The recent WhatsApp™ hack is pretty alarming: all the hackers had to do was drop a missed encrypted WhatsApp call to their target and—boom—spyware was installed. The hack didn’t require the user to do anything—even if the user didn’t pick up the phone the spyware would still be installed. But maybe what’s most important about it is that it shines a light on the myth that security is equal to end-to-end encryption.
Smartphones have become an indispensable part of our lives. We use it to keep in touch with families and friends, to handle our bank transactions, to arrange transportation, even to track our health—so it makes a ton of sense for pharmacies to use smartphones to increase patient engagement and satisfaction.
A historically industrial area, Marshall County, West Virginia is accustomed to the occasional industrial emergency. So, when a gas pipeline exploded in June of 2018, people knew exactly what to do. As first responders handled over 37 calls in 3 minutes, they dispatched resources to the site of the emergency. No fatalities, injuries, or property damage was reported as a result of the emergency and damage was contained to 1,100 feet around the site. This was in part thanks to Marshall County’s oil and gas task force, which brings together emergency management officials, first responders, local schools, and representatives from the oil and gas industry to address potential emergencies. Marshall County’s oil and gas task force and its impact on emergencies highlights the importance of engaging multiple stakeholders via regular communications when it comes to incident response.
As a social network, Facebook is inherently at odds with private, secure communications – its business model is built on harvesting people’s information. And it’s not just that Facebook’s business model is built around what are effectively privacy violations: recent articles have revealed that Facebook lacks transparency and accountability towards its users. In short, this is a company that should not be producing private, secure communications.
After Hurricane Sandy in 2012, the Department of Energy (DoE) asked the National Petroleum Council (NPC) to provide specific actionable steps to better prepare the oil and natural gas industry’s response to natural disasters. In response, the NPC released “Enhancing Emergency Preparedness for Natural Disasters” in 2014, which included a series of recommendations for emergency preparedness, response and recovery in the oil and natural gas industry. A key finding? That effective communications during emergency response is a major challenge for the industry and that a standardized, rehearsed approach toward communications that addresses escalated and expanding responses as an event unfolds is critical.
It’s been forty years since the infamous Three Mile Island accident, an incident made famous bythe confusion and panic it spawned in its wake. But while the incident is remembered for the fear it stoked about nuclear energy, it also set the stage for the US nuclear industry to become the safest in the world. To this day, the Three Mile Island accident impacts the nuclear industry and provides valuable lessons about incident response and communication.
When Mark Zuckerberg announced at the beginning of the month that Facebook will shift its focus to privacy-focused communications, the announcement was rightly met with skepticism. Facebook’s business model, after all, is built around targeting advertisements to users based on their information. Compound this with the various privacy scandals that have plagued Facebook in the last few years—from Cambridge Analytica misusing up to 50 million users’ data to massive data breaches—and the company’s decision to shift its focus to privacy seems positively disingenuous.
It’s more important than ever that every business be prepared to handle a crisis. A 2017 survey of 164 CEOs showed just how prevalent they are: 65% of the CEOs surveyed reported experiencing at least one crisis since 2013. In the same survey, 40% expected to experience a crisis in the next three years and an additional 33% expected multiple crises. When it comes to crises, everyone in an organization needs to be on board with how to respond. Unfortunately, many organizations are not adequately prepared or aware of the appropriate steps they need to take to respond to a crisis.
They’re a basic foundation of security, yet somehow constantly dismissed.
Passwords are one of the most important components of a strong cybersecurity strategy—but employees overwhelmingly have bad password habits – despite all attempts to ensure best practices across the organization. People pick simple, easy-to-guess phrases like “password” or “12345” or regularly reuse the same password for multiple logins.
Over 90% of all cyberattacks begin with email phishing. It’s a startling statistic, but it’s not a surprise: businesses send over 281 billion emails every day. Phishing attacks, which typically ask targets for sensitive information or to download malware, work because they prey on human nature—victims respond out of curiosity, a sense of urgency, even fear.
Shortly after Amazon CEO Jeff Bezos and his wife Mackenzie announced that they were divorcing, the National Enquirer published text messages that Bezos had reportedly sent to Lauren Sanchez, who he is currently in a relationship with. Bezos, like everybody else, is entitled to his privacy. These text messaging leaks, however, remind us that security is a must in order to protect personal information—whether business related, financial or private conversations with friends and family.
