Firewall Chats, S. 2, Ep. 6: Medical Identity Theft

By | April 26th, 2016|Firewall Chats|

CSIDNot all identity theft cases involve credit cards and Social Security numbers. Medical identity theft is a grave issue, which can affect the health records and treatment of victims.

According to the Medical Identity Fraud Alliance, in 2014, two million victims were impacted by medical identity theft. The effects are costly. The Fifth Annual Study on Medical Identity Theft reported that 65 percent of victims surveyed paid more than $13,000 in out-of-pocket costs to resolve the crime.

In our final episode of season 2, we spoke with Eva Velasquez, president and CEO of the Identity Theft Resource Center, who assists victims of identity theft and fraud, including medical identity theft.

Velasquez explained many people assume health information is used maliciously for medical goods or services, but thieves also use this precious information to attain hospital visits, prescription drugs, or costly medical equipment.

“There can be some pretty devastating consequences when this occurs,” Velasquez explained. “Of course there are the financial implications that can certainly hit a victim’s pocketbook. [But] if you have mixed medical records that can potentially lead you to have a misdiagnosis or inappropriate treatment. Or you can have a condition the doctor believes has been addressed, because it’s been addressed for the thief. …It can truly affect your health.”

The data exposed in major healthcare breaches, like Community Health Systems or Anthem, can also be used by thieves to commit other crimes.

“Information that is obtained through a medical breach is the same information that can be used across all of the silos,” Velasquez said, saying tax identity theft is directly related to medical data breaches.

How can you keep your medical information safe? Begin by examining your insurance statements and explanation of benefits. The latter may “read like a phone book,” says Velasquez, but individuals shouldn’t be intimidated.

“At the very least, look at the day of service and the doctor or hospital or lab that was providing the service and make sure that you recognize it, that’s enough,” she said. “Start with that, so you’re not overwhelmed as a consumer.”

Velasquez also stressed listening to your doctor during a visit and discussing your records. Like a credit report, request your medical history and look for fraudulent errors or inaccuracies. If you find errors, first call your insurance provider. Also consider contacting the credit bureaus, as your information may be jeopardized in other areas.

Listen to the entire episode here: www.CSID.com/FirewallChats. And let us know your feedback on our Firewall Chats Twitter and Facebook.

Firewall Chats, S. 2, Ep. 5: Creating a Culture of Cybersecurity at Work

By | April 12th, 2016|Firewall Chats|

CSIDThis April, the National Cyber Security Alliance is encouraging consumers and business owners to make time for digital spring cleaning. Each week is dedicated to highlighting tips to help secure our most sensitive data.

It’s important to make cybersecurity a priority in your personal life, as well as work. Small businesses are frequently targeted by cyber criminals, as many do not have policies and procedures in place to guard them from such an attack.

In a recent survey, eight out of 10 small business owners said they do not have a cyber attack response plan in place, even though the majority (63 percent) of these businesses have been a victim of at least one type of cyber attack.

For insights into the “dos and don’ts” of creating open cybersecurity, we sat down with Michael Kaiser, executive director at the National Cyber Security Alliance. The first thing small business owners need to do is understand the risk is serious.

“Don’t think it won’t happen to you,” Kaiser said. “Don’t think that what you have is not valuable to a cybercriminal.”

Companies need to be very aware of the safety and security necessary to keep information and work devices safe from malicious threats and human error.

“It has to be a commitment from the top of an organization for people to take cyber security seriously,” Kaiser said. “Everyone plays a role in that. … Leadership sets the tone about the importance of protecting the company’s assets, and also the personal information of their customers, clients, [and employees].”

For businesses just adopting cybersecurity best practices, Kaiser mentions starting with password reminders, policies that fit the size of your organization, and creating a conversation.

“[You can start with] getting people together in a conference room and talking about cybersecurity and what they need to do, and what your policies are,” he said.

If you are part of a large organization, invest time into policies and employee trainings around phishing emails and “Bring Your Own Device” best practices. Revisit the conversation often.

