In this issue:

Cybersecurity “Go-Team” for Medical Devices
Goodbye Passwords? Maybe soon…
More Facebook Woes
Bitcoin Goes Mainstream
SunTrust Possible Breach
Meet the Team: Tracy Ratkiewicz, Commercial Account Manager

internet of things in healthcare

Cybersecurity “Go-Team” for Medical Devices

Medical devices are particularly vulnerable to attacks. This is partly because of the advances in technology and connectivity to the Internet, or the Internet of Things (IoT). Because of this, the U.S. Food and Drug Administration (FDA) will be pushing manufacturers and health-care providers to improve the cybersecurity of their devices. The Wall Street Journal reported that the FDA plans to create a “go-team” to investigate compromised incidents.

The article stated that FDA Commissioner Scott Gottlied is requesting authority from Congress that would require manufacturers to make devices patchable and “require hospitals to set up programs to enable security researchers to contact them if they find a vulnerability.”

Internet connected devices can experience cybersecurity issues that could be potentially life threatening. Equipment such as MRI machines, patient monitors, etc. are all at risk. To improve security, the plan also includes development of a Software Bill of Materials that would be provided to the FDA, making it easier to determine which devices may be at risk when vulnerabilities are discovered.


goodbye passwords

Goodbye Passwords? Maybe soon…

Passwords may soon become a thing of the past. The World Wide Web Consortium establishes Web standards and is close to giving final approval to WebAuthn.  According to Tech News World, John P. Mello, Jr.’s article “Standard Milestone Could Mark Beginning of End for Passwords” quotes W3C CEO Jeff Jaffe as saying “Security on the web has long been a problem which has interfered with the many positive contributions the web makes to society.”

Passwords are notoriously the weakest link. WebAuthn will eliminate that weakness with a standard Application Program Interface that would be incorporated into browsers and infrastructures. It will create new ways for authentication that are more secure and convenient than passwords.


cyberbreaches

Cyberbreaches on the Rise

TechNewsWorld posted an article by David Jones about a recent wave of cyberbreaches hitting a large number of retailers, industrial firms, government agencies and other organizations. These attacks have exposed literally millions of consumer payment cards that are used to resell financial data on the Dark Web and to infiltrate corporate computer systems.

The article points out how troublesome these breaches are, especially since they follow the multitude of intrusions and ransomware of the past two years. It leads one to think that we’ve made no strides in developing strategies to thwart these efforts.

“U.S. companies and organizations are woefully underprepared to deal with modern attacks like this — and the problem is simply exacerbated by the amounts and access to personal data these companies and institutions store,” said Kevin O’Brien, CEO of GreatHorn.

Recent breaches include:

  • Orbitz, the travel website, announced that credit card data belonging to 880,000 customers on a legacy platform may have been accessed by an attacker.
  • Under Armour announced that 150 million accounts using their MyFitnessPal food and nutrition app have been compromised.
  • Boeing was hit by a cyberattack with a variant of the WannaCry ransomware.
  • Saks Fifth Avenue, Saks Off Fifth and Lord & Taylor had credit card data of five million customers exposed.
  • Delta Air Lines and Sears Holdings were both victims of data breaches at a customer service online chat platform.

 

 

More Facebook Woes

How many times have you been to a website that says to “log in with Facebook?” It happens to all of us, often. It’s fast and a lot easier than creating a new user account. But beware. In a word, STOP! You may not want to continue taking the easy way out and logging in with your Facebook information as your data will often be exposed to web trackers.

CNBC.com recently (April 19, 2018) reported about this saying that researches have found that when a user logs into a website via Facebook, third-party trackers embedded on that site are able to collect that user’s data. For example, a concert tracking website, BandsInTown, was “found to be passing on users’ public profile data to other websites.”

The report says that Facebook is not at fault, but they could do more to prevent this.

 

Bitcoin Goes Mainstream

Bitcoin is a form of crytocurrency that is quickly growing in both value and acceptance. Originally it was a “fringe form of payment relegated to the ‘dark web’, Bitcoin has quickly gone mainstream – and small business owners should take notice,” according to manta.com.

How secure is cyrptocurrency? Actually, it’s pretty secure. And because more and more businesses will be dealing in bitcoin, it’s something we all need to know more about. We found an informative and easy to follow article that explains all aspects of bitcoin currency, including what it is, what the benefits are, and why companies should adopt it. Click here to read the full article.

 

 

SunTrust Possible Breach

SunTrust recently (April 20, 2018) sent out a warning that an ex-employee may have shared information about 1.5 million of their clients. It’s believed that the information included names and account balances, but probably not sensitive information such as social security numbers, account numbers or driver’s license numbers.

According to CNBC.com, SunTrust Chief Executive Officer William Rogers said the attempt to download the information was made six to eight weeks ago. SunTrust also said that it believed the stolen information had not left the bank. A press release sent out stated that the bank would notify the affected clients that information might have been exposed. As a result of this possible breach, SunTrust is offering identity protection services to all of its clients, not just those that may have been affected. The identity protection service will be free of charge.

 

 

tracy ratkiewicz

MEET THE TEAM

Meet Tracy Ratkiewicz, Commercial Account Manager

Tracy has been involved in commercial insurance since 2001 with a strong focus on condo associations and apartment buildings.

Q: What is your favorite ice cream?
A: Chocolate Chip

Q: What is your favorite holiday?
A: Christmas

Q: What is the one thing that you cherish that is insured?
A: My children’s musical instruments. My daughter has a ukulele collection and piano and my son has a drum set.

Q: You’ve been in insurance for 16 years.  What is the one piece of money savings advice  you wish all your clients knew about?
A: Review and update your business exposures each year to ensure your policies are written correctly so you are getting the coverage you need and not being charged for exposures that no longer exist.

 


This information is not intended to be exhaustive nor should any discussion or opinions be construed as professional advice.  Should you have any questions or would like to discuss your risk exposure with your company’s cyber insurance, please contact the insurance pros at ARCW Insurance.  We are here to help.