Barry Sokoloff, CPRIA, CPRM’s Post

👾 With cybercriminals constantly evolving their tactics, effective fraud protection is no longer optional—it's a necessity. 🔁 As organizations face growing risks to sensitive data, implementing robust fraud protection measures can make all the difference in preventing significant financial and reputational damage. 👇 Explore the critical importance of #FraudProtection and learn how to better defend your organization against these escalating threats 👇 https://lnkd.in/de8_q4P3 #Cybersecurity #FraudPrevention #ThreatIntelligence #DataProtection

Data breaches like the recent YMCA of Central Florida incident highlight critical lessons for businesses everywhere. This breach, which compromised sensitive personal information, underscores the importance of proactive measures to secure your organization's data and maintain customer trust. Key Lessons for Businesses: 1️⃣ Prioritize Cybersecurity: Don’t wait until it’s too late. Investing in robust cybersecurity solutions is far less expensive than dealing with a breach. 2️⃣ Perform Regular Penetration Testing: Simulating attacks helps identify vulnerabilities before they are exploited. 3️⃣ Employee Training: Human error remains a top cybersecurity risk. Educating your team on best practices is essential. 4️⃣ Have a Response Plan: Rapid, well-coordinated responses can mitigate damage and maintain customer confidence. 5️⃣ Partner With Experts: Cybersecurity is complex, and staying ahead of threats requires expertise. How BetterWorld Technology Can Help: BetterWorld Technology specializes in creating secure IT ecosystems tailored to your business needs. From comprehensive penetration testing to managed IT services and employee training, we partner with you to protect your organization from costly data breaches. 💡 Don’t wait for a breach to act. Let’s discuss how we can help safeguard your business. 📩 Message me today to schedule a consultation. Together, we can ensure your organization is secure, compliant, and prepared for the future. https://lnkd.in/ep-CdjYU

Cyber crime is one of the most frequently discussed, but least understood insurance coverage. Cyber breaches are inevitable, but many organizations are still unprepared. Are your prevention strategies and coverages updated for 2024? Learn the steps you can take to protect your organization in our latest article. Reach out to me directly if you'd like to discuss this further. https://lnkd.in/eAwGVUxf #USIExecutiveSeries #cybercrime #cyberincidents #cyberinsurance https://lnkd.in/gb74H8AC

Ban ransoms to stop hackers, says ex-cybersecurity chief P2/2 Ciaran Martin, former head of the National Cyber Security Centre, drew a parallel with paying terrorist kidnappers (Article from the Times Newspaper) The FBI has also said it fears that if payments were banned, companies would still pay ransoms but without calling in the authorities, and in doing so would further expose themselves to blackmail. Martin dismissed this, arguing that most company directors would rather not make themselves criminals by paying. Martin stood down from the National Cyber Security Centre in 2020 and is now professor of practice at the Blavatnik School of Government, University of Oxford. Some in the cybersecurity industry worry about the effect of a ban. Toby Lewis, head of threat analysis at Darktrace, said: “Do I think that a ban on ransomware payments would reduce the amount of proceeds going into attackers? Yes, I actually do agree with that. The challenge is then the unintended consequences of such a ban.” He said attacks could increase against places where there is a threat to life, such as hospitals, or the volume of hacks could go up in search of a victim who would pay. He also said hackers may change tactics and ask for payments before they lock down a system or just go for a hack that steals data rather than cripples a network. Alan Woodward, professor of cybersecurity at Surrey University, saw a blanket ban as “problematic” because every situation is different and there may be cases where negotiation is appropriate. Ransoms could also help law enforcement track down the hackers, he said, adding: “I think what would help is for insurance companies to stop underwriting the payments, which makes it too easy to pay up.” Woodward suggested targeting “bulletproof hosters” with a ban. These are companies that provide web hosting and internet services to hackers and other criminals. Some argue that there is a moral argument against a ban because it would criminalise the victim. A Home Office spokesman said: “We have been clear that we do not pay ransoms to cybercriminals nor do we condone or recommend businesses or victims of cyberattacks doing so. “The UK is well prepared to respond to cyberthreats, as shown by the joint international disruption campaign targeting LockBit [a Russian ransomware group]. We will continue going after criminal groups who target our businesses and institutions.” P2/2 Links in comments

Payment fraud continues to be a major threat to business resilience. From financial losses to reputation damage, the consequences can be severe. Read more about the latest scams targeting local businesses and strategies to combat fraud at https://ow.ly/1nm730sHVHo How has your business adapted to stay safe? #paymentfraud #cybersecurity #fightfraud #MVSBCares

