Why does my business need cyber insurance?

By Todd Swartzman, RealTime CISO

Your business is a target, whether you care to admit that fact or not. 

Having a good cyber insurance policy that helps mitigate some of your business risks is a safety net for your business in case of a breach, data loss event, business interruption due to a cyber event, assistance in a ransomware event, etc. Each policy is worded differently, and some policies won’t cover all things, or with the same limits. 

[Contact your insurance broker to get the process started. If your agent doesn’t seem to be very conversant on this subject, a good agent will loop in a cyber expert from the underwriter.]

FILLING OUT THE CYBER INSURANCE APPLICATION

WHAT SHOULD MY MINDSET BE WHEN FILLING OUT THE APPLICATION?

Think liability. Your job isn’t to make your business look good to the broker or underwriter. Be 100% forthright with your answers and be sure to answer accurately.  Ask the broker or underwriter to define their terms. What we commonly understand a term to mean isn’t necessarily what the insurer says that these policy terms mean, so be sure to get clarification. One policy I was working on included a 28-page document explaining the terms of their one-page proposal. Remember, what you think a term means may be quite different than what the insurer says that term means for their policy – go with the insurers version.

WHAT IF I DON’T KNOW THE ANSWER TO SOME QUESTIONS?

If you don’t know the answers to some of the questions, just tell the broker; or if you’ve been asked to answer the questions on behalf of a client, let the client know you don’t know the answer. This is especially important if the question is a legal or compliance type question. Your goal is to answer accurately, and it is critically important that you do so.

Here is why:

Cottage Health Systems got sued by their insurance company for failure to follow “Minimum Required Practices”. This is an example of what can happen if you have to make a claim and you answered inaccurately during your application. Cottage Health said they were doing something preventative relevant to the event, but they actually were not. READ MORE HERE…

TYPES OF QUESTIONS

The questionnaire(s) you fill-out may have some definitive questions that want a Yes or No answer. Not all applications will have the same questions as each insurer and even many insurance brokers have their own questionnaires that they use as part of the application process. Ask the broker to help you better understand what these questions are really asking. You can include an addendum with your responses to better explain any answers where a Yes or No isn’t the best answer.

That policy questionnaire is an excellent way to measure how your business is positioned as far as your cybersecurity, your controls, policies, your compliance status, etc. If you find yourself answering “No” to many of the questions, this is your opportunity to improve your security to better protect your business, and maybe help get better cyber insurance premiums. 

The questions being asked are some basic, proven mitigations that businesses should already be taking to reduce their risks of a cyber event such as a breach or ransomware. Here is a list of some sample questions that not only will help you qualify for insurance; having these things in place will  make it less likely you’ll need to use that shiny new cyber insurance policy.

Author Kim Komando
Special to USA TODAY
Published 5 a.m. ET Feb. 11 2021

There are few certainties in life: Death, taxes, and turning your computer off and on when there’s a problem. This advice is usually the first tip you get from friends, family, and tech support.

Rebooting your computer helps keep it running smoothly. It clears the memory, stopping any tasks that are eating up RAM. Even if you’ve closed an app, it could still tap your memory. A reboot can also fix peripheral and hardware issues. If your computer is still running slow, this one insider trick could definitely help.

So, how often should you be rebooting your computer? Let’s take a look at how rebooting can impact your system and when exactly you should be doing it:

Give your computer a fresh start

We recommend that you shut down your computer at least once a week. A reboot process returns everything to its bootup state, from your computer's CPU to its memory.

Many people will shut down their computer by holding in the power button. This way may cause additional problems. Tap or click here to see how to restart your PC or Mac properly.

Rebooting your computer involves two steps – shutting down the computer and then starting it up again. When you reboot/restart your computer, it will lose power during the process and start up again on its own.

Your computer itself will occasionally prompt you to restart it, usually after downloading an update. Newer machines need fewer restarts, but a major software patch usually requires one.

Reduce wear and tear

Your computer is full of moving parts. Its CPU, essentially the brain, has a fan. High-end graphics cards also need a cooling system. Though solid-state drives are becoming more popular, most PCs still use hard disk drives, consisting of spinning discs.

All of these components wear down over time and the longer you keep your computer running, the shorter their lifespan will be.

It's easy to fall into the habit of leaving it on to avoid having to go through the bootup process, but it will help you get more life out of your machine. If you are stepping away for a few hours or would rather not wholly shut things down, you can put your PC down for a nap.

Sleep it off

Sleep mode puts your computer into a low-power state. The fans will stop spinning and the hard drive will stop functioning, so things will get quiet.

With sleep mode, your computer’s current state stays in the memory. When you wake up your machine, your open apps, documents, music, etc., will be right where you left them. Tap or click here to see how your iPhone and Apple Watch can help you improve your sleeping habits.

