☰ Navigation

1-888-643-2217 Email ABEX
Keeping you updated

Archives

Critical Cyber Exploits Affect Nearly All Computers

Posted on by

Cyber security researchers recently announced the discovery of two major security flaws that could allow hackers to bypass regular security measures and obtain normally inaccessible data. The flaws, referred to as Meltdown and Spectre, are both caused by design flaws found in nearly all modern processors. These vulnerabilities can be exploited to access all of the data found in personal computers, servers, cloud computing services and mobile devices.

Because Meltdown and Spectre are both caused by design flaws, experts believe that they will be harder to fix than traditional security exploits. Additionally, software patches that have already been released to help address the vulnerabilities can cause computer systems to slow down significantly, which may impact their ability to perform regular tasks.

Researchers believe that Meltdown and Spectre may be limited to processors manufactured by different companies, but also warn that the design flaws that contribute to Meltdown and Spectre have been present for years. Here are some key details about each flaw:

  • Meltdown: This flaw can be used to break down the security barriers between a device’s applications and operating system in order to access all of the device’s data. Meltdown can be used to access desktop, laptop, server and cloud computer systems, and can even be used to steal data from multiple users who share one device. Although researchers have only been able to verify that Meltdown affects processors made by Intel, other processors may also be affected. Many software developers have already released updates that prevent hackers from exploiting Meltdown.
  • Spectre: This flaw can be used to break down the security barriers between a device’s different applications and access sensitive data like passwords, photos and documents, even if those applications adhere to regular security checks. Spectre affects almost every type of computer system, including computers, servers and smartphones. Additionally, researchers have confirmed that the design flaw that enables Spectre is present in Intel, AMD and ARM processors that are used by nearly every computer and mobile device. Software developers are currently working on a patch to prevent the exploitation of Spectre, but some experts believe that future processors may have to be redesigned in order to fix the vulnerability.

When Meltdown and Spectre were originally discovered in 2017, researchers immediately reported them to major hardware and software companies so work on security fixes could begin without alerting hackers. As a result, services and applications offered by companies like Microsoft, Google, Apple and Amazon have already been updated to help defend against the flaws. However, you shouldn’t rely solely on a software patch to protect against these vulnerabilities. Here are some steps you can take to protect your computer systems and devices from Meltdown and Spectre:

  • Update all of your devices immediately, and check for new updates regularly. You should also encourage your friends, family members and co-workers to do the same.
  • Contact any cloud service providers and third-party vendors you use to ensure that they are protected against Meltdown and Spectre. Cloud services and computer servers are especially vulnerable to the exploits, as they often host multiple customers on a single device.
  • Install anti-virus and firewall systems to protect against regular malware. Researchers believe that hackers need to gain access to a device in order to exploit Meltdown or Spectre, so keeping your devices free of malware can help prevent data theft.

© Zywave, Inc. All rights reserved

Common Reasons Workplace Hazards Go Unreported

Posted on by

In order to ensure a safe and healthy workplace, organizations rely on their employees to report safety concerns. While hazard reporting is critical for discovering and addressing risks, many employees avoid it. The following are some reasons why workplace hazards go unreported:

  • Employees lack the time. It can be easy to be distracted by daily work and not take the time to fulfil extra responsibilities. However, if you notice a hazard, it’s important to notify your supervisor to ensure the safety of you and your co-workers.
  • Employees don’t know how to report the hazard. Sometimes employees may notice a safety issue, but don’t report it because they don’t know how. In these instances, it’s important to ask your supervisor to teach you hazard reporting processes.
  • Employees are concerned about getting in trouble. If a hazard is the result of negligence, employees may worry about repercussions for identifying an issue. However, hazard reporting isn’t about discipline, but rather prevention and correction. Employees should feel empowered to speak with their supervisors about workplace issues without worrying about getting in trouble.

When it comes to hazard reporting, employees should be proactive instead of waiting for an inspection to take place.

© Zywave, Inc. All rights reserved

Working Safely in the Cold

Posted on by

Employees that work outside in the winter months are at risk of serious health problems, including hypothermia, frostbite, dehydration and muscle injuries. What’s more, frigid temperatures can also cause additional pain for those who suffer from arthritis and rheumatism.

Common symptoms of cold-related illnesses and injuries include uncontrollable shivering, slurred speech, clumsy movements, fatigue, confusion, white or greyish skin, skin that feels waxy and numbness.

To reduce the risk of cold-induced injuries, consider doing the following:

  • Layer clothing to keep warm enough to be safe, but cool enough to avoid perspiring excessively. Layered clothing should contain the following:
    • An inner layer of synthetic weave to keep perspiration away from the body
    • A middle layer of wool or synthetic fabric to absorb sweat and retain body heat
    • An outer layer designed to protect from wind chill and allow for ventilation
  • Wear a hat.
  • Place heat packets in gloves, vests, boots and hats to add heat to the body.

It’s important to note that many people do not notice they are suffering from cold-related illnesses because their tissue is numb. Therefore, it is wise for employees to check on each other periodically when working outdoors in the cold.

If employees experience any symptoms of cold-related illnesses and injuries, they should get indoors, alert their supervisor and call for medical attention if symptoms do not subside.

© Zywave, Inc. All rights reserved

5 Cyber Risk Questions Every Board Should Ask

Posted on by

When a data breach or other cyber event occurs, the damages can be significant, often resulting in lawsuits, fines and serious financial losses. In order for organizations to truly protect themselves from cyber risks, corporate boards must play an active role. Not only does involvement from leadership improve cyber security, it can also reduce liability for board members.

To help oversee their organization’s cyber risk management, boards should ask the following questions:

  1. Does the organization utilize technology to prevent data breaches? Boards should ensure that the management team reviews company technology at least annually, ensuring that cyber security tools are current and effective.
  2. Does the organization have a comprehensive cyber security program that includes specific policies and procedures? Boards should ensure that cyber security programs align with industry standards and are audited on a regular basis to ensure effectiveness and internal compliance.
  3. Has the management team provided adequate employee training to ensure sensitive data is handled correctly? Boards can help oversee the process of making training programs that foster cyber awareness.
  4. Has management taken appropriate steps to reduce cyber risks when working with third parties? Boards should work with the company’s management team to create a third-party agreement that identifies how the vendor will protect sensitive data, whether the vendor will subcontract services and how it will inform the organization of compromised data.
  5. Has the organization conducted a thorough risk assessment and considered purchasing cyber liability insurance? Boards, alongside the company’s management team, should conduct a cyber risk assessment and identify potential gaps. From there, organizations can work with their insurance broker to customize a policy that meets their specific needs.

Contact your insurance broker to learn more about cyber risk mitigation strategies that you can start using today to keep your business secure.

© Zywave, Inc. All rights reserved

Why Your Organization Needs a Business Plan

Posted on by

Business plans are documents that map out a company’s future objectives and the strategies that will be employed to achieve them. Due to the general nature of these documents, many organizations wrongly assume that business plans are exclusively for young companies just starting out.

However, business plans can be an effective tool for organizations that have been operating for years or are simply looking to grow. In fact, companies that approach financial institutions for a loan to expand operations will often be denied if they don’t have a strong business plan in place.

To avoid losing financial support and similar setbacks, drafting a business plan that’s unique to your company is critical and can provide the following:

  • A means for starting a business on the right foot. For startups, a business plan can help turn ideas and capital into a viable business model. Specifically, a good business plan can help you secure financing from investors and identify your overall strengths, weaknesses, opportunities and threats.
  • Strategies for managing an existing business. For organizations that have been in operation for years, business plans can provide helpful guidance on a number of issues. In general, business plans can help a business communicate its vision to employees and external parties, develop accurate financial forecasts and evaluate company growth.
  • Opportunities to grow. When a business is looking to venture into new markets or expand its services, business plans can be particularly helpful. Business plans provide organizations with opportunities to raise capital, create a strategy to manage growth and mitigate expansion risks.

Business plans are not a “one-size-fits-all” endeavour, and organizations will need to be thorough and specific when crafting an effective plan. To view samples and learn some helpful best practices, visit Canada Business Network’s website.

© Zywave, Inc. All rights reserved

Blog

FOLLOW OUR BLOG

Receive notifications of new posts automatically.

ABEX - AFFILIATED BROKERS EXCHANGE IS ON FACEBOOK.

Like us on Facebook
Connect with us on LinkedIn

CONNECT WITH US ON LINKEDIN