“It has to be reinforced,” Kaiser said. “It can’t be a one and done kind of thing. It has to really be periodic. … Reminding people of the value of the information that an organization holds and the responsibility they have to protect it. When people give you their information, they expect you to protect it.”

It’s important to empower coworkers to protect data. Set rules and responsibilities, and let employees know they are being entrusted with the data of consumers and other employees.

Leadership should also have cybersecurity procedures in place, should a breach occur.

“At the end of the day, cybersecurity is about resistance but it’s also about resilience,” Kaiser said. “It’s about how fast you can come back if you are attacked.”

Listen to the entire episode here: www.CSID.com/FirewallChats. And let us know your feedback on our Firewall Chats Twitter and Facebook.

Save the Date: Our next episode will air on Tuesday, April 26, and will explore medical identity theft.

Firewall Chats, S. 2, Ep. 4: Death, Fraud and Taxes

By | March 29th, 2016|Firewall Chats|

CSIDFew things are guaranteed in this life—but death and taxes are two you can expect to face.

However, most Americans are not braced to handle tax-refund fraud. This popular form of identity theft occurs when a thief or cyber criminal files a fraudulent tax return and claims the refund before the victim is aware. The International Revenue Service ranks tax refund fraud as its number one scam, and expects fraud to hit $21 billion this year.

In our most recent episode of Firewall Chats, we saw down with Neal O’Farrell, founder of and cybersecurity specialist at the Identity Theft Council, to find out what consumers need to know about tax fraud and how to protect their money.

The “golden rule” for tax fraud is to beat the thief.

“It’s a race between you and an identity thief,” O’Farrell said. “[Your chances lower] if you file as early as possible – which really means you should have filed already.”

Filing early is perhaps the most important and effective tip to avoid tax fraud. The earlier you file your taxes, the earlier the IRS processes them and the smaller the window that leaves for identity thieves to file using your information. Once you file your return, an identity thief won’t be able to collect on your Social Security number. However, if a malicious cyber criminal beats you to the punch, it can take a victim six months to a year to receive your tax refund, said O’Ferrall.

But how does a cyber criminal have your information to abuse? O’Farrell says data breaches are at the heart of tax fraud.

“As a consumer there is very little you can do about preventing a data breach,” he said. “The information is out of your hands. It’s in someone else’s hands. The only thing you can do in that case is just restrict the amount of information you share with organizations. If you don’t need that service, if you don’t need that freebie, don’t give away your personal information.”

If you are a victim, the most important thing to do is stay calm.

“Don’t panic,” O’Farrell said. “Victims of any type of identity theft, particularly anything to do with the government agency and especially the IRS, they panic. They think it’s going to mess up their taxes, it’s going to mess up their returns, or it will get them in trouble.”

Victims often stress that they will need to prove that they didn’t file the return.

“That’s simply not that case,” he said. “Most of the laws are on the side of the consumer. You’re not going to be held liable if it wasn’t you, and you’re not going to have to prove that it wasn’t you.”

If you are a victim, first contact the IRS.

  • The agency has detailed instructions on its site on how to begin filing a claim, which can be a lengthy process.
  • Next, check your credit report. A criminal must have your Social Security number to file a fraudulent return, so chances are high they are also taking out additional lines of credit.
  • Also, consider placing a fraud alert or freeze on your account until everything is resolved.

Listen to the entire episode here: www.CSID.com/FirewallChats. And let us know your feedback on our Firewall Chats Twitter and Facebook.

Save the Date: Our next episode will air on Tuesday, April 11, and will feature Michael Kaiser, executive director of National Cyber Security Alliance.

Firewall Chats, S. 2, Ep. 3: You’ve Been Hacked, Now What?

By | March 8th, 2016|Firewall Chats|

Hacked

Data breaches have dominated the headlines for the past few years. In 2014, some went as far as coining the term the “Year of the Breach.” But 2015 was no different with 781 data breach in the United States alone, accordingly to a report by the Identity Theft Resource Center.

