Blog

What’s worse than a vendor that suffers a data breach that exposes your sensitive customer information? The answer: A vendor that waits almost six months to tell you about it.

That’s the issue that both Sears and Delta Air Lines are facing after a malware attack on each of the company’s online chat services vendors. Hundreds of thousands of customers’ payment information was accessed, including payment card account numbers, expiration dates, names, and addresses, reports Gizmodo. Sears and Delta

You might not think about this, but identity thieves really want your child’s Social Security number. If they get this number, they can do a lot, including buying a car, renting an apartment, opening a credit card account, or getting a mortgage. The Social Security numbers of children are great for the bad guys for several reasons:

• Generally, children have a clean record
• Crooks can use these numbers to obtain credit
• Kids usually don’t check out their credit reports until they go to college or buy a

marcus evans will host the 2^nd Edition Digital Transformation in Wealth Management Conference on September 24-26, 2018 in San Francisco. This conference will provide wealth managers with practical tools for developing a consistent and firm-wide digital adoption strategy allowing them to expand their client base and offerings. Industry experts will assess the best practices for leveraging and scaling robo-advice alongside traditional advice and how Artificial Intelligence (AI) and new digital cap

A Message From Our partner:

  

The 2017 tax law reform has opened up unprecedented opportunities for corporations to focus on core business functions and increase profitability. Though most organizations will increase value for their shareholders with minimal effort, they could largely benefit from taking the chance to create transformative organizational change.

However, in order to best leverage the advantages of the tax law, corporations will first need to ensure that the data input into an

Do you have a secret self-defense weapon on hand that you don’t even know about?

Here’s a few:

Canes. Might seem obvious…but…

Your first instinct would probably be to swing the cane like a baseball bat. However, this isn’t the best way. An attacker can easily grab it, dodge it, or deflect it. Instead, take a class to learn how to correctly yield your cane.

• If you use a cane, consider taking a “cane-fu” class.
• The best cane to use is one with a strong handle.
• Don’t think that you can’t fight with your

Social media is an excellent tool for small businesses, yet, the use of social media by small business staff can definitely put the company in danger. Many small business owners and managers don’t realize this.

Recently, I was talking to employees of a credit union about what to do in a robbery. Before this presentation, police officers had staged a robbery in the same credit union. The fake robbery was so real, some of the tellers were brought to tears, thinking they were really getting robbed.

A

Does your institution need cybersecurity insurance? Is it required? If utilized, are there rules? Cybersecurity insurance can protect against financial loss in the event of a cyber incident, but there are many intricate details.

The Federal Financial Institutions Examination Council (FFIEC) members have provided a joint statement to help financial institutions understand how cyber insurance impacts risk management and what institutions need to do when considering purchasing cyber insurance. The

While I am sure there is more to the story about law firm Clayton Utz and their report for AMP, but how do you think their credibility as a provider of independent advice was impacted by this simple line in this news article “Just appalling’: AMP misconduct and lies exposed”.

     “Mr Hodge told the hearing that Clayton Utz provided 25 drafts of the report to AMP which resulted in detailed changes being made, including the removal of Mr Meller's name from an earlier version of the report.”

My blog

Don’t assume you’re immune from this European regulation with huge fines

All may be relatively quiet on the regulatory front in the U.S., but this May new privacy regulations are taking effect in the European Union, which will likely impact even the most provincial U.S. financial institutions.

The E.U.’s General Data Protection Regulation (GDPR), approved in April 2016, is much broader than the U.S.’s most well-known privacy regulations, the Gramm-Leach-Bliley Act (GLBA) and the Health Insurance P

GDPR.JPG

Year over year, scandals like Wells Fargo, Equifax, Chipotle and so many others have dominated news headlines as they wreak havoc on consumers, investors, and awaken industry and government regulators. What is driving this trend?

Consumers have entrusted corporations with increasing involvement and influence in their lives through the decades. In 2014, for example, the Supreme Court ruled that corporations have some of the rights and responsibilities as natural persons. In other words, corporatio

Sanjay Verma was 5 years old when he was at parent teacher night with his older sister. He turned to her and asked why other kids in the room had parents there and he didn’t. It was then his world turned on its head. It was too much for his young mind to fully comprehend but he knew what his sister told him was big. She told him that once they were ten. They were mother, father and eight children. Now they were three, the two of them and their older brother. There had been a bad accident.

That ac

Wells Fargo has suffered the consequences of repeat scandals since 2016. This week, the bank agreed to a $1 billion settlement with federal regulators who have cited their lack of effective risk management practices as the root cause of their woes.

This settlement with the Consumer Financial Protection Bureau and Office of the Comptroller of the Currency would be another blow to Wells Fargo in a long line of many.

Let’s look at a timeline of Wells Fargo’s risk management scandals:

• 2009-2016 – Wells

Investigating a vendor’s cybersecurity can be a time-consuming hassle. Wouldn’t it be nice if you could pay someone else to monitor and report back on a vendors’ cyber risk? That’s the appeal of cyber-security ratings. Firms provide scorecards on third-party vendors’ cyber risk, supposedly making it easier for financial institutions to manage their own risk.

But these scorecards mostly provide a false sense of security. Here are three reasons why:

1. They use only public data. Cybersecurity ratings

There may be 50 ways to leave your lover, but when it comes to ending a relationship with a vendor there’s really just one path to follow: the documentation in your service level agreement (SLA).

Financial institutions find themselves ending vendor relationships for many reasons. Sometimes the relationship is great, but the product or service no longer meets the institution’s needs. Maybe another vendor is just better. Or maybe the vendor wasn’t meeting expectations.

The Contract

Regardless of t

All of us have cell phones these days, and if you are like the vast majority of the population, you access everything from social media to banking information right from your mobile phone. However, if you do this, which everyone does, you are putting yourself in the position to get hacked. With only your mobile phone number and a couple other pieces of information, a hacker can get into these accounts and your life could drastically change.

How does this work? If a hacker already has your mobile

Last week I urged you to stand in the shoes of your board so you could identify their problems and align what you do with what they need. The next challenge is showing them you understand their problem. Yes you can use words, however, as I said last week, the hardest thing to do in business is to communicate effectively.

In my Winning Conversations program I run for corporate/shared service teams to help improve their influence and their impact on the organisation, I emphasise over and over again

I recently created my next video tip. It only takes about 3 minutes. However, this one is not about cyber exposure in organization but rather some advice regarding your personal cyber exposure. You can find the post at:

https://mediaexplorers.lpages.co/cyber-security-tips-series-tip-2-your-personal-privacy-and-security/

The text copy is below.

Hi, this is Doug Nagan with my second cybersecurity tip.
However this one is not about the cybersecurity of your  organization but rather your personal priva

When risk increases, the natural response is to take action to reduce that risk. But not every increase requires action. In fact, it may distract you from more important issues.

I’m talking about the risk of treating every risk the same.

Astute observers of risk have a variety of tools to monitor risk, from near real-time indicators to audits, exams, and reviews. But it’s not enough to recognize that risk has increased. Its ultimate impact must be considered.

For example, a review might show that e