To put your PC in sleep mode:

1. Open power options:

• For Windows 10, tap Start > Settings > System > Power & sleep > Additional power settings.

• For Windows 8.1 / Windows RT 8.1, swipe in from the edge of the screen, tap Search (or if you’re using a mouse, point to the upper-right corner of the screen, move the mouse pointer down and click Search), enter Power options in the search box and tap Power options.

• For Windows 7, tap Start > Control Panel > System and Security > Power Options.

2. Do one of the following:

• If you’re using a desktop, tablet, or laptop, select Choose what the power buttons do. Next to When I press the power button, select Sleep > Save changes.

• If you’re using only a laptop, select Choose what closing the lid does. Next to When I close the lid, select Sleep > Save changes.

3. When you’re ready to make your PC sleep, press the power button on your desktop, tablet, or laptop, or close your laptop’s lid.

On most PCs, you can resume working by pressing your PC’s power button. However, not all PCs are the same. You might be able to wake it by pressing any key on the keyboard, clicking a mouse button, or opening the lid on a laptop. Check the manual that came with your computer or go to the manufacturer’s website.

It takes less time to wake up a computer than it does to turn it on after a shutdown, but sleep mode still consumes power. To clear out bugs, memory leeches, nonfunctioning network connections, and more issues, a reboot is the way to go.

Learn about all the latest technology on the Kim Komando Show, the nation's largest weekend radio talk show. Kim takes calls and dispenses advice on today's digital lifestyle, from smartphones and tablets to online privacy and data hacks. For her daily tips, free newsletters and more, visit her website at Komando.com.

READ ORIGINAL ARTICLE

Greater Baltimore Medical Center Hit by Ransomware Attack

BY MIKE LENNON

The Greater Baltimore Medical Center in Towson, Maryland was hit by a ransomware attack that impacted computer systems and medical procedures, the healthcare provider said Sunday. In late October, the U.S. government warned hospitals and healthcare providers of an “increased and imminent” ransomware threat. The alert warned that threat actors are targeting the healthcare sector with the TrickBot malware in attacks that often lead to ransomware infections, data theft and disruption of healthcare services.

The ransomware attack is the latest of many that have impacted healthcare providers over recent months. In September, a ransomware attack forced the shutdown of more than 250 locations operated by Universal Health Services (UHS). Also in September, an attack shutdown IT systems at a hospital in Duesseldorf, Germany, resulting in the death of a woman after she had to be taken to another city for urgent treatment.

TrickBot has been updated with functionality that allows it to scan the UEFI/BIOS firmwareof targeted system for vulnerabilities, security researchers recently discovered. READ MORE…

UHS Shuts Down Systems in U.S. Hospitals Following Cyberattack

BY IONUT ARGHIRE

In the end of September, 2020, Universal Health Services (UHS) shut down IT networks at multiple hospitals in the United States, after being hit with a cyberattack. A Fortune 500 company operating more than 400 facilities in the United States, Puerto Rico, and the United Kingdom, the healthcare services provider has approximately 90,000 employees and claimed an annual revenue of $11.4 billion for 2019. While many said that patient care wasn’t critically affected, others detailed difficulties in receiving lab results or performing other types of investigations in a timely manner. There was also one unconfirmed report of patients dying due to such delays. Furthermore, Bleeping Computer and TechCrunch report that information from people with knowledge of the incident leads to the conclusion that the Ryuk ransomware was used. READ MORE HERE…

As Hospitals Cope With a COVID-19 Surge, Cyber Threats Loom

BY ASSOCIATED PRESS

The (University of Vermont Medical Center) Vermont hospital had fallen prey to a cyberattack, becoming one of the most recent and visible examples of a wave of digital assaults taking U.S. health care providers hostage as COVID-19 cases surge nationwide.

The same day as UVM’s attack, the FBI and two federal agencies warned cybercriminals were ramping up efforts to steal data and disrupt services across the health care sector.

By targeting providers with attacks that scramble and lock up data until victims pay a ransom, hackers can demand thousands or millions of dollars and wreak havoc until they’re paid.

Ransomware is also partly to blame for some of the nearly 700 private health information breaches, affecting about 46.6 million people and currently being investigated by the federal government. In the hands of a criminal, a single patient record — rich with details about a person’s finances, insurance and medical history — can sell for upward of $1,000 on the black market, experts say. READ MORE…

NEED MORE PROTECTION? LEARN MORE ABOUT CYBER DEFENSE…

Thinking about buying a low cost WiFI router?

Be careful. Jetstream routers sold exclusively at WalMart, and Wavlink routers sold on Amazon and eBay, contain suspicious back doors that could lead to attackers having the ability to remote control the router and anything attached to it. These Jetstream routers are part of Walmart’s new line of affordable WiFi routers.