When a data breach occurs, businesses need to act swiftly and efficiently to stop the breach, identify the holes, and communicate with authorities, employees, customers and stakeholders. But how?

In our latest episode of CSID’s podcast, Firewall Chats, we sat down with Corey Ealons, senior vice president with VOX Global, and Sterling Miller, senior counsel at Hilgers Graben, to grab a sneak peak of their upcoming SXSW session, “You’ve Been Breached. Now What?” Together, they plan to show SXSW attendees (and Firewall Chats listeners) the advantages of a thorough data breach response plan.

“Most companies have a good grasp on what they’re dealing with [during a crisis] from a technical side,” Ealons said. “But they haven’t really given a lot of thought to the legal or the communication side.” Ealons has nearly 20 years of experience as a strategic communicator, and assists clients with comprehensive strategies, including educating employees, vendors, and stakeholders on the best ways to protect digital networks.

Miller complements Ealons’ experience, with more than 20 years of in-house practice, and expertise around complex litigation, data privacy, and internal investigations.

“You need to look at [a data breach] in terms of hours, versus days and weeks,” Miller said. “The most critical decisions you are going to make happen right in the immediate aftermath of the breach.”

“Generally, the reason it’s chaos is because most companies don’t have a communication response plan, or even a legal response plan, on the shelf,” Ealons explained. “They’re literally building the bike and riding it at the same time.”

Businesses large and small need to be braced for such an event.

“We know that hackers are really focused on small data sets,” Ealons said. “We’re hearing, now, small businesses are now targets. Even though it’s a smaller cache of data, it’s data [hackers] can more easily access because the security in those facilities are generally not up to what they should be.”

Both agree that proactive planning can help with stress, allowing businesses to recover their operations quickly and help preserve their company’s reputation.

“Have a plan in place to deal with a breach, before the breach occurs,” Miller said. “You need to practice it and keep it updated. Use encryption as much as possible. … And train your employees about good data protection practices.”

At SXSW this Saturday, March 12, Ealons and Miller will discuss how businesses should navigate a breach in their session, “You’ve Been Hacked. Now What?” Attendees will learn valuable best practices for cyber-attack responses and engage with a live crisis simulation.

Listen to our latest episode where we get a sneak peak of their SXSW session at www.CSID.com/FirewallChats, and be sure to catch their session this Saturday.

As always, let us know your feedback on our Firewall Chats social channels on Twitter and Facebook.

Save the Date: Our next episode, “Death, Fraud and Taxes,” will air on Tuesday, March 29.

Firewall Chats, S. 2, Ep. 2: Exploring Biometric Data

By | March 1st, 2016|Firewall Chats|

BiometricsAlmost five years ago, Facebook announced the debut of its facial recognition software, DeepFace, to make tagging photos of friends easier for users. The news spurred many articles questioning how exactly the technology worked and what steps could be taken to maintain privacy.

Today, having software instantly identity faces in our photos seems almost commonplace. Facebook’s billions of users upload nearly 350 million new pictures each day that are quickly scanned and tagged. Google Photos also has built-in facial recognition software that automatically organizes your photos based on the people you’re with. But this convenience doesn’t come without concern.

To hear the latest in biometric advances and facial recognition technology, we caught up with Olga Raskin, Research Manager at Novetta. In her current role, Raskin leads identity-related research projects for government and commercial clients, focusing on biometrics and online identity intelligence. She’s also been spotlighted for her biometric expertise on CNN, The Economic Times, and the Wall Street Journal. Raskin will present “Face Recognition and Online Identity” at SXSW 2016 next Saturday, March 12.

“Right now [sites like Facebook and Google] are [using face recognition] to help users tag and organize their photos,” Raskin explains. “And we’ve learned it’s pretty accurate.”

Facial recognition and biometric data can be beneficial in today’s social society, Raskin explains.

“It can be more convenient and more secure,” she said. “It may be considered safer in some cases because biometrics can’t be stolen as easily as passwords.”

However, having your face scanned and identified leaves most people feeling unsettled.

“In the United States there are no laws that strictly govern this space,” Raskin explained. “Self-regulation has been a challenge because it’s hard to get the privacy advocates – and the people implementing the technologies – to agree on the rules and guidelines.”

In this episode, Raskin delves deeper into the myths and facts behind traditional and modern technologies. Listen now and catch her SXSW session on Saturday, March 12 to learn even more.

Listen to the entire episode at www.CSID.com/FirewallChats. And let us know your feedback on our Firewall Chats social channels on Twitter and Facebook.

Save the Date: Our next episode will air on Tuesday, March 7, and feature SXSW speakers Corey Ealons of VOX Global and Sterling Miller of Hilgers Graben on what to do if your business has been hacked. Be sure to tune in!

Firewall Chats, S.2, Ep. 1: Protecting Your Digital Life

By | February 23rd, 2016|Business Security, Firewall Chats|

DigitalIn just a few short weeks, South by Southwest will descend upon downtown Austin, Texas. The Interactive portion of the conference is lauded for highlighting the most current privacy and security issues, drawing thousands of thought leaders to our backyard. In Firewall Chat’s second season, we decided to highlight some of these key thinkers whose SXSW panels focus on issues that are putting our identities and personal data at risk.

In our first episode this season, we had the pleasure of speaking with Nuala O’Connor, president and CEO of the Center for Democracy and Technology. O’Connor is a SXSW veteran and plans to discuss the notion of the “digital self,” as well as policy, legal and personal boundaries in her upcoming session, “Protecting the Digital You” on Sunday, March 13.

“I think many of us know the very significant privacy issues that we all face in both leveraging and using the best of technology,” said O’Connor, who previously cut her teeth at Amazon and General Electric. “But we also need to make sure we have a safe space to be individual, to be creative, and to be private.”

In her role with the Center for Technology and Democracy, O’Connor petitions for the rights of the individual in our digital world, including privacy and free expression. She also works alongside companies, governments and citizens to create and adopt thoughtful digital policies – including data destruction.

“Companies need to be transparent about what data is being collected, when and why,” said O’Connor. “[And] data has a half-life at some point. Too much data is not helpful to endeavors at hand. Companies need relevant data to help them get their job done, [but] collecting it all and deciding what to do with it later is not an acceptable answer.”

Despite the heated conversations around big data, privacy and security, O’Connor believes we are only at the inception of what’s to come.

“I think there are great days ahead,” she said. “I think the potential for technology to change lives in healthcare and education and the environment [is huge]. We’re still at the beginning [of the Internet]. I think everyone gets a voice in helping build it the right way, but hopefully always with the rights of the individual at heart.”

Listen to the entire episode at www.CSID.com/FirewallChats. And let us know your feedback on our Firewall Chats social channels on Twitter and Facebook.

Save the Date: Our next episode will air on Tuesday, March 1, and feature SXSW speaker Olga Raskin on biometric data. You don’t want to miss it!

Announcing Season 2 of CSID’s Podcast, Firewall Chats

By | February 12th, 2016|Company News, Firewall Chats|

CSIDWe’re pleased to announce CSID’s podcast series, Firewall Chats, is returning for a second season! And this one will be even bigger than the last, with six episodes released every other Tuesday starting on February.

We’ll be kicking off the second season with a look ahead to South by Southwest. SXSW is an annual conference where industry leaders meet to share ideas on the latest interactive and technology trends. Cybersecurity has been an area of focus over the past few years, and a wide-variety of industry thought leaders attend. Even if you’re not able to make it to SXSW, you’ll want to listen in.

We’ll be speaking to some great guests sharing tips and insight on how to stay secure in an increasingly digital world. Nuala O’Connor, President and CEO of the Center for Democracy and Technology, will talk about the legal and personal boundaries needed to protect your life online. We’ll learn from Novetta’s Olga Raskin how biological data, like fingerprints and eye color, are becoming more prevalent in technology, and what we can do to protect our privacy with these technological advancements. VOX Global’s Corey Ealons, along with Sterling L. Miller of Gober Hilgers PLLC, will discuss how a business can minimize the impact of a breach, and the first actions you can take to regain control.

SXSW isn’t the only big event this spring. Tax season is also in full swing. It may not be a lot of fun to do your taxes, but it’s a lot worse to deal with tax-refund fraud. As tax-refund fraud is expected to reach $21 billion this year, Neal O’Farrell of the Identity Theft Council will share how to remedy tax ID theft and protect your information in the future.

Everyone at a company, from CEOs to brand new employees, should play an active role in keeping the business’s information safe. Michael Kaiser, Executive Director of the National Cyber Security Alliance, will join us to chat about instilling a culture of cybersecurity at work. Having an open cybersecurity culture will ensure protecting sensitive information is a company-wide priority.

We’ll also take a look at medical fraud with ITRC’s Eva Velasquez. Last year, the medical and healthcare industry was the second largest market affected by data breaches and hacks. It’s a very real issue, and we’ll discuss how consumers can protect their health information.

We can’t wait to share the expertise of some terrific thought leaders in the industry. To make sure you don’t miss an episode, follow Firewall Chats on Facebook and Twitter. And, as always, stay up to date with everything going on at CSID by following us on Facebook, Twitter and LinkedIn. If you missed Firewall Chats Season 1, you can check out the full season at www.csid.com/firewallchats.

Firewall Chats, Ep. 5: Scams, Malware, and Phishing Attempts

By | December 15th, 2015|Business Security, Firewall Chats|

MalwareToday airs the final episode in our pilot podcast series! To wind down the last few days of 2015, we sat down with Adam Dolby, Encap Security’s vice president of business development.

Prior to joining Encap Security, Dolby was focused on banking, ATM networks, and card processing. His expertise lies within multi-factor authentication, security, and electronic financial services, which is why we wanted to discuss the tricks, traps, scams and malware that consumers face daily.

Did you know, according to Get Cyber Safe, roughly 156 million phishing emails are sent each day? Of that, 16 million make it through filters. Half are opened. In the end, 80,000 people fall victim to scams and share personal information with cyber criminals.

“Bad guys will cast a fairly wide net–the wider the net, the better for them,” Dolby said. “They see who ends up in it at the end. … While the online community has come [far], when you can still trick 80,000 people, a day, into giving away their credentials that means we have a really long way to go.”

Malicious emails aren’t the only danger to businesses and consumers.

“Malware, to me, is the real threat.” Dolby said. “Malware is a form of computer program designed specifically to steal your login credentials.”

Dolby said there were 255,000 new malware variants every single day in 2014.

Our guest also shared that long gone are the days when hackers were individuals, hiding in basements. Now these scams and hacks are part of sophisticated, organized attacks.

In our episode, Dolby shares tips to be aware of these scams, the cost of data breaches, two-factor authentication, and how businesses can better protect their employees and customers.

“It’s up to you to protect your identity,” Dolby said. “Be prepared for the when, not the if.”

You can listen to the entire episode, as well as our past podcast episodes, at www.csid.com/firewallchats. Thanks for listening!

Questions? Comments? A topic you’d like to see us tackle next year? Reach out to us on Twitter and Facebook to let us know!

Firewall Chats, Ep. 4: The Internet of Things

By | December 1st, 2015|Firewall Chats|

PodcastToday, our fourth episode of Firewall Chats is live! In this special edition, we put the spotlight on CSID’s own Chief Innovation Officer, Adam Tyler.

Tyler’s expertise spans far across the ever-changing security landscape. He speaks frequently around the globe on identity protection and fraud detection, cybersecurity trends, and evolving hacking and attack methods. Additionally, Tyler is a passionate expert on the Internet of Things…or rather, the security of the things.

According to Cisco, there are already 10 billion things that can connect to the Internet. This number is expected to grow substantially within the next few short years. It’s predicted that by 2020, the number of devices connected to the Internet will exceed 50 billion.

“The Internet of Things is an incredible concept,” Tyler said. “It’s about accessibility. It’s about making the whole of our homes connected and manageable remotely.”

With each new device, our lives have the ability to become more convenient, more efficient. We recently wrote about how music festivals are using smart technology to make the concert-going experience more seamless. New coffee makers and household appliances can learn your preferences. Our cars are quickly evolving to contain multiple in-vehicle services, and many may soon become driverless. Our wearable devices monitor our vital signs and share how we can eat better and sleep sounder.

While these advances are exciting, the convenience of these products brings great risk to the security of our information.

“The problem is these devices are being designed with functionality first and not security,” said Tyler. “Any device that we’re connecting to the Internet and making available to the outside world can be accessed, can be pinged, can be targeted by malicious acts.”

While our smart fridge may not hold any data, the connection it shares with other devices and the Internet can jeopardize our information. Tyler is passionate about making sure listeners are aware and wary of how their data is being collected and used within this rapidly evolving world.

In this episode, Tyler helps us separate IoT fact and fiction, discusses how hackers have already interfered with smart cars, and shares tips so we can protect our information today…and tomorrow. To hear it all, listen on www.CSID.com/FirewallChats, and reach out to us on Twitter and Facebook  to let us know what you think.

Save the Date: Our last episode in our pilot series will air on Tuesday, Dec. 15, and feature Encap Security’s Adam Dolby on the topics of scams, malware, and phishing attempts.

Firewall Chats: The Top Cybersecurity Podcasts

By | November 16th, 2015|Firewall Chats|

PodcastNow that we’ve launched our third episode of Firewall Chats, we feel confident saying we’re officially a part of the cybersecurity podcast network. Our main goal with Firewall Chats is to educate our listeners with information and advice on how to best protect their most sensitive information. We’ve been fortunate to have some terrific guests thus far, including SociallyActive.com’s Chris Crosby, Passcode’s Michael Farrell, and Katie Stephens from the University of Texas Center for Identity.

Of course, we’re hardly alone in providing helpful information for our listeners. There are a lot of great cybersecurity podcasts out there. We’d like to share a few of our favorites.

Security Now! is one of the original cybersecurity podcasts, getting its start all the way back in 2005. Steve Gibson, the man who coined the term “spyware” and created the first anti-spyware program, sits down with TechTV’s Leo Laporte to discuss important issues of personal computer security. If you use a personal computer, you’ll find something to take away from this podcast every week.

The Southern Fried Security Podcast aims to fill in the gap between the more technical security podcasts and Security Now. Topics include information on the latest breaches, how to make sure your passwords are the most secure, and candid takes on the cybersecurity industry.

You won’t find Tom Cruise dancing around the house in the Risky Business podcast, but you certainly will get a lot of laughs. Patrick Gray takes a lighthearted look at information security news and features. He does a particularly great job of breaking down complex subjects, making them accessible for anyone.

Every Thursday night at 6 p.m. EST, Paul’s Security Weekly brings listeners (and viewers, as it’s available as a live stream) the latest information security news, research, hacker techniques, vulnerabilities, and technical how-tos. The discussions can get quite technical, but show notes and a tech library complement the viewing experience.

Of course, we’d be remiss if we didn’t include The Cybersecurity Podcast from Passcode. Every episode features key thought leaders in the cybersecurity space, taking a deeper look at things beyond just the headlines. Passcode tackles some of the most pressing issues and newest ideas in the cybersecurity arena, and it’s always a fascinating listen.

In addition to checking out all of these podcasts, we hope you’ll continue to listen to Firewall Chats. If you have a moment, please feel free to subscribe and leave a review for us on iTunes.

Load More Posts