI) contain data in which a bad actor can easily steal someone’s identity, open false accounts, perform fraudulent transactions, or hack/gain access to bank and other types of private accounts.