These routers are easily 1/3rd of the price for comparable performing WiFI routers, but that low price comes with a potential high cost – your security. There are back doors built in, remote code execution vulnerabilities, plus a script built into the firmware to perform a network discovery scan – this functionality isn’t documented. We’re not saying that you will definitely get compromised using these routers, but the pieces are in place for it – pieces which have no value to you, but great value to bad actors. We definitely won’t be buying one of these, and anyone who asks, we will point them to something else. 

Both brands are owned by the same company, Winstars Technology. This isn’t a smoking gun by itself, many companies have multiple brands marketed to different channels. The different brand routers appear to be the same of very similar. You should know by now that China requires Chinese companies to store all of their collected data in country, and make it available to the government. 

WHAT SHOULD I DO IF I HAVE ONE OF THESE ROUTERS?

Our advice matches what the cybernews researchers say –

1. get a new router;

2. change all your online passwords (assume they’ve been compromised) AFTER you get the new router;

3. and, destroy the current device so someone else isn’t a victim. I’d also be looking for malware on the computers connected to it as well.

SOURCE: https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/

By Todd Swartzman
Chief Information Security Officer

As you might imagine, RealTime fields a fair number of questions regarding cybersecurity that range from “How can we be better protected” to “I’m scared that we might be hit like that <insert business name here> was.” As part of answering this real need for our clients, RealTime is now offering an end user training program as part of our Advanced Cybersecurity Services.

 But, if you aren’t a client (yet) or you’d just like to try this on your own, you can train some of the basics of cybersecurity awareness just by spending a little time online, especially Youtube. This is not intended to replace formalized training, or make you an expert. What these videos can do is help you address some of the most likely threats that the average person encounters just because they use the internet and email in the course of doing their job. These tips are excellent for anyone who just wants to reduce their risks online.

TOOLKIT FOR SMALL BUSINESS

The Global Cyber Alliance is soon releasing a toolkit for small business to better educate and protect themselves from the most common threats in an easy to understand format. RealTime has access to this content early (it will be available to the public soon) and will post about that once it becomes publicly available. For now, here is a compilation we have put together that anyone can use to be better informed and help protect from common cyber threats we all get exposed to on a daily basis at work and at home.

SECURITY AWARENESS VIDEOS

Our Chief Information Security Officer, Todd Swartzman, has watched all of the videos below and recommends taking the the four minutes or less each needed to watch the them for your DIY education.

The links are current as of August 24th, 2020.

• Phishing explained with some education, by SANS - https://www.youtube.com/watch?v=sEMrBKmUTPE

•  How to spot a phishing email, report by Fortune Magazine - https://www.youtube.com/watch?v=jfnA7UmlZkE – best tip in this video: If the email looks suspicious, it probably is.

• If you only watch one video, make it this one – An excellent video spotting phishing scams that is well worth the almost 4 minutes of your time. Loaded with realistic examples and tips - https://www.youtube.com/watch?v=0GwWTjz6txU – best tip: Think before you click.

• Office 365 phishing attack types with some examples, this is not a video - https://betanews.com/2019/04/03/office-365-phishing-attacks/ Note that these threats are not unique to  Office 365 email – we’ve seen attempts against all web based email systems. Just more confirmation that if something asks you to confirm credentials or enter your logon info to access an attachment – be wary! It’s better to ask questions before you click than after.

 TODD’S TIP

“The best single tip that I can provide to help you avoid being hooked by phishing: Microsoft, Google, Apple, Verizon, Bank of America, SSA, IRS, and thousands of legitimate, big, public businesses just like them will NEVER, ever, send an email to you asking you to confirm your password.” 

HERE ARE SOME OTHER THREATS WE FEEL EVERYONE SHOULD BE ABLE TO RECOGNIZE:

• Tech support scam, by USAGov - https://www.youtube.com/watch?v=UGBLjPKSUeU – If you have older parents who use email and the internet, please ask them to watch this video! I have helped too many older, and not so older people, who have been scammed in this way, including my own parents more than once.  

•  Tech support scams can start just as easily with a pop up on the computer telling you something bad happenned that you need to call a number… or else something bad will happen.

•  Spot a bad URL or Link, by Symantec - https://www.youtube.com/watch?v=YIeS7sJ_Llw

•  Better passwords, Local CBS news report - https://www.youtube.com/watch?v=oakITDBYElw

• Better password management using a password manager. This post explains LastPass, but all the password manager applications work pretty much the same - https://lifehacker.com/the-beginners-guide-to-setting-up-lastpass-1785424440  One important detail – you want to be sure that whatever application you use has their security act together and stores the passwords properly. 1 Password, 

•  Mobile device security from SANS Security Awareness - https://youtu.be/WEfWFA4xdd4