In an era where data breaches or leaks seem inevitable, business disruptions too frequent and the press all too prone to run away with a salacious story, what can the board of directors do to protect sensitive corporate data? It is all too easy for information to be inadvertently exposed—whether as a result of hacking, a slip of the finger that results in an email being sent to the wrong person, or a disgruntled employee who decides to share confidential information via a text.
In 2018 technology touches nearly every aspect of our life. But no innovation seems to come without some form of drawback or compromise. While technology has undoubtedly improved most of our lives, it has also brought new risks that we all find a way to balance – or in some cases choose to ignore. The number of cybersecurity breaches in 2018 speak to this risk.
Hurricanes, power-outages, man-made disasters—every organization has to prepare for these but when it comes to emergencies, universities face unique challenges because of the very nature of their structure and communities. Unlike the average office, universities are not enclosed spaces, and many different people—from students, to faculty, to staff, to visitors—are moving in and out of campus on any given day or time. This can make securing the campus and creating a comprehensive university incident response plan difficult.
The DNC email leak in 2016 revealed just how insecure email communications can be. It should be no surprise that government officials have been turning to other, more secure mediums, to communicate. White House staffers have reportedly usedthe encryption app Confide to communicate, French president Macron’s inner circle has reliedonTelegram, and former Australia Prime Minister Malcom Turnbull turned to Wickr and Whatsapp. But as government messaging solutions go, such tools are limited, and in most cases not as secure as one might think. They may offer encryption but they fail to secure messages on devices and don’t address critical compliance issues related to government communication.
For more than a decade, the energy and utilities industry has been investing in smarter energy infrastructure in order to enhance energy grid resiliency, reliability and efficiency. Grid modernization has become essential to integrating an increasing number of renewable energy sources and technologies – or distributed energy sources (DERs) – including electric vehicles, energy storage, private solar and smart appliances.
You might have heard about the ransomware attack against Atlanta this year. A ransomware attack had significant impact on the city, forcing police officers to file reports by hand and city workers to report via time sheets. Atlanta is currently facing more than $20 million in costs due to the attack.
As we enter into cybersecurity month it makes me think a lot about my own privacy, and how elusive it has become in the 21st century. It seems that everything we do is now tracked; whenever we visit a web page, call someone on our smart phone, visit the doctor, change the temperature on our smart thermostat or simple talk about a specific subject in our own household, our actions get recorded as data – in theory to make our lives better and more productive. However, in an age when digital privacy is practically an oxymoron, what can people do to protect their privacy?
When it comes to dental health, there is a lot that dental service organizations (DSO) have to do to properly engage their patients; whether to remind them of a six-month check-up or to simply help patients keep on top of their dental care. Everyone who has visited the dentist is familiar with the postcards, phone calls and emails reminding them to schedule (and attend!) their appointments.
Strong provider-patient relationships are a win-win for the patient and the provider. There are all kinds of benefits associated with healthcare organizations promoting patient engagement—better patient experiences, higher safety records and better financial margins for the healthcare organizations.
Aspects of business are so interconnected—from transportation to email to facilities management to data storage—that compromise or disruption of simply one aspect can affect the entire business. And such disruptions aren’t limited to a single industry—from power companies dealing with an unexpected power outage to an IT department responding to a ransomware attack to an enterprise having to handle a major blizzard that strands employees at home—every business needs to have a business continuity plan.
In February 2018, the United States Department of Energy established the new Office of Cybersecurity, Energy Security and Emergency Response (CESER), focused on cybersecurity, energy security and emergency response with $96 million in government funding – and not a moment too soon. One month later, the Federal Bureau of Investigation and the Department of Homeland Security issued an alert alleging that Russian hackers mounted a methodical, long-term campaign to infiltrate and surveil critical US energy and utility infrastructure.
Communicating critical information when it comes to public health can quickly become stressful. For health departments facing public health emergencies, there must be consideration over how to communicate and with whom—as they need to communicate quickly about the situation and involve the right stakeholders without leaking information that could cause hysteria.
In the age of technology where screen shots and forwarding of information is done with a click – our over social economy can and will share almost anything. The question is -How can an organization control the narrative of their own business, stay in control of it and avoid a PR or financial nightmare