Hass and Associates Cyber Security Group

Data breaches can have a big effect on a merger's overall value. There appears to be a worrying level of complacency toward the assessment of cyber-risks during M&A deals, despite increasing awareness of the cybersecurity risks facing businesses. International law firm Freshfields Bruckhaus Deringer found in a survey shared with Infosecurity that 90% of respondents believe cyber-breaches would result in a reduction in deal value; and 83% of dealmakers believe a deal could be abandoned if cybersecurity breaches are identified during deal due diligence or mid-transaction. Yet, too few tie-up architects are addressing the threat. A majority (78%) say that cybersecurity is not a risk that is currently analyzed in-depth or dealt with in deal due diligence. "It's surprising that dealmakers recognize the growing threat of cyber-attacks to businesses, but generally aren't addressing that risk during deals," said Chris Forsyth, co-head of the firm's international cybersecurity team. "You wouldn't dream of buying a chemicals plant without assessing environmental risk, so why would you buy a data-driven business without assessing the risks its faces around data management and cyber-security?" The firm said that the effect of a cyber-incident on value would work both ways - a business with a good track record and robust processes could be worth more than competitors, while a business with a bad track record could be worth less.

(EurActiv) - Insurers are eagerly eyeing exponential growth in the tiny cyber coverage market. But their lack of experience and skills handling hackers and data breaches may keep their ambitions in check. High profile cases of hackers seizing sensitive customer data from companies, such as US retailer Target Corp or e-commerce company eBay Inc, have executives checking their insurance policies. Increasingly, corporate risk managers are seeing insurance against cyber crime as necessary budget spending rather than just nice to have. The insurance brokerage arm of Marsh & McLennan Companies estimates that the US cyber insurance market was worth $1 billion (€0.73bn) last year in gross written premiums, and could reach as much as $2 billion (€1.4bn) this year. The European market is currently a fraction of that, at around $150 million (€110mn), but is growing by 50 to 100% annually, according to Marsh. Those numbers represent a sliver of the overall insurance market, which is growing at a far more sluggish rate. Premiums are set to grow only 2.8% this year in inflation-adjusted terms, according to Munich Re, the world's biggest reinsurer.

Skjebnen til AMD'S Sea-øyene skjult i tåke rapporter dukket opp sist helg som AMDS grafikk veikart for 2013 ville holde Radeon HD 7000 serie "stabil" hele året. Nyheten kom ut på en uvanlig måte, via et intervju med et japansk nettsted, og deretter flere tweets fra AMD ansatte og den offisielle Radeon Twitter feed. Naturligvis, vi hadde spørsmål om tingenes tilstand, så AMD holdt en telefonkonferanse for press i dag, i et forsøk på å avklare saker. Før sist helg ventet vi AMD å innføre en ny generasjon av grafikkortene innen de neste månedene. The Tech Report Den sanne kostnaden for en bringebær Pi er mer enn du tror som bringebær Pi mani feier Internett, du kunne har funnet deg selv ønsker å kjøpe liten datamaskinen for å se hva prosjekter du kan bruke den til. Du kan ha tenkt for deg selv som selv om du ikke kan tenke på en kjekk liten prosjektet, hvem bryr seg, fordi høyere-end modell B er bare $35. Imidlertid er det virkelig så billig når alt er sagt og gjort? Jeg har nylig bestilt min første bringebær Pi. Jeg kunne aldri finne ut hva de skal gjøre med det, men har ønsket en rett og slett fordi det er en billig, spennende liten datamaskin. ExtremeTech Låse de slemme gutta med asymmetrisk kryptering kryptering, transformasjonen av data i et skjema som hindrer noen uautorisert forståelse at data, er en grunnleggende teknologi som gjør det muliggjør for elektronisk handel, sikker kommunikasjon og beskyttelse av konfidensiell informasjon. Krypteringsalgoritmene er den matematiske formler for å utføre disse transformasjonene. Du angir en krypteringsalgoritme med en nøkkel og dataene du vil beskytte (ren tekst), og det produserer en kryptert utgang (chifferteksten). Ars Technica Hvordan Nests kontroll freaks gjenoppfunnet termostaten i 2007, Tony Fadell trodde han kunne se fremtiden. Han var Apple executive som hadde skapt iPod og ble en ledende figur på laget som hadde jobbet på iPhone, som selskapet var i ferd med å lansere.

The House of Representatives go for the second round of Cyber Intelligence Sharing and Protection Act as it passed legislation on Thursday. The newly granted powers are intended to stop computer security threats against a company's rights and property. But the definitions are broad and vague. The terms allow purposes such as guarding against "improper" information modification and ensuring "timely" access to information, functions that are not necessarily tied to attacks. Once handed over, the government is able to use this information for investigating crimes that are unrelated to the underlying security threat and, more broadly, for "national security" purposes, which is a poorly defined term that includes "threats to the United States, its people, property, or interests" and "any other matter bearing on United States national or homeland security." The bill's vague definitions like "cybersecurity purpose" and "cybersecurity system" also raise the frightening possibility of a company using aggressive countermeasures. If a company wants to combat a threat, it is empowered to use "cybersecurity systems" to identify and obtain "cyber threat information." But the bill does not define exactly how far a company can go, leaving it open to the possibility of abuse. The bill drew support from House Democrats, passing on a bipartisan vote of 288-127, although the White House repeated its veto threat on Tuesday if further civil liberties protections are not added. Some lawmakers and privacy activists worry that the legislation would allow the government to monitor citizens' private information and companies to misuse it. U.S. authorities have recently elevated the exposure to Internet hacks and theft of digital data to the list of top threats to national security and the economy. Though thousands of companies have long been losing data to hackers in China and elsewhere, the number of parties publicly admitting such loss has been

http://hassassociates-online.com/articles/2013/04/23/house-passes-cybersecurity-bill-as-privacy-concerns-linger/ The House of Representatives go for the second round of Cyber Intelligence Sharing and Protection Act as it passed legislation on Thursday. The newly granted powers are intended to stop computer security threats against a company's rights and property. But the definitions are broad and vague. The terms allow purposes such as guarding against "improper" information modification and ensuring "timely" access to information, functions that are not necessarily tied to attacks. Once handed over, the government is able to use this information for investigating crimes that are unrelated to the underlying security threat and, more broadly, for "national security" purposes, which is a poorly defined term that includes "threats to the United States, its people, property, or interests" and "any other matter bearing on United States national or homeland security." The bill's vague definitions like "cybersecurity purpose" and "cybersecurity system" also raise the frightening possibility of a company using aggressive countermeasures. If a company wants to combat a threat, it is empowered to use "cybersecurity systems" to identify and obtain "cyber threat information." But the bill does not define exactly how far a company can go, leaving it open to the possibility of abuse. The bill drew support from House Democrats, passing on a bipartisan vote of 288-127, although the White House repeated its veto threat on Tuesday if further civil liberties protections are not added. Some lawmakers and privacy activists worry that the legislation would allow the government to monitor citizens' private information and companies to misuse it. U.S. authorities have recently elevated the exposure to Internet hacks and theft of digital data to the list of top threats to national security and the economy. Though thousands of companies have

http://www.wellsphere.com/brain-health-article/hundreds-of-south-african-facebook-profiles-have-been-cloned/1954857 Computer forensics expert Bennie Labuschagne said scammers used programs designed to "deep mine" online accounts to bypass security features."Cloning is very common and it is now like the 419 scams, only on social networks," he said. One of the South African Facebook victims, Dinesh Ramrathan, said yesterday: "A Facebook friend called me to find out why I had sent her a message asking for money online. I then discovered that my page had been duplicated. "My friends were caught off guard and accepted friend requests from the hacker, who then started sending requests for money." The impostor claimed that Ramrathan was in trouble and needed money urgently."I am lucky because all my Facebook friends know me personally outside of the social network so they knew that I was not in trouble," he said. Debby Bonnin's husband received a friend request from her even though they were already Facebook friends. One of sixmillion local users of Facebook, Bonnin said: "My major concern is identity theft and all the possible ramifications of that. On Facebook the prime issue is reputation. But the person behind the false profile could use your identity to access confidential information from your friends and then there could be security or financial problems that arise." Another Facebook user, Josh Delport, said his stored scores and tokens on game applications on the site had disappeared. University of KwaZulu-Natal associate professor of information systems Manoj Maharaj said that, though Facebook could not be hacked because of its hi-tech security features, the affected users might have put themselves at risk by clicking on links to external games, applications and shopping sites. "Users are clicking on these links without realising that their information is being passed on. If one of those sites is hacked, their information, such as credit card details, is easily a

With all the hundreds of quests from our survey, it's a Hass Associates pleasure to answer those today! As what we have observed, identity theft is on the top where individuals get so interested. In fact, identity theft is the fastest growing crime in America, affecting on the average of 500,000 new victims each year, for the past decade. And so, we are glad to discuss this for you to be well- informed and have preventive measures, such as reducing and reporting scams and prosecuting scammers. These topics are followed by: -online security and hardware concerns; -earning money from legitimate work-at-home programs and work-at-home scams; -credit cards and consumer issues; -Nigerian and lottery scams; -viruses and spyware; -phishing scams; -investment scams; and -urban legends. Obviously, many subscribers are interested in knowing out about new scams in these areas. This seems quite related to what we have been writing about. With all your exciting and terrific questions, Scam Busters will become even better. Today, we'll answer five of your biggest questions about identity theft: Answers to Our Subscribers' 5 Biggest Identity Theft Protection Questions 1) How big of a problem is identity theft and how long does it typically take to recover it? With victims' losses amounting to about $1.1 billion a year, identity theft reached the top of FCS's yearly list of consumer complaints for seven years in a row. The Federal Trade Commission (FTC) estimates more than the average victims that devote 170 to 300 hours trying to recover his or her identity and to resolve theft-relates issues. More than 110 million people in the US reported since January 2007 that have been packed letters from the different government branches, universities, corporations, banks, medical professionals, credit unions, no non-profit organizations and others notifying them that their personal information had either been stolen or lost. (Check out more statistics at our Identity Theft In

http://hassassociates-online.com/articles/security-holes/ Vulnerabilities The larger and more complex information systems are, the greater the possibility of error in logic and loopholes in algorithm. These are weak points that could enable hackers to breach a system and compromise the integrity of information stored. Programmers themselves who are not yet adept in writing software code can unknowingly misuse the code and lead to a vulnerability. A classic example of vulnerabilities that can be exploited is a weak password or its repeated use on various services or software. There are also websites containing malware that installs automatically once visited. Even legitimate software could be a venue for an exploit due to unknown errors (bugs) generated by the program. The end-user or the human element in information systems is arguably the weakest point that hackers easily utilize. 0-day exploits 0-hour or 0-day attack is the exploitation by outside parties of a security hole in a computer program which is unknown from its developers. The term comes from the premise that the attack unfolds on the "day 0, meaning no awareness as of yet from the developers so there is no opportunity and time to issue a fix for the threat. Zero-day exploits are usually shared among hackers even before the developer knew. Programmers could use the vulnerabilities via several avenues: on web browsers and email. Web browsers allow for a wider target. Meanwhile, using email, hackers can send a message that includes an executable file on the attachments, set to run once downloaded. Such 0-day threats are in the time frame where a security hole is exploited up to the time that the program developers issued a patch for it.

Hass and Associates Cyber Security/ Security Holes