March is Fraud Prevention Month. Let's address one of the biggest concerns in banking: account security. According to the FBI's Internet Crime Complaint Center, cybercriminals are getting increasingly efficient at accessing client information through illegitimate means. At Washington Trust Bank, we automatically enroll client credit and debit cards in our Fraud Detection Service, which offers an EMV chip feature for enhanced security and provides fraud prevention products to business clients. We also encourage customers to enable two-factor authentication whenever possible. Here are a few suggestions for tightening security around your digital and financial information: • Avoid public wi-fi – Though convenient, this can pose risks. If use is necessary, we recommend disabling public file sharing, visiting only secure sites (“https” in the URL) or establishing a virtual private network (VPN). • Dodge phishing attempts – Remember: financial institutions will never contact you to conform account, login, or password details! Such requests should be reported to your financial institution through verified channels. • Register for alerts – Most banks, including Washington Trust, offer text alerts for suspicious activity, low balances, and other trigger events. • Remain vigilant – Vigilance is key to security. Review your account activity regularly to catch any suspicious transactions. By acting quickly, you can alert your financial institution of any potential fraud and minimize damage. For more cybersecurity and fraud prevention advice, visit www.watrust.com/security.

Cybercrime is one of the most frequently discussed, but least understood, risks and insurance coverages. These types of crimes and incidents are inevitable, but many organizations are still unprepared. Are your prevention strategies and coverages updated for 2024? Learn the steps you can take to protect your organization in our new article. If you'd like to discuss this further, please contact your local USI P&C consultant or me directly. https://lnkd.in/eAwGVUxf #USIExecutiveSeries #cybercrime #cyberincidents #cyberinsurance

Based on the full scope of the examination priorities highlighted by the SEC and FINRA late last year, cybersecurity remains a perennial priority focus area affecting broker-dealers and investment advisors.   At Guidehouse, we are well-equipped to help clients to navigate the complex cybersecurity compliance policies and procedures, identify potential gaps in existing cybersecurity program, and ensure our clients are well-positioned to weather exams and other regulatory inquiries in the coming year. Discover more with the link below. Guidehouse Technology Solutions, Guidehouse Financial Services | #CybersecurityCompliance #Cybersecurity #SEC #FINRA #CyberStrategy #EnterpriseRiskManagement #ERM

Are your cybercrime prevention strategies and coverages updated for 2024? Cybercrimes and other incidents are inevitable, but many organizations are unprepared. Many property managers, brokers and agents are not fully aware of the liabilities that they carry for the information they receive. Don't find out the hard way! Learn steps you can take to protect your business in our new #USIExecutiveSeries article: https://lnkd.in/gXE_6Ptt #realestate #multifamily #investor

I posted this story in last Sunday's Cybersecurity News of the Week, in part because it's personal. It’s personal because I’m interviewed. It’s also personal because the victim is a long-time colleague. The story is important beyond the purely personal. It illustrates our deepest cybersecurity challenge: How the security of our technology – and how we use it – has more holes than Swiss cheese. Particularly for the little guy: Our smaller businesses and nonprofits. And individuals and their families. These are the people whose lives are being disrupted - even destroyed - by cybercrime. Hole 1: Because of lax controls by Spectrum in changing phones, cybercriminals were able to execute a SIM-swap attack and take over Jeff’s phone. Hole 2: Now, armed with the phone, the cybercriminals were able to steal money from his bank because of a hole in the MFA / 2FA procedures Bank of America uses to authenticate customers. … Bank of America uses SMS-texting as its MFA when it authenticates customers. Readers of our Weekly Newsletter know that SMS-texting is a weak form of MFA. Stronger alternatives exist, including Authenticators from Google and Microsoft. An easy way to close hole 2 is to make a bank responsible for any losses unless it offers its customers strong MFA. And we can go a long way to closing Hole 1 if the carriers would make it harder for cyber criminals to execute SIM-swap attacks. In a perfect world, the carriers would recognize the problem and take the initiative to provide their customers a PIN to be used when changing phones. In our less-than-perfect world, I suspect it will take regulations to close this hole. Great thanks to NBCUniversal and producer Christine Roher for covering this story. https://lnkd.in/gjritYe6 Julie Michelle Morris, Steve Krantz, Alexa McCulloch, Chris Clausen, Laura Baker, Mary Ellen Seale MBA CISSP, George U., Tori-Ann C., Erik Knutson, M.S.C., Ric Merrifield, Tom Drucker