Important information for ICBC customers affected by B.C.’s wildfires

With the province under a state of emergency due to the hundreds of wildfires in progress throughout B.C., ICBC is advising customers to protect their vehicles and important documents and to avoid driving near impacted areas.

For customers on evacuation alert:

  • Pack all essential ID and documents in preparation for an evacuation. These documents include your B.C. driver’s licence, B.C. identification card, B.C. Services Card, passport, original birth certificate, marriage certificate and Canadian citizenship documentation. It’s also a good idea to have a copy of your vehicle registration and Autoplan insurance policy.

  • Customers may purchase a temporary operating permit to move an uninsured vehicle to safety.

  • It’s not possible to purchase comprehensive or specified perils insurance coverage once you have been put on evacuation alert. However, once out of the evacuation zone, comprehensive or specified perils may be purchased for your vehicle.

For customers with claims:

  • Customers with insurance claims related to a fire will be dealt with on a priority basis. To make a claim, you can file online at icbc.com or call ICBC’s Dial-a-Claim at 1-800-910-4222, which is open 24 hours a day, 7 days a week.

ICBC closures:

  • For updated service information, visit ICBC’s locator or call before visiting.

Vehicle coverage:

  • ICBC customers who have purchased a storage policy or comprehensive or specified perils coverage from ICBC, can be rest assured that their vehicles will be covered in the event of damage from a fire.

  • If you and your vehicle are not affected by an evacuation alert or evacuation order, you can purchase ICBC insurance without any fire-related restrictions. Comprehensive or specified perils insurance coverage is recommended.

  • Do not store valuables in your vehicle as these items are not covered by vehicle insurance.

For all other customers:

  • Autoplan brokers outside the evacuated areas remain open for business to support customers through these tough times.

  • ICBC’s customer service contact centre is available to answer questions at 1-800-663-3051.

  • Customers are reminded that if their insurance is about to expire, they can renew their policies up to a month before the expiration date.

Driving tips:

  • Avoid driving near affected regions. Forest fires can spread quickly. If a road is marked closed, do not continue. Back up and use another route.

  • For evacuation alerts and orders, check Emergency Info B.C.’s website. For road conditions, visit at DriveBC.ca

Wildfire situation in British Columbia and surrounding area: IBC is here to help – Safety remains first priority

July 8, 2017 (VANCOUVER) – As British Columbia has declared a state of emergency due to wildfires burning out of control throughout much of the Interior, Insurance Bureau of Canada (IBC) is reaching out with information and advice for those affected.

“Our thoughts are with those whose lives have been disrupted and whose homes have been destroyed. The priority right now is the safety of those affected and their loved ones,” said Aaron Sutherland, Vice-President, Pacific, IBC. “The insurance industry is here to help. Anyone with questions about their home or business insurance can call their insurance representative or IBC’s Consumer Information Centre at 1‑844‑2ask‑IBC.”

What insurance covers

Most home and business insurance policies cover fire damage. If residents have to leave their homes because of a mandatory evacuation order issued by civil authorities, most homeowner’s and tenant’s insurance policies will provide coverage for reasonable additional living expenses for a specified period of time. Your insurance representative is at the ready to clarify the details of your policy.

The claims process

If you have been affected by a wildfire, when safe to do so, take the following steps:

  • Assess and document the damage. Taking photos can be helpful.
  • Call your insurance representative and/or company.
  • List all damaged or destroyed items.
  • If possible, assemble proofs of purchase, photos, receipts and warranties. Take photos of the damage and keep damaged items unless they pose a health hazard.
  • Keep all of the receipts related to cleanup, and if you’ve been ordered to leave your home, keep the receipts for your living expenses.
  • Ask your insurance representative what living expenses you’re entitled to be reimbursed for and for what period of time.

Next steps

  • Once you have reported a loss, you will be assigned a claims adjuster. It may take some time, given the number of people affected by the wildfires, but you will be contacted.
  • The claims adjuster will investigate the circumstances of your loss, examine the documents you provide and explain the process. Take notes during the conversations and don’t be afraid to ask questions.
  • Your insurance company will ask you to complete a Proof of Loss form, to list the property and/or items that have been damaged or destroyed, with the corresponding value or cost of the damage or loss. You must sign and swear that the statements you make in the Proof of Loss form are true. Ask your insurance representative or claims adjuster to clarify anything you are unsure about.

Resources

Anyone with questions should contact their insurance representative or IBC’s Consumer Information Centre at 1-844-2ask-IBC.

For additional information, consumers can also visit www.ibc.ca  or email askibcwest@ibc.ca.

Understanding Cyber Threats, Monitoring Data Leakage & Monitoring Reputational Damage

Article by Aaron Baer

Organizations around the world were recently (and rather rudely) reminded of their data vulnerability when WannaCry unleashed its international ransomware attack that seized data remotely and demanded a ransom for its release. This attack provided an important reminder of the risks associated with data breaches and it forced many organizations to take a cold, hard look at their data protection strategies.

In light of this incident, there has arguably never been a better time for organizations to prioritize monitoring and managing digital risk. A recent report published by Digital Shadows (the “Report“) highlights the need for more sophisticated strategies as organizations’ digital footprints continue to expand at an overwhelming rate. As their digital footprints expand, organizations are exposed to new levels of external risk that are not adequately protected by traditional tactics.

A digital footprint is comprised of information left behind as a result of an organization’s or individual’s online activity – it exists outside the boundaries of internal protection. Employees, suppliers and many others with access to corporate data contribute to an organization’s digital footprint on a daily basis, and they (often unknowingly) expose sensitive information in the process.

While most information in the digital footprint is benign, there is a significant portion that is not. Threat actors focus on a subset called the ‘digital shadow,’ which includes exposed personal, corporate or technical information. Usually this information is highly confidential, sensitive or proprietary. Information left exposed in the digital shadow can be embarrassing for a company and can be leveraged by attackers looking to exploit, launch ransomware or other cyberattacks.

At the same time, organizations should be mindful that cyber-attackers are leaving their own digital footprints and digital shadows behind. The Report suggests that the most effective external digital risk management strategies involve monitoring this activity in order to gain insight and plan defensive strategies.

At a basic level, the Report suggests that external digital risk management requires identifying, assessing and taking steps to mitigate risk exposed by the digital footprint. More importantly, however, external digital risk management should involve: 1) understanding cyber threats, 2) monitoring data leakage, and 3) monitoring reputational risks.

Understanding Cyber Threats

According to the Report, tailored threat intelligence capability is the key to understanding cyber threats. Such intelligence should be premised on four main areas:

  1. Indications and warnings;
  2. Actor profiles;
  3. Campaign profiles; and
  4. Emerging tools.

In order to leverage threat intelligence, organizations should adapt their approach to their particular business. Further, they should focus on who the threat actors are, what they are planning, what tools they are using, and what tools may be developed in the future. Simply receiving generic information is not enough. Involving human analysts in the process, it is suggested, will help weed out irrelevant information and ultimately deliver capable and tailored intelligence.

Monitor Data Leakage

Organizations should be vigilant about monitoring data leakage, since attackers can use leaked data to their advantage. The Report suggests focusing on sensitive code, private encryption keys, employee credentials, confidential documents, intellectual property, and social media over-sharing. These areas of data leakage leave organizations particularly vulnerable, not only to attackers who seek to leverage this information in targeted cyber-attacks, but also to competitors and corporate espionage. Knowing the type of information leaked can provide insight into how the information might be used against you in the future.

Knowing when, where and how this information has been leaked is critical to implementing effective mitigation tactics. For example, if employees are leaking sensitive confidential information through the use of personal email or social media, organizations should be aware of this so that they can implement training and disciplinary procedures to counteract the behaviour.

Monitor Reputational Damage

Finally, the Report suggests that monitoring for reputational damage is a key component of effective external digital risk management. Organizations should be aware of ways by which their goodwill and branding are being leveraged online. According to the Report, the top five risk areas include:

  1. Phishing;
  2. Domain infringement;
  3. Spoofed profiles;
  4. Brand defamation; and
  5. Mobile application issues.

Being able to monitor and detect these activities can not only mitigate reputational damage, but also the negative impact on employees and customers.

In the context of cybersecurity, risk is a well-developed concept. The Report suggests that all risk management strategies should take into account external digital risks. As organizations continue to expand their global online presence and digital footprint, risk mitigation strategies must continue to evolve at the same pace.

As set out in another article recently published on The Spotlight, there are many ways to ensure your organization’s data is adequately protected in order to prevent costly data breaches. Organizations need to recognize the true scale of the cyberattacks they face, adapt to the changing landscape, and incorporate these best practices to protect their bottom line from the costs of data breaches.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Source: Mondaq

Know the Odds: The Cost of a Data Breach in 2017

Source: Security Intelligence: Larry Ponemon & Wendi Whitmore

We’ve all heard that when it comes to experiencing a data breach, the question is not if it will happen, but when. You may be wondering about the actual odds of it happening to your organization.

Think about it this way: The chances of being struck by lightning this year are 1 in 960,000. When it comes to experiencing a data breach, according to the Ponemon Institute’s “2017 Cost of Data Breach Study: Global Overview,” the odds are as high as 1 in 4. Therefore, organizations must understand the probability of being attacked, how it affects them and, even more importantly, which factors can reduce or increase the impact and cost of a data breach.

Rapid Response Drives Down the Cost of a Data Breach

Sponsored by IBM Security and independently conducted by the Ponemon Institute, the 12th annual “Cost of Data Breach Study” is out. The findings revealed that the average total cost of a data breach is $3.62 million in 2017, a decrease of 10 percent over last year. Additionally, the global average cost per record for this year’s report is $141, which represents a decrease of 11.4 percent over last year.

Despite the reduction in cost, the average size of a data breach increased by 1.8 percent to 24,089 records. The influencers that impact the cost of a data breach are driven by the country and the IT initiatives underway.

The good news is that organizations can take measures to minimize cost and impact. The 2017 “Cost of Data Breach Study” found that having access to an internal or outsourced incident response team has been the top cost-reducing factor for three years running. An incident response team typically accelerates the time frame in which security events can be contained, which is a significant factor in reducing the overall cost of a breach.

The IBM X-Force Incident Response and Intelligence Services (IRIS) team specializes in providing incident response planning, program development, remediation and threat intelligence to clients in over 133 countries. The team has experience responding to and helping to contain many of the largest data breaches in the world.

Five Steps to Accelerate Your Incident Response

Listed below are five additional tips to help accelerate your organization’s response to a breach.

  1. Speed to respond is critical. The more quickly you can identify what’s happened, what the attacker has access to, and how to contain and remove that access, the more successful you will be.
  2. Set up retainers in advance. In the event of a breach, an experienced team of incident response experts can help you quickly identify and contain the attack, and minimize costly delays.
  3. Access the data needed to answer investigative questions. Be prepared to provide responders with logs and tools to help them understand what happened. For example, what did the attackers access and what did they copy or remove from your environment?
  4. Mitigate the attacker’s access quickly. Plan with the IT staff in advance to understand how to be effective and efficient in a crisis. Consider the following:
    1. How to execute an enterprisewide password reset quickly;
    2. How to reset your service accounts; and
    3. How many of your service accounts have domain administrator credentials.
  1. Establish an internal communications plan. If you have to shut down parts of your environment or reset thousands of users’ passwords, your employees will have a lot of questions. This speculation can have critical ramifications, so it’s important to document a plan to ensure that your employees understand what they can and cannot share publicly.

TSB recommends improved passenger vessel safety measures following investigation into the fatal 2015 Leviathan II capsizing off Vancouver Island, British Columbia

Source: Transportation Safety Board of Canada

On June 14, 2017 the Transportation Safety Board of Canada (TSB) is issuing three recommendations to improve passenger vessel safety resulting from its investigation (M15P0347) into the fatal October 2015 capsizing of the passenger vessel Leviathan II in Clayoquot Sound, British Columbia.

“It’s time for Transport Canada to work with whale-watching companies and other passenger vessel operators to ensure the experience they offer is not just thrilling, but as safe as it can be,” said Kathy Fox, Chair of the TSB. “When people find themselves in cold water, every second counts. Our recommendations today are aimed at putting in place measures to avoid accidents in the first place, and to expedite rescue efforts if an accident occurs.”

On 25 October 2015, the Leviathan II was on a whale-watching excursion in the Plover Reefs area near Tofino, British Columbia, with 27 people on board. As the vessel was about to leave the area, a large breaking wave approached and impacted the vessel on the starboard quarter. The vessel broached and rapidly capsized, throwing all 24 passengers and 3 crew into the cold seawater without flotation aids. The subsequent rescue operation recovered 21 survivors. Six passengers died.

The investigation determined that the sea conditions in the area were favourable to the formation of breaking waves. However, none had been seen when the vessel first approached the area to observe sea lions. Moments after the master became aware of the large wave approaching the starboard quarter, he tried to turn the vessel to minimize the impact, but the wave struck the vessel before these actions could be effective. The crew did not have time to transmit a distress call before the capsizing, nor did the vessel have a means to automatically send a distress call. It was only by chance that the crew retrieved and activated a parachute flare, alerting nearby Ahousaht First Nation fishermen who arrived on the scene first, alerted search-and-rescue (SAR) authorities, and began recovering survivors from the water.

The Board’s first recommendation is that Transport Canada (TC) require commercial passenger vessel operators on the west coast of Vancouver Island to identify those areas and conditions conducive to the formation of hazardous waves, and adopt practical strategies to reduce the likelihood of an encounter (M17-01). The Board is also recommending that TC require passenger

vessel operators across Canada to adopt explicit risk-management processes that identify hazards and then implement proactive strategies to reduce these risks. These risk management processes should also be accompanied by comprehensive guidelines so that vessel operators and TC inspectors can implement and oversee them effectively (M17-02).

The TSB’s third recommendation is aimed at reducing response time in the event of an accident. It took 45 minutes after the capsizing before SAR authorities became aware of the capsizing. The TSB wants TC to require all commercial passenger vessels operating beyond sheltered waters to carry emergency position-indicating radio beacons (EPIRBs) or other similar equipment. These are designed to float free in the event of a capsizing or sinking and automatically transmit a continuous distress signal to SAR authorities (M17-03).

ACL Survey Finds Government Agencies Underperform on Fraud Detection & Reporting

Source: PRNewswire

Less than one third in public sector say the majority of fraud is ever detected

Government agencies performed significantly worse than the business sector on fraud detection and mitigation, according to a new survey. Less than one third of government respondents said the majority of fraud is detected and less than half said fraud that is detected ever gets reported, compared to 42 percent and 60 percent of respondents from the commercial sector, respectively.

The 2017 Fraud Survey from ACL, a risk management software provider helping governments and companies around the world stamp out fraud, polled more than 500 audit, compliance and risk management professionals on anti-fraud practices.

“Fraud in government agencies is estimated to cost taxpayers more than $136 billion each year1, and that’s just from improper payments,” commented Dan Zitting, chief product officer at ACL. “While both the public and private sector need to enhance their anti-fraud practices, the relative underperformance by government agencies should be a major concern of elected officials and their constituents.”

The survey also found that less than 30 percent of anti-fraud recommendations are fully acted upon by government agencies, compared to about 40 percent in the business sector. Both government and business respondents said the primary reasons for the failure to take action is lack of time/resources or approvals. However, this leading reason fraud is allowed to go unchecked was reported by less than a quarter of respondents (21 percent) in corporate firms, compared to nearly 40 percent of public sector professionals.

“Having worked with a number of government agencies to help them stop fraud, we were surprised by the differences in fraud management found between government and business,” said Scott Robinson, director, public sector, ACL. “It is clear that the public sector remains highly susceptible to fraud, and that many agencies are neglecting to take the necessary action to fulfill the public’s trust.”

Page 1 of 10112345...102030...Last »

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from ILSTV

You have Successfully Subscribed!

Pin It on Pinterest