Are You in Danger of Being Doxxed?

Trolling online is one thing, but Doxing is something entirely worse.

Doxing when someone searches for and publishes private or identifying information about a particular individual on the Internet, typically with malicious intent.

Google yourself.  Put your first and last name in parenthesis then put the state.  What do you come up with?

There are hundreds of Databroker companies out there that survive off mining public databases, collecting that data and making it readily available at the touch of a button.  Doxing is becoming a common practice among populist and protesting movements.

Publishing your private information could open up you and your family to unprecedented dangers.

Business Executives, Public Figures, Public Officials are all to often become victim to their private information becoming public. A great deal of this information can be removed, though it isn’t easy. Depending on the state in which you are domiciled, you likely have the right to have your information taken down if requested. However, Databrokers don’t have to make it easy to navigate the process how.

Meridian can help. Meridian can remove your information from commonly searched sites and help to monitor it in the future. Please let us know if you are interested in this service.

For additional information, please contact us at (251) 345-6776 or info@meridian.us.

Minimizing the Impact of a Cyberattack

On May 12, 2017, the U.S. Department of Homeland Security (DHS) acknowledged that the ransomware WannaCry had infected computers of hospitals, companies, and government agencies around the world.  WannaCry restricts users’ access to a computer until a ransom is paid to unlock it.

The 2016 Horizon Scan Report of the Business Continuity Institute, a leading organization that certifies Business Continuity professionals, showed that for the second year running cyberattacks were the number one threat.  Cyberattacks can significantly disrupt an organization by causing loss of data, compromised personal or financial information, and unplanned downtime.

In minimizing the impact of a cyberattack, business continuity planning must address cyber security.

 All critical IT applications, processes, data, and locations that support the organization’s revenue, customer information, trade secrets, and other keys to success must be identified and properly protected.

To help secure your systems from cyber security threat, DHS recommended the following practices:

  • Update your systems to include the latest patches and software updates.
  • Do not click on or download unfamiliar links or files in emails.
  • Back up your data to prevent possible loss, whether you are at a home, work, or school computer.

Meridian.us has highly experienced subject matter experts who can assist your organization with business continuity planning.  Additionally, we have partnered with several leading cyber security service providers that have successfully served a wide range of customers from Fortune 100 and 500 companies to the U.S. Military.

For more information on our business continuity planning and cyber security services, please contact Meridian.us at (251) 345-6776 or info@meridian.us.

Does Your Safety Management System Address Cyber Risks?

At the recent Connecticut Maritime Association’s 2017 Shipping Conference, Coast Guard Rear Admiral Paul Thomas, Assistant Commandant for Prevention Policy, indicated that the U.S. has submitted a paper to International Maritime Organization (IMO) for consideration that makes the case for installation of governance over cyber risks as part of the Safety Management System (SMS) required by the IMO’s ISM Code. “ISM requires that SMS establish safeguards for all risks, and put in place procedures to ensure compliance with all requirements of the convention and domestic regulations. ISM specifically mentions computer systems, which we take to include control systems. Our paper suggests a timeline for port state control officers to verify that SMS do indeed address cyber risks.”

Soon after the Connecticut Maritime Associations Shipping Conference, the U.S. Coast Guard released its Port State Control 2106 Annual Report. Detainable deficiencies are ranked as follows:

It is interesting to note that International Safety Management (ISM) Code has risen from 10th in 1998, when it became mandatory for companies operating certain types of ships, to 2nd in 2016.  In his February 2017 interview with Marine News, Admiral Thomas indicated that the Agency is working hard to update ISM requirements in both regulation and guidance.

To mitigate the risk of critical cyber systems, new Coast Guard ISM requirements may include the following:

  • Designated person responsible for Cyber Risk Management (CRM);
  • Corporate structure to address CRM;
  • Training requirements based on access to cyber systems; and
  • Corporate and shipboard procedures for operations and maintenance of critical cyber systems.

Does your SMS have these components?  How effective is your implementation?

Meridian.us can help your organization improve the effectiveness of your ISM Code compliance and cyber risk management.

For more information please contact Meridian.us at (251) 345-6776 or info@meridian.us.

‘Security Fatigue’ Can Cause Computer Users to Feel Hopeless and Act Recklessly, New Study Suggests

After updating your password for the umpteenth time, have you resorted to using one you know you’ll remember because you’ve used it before? Have you ever given up on an online purchase because you just didn’t feel like creating a new account?

If you have done any of those things, it might be the result of “security fatigue.” It exposes online users to risk and costs businesses money in lost customers.

A new study(link is external) from the National Institute of Standards and Technology (NIST) found that a majority of the typical computer users they interviewed experienced security fatigue that often leads users to risky computing behavior at work and in their personal lives.

 

Read more…