FBI Article: Ransomware

ransom

We receive a lot of positive feedback when we run articles from the FBI’s cyber crime division. We’re pleased the Bureau has encouraged us to share their articles on this topic, so we want to share a recent post from their website about ransomware. Ransomware refers to a malware that restricts access to the infected computer/network and demands that the operators pay some sort of ransom to regain control of their network. We hope this article is helpful to you. Please let us know if you have information or ideas on this topic that our readers may want to hear.

You can find this article, as well as many other articles you may find valuable to keep your business and staff secure against cybercrime, at this web address: https://www.fbi.gov/investigate/cyberscreen-shot-2016-09-13-at-11-07-51-am

For more information about fraud protection tools and product features provided by Grandpoint Bank, please visit our website.

Ransomware 

Hospitals, school districts, state and local governments, law enforcement agencies, small businesses, large businesses—these are just some of the entities impacted by ransomware, an insidious type of malware that encrypts, or locks, valuable digital files and demands a ransom to release them.

The inability to access the important data these kinds of organizations keep can be catastrophic in terms of the loss of sensitive or proprietary information, the disruption to regular operations, financial losses incurred to restore systems and files, and the potential harm to an organization’s reputation. Home computers are just as susceptible to ransomware and the loss of access to personal and often irreplaceable items— including family photos, videos, and other data—can be devastating for individuals as well.

In a ransomware attack, victims—upon seeing an e-mail addressed to them—will open it and may click on an attachment that appears legitimate, like an invoice or an electronic fax, but which actually contains the malicious ransomware code. Or the e-mail might contain a legitimate-looking URL, but when a victim clicks on it, they are directed to a website that infects their computer with malicious software.

One the infection is present, the malware begins encrypting files and folders on local drives, any attached drives, backup drives, and potentially other computers on the same network that the victim computer is attached to. Users and organizations are generally not aware they have been infected until they can no longer access their data or until they begin to see computer messages advising them of the attack and demands for a ransom payment in exchange for a decryption key. These messages include instructions on how to pay the ransom, usually with bitcoins because of the anonymity this virtual currency provides.

Ransomware attacks are not only proliferating, they’re becoming more sophisticated. Several years ago, ransomware was normally delivered through spam e-mails, but because e-mail systems got better at filtering out spam, cyber criminals turned to spear phishing e-mails targeting specific individuals. And in newer instances of ransomware, some cyber criminals aren’t using e-mails at all—they can bypass the need for an individual to click on a link by seeding legitimate websites with malicious code, taking advantage of unpatched software on end-user computers.

The FBI doesn’t support paying a ransom in response to a ransomware attack. Paying a ransom doesn’t guarantee an organization that it will get its data back—there have been cases where organizations never got a decryption key after having paid the ransom. Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.

So what does the FBI recommend? As ransomware techniques and malware continue to evolve—and because it’s difficult to detect a ransomware compromise before it’s too late—organizations in particular should focus on two main areas:

  • Prevention efforts—both in both in terms of awareness training for employees and robust technical prevention controls; and
  • The creation of a solid business continuity plan in the event of a ransomware attack.

Tips for Dealing with Ransomware. While the below tips are primarily aimed at organizations and their employees, some are also applicable to individual users.

  • Make sure employees are aware of ransomware and of their critical roles in protecting the organization’s data.
  • Patch operating system, software, and firmware on digital devices (which may be made easier through a centralized patch management system).
  • Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans.
  • Manage the use of privileged accounts—no users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.
  • Configure access controls, including file, directory, and network share permissions appropriately. If users only need read specific information, they don’t need write-access to those files or directories.
  • Disable macro scripts from office files transmitted over e-mail.
  • Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations (e.g., temporary folders supporting popular Internet browsers, compression/decompression programs).
  • Back up data regularly and verify the integrity of those backups regularly.
  • Secure your backups. Make sure they aren’t connected to the computers and networks they are backing up.

screen-shot-2016-09-13-at-11-07-51-am Linking to Non-Grandpoint Bank Websites
This icon appears next to every link that directs to a third party website not affiliated with Grandpoint Bank. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Grandpoint Bank. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Grandpoint Bank assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

We’re Working with You to Battle Cyber Crime

13709838_10154347665171477_7420849453516520435_n

Since 2013, cyber criminals have attacked over 22,000 businesses via business email scams with losses totaling over $3.1 billion. Businesses of any size are vulnerable. In the L.A. area, losses due to business email compromise alone total $14.6 million per month. Experts estimate that 80% of cyber attacks are avoidable through basic cyber hygiene.  By implementing a variety of safety and prevention measures, you can significantly reduce the chances of your business suffering losses due to cyber crime.

To help businesses understand the risks and the ways they can help protect themselves from this growing threat, we recently hosted a series of cyber security seminars in Los Angeles and Orange County. We want to share a few of the key takeaways from our panel of experts in law enforcement, information security and insurance. Here’s what we learned from Howard Miller, CRM, CIC, of L/B/W Insurance and Financial Services, Kimberly Pease, CISSP, of Citadel Information Group, Michael Sohn of the FBI’s Los Angeles Cyber Crime Outreach and Stan Stahl of Secure The Village.

  • Employee training throughout your organization is critical. Make sure you have clear policies about cyber security and that they are clearly communicated to your staff, contractors and anyone else who has the ability to expose your company to risk. Educate all of your employees about the risks of clicking on links in emails and sharing business information via phone or email with people they don’t know or trust.
  • Limit access to software to employees who really need it and make sure that each employee has their own log-in (don’t have employees share log-ins) so you can track activity back to a specific person.
  • Keep software updated regularly. Cyber thieves exploit vulnerabilities in older versions of software.
  • Use two-factor authentication to access your internet email and other sensitive applications such as online banking. Two-factor authentication requires you to use a one-time password in addition to your regular password, making it more difficult for hackers to hack.
  • Make sure your back-up files are capturing all of your critical data and that your employees are following your prescribed protocol for backing up their files. Also make sure you are backing up your files in a different physical location so you can use them in the event of a natural disaster.
  • Look at your third party vendor contracts to understand what cyber risk you might assume through your relationship with that vendor, particularly with cloud providers who typically accept little, if any, liability associated with cyber crime.
  • Take information security as seriously as operations and finance.
  • Create a VPN (virtual private network) to secure communications to your business network that are initiated by authorized employees using devices outside of your network.
  • Secure your wi-fi with a password and encryption.
  • Use different passwords for different sites and make them long and complex.
  • Check any existing cyber security insurance you may have to look for gaps or exclusions in the coverage. Business interruption is typically limited to physical causes so most insurance won’t cover business interruption due to a cyber attack.
  • Before your business is targeted by cyber criminals, establish a relationship with your local FBI office. They’re the lead federal agency for investigating these kinds of attacks.

For banking (online as well as offline), the following recommendations were made:

  • Use dual control for all ACH and wire transfers. Dual control means that another person or account has to authorize a transfer in addition to the person who initiates it.
  • Never trust wire instructions or other funds transfer instructions sent via email. Always call the person or company to verify the instructions.
  • Set up alerts that automatically notify you about log-ins, password changes, transfers, etc. This way if an unauthorized change is made, you know and can respond quickly.
  • Use Trusteer Rapport software (available free) to provide a secure web channel between your computer and the bank’s online banking site.
  • Use our ACH Fraud Protection Service, which enables business clients to review ACH transactions before they are complete and to choose to pay or return each item.
  • Use ACH blocks or restrictions, if you know you won’t be using these electronic payments, or if you want to limit ACH withdrawals to only specific vendors.

To address the risks of funds transfer fraud and cyber deception, our bank has also introduced a new way for our business banking clients to protect themselves through a first-of-its-kind cyber insurance group policy. The policy provides gap insurance, since most cyber crime insurance policies don’t cover losses for money sent out of a business banking account “voluntarily;” that is, when someone in your firm is tricked into sending funds to a cyber criminal posing as a trusted colleague or vendor. For more information on this policy, please visit grandpointinsurance.com.

Insurance Products are:
Screen Shot 2016-06-23 at 9.12.21 AM
Insurance Products are offered through Grandpoint Insurance Services, Inc., a non-bank insurance agency affiliate of Grandpoint Bank, and facilitated through LBW Insurance & Financial Services, Inc., an unaffiliated insurance agency.

fbtwitterLinkedIngp

CIO John Coleman Recognized by Los Angeles Business Journal

screen-shot-2016-09-16-at-11-21-45-amEarlier this summer, Grandpoint SVP & Chief Information Officer John Coleman was honored as one of a select group of nominees for the Los Angeles Business Journal’s Chief Technology Officer Awards at a dinner in Santa Monica. The nominees were also featured in the Business Journal.

John, who has managed the Bank’s information systems and technology since 2012, was praised for his technical knowledge as well as his ability to foresee emerging trends, balance risk with growth objectives, and communicate effectively with the Bank’s leadership.

“Not only has John done a great job helping us keep pace with new technologies, he’s also played a key role in addressing the evolving risks of cyber crime,” said Loraine White, EVP and Chief Administrative Officer at Grandpoint Bank. “His involvement in numerous IT and cyber security working groups and public-private collaborations has kept us on the forefront of these developing threats and built partnerships that have been very beneficial to our bank and our clients.”

His knowledge and expertise in this area have been especially valuable as the Bank has sought out new ways to help business clients thwart the risk of cyber crime. In June, the Bank announced the availability of a new Client Cyber Crime Insurance policy, offered exclusively to its business clients through Grandpoint Insurance Services, Inc., a non-bank insurance agency affiliate of Grandpoint Bank. The policy helps protect clients against monetary losses to their Grandpoint business accounts as a result of cyber deception and wire transfer fraud.

Given his wealth of knowledge about cyber security, we asked John to share some of his top tips:

  • Understand the basics of information security and apply them
  • Practice password management, which involves using complex passwords that are changed regularly
  • Make sure to keep computers up-to-date with antivirus software and patches
  • Use common sense
  • Once a business starts employing 10 or 20 people, appoint someone to be responsible for the management of the computer and security systems. Policies and procedures should be in place and known to all.
  • Backup information! Many businesses overlook this. Backed up information should be stored somewhere offsite and offline. It should be difficult to get into the backup copies.

John also recommends these sites as good sources of information about cybersecurity threats and best practices:

Additionally, the Department of Homeland Security has designated October as National Cyber Security Awareness month and provided some helpful resources here.

John is very active in the business and civic community on the topic of cyber crime. Through his involvement with ISSA (Information Systems Security Association), John not only spoke at one of its events, he also formed relationships with financial and security professionals, including those from the FBI, Los Angeles County District Attorney’s High Tech Crime Department and the Secret Service’s electronic crimes taskforce. The FBI subsequently reached out to John and Grandpoint Bank to help them host a nationwide gathering of their field office representatives at the Grandpoint offices to talk about cyber crime. (John was the only non-government participant invited to attend that day.) The two-day event also included a session for tech companies, financial institutions and other law enforcement regarding the hot topic of business email compromise.

John has also been active with the California Bankers Association’s annual Risk, Cybersecurity and Technology conference by serving on the planning committee, helping to arrange speakers, providing opening remarks for the conference and moderating the Incident Response panel discussion. He also serves on the advisory board and on the executive council of Secure the Village, a nonprofit organization dedicated to cyber security education and awareness for small and mid-sized businesses as well as nonprofits. He has also served as a speaker for one of Secure the Village’s roundtable events.

Well-deserved congratulations on your nomination for top Chief Technology Officer, John! You’re certainly ours!

For more information on the Client Cyber Crime Insurance, visit www.grandpointinsurance.com (California Insurance License #0K82434).

Insurance Products are:
Screen Shot 2016-06-23 at 9.12.21 AM
Insurance Products are offered through Grandpoint Insurance Services, Inc., a non-bank insurance agency affiliate of Grandpoint Bank, and facilitated through LBW Insurance & Financial Services, Inc., an unaffiliated insurance agency.


↗ Linking to Non-Grandpoint Bank Websites
This icon appears next to every link that directs to a third party website not affiliated with Grandpoint Bank. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Grandpoint Bank. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Grandpoint Bank assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

Meet one of our crown jewels: Jewel Marshall

marshall_jewelThis year, we’re spotlighting employees who have been with our bank for 20 years or more. Each one has played an important role in our company’s success, and we would like to honor them by telling you a little more about them and how they have helped not only our company but the countless companies we’re proud to call clients.

Our spotlight is currently shining on Jewel Marshall who just celebrated her 23rd year with Grandpoint Bank and its predecessor banks!

Jewel started as a temp, processing wholesale and retail loans. After she impressed her managers, she was hired on full time. Over the years, she worked her way up to Assistant Vice President and Client Service Officer.

“I really enjoy banking,” she says. “It’s not at all monotonous, because you get involved with the banking side, the operations and many types of client interaction.”

Jewel credits her coworkers and the Grandpoint clients for motivating her to work with the same team for so long. “They really made me want to stay here and do the best job I can do,” she said.

She’s seen many banking newbies come through the door over her 23 years, and she says her best advice to them is you have to earn anything you do, no matter where you are. Don’t just “plug-and-chug,” she says, but take ownership and make it yours.

She found her own success by taking pride in what she does and not only wanting to be successful herself, but wanting it for the bank as well.

Jewel espouses the same philosophy when it comes to her customers’ success.  She also makes a point of knowing them personally.

“We know all our customers and call them by their first names,” she said. “In many cases, I’ve seen their children grow and get married and start their own families.”

Jewel’s affinity for having a schedule and being part of a team means that she’s not considering retiring anytime soon. When that day eventually comes, she says that what she’ll miss most are the long-term friendships she’s created with coworkers and clients over the years.

When asked about her favorite work memories, Jewel says those are office celebrations where she gets to interact with people from departments throughout the bank for birthday parties, anniversaries and even baby showers. She also has fond memories of customer receptions where she’s had a chance to connect and reconnect with many of the people she’s helped over the years.

A self-described “people person” with a welcoming personality, Jewel’s mother used to describe her “as someone who would talk to a wall if she thought it would talk back to her.”

Outside of work, Jewel is likely to spend her time drawing, painting, jigsaw puzzling or traveling. “I’m such a content person that I even sometimes travel alone,” she said.

Knowing Jewel’s warm personality and friendly nature, we have a feeling that she finds new friends wherever she goes. Congratulations to 23 years with our bank, Jewell, and we look forward to many more.

fbtwitterLinkedIngp

Twelfth Consecutive 5-Star “Superior” Rating for Grandpoint Bank and its Divisions

5-star-logo-MAR-2016Grandpoint Bank and its divisions, Bank of Tucson, Regents Bank and The Biltmore Bank of Arizona, received a twelfth consecutive quarterly 5-Star “superior” rating from independent rating and research firm BauerFinancial,↗ which is regarded as “the nation’s bank rating service.”

The five-star rating, which was based on March 31, 2016 financial data filed with the government, goes only to banks that are considered the strongest in the nation, as assessed for strength, stability and soundness.

According to BauerFinancial, to earn five stars, institutions are required to maintain a tangible capital ratio of at least four percent, a tier 1 risk-based capital ratio of at least four percent and a total risk-based capital ratio of at least eight percent. Other criteria evaluated include: profitability/loss trend, evaluating the level of delinquent loans and repossessed assets, the market versus book value of the investment portfolio, regulatory supervisory agreements, the community reinvestment rating (CRA) and liquidity.

Banks cannot pay to be rated nor opt out of being rated by BauerFinancial. Four- and five-star banks appear on BauerFinancial’s Recommended Report.


↗ Linking to Non-Grandpoint Bank Websites
This icon appears next to every link that directs to a third party website not affiliated with Grandpoint Bank. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Grandpoint Bank. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Grandpoint Bank assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

Accomplished LA Banker Ryan Parry Likes Our Team’s Longevity!

GPB Parry headshotRyan Parry has joined Grandpoint Bank as Senior Vice President & Senior Relationship Manager in our Farmers Market office, located on Fairfax Avenue.

Ryan has more than 10 years of banking experience in Southern California. Recently he served as Vice President at First Citizens Bank in Encino. He earned his degree in marketing with honors from University of Glamorgan in Dublin, Ireland.

“Part of what attracted me to Grandpoint Bank was the breadth and scope of the lending I could offer to my clients, but what really stood out was the length of time so many of the Grandpoint staff have worked together,” Ryan said. “That was an indicator for me that people like working here.”

Ryan will be responsible for building and expanding client relationships as well as promoting the bank’s visibility within the community.  He will be providing a broad range of commercial banking services, including facilitating owner-occupied, investor, construction and equipment loans.

“Ryan is the caliber of banker we look for at Grandpoint,” said Jocelyn Pastore, Executive Vice President and Los Angeles Region Manager. “He has honed a broad range of skills in many sectors of banking and truly understands the concerns of our clients.”

Ryan resides in Granada hills with his wife and two (soon-to-be three) children. When he’s not busy helping our clients, he enjoys working in his vegetable garden and traveling, though as any parent could guess, he and his wife prefer shorter trips right now. For the time being, he says, trips back to his homeland of Ireland will have to be relatively infrequent.

fbtwitterLinkedIngp

Happy Independence Day

4th of july banner

In observance of our nation’s birthday, we wish everyone a happy 4th of July.

In honor of the holiday, we’d like to share some history about the American flag with you from usa-flag-site.org↗:

On January 1, 1776, the Continental Army was reorganized in accordance with a Congressional resolution which placed American forces under George Washington’s control. On that New Year’s Day the Continental Army was laying siege to Boston which had been taken over by the British Army. Washington ordered the Grand Union flag hoisted above his base at Prospect Hill. It had 13 alternate red and white stripes and the British Union Jack in the upper left-hand corner (the canton).

In May of 1776, Betsy Ross reported that she sewed the first American flag.

On June 14, 1777, in order to establish an official flag for the new nation, the Continental Congress passed the first Flag Act: “Resolved, That the flag of the United States be made of thirteen stripes, alternate red and white; that the union be thirteen stars, white in a blue field, representing a new Constellation.”

Between 1777 and 1960, Congress passed several acts that changed the shape, design and arrangement of the flag and allowed for additional stars and stripes to be added to reflect the admission of each new state.

  • Act of January 13, 1794 – provided for 15 stripes and 15 stars after May 1795.
  • Act of April 4, 1818 – provided for 13 stripes and one star for each state, to be added to the flag on the 4th of July following the admission of each new state, signed by President Monroe.
  • Executive Order of President Taft dated June 24, 1912 – established proportions of the flag and provided for arrangement of the stars in six horizontal rows of eight each, a single point of each star to be upward.
  • Executive Order of President Eisenhower dated January 3, 1959 – provided for the arrangement of the stars in seven rows of seven stars each, staggered horizontally and vertically.
  • Executive Order of President Eisenhower dated August 21, 1959 – provided for the arrangement of the stars in nine rows of stars staggered horizontally and eleven rows of stars staggered vertically.

Today the flag consists of thirteen horizontal stripes, seven red alternating with 6 white. The stripes represent the original 13 colonies, the stars represent the 50 states of the Union. The colors of the flag are symbolic as well: Red symbolizes Hardiness and Valor, White symbolizes Purity and Innocence and Blue represents Vigilance, Perseverance and Justice.


↗ Linking to Non-Grandpoint Bank Websites
This icon appears next to every link that directs to a third party website not affiliated with Grandpoint Bank. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Grandpoint Bank. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Grandpoint Bank assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

Grandpoint Bank Teams Up with Junior Achievement for JA Finance Park

Grandpoint Bank_FP Group_05192016

If you’re a Grandpoint client, you probably already know that we really enjoy providing advice and resources to help our clients’ businesses succeed. On May 19, a handful of Grandpoint professionals had the chance to spend nearly the entire day doing just that…only our “clients” were a lot younger than usual.

We worked with some of the 120 high school juniors and seniors of Lennox Academy↗ who were attending Junior Achievement of Southern California’s↗ JA Finance Park as they assumed the role of “adult for the day.” Through the Finance Park program, students are challenged to learn about and navigate the world of personal finance with some help from adult mentor volunteers.  Each mentor works with a small group of students after receiving training from Junior Achievement staff immediately before the Finance Park event.

The simulation exercise teaches the students about financial concepts like banking, budgets, careers, credit, debt, interest rates, income, investments, taxes and more. Our Grandpoint Bank team members were each paired up with about four students, and we helped them allocate the budgets they were given. The students’ challenge was to secure the goods and services they needed to support their fictional profiles. The students’ assigned personas include details about their fictional career, family situation, salary, credit score, debt, and financial obligations. With assistance from their mentors, they then use and manage their finances accordingly.

Grandpoint Bank_FP Candid 5_05192016In preparation for the simulation event, the students had taken part in a 14-lesson classroom curriculum, taught by their teacher. They had preparation courses focused on four categories: income; savings, investing and risk management; debit and credit; and budget.

The simulation takes place in a mini city, complete with branded stores and kiosks, donated by real-world companies.

Stretching their budgets was the biggest challenge for the kids we worked with, and it was a very eye-opening experience when they realized that it could be tough to live within their assigned means. They had to scale back their choice of housing, cars and incidentals. Realizing the costs and variety of utilities they needed to cover was another shock for them.

“We saw that this exercise really helps the students realize what their parents go through,” said Darlene Esquerra, one of our senior vice presidents and institutional banking manager. “You see the lights go off in their heads when they understand what it means to have to buy things for everyone in the family.”

Under the rules of Finance Park, the kids have to address each category of finance. “During the savings component, the kids learned to save some from each pay check, but they had to balance that with essentials like purchasing insurance for themselves and their family,” Darlene added.

Everyone at Grandpoint and its division banks have enjoyed the Junior Achievement experience so much, that we now participate with Junior Achievement in each of the markets where we operate banks, including Los Angeles, Orange County, San Diego, Phoenix, Tucson and Vancouver, Washington.

“We feel like this is a great investment in our communities and in the next generation,” said Darlene. “We’re also talking to Junior Achievement about expanding our partnership in the coming years.”

To learn more about how you can get involved with Junior Achievement, contact their Southern California office or their local office in your market.


↗ Linking to Non-Grandpoint Bank Websites
This icon appears next to every link that directs to a third party website not affiliated with Grandpoint Bank. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Grandpoint Bank. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Grandpoint Bank assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

Grandpoint Bank Makes First-of-its-Kind Cyber Crime Insurance Available!

cyber-security1-596x245

Grandpoint Bank has introduced a new way for its business banking clients to protect themselves from financial losses due to funds transfer fraud and cyber deception through a first-of-its-kind cyber insurance group policy.

We’ve created Grandpoint Insurance Services, Inc., a non-bank insurance agency affiliate, to develop the Client Cyber Crime Insurance product. The policy, offered to customers of Grandpoint Bank and its divisions, offers cyber crime loss coverage that is specifically geared to monetary losses. It was created as an affordable and easy alternative to individually underwritten, higher-priced commercial crime insurance policies.

The majority of businesses don’t realize that they have significantly more exposure for losses due to fraud than individual account holders, who are afforded certain regulatory protections. Businesses are often tricked into approving fraudulent transfers, notwithstanding internal controls to identify and prevent this kind of risk.  According to the FBI, since 2013, over 17,000 businesses have lost an aggregate of more than $2.3 billion to one type of cyber crime alone, known as the business email scam.

Even as monetary losses due to cyber crime have skyrocketed in recent years, many traditional commercial crime policies specifically exclude losses arising from cyber deception.

“We are excited to make this new coverage available to our business clients,” said Petra Griffith, Director of Product Development for Grandpoint Bank. “The policy focuses on the kinds of coverage that directly address the key fraud risks that businesses face – losses to their bank accounts through cyber crime.  Cyber crime is a major concern for businesses, especially since they are typically liable if cyber criminals steal funds from their business accounts. They often don’t have the appropriate insurance in place and are finding it more difficult to protect themselves in this ever evolving, increasingly sophisticated cyber crime environment.”

The Client Cyber Crime Insurance policy is available exclusively to business clients of Grandpoint and its divisions, Bank of Tucson, Regents Bank and The Biltmore Bank of Arizona, through Grandpoint Insurance Services, in partnership with LBW Insurance & Financial Services, Inc.  The policy is underwritten by Hiscox Inc., on behalf of Underwriters at Lloyd’s, London, which is rated A by A.M. Best. Insurance products are not a deposit, not FDIC insured, not federal government agency insured, not bank guaranteed.

The Client Cyber Crime Insurance group policy coverage helps reimburse funds in business deposit accounts lost due to funds transfer fraud and cyber deception and is offered at premiums that represent substantial savings from individual policies currently available on the market. Any business that has a deposit account at Grandpoint Bank or its divisions is automatically eligible to enroll in the policy and select from a range of coverages with premiums that start at $30 per month.

“Educating and alerting our clients, and the broader business community, about established and emerging cyber crime trends is a commitment we’re passionate about,” said Griffith. “We’ve been working for over a year to create a more powerful solution to help clients protect their financial assets against attacks by cyber criminals.”

For more information on the Client Cyber Crime Insurance, visit www.grandpointinsurance.com (California Insurance License #0K82434).

_____________________________________________________________________________________________________________

Insurance Products are:
Screen Shot 2016-06-23 at 9.12.21 AM
Insurance Products are offered through Grandpoint Insurance Services, Inc., a non-bank insurance agency affiliate of Grandpoint Bank, and facilitated through LBW Insurance & Financial Services, Inc., an unaffiliated insurance agency.

fbtwitterLinkedIngp

Cyber security alert … There are only two kinds, which one are you?

cybersecurity-banner

Thank you to article author Linda Drake of Trailblazer Advisors and to Inside Tucson Business for allowing us to republish this article on our blog.

A common meme in the imploding industry of information security is the assertion that there are only two kinds of companies:

Those that have been hacked and those who don’t know they’ve been hacked!

Which one are you?

There are some stunning statistics* that every small and medium-sized business should know that require your attention and action for your protection.

No business or organization can prevent data breaches. A single credit card data breach can cost your business $217 per incident

According to experts, the cost of a company-wide data breach costs a minimum of $10,000

92 percent of companies experiencing a breach did not know it (they were notified by a 3rd party)

75 percent of breaches occur in businesses with less than 100 employees.

Only 25 percent of breaches are IT or hacker-related; this means 75 percent of breach events are related to current/former employees, customers, vendors, contractors and organized crime or social engineering.

Yet, 83 percent of SMB’s do not have a formal cybersecurity plan.

Most importantly, 64 percent of companies with 500 or fewer employees go out of business within a year of being hacked!

If the last statement does not compel you to take action, close your business down now!

The age of the ‘Internet of Everything’ is upon us. Companies need to harness this technology as an asset or potentially endure irreparable harm.  According to Gartner Research, companies incur four times the expense to respond to data breach events than the installation of appropriate security technology to prevent it.  Of course, the actual expense of a breach does not include the correspondent frustration, aggravation and untold embarrassment.

As a business owner you may be asking yourself, am I really at risk?  “Indeed, you really are!” retorted Kathy Delaney Winger, Esq., an attorney who practices in the area of cybersecurity.   “All companies must protect ‘Personally Identifiable Information,’ commonly termed (PII).” PII can be defined as any information about an individual maintained by an agency, including (1) any information that can be used to distinguish or trace an individual’s identity, such as name, social security number, date and place of birth, mother’s maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information.”

“The truth is,” stated Kathy, “the definition of information is very broad, as is your obligation to protect it.  For example, even if a business owner hires a third party to perform services that involve the use of PII (such as payroll processors) the business owner may still be at risk if a breach occurs.”

According to Kathy, there are multiple factors that you should consider when thinking about cybersecurity and protecting your business.  “It’s critically important to be aware of the PII that your business is collecting, holding and/or sharing with third parties,” said Kathy.  “Once you’ve made yourself aware of it, you should take steps to protect the information and have a plan as to how you will handle matters (such as complying with your obligation to notify affected parties) in the event of a breach.”  Kathy recommends that business owners work closely with professionals who are knowledgeable in this area, including lawyers and companies that specialize in computer security.  According to Kathy, businesses should also discuss the issue with insurance professionals.  “I recommend that business owners consider purchasing cyber insurance that will protect the company should a breach occur,” said Kathy.  She continued “the statistics cited at the start of this article illustrate that, once a breach occurs, a company’s liability can be extensive.  Thus, business owners are well advised to insure against data breach losses just as they insure against many other kinds of losses.”

According to James Riley, CEO of JNR Networks, the number one technology virus is the user!  Most systems are compromised by users who knowingly or unknowingly create the vulnerability of access to your data.

So what steps should you take to protect your data and your company?

The first, most immediate action is modifying the approach to passwords.  Some IT experts suggest that you should treat passwords like underwear: don’t leave them where people can see them, change them often, do not lend them to others, and make sure they are a good “fit”. Further, the obfuscation of passwords is critical.

“Passwords should not include the obvious,” James suggests.  “Do not use passwords with your kids’ names, spouse, pets or anything that people know about you,” James commented. Passwords should be at least 8 characters that include upper and lower case, numbers and symbols.  The key to a unique and memorable password is the linking and twisting of terms that only have meaning to you.  “Spell words that are jumbled and have no relationship to each other, just to you.”

Beyond the password basics, James added, “All companies need at the very minimum, business grade (BG) antivirus software, BG firewalls, and BG equipment. But, all the best of these tools are nothing without the development of Acceptable Use Policies (AUP) that are established, reinforced and enforced in each company.”

One of our country’s greatest founding fathers had it right—

“By failing to prepare, you are preparing to fail.”

In the 18th century Ben Franklin had no idea that his words would be so applicable in this era coined, “The Third Wave of the Internet,” by AOL’s founder, Steve Case. The SMB bottom-line regarding cybersecurity is a simple message: explore, embrace, manage and, above all, control cyber technology before it controls you.

*Statistics presented by a panel of experts for AZ Tech Council at the recent Tech Junction Conference in Tucson.  Kathy Delaney Winger, Esq. of The Law Offices of Kathy Delaney Winger and James Riley, CEO of JNR Networks were two of the panelists.

Linda Drake is a 25 year, seasoned global entrepreneur, corporate executive, author and Certified Professional & Executive Coach.  As a CEO for CEO’s, Linda founded Trailblazer Advisors to catapult economic growth and leadership skills for business owners and senior management at any stage in the business lifecycle.  She believes that strong business leadership and entrepreneurism are the heart and promise of America. Linda is the President of the International Coaching Federation of Southern Arizona. 

Read the original article here:

http://www.insidetucsonbusiness.com/business_chatter/cyber-security-alert-there-are-only-two-kinds-which-one/article_993e8646-0d61-11e6-a13e-9bf1e63a7270.html↗


↗ Linking to Non-Grandpoint Bank Websites
This icon appears next to every link that directs to a third party website not affiliated with Grandpoint Bank. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Grandpoint Bank. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Grandpoint Bank assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp