Many landscaping tasks require the transportation of equipment and tools between job sites. As such, it’s important to secure these loads before transporting them to prevent safety incidents. After all, failure to properly secure a load could cause the equipment to shift or even fall off of the vehicle and onto the road during transportation. This could result in damaged equipment, hefty traffic fines and severe injury (or even death) to employees, other motorists or pedestrians. Whether you’re transporting landscape equipment just down the street or for an extended distance, be sure to follow this load securement guidance to keep yourself, the equipment being transported and others safe on the road.
Transporting Landscape Equipment:Use the Correct Equipment
First, it’s crucial that you have the correct vehicle, systems and equipment in place to effectively secure a load. This includes:
The right vehicle—Only use a vehicle that is capable of transporting landscaping equipment—such as a cargo van, pickup truck or trailer. If you are unsure whether a company vehicle can be used for transporting loads, ask your supervisor.
A securement system—Such a system consists of a group of individual parts that work together to support and secure a load. Common securement system parts include decks, headboards, bulkheads, stakes, posts and anchor points.
Securing devices—These devices are designed to help hold a load in place during transportation. Securing devices can include webbing, strapping, bracing, blocking, chains, ropes, binders, shackles, clamps, latches, hooks and friction mats.
Tie-downs—Such items are a combination of securing devices that form an assembly that attaches to anchor points to restrain loads during transportation.
Conduct Thorough Inspections
Apart from having the correct equipment, it’s vital to inspect this equipment and the load itself to ensure that safe and effective securement is possible. Utilize the following inspection tips:
Make sure that the vehicle, securement system, securing devices, tie-downs and equipment in the load itself are fully cleaned and don’t contain any excess debris (e.g., dirt, rocks or grass).
Ensure that the vehicle is in good condition, paying special attention to the fluid levels, brakes, seat belts, steering wheels and tires. Never use a vehicle in poor condition.
Analyze the securement system, securing devices and tie-downs for missing components, weakened parts or sections, signs of distress (e.g., stretches, cracks or frays) or other potential damages. Never use damaged equipment.
Review the size, dimensions and weight of the equipment in your load. Ensure that these measurements don’t exceed the vehicle’s maximum capacity or any part of the securement system’s working load limit (WLL). Each component of the securement system should include a WLL from the manufacturer.
Ensure that you are using an adequate securement system, suitable securing devices and the required number of tie-downs to effectively restrain the load.
Keep in mind that some large equipment might require oversized or overweight transportation permits. The standards for these permits can vary between states. Consult your supervisor to determine whether any part of the load requires a specialized permit.
Transporting Landscape Equipment: Contain, Immobilize and Secure the Load
Once you have inspected your equipment and confirmed that the load is a suitable size and weight for the vehicle being used, it’s time to secure the load. Follow these steps:
Before loading begins, be sure that the vehicle being used for transportation has the parking brake engaged. This will keep the vehicle from rolling away during the loading process.
Utilize a securement system plan that suits the unique characteristics of the load. This plan should properly distribute the weight of the load throughout the vehicle and be able to withstand a minimum amount of force in each direction.
Make sure that the setup of the securement system, securing devices, tie-downs and equipment in the load itself won’t compromise the safety of the driver or any vehicle passengers. Specifically, ensure that the setup won’t block the driver’s view, prevent the driver from freely moving their legs or arms, restrict the driver from accessing emergency materials (e.g., a first-aid kit or toolbox) or keep the driver and any passengers from being able to safely exit the vehicle.
Take extra precaution when securing articulated landscaping equipment or any other form of equipment that is more likely to shift during transportation (e.g., equipment with wheels). Be sure to utilize extra securing devices (e.g., straps and wheel blocks) to further immobilize the equipment. This is especially important for equipment that has attached accessories.
Ensure Compliance Lastly, make sure that all load securement procedures are compliant with any applicable federal, state and local laws. Remember to review both the U.S. Department of Transportation (DOT) requirements and your specific state’s DOT regulations regarding load securement. Consult your supervisor with any compliance concerns.
In Conclusion
Keep in mind that this article is just a brief overview of load securement safety. Be sure to review additional resources and talk to your supervisor you have any further questions regarding load securement.
California’s Leader in Insurance and Risk Management
As one of the fastest-growing agencies in California, GDI Insurance Agency, Inc. is able to provide its clients with the latest and greatest of what the insurance industry has to offer and much, much more. The GDI team has developed an “insurance cost reduction” quoting plan, that provides you with the best coverage at the best rate!
We are headquartered in Turlock, CA, with locations across the heart of California’s Central Valley, Northern California and beyond to provide a local feel to the solutions and services we provide our clients. We pride ourselves on exceeding our client’s expectations in every interaction to make sure that our client’s know how much we value and appreciate their business.
Office Building Employers Information for COVID-19
Office building employers, owners and managers can take proactive measures to create a safe and healthy workplace for employees, clients and other guests. This article shares COVID-19 guidance from the Centers for Disease Control and Prevention (CDC) on COVID-19 Employer Information for Office Buildings.
How Office Building EmployersCanProtect Employees
Employers should consider the following steps to protect their employees and other building visitors, while slowing the spread of COVID-19:
Check the building for hazards associated with prolonged facility shutdown, ensure ventilation systems operate properly and increase air circulation as much as possible.
Identify where and how workers might be exposed to COVID-19 at work.
Develop hazard controls using the hierarchy of controls. Consider using a combination of engineering and administrative controls, explained further below.
Engineering Controls
Engineering controls isolate people from hazards. Consider the following example controls:
Modify seats, furniture and workstations.
Use methods to physically separate employees in the building, including work areas and common areas.
Improve building ventilation based on local environmental conditions (e.g., temperature and humidity).
Administrative Controls
Administrative controls change the way people work. Consider the following example controls:
Encourage employees who have symptoms of COVID-19 to notify their supervisor and stay home.
Stagger shifts, start times and break times to reduce the number of employees in common areas.
Post signs in parking areas and entrances that ask guests and visitors to wear cloth face coverings.
Post instructions and reminders at entrances and in other strategic places about hand hygiene, COVID-19 symptoms, and cough and sneeze etiquette.
Clean and disinfect high-touch surfaces.
Educate Employees
Employers should consider the following steps to educate employees and supervisors about how to protect themselves at work:
Develop communication and training that is easy to understand, in preferred languages spoken or read by the employees, and includes accurate and timely information. Suggested topics include signs and symptoms of infection, staying home when ill, social distancing, cloth face coverings, hand hygiene practices, and identifying and minimizing potential routes of transmission at work, at home and in the community.
Provide information and training on what actions employees should take when they are not feeling well (e.g., workplace leave policies, and local and state health department information).
Remind employees and clients that the CDC recommends wearing cloth face coverings in public settings where other social distancing measures are hard to maintain. However, wearing a cloth face covering does not replace the need to practice social distancing.
The CDC has posters available for employers to download and print, some of which are translated into different languages.
Develop Special Considerations for Elevators and Escalators
Employers should implement special considerations if their building has elevators or escalators. Consider the following proactive measures:
Encourage occupants to take stairs when possible, especially when elevator lobbies are crowded or when only going a few flights.
Designate certain stairwells or sides of stairwells as “up” and “down” to better promote social distancing.
Use floor markings in elevator lobbies and near escalator entrances to reinforce social distancing. Place decals inside the elevator to identify where passengers should stand if needed.
Use stanchions in lobbies to mark pathways to help people travel in one direction and stay 6 feet apart.
Consider limiting the number of people in an elevator and leaving steps empty between passengers on escalators.
Post signs reminding occupants to minimize surface touching. They should use an object (such as a pen cap) or their knuckle to push elevator buttons.
Consider adding supplemental air ventilation or local air treatment devices infrequently used elevator cars.
For More Information
Read the CDC’s Interim Guidance for Businesses and Employers for additional recommendations for creating new sick leave policies, and cleaning and developing employee communications to help protect employees and other building guests.
Contact us today for more COVID-19 guidance and resources to protect employees.
California’s Leader in Insurance and Risk Management
As one of the fastest-growing agencies in California, GDI Insurance Agency, Inc. is able to provide its clients with the latest and greatest of what the insurance industry has to offer and much, much more. The GDI team has developed an “insurance cost reduction” quoting plan, that provides you with the best coverage at the best rate!
We are headquartered in Turlock, CA, with locations across the heart of California’s Central Valley, Northern California and beyond to provide a local feel to the solutions and services we provide our clients. We pride ourselves on exceeding our client’s expectations in every interaction to make sure that our clients know how much we value and appreciate their business.
Commercial insurance carrier CNA was hit by a “sophisticated cyber-attack” that caused major havoc for certain systems, including email. Out of an abundance of caution, they contained the attack by proactively disconnecting their systems leveraging a methodical and carefully organized process. CNA is one of the biggest insurance companies in the U.S., with over 6,000 employees.
GDI Insurance Agency had a $250k+ premium account that most likely would have gone to them, but due to the system outage/failure they couldn’t get final pricing to us and lost the opportunity. Having happened leading into 4/1 (the start of a new quarter was the WORST timing for an insurance company). It’s murphy’s law, what can go wrong will (and when it does it’ll be at the worst possible time). If this happened with our agency, think of the losses they experience with other agencies as well.
CNA Insurance has been working around the clock for a week on the incident, and have just restored their enterprise email system, which is now safe. Adding additional security measures in place to protect their systems.
“The security of our data and that of our insureds’ and other stakeholders is of the utmost importance to us. Should we determine that this incident impacted our insureds’ or policyholders’ data, we’ll notify those parties directly,” the company said.
How CNA Dealt With A Sophisticated Cyber-Attack
“Out of an abundance of caution, we contained the attack we sustained by proactively disconnecting our systems from our network. We are now in the restoration stage and are bringing back our systems leveraging a methodical and carefully organized process. As highlighted here and as an example of this ongoing process, we have restored email access and you can communicate with CNA employees safely and in the normal course of business.”
10 Cyber Security Resolutions to Reduce Your Data Exposures
Sophisticated cyber-attack, threats and trends can change year over year as technology continues to advance at alarming speeds. As such, it’s critical for organizations to reassess their data protection practices at the start of each new year and make achievable cybersecurity resolutions to help protect themselves from costly breaches. The following are resolutions your company can implement to ensure you don’t become the victim of a sophisticated cyber-attack:
Provide security training—Employees are your first line of defense when it comes to cyber threats. Even the most robust and expensive data protection solutions can be compromised should an employee click a malicious link or download fraudulent software. As such, it’s critical for organizations to thoroughly train personnel on common cyber threats and how to respond.
Employees should understand the dangers of visiting harmful websites, leaving their devices unattended and oversharing personal information on social media. Your employees should also know your cybersecurity policies and know how to report suspicious activity.
Install strong antivirus software and keep it updated—Outside of training your employees on the dangers of poor cybersecurity practices, strong antivirus software is one of the best ways to protect your data. Organizations should conduct thorough research to choose software that’s best for their needs. Once installed, antivirus programs should be kept up to date.
Instill safe web browsing practices—Deceptive and malicious websites can easily infect your network, often leading to more serious cyber attacks. To protect your organization, employees should be trained on proper web usage and instructed to only interact with secured websites.
For further protection, companies should consider blocking known threats and potentially malicious webpages outright.
Create strong password policies—Ongoing password management can help prevent unauthorized attackers from compromising your organization’s password-protected information. Effective password management protects the integrity, availability and confidentiality of an organization’s passwords.
Above all, you’ll want to create a password policy that specifies all of the organization’s requirements related to password management. This policy should require employees to change their password on a regular basis, avoid using the same password for multiple accounts and use special characters in their password.
Use multi-factor authentication—While complex passwords can help deter cybercriminals, they can still be cracked. To further prevent cybercriminals from gaining access to employee accounts, multi-factor authentication is key. Multi-factor authentication adds a layer of security that allows companies to protect against compromised credentials.
Through this method, users must confirm their identity by providing extra information (e.g., a phone number, unique security code) when attempting to access corporate applications, networks and servers.
Get vulnerability assessments—The best way to evaluate your company’s data exposures is through a vulnerability assessment. Using a system of simulated attacks and stress tests, vulnerability assessments can help you uncover entry points into your system.
Following these tests, security experts compile their findings and provide recommendations for improving network and data safety.
Patch systems regularly and keep them updated—A common way cybercriminals gain entry into your system is by exploiting software vulnerabilities. To prevent this, it’s critical that you update applications, operating systems, security software and firmware on a regular basis.
Back up your data—In the event that your system is compromised, it’s important to keep backup files. Failing to do so can result in the loss of critical business or proprietary data.
Understand phishing threats and how to respond—In broad terms, phishing is a method cybercriminals use to gather personal information. In these scams, phishers send an email or direct users to fraudulent websites, asking victims to provide sensitive information.
These emails and websites are designed to look legitimate and trick individuals into providing credit card numbers, account numbers, passwords, usernames or other sensitive information.
Phishing is becoming more sophisticated by the day, and it’s more important than ever to understand the different types of attacks, how to identify them and preventive measures you can implement to keep your organization safe.
As such, it’s critical to train employees on common phishing scams and other cybersecurity concerns. Provide real-world examples during training to help them better understand what to look for.
Create an incident response plan—Most organizations have some form of data protection in place. While these protections are critical for minimizing the damages caused by a breach, they don’t provide clear action steps following an attack.
That’s where cyber incident response plans can help. While cybersecurity programs help secure an organization’s digital assets, cyber incident response plans provide clear steps for companies to follow when a cyber event occurs. Response plans allow organizations to notify impacted customers and partners quickly and efficiently, limiting financial and reputational damages.
For additional cyber risk management guidance and insurance solutions, contact us today.
California’s Leader in Insurance and Risk Management
As one of the fastest-growing agencies in California, GDI Insurance Agency, Inc. is able to provide its clients with the latest and greatest of what the insurance industry has to offer and much, much more. The GDI team has developed an “insurance cost reduction” quoting plan, that provides you with the best coverage at the best rate!
We are headquartered in Turlock, CA, with locations across the heart of California’s Central Valley, Northern California and beyond to provide a local feel to the solutions and services we provide our clients. We pride ourselves on exceeding our client’s expectations in every interaction to make sure that our client’s know how much we value and appreciate their business.
Preventing Ransomware Exposures from Remote Desk Protocol
Remote desk protocol (RDP)—which is a network communications protocol developed by Microsoft—consists of a digital interface that allows users to connect remotely to other servers or devices. Through RDP ports, users can easily access and operate these servers or devices from any location. RDP has become an increasingly useful business tool—permitting employees to retrieve files and applications stored on their organization’s network while working from home, as well as giving IT departments the ability to identify and fix employees’ technical problems remotely. This guidance for preventing ransomware exposures is especially important with remote workers.
Unfortunately, RDP ports are also frequently being leveraged as a vector for launching ransomware attacks, which entail a cybercriminal deploying malicious software to compromise a device (or multiple devices) and demand a large payment be made before restoring the technology for the victim. In fact, a recent report from Kaspersky found that nearly 1.3 million RDP-based cyberattacks occur each day, with RDP reigning as the top attack vector for ransomware incidents.
Don’t let RDP contribute to a costly ransomware incident for your organization. Review the following guidance to learn more about how ransomware attacks can occur via RDP and best practices for minimizing the likelihood of such an incident.
PreventingRansomware Exposures via RDP
RDP-based ransomware attacks usually stem from organizations leaving their RDP ports exposed to the internet. Although doing so can seem more convenient for employers in the scope of remote work operations, internet-exposed RDP ports are easy for cybercriminals to identify and offer a clear access point for deploying harmful attacks.
The typical process of an RDP-based ransomware attack is as follows:
Scanning—First, a cybercriminal utilizes a port-scanning tool to search the internet for any exposed RDP ports. These scanning tools are often free and relatively simple to operate for attackers of varying skill levels.
Gaining access—After identifying an exposed RDP port, the cybercriminal then gains access to the targeted server or device by using stolen credentials. Attackers can secure these credentials by either purchasing them on the dark web or implementing a brute-force tool that can rapidly input a series of usernames and passwords until the correct combination is found.
Disabling security features—Once the cybercriminal has accessed the targeted server or device, they attempt to make it as defenseless against an attack as possible by disabling any existing security features (e.g., antivirus software, data encryption tools and system backup capabilities).
Executing the attack—From there, the cybercriminal is able to steal sensitive data and deploy a ransomware attack on a vulnerable server or device. Some attackers even install backdoors during this step to allow for easy access during future attacks.
Like other ransomware incidents, RDP-based attacks can result in devastating ramifications for the impacted organization—including business interruption issues, reputational damages and large-scale financial loss.
Download our Case Study Today!
Strengthening RDP Against Ransomware
Although RDP-based ransomware attacks have become increasingly common, there are several ways for you to bolster your organization’s RDP security and lessen the risk of such an incident impacting your operations. Consider the following best practices:
Close your RDP connection. First and foremost, ensure that your RDP connection is not open to the internet.
Establish a virtual private network (VPN). To keep your RDP port from being exposed to the internet, be sure to establish a VPN. This will allow remote employees to securely access your organization’s RDP port, while also making the port far more difficult for cybercriminals to locate online.
Elevate authentication protocols. Because cybercriminals require login credentials to properly execute an RDP-based ransomware attack, make sure you have effective user authentication protocols in place. Specifically, encourage employees to develop unique passwords for all of their devices and accounts. These passwords should be an appropriate length, refrain from using common words or phrases, and contain several special characters. In addition to strong passwords, consider requiring multifactor authentication for RDP port access as an extra layer of protection.
Implement login attempt limits. To stop cybercriminals from being able to deploy brute-force tools to secure login credentials during an attack, update RDP port protection features to detect when multiple failed login attempts have occurred in a short period of time. Establish a limit on how many incorrect logins can occur before the user is blocked from further attempts—therefore halting an attack.
Utilize adequate security software. Ensure all workplace technology is equipped with top-rated security software—including antivirus programs, a firewall, data encryption features and a gateway server—to deter attempted attacks. Update this software on a regular basis.
Restrict employee access. Be sure to uphold the principle of least privilege by only providing employees with RDP access if they absolutely need it to conduct their work tasks. These employees should be trusted and trained in appropriate RDP usage. After all, granting extra employees unnecessary RDP permissions simply creates additional security gaps.
Have a plan. Lastly, make sure your organization has an effective cyber incident response plan in place that addresses RDP-based ransomware attack scenarios. This plan should promote the backup storage of any critical data in multiple secure locations (both on-site and off-site) to minimize potential losses. Practice this plan regularly with staff and make updates as needed.
For additional risk management guidance and insurance solutions, contact us today.
California’s Leader in Insurance and Risk Management
As one of the fastest-growing agencies in California, GDI Insurance Agency, Inc. is able to provide its clients with the latest and greatest of what the insurance industry has to offer and much, much more. The GDI team has developed an “insurance cost reduction” quoting plan, that provides you with the best coverage at the best rate!
We are headquartered in Turlock, CA, with locations across the heart of California’s Central Valley, Northern California and beyond to provide a local feel to the solutions and services we provide our clients. We pride ourselves on exceeding our client’s expectations in every interaction to make sure that our client’s know how much we value and appreciate their business.
In the event that a fire occurs at your commercial property, having measures in place to slow the spread of the flames and minimize potential damages is crucial. That’s where fire doors can help. These doors are specifically designed to withstand the extreme heat of a fire for a period of time, temporarily blocking flames from traveling from one area of a building to another.
Considering that time is of the essence when it comes to keeping a fire under control, these doors can make all the difference in allowing additional building occupants to safely escape the premises and preventing property damage. Yet, National Fire Protection Association (NFPA) standards—namely, NFPA 80—emphasize that fire doors must be routinely inspected and adequately maintained in order to be effective.
Review the following guidance to learn more about how fire doors work and best practices for keeping these doors fully operational.
How Fire Doors Work
A fire door consists of multiple components—including the door, door frame, hinges, handle and additional hardware. Collectively, these parts are designed to withstand fire exposures for a set period of time, slowing the spread of flames and smoke throughout different sections of the affected property.
These doors can vary in size, materials and layout (e.g., a swinging, sliding, hinged or rolling door). These doors are typically utilized within the wall openings and stairwells of buildings. Installing fire doors in wall openings can help keep flames from spreading to additional areas on the same floor of a property. Implementing these doors in stairwells can deter a fire from traveling between different stories of a property and potentially allow additional building occupants to safely escape via the stairs. Fire doors can also provide firefighters with better access to the property overall, bolstering fire suppression efforts.
Each fire door is designed to meet the standards of its resistance rating, which represents how long the door can actually withstand fire exposures before eventually succumbing to the heat and smoke. This rating is determined through various testing procedures, and applies not only to the door, but also to its collective parts. Fire door resistance ratings can range from 20 minutes to three hours. For example, if the door can withstand fire exposures for one hour, then it will be rated as a one-hour fire door.
Fire doors are also considered in the process of establishing a property’s fire divisions. While some buildings only consist of a single fire division, a property may contain multiple fire divisions if there are measures in place to limit a fire from reaching different areas of the building. With this in mind, properties with approved fire divisions by way of fire doors in place may benefit from reduced commercial insurance rates, seeing as there is a lower risk of a fire spreading across the entirety of the building.
On the other hand, properties that remove or don’t incorporate fire doors and thus lack multiple fire divisions may encounter higher commercial insurance rates, since a fire is increasingly likely to affect the entire building and result in more severe damages.
Maintaining Fire Doors
While fire doors can certainly offer numerous advantages to a property, it’s important to note that these doors must be properly maintained to remain effective. In particular, some fire doors need to stay fully closed in order to work. Otherwise, flames and smoke will easily travel through any openings, defeating the purpose of the doors altogether.
However, fire doors that are equipped with fusible links—which are heat-activated devices designed to ensure that such doors adequately close in the presence of a fire—do not need to stay shut at all times. In these circumstances, the doors can be kept open as long as there are no obstructions (e.g., a door wedge) in the way that could potentially prevent them from closing when necessary. Keep in mind that most rolling fire doors are equipped with fusible links.
In addition to keeping fire doors closed or unobstructed, NFPA 80 also outlines the following installation, inspection and maintenance requirements:
Ensure all fire doors at your property contain a fire label and resistance rating from Underwriter Laboratories or Warnock Hersey—both of which are trusted safety certification organizations.
Only allow a competent, qualified contractor to install fire doors or make modifications to existing fire doors at your property. Modifying a fire door with the wrong components or hardware could result in the door becoming ineffective and losing its resistance rating. Also, be sure to consult the contractor about the possibility of equipping your fire doors with fusible links.
Regularly inspect fire doors for potential damages (e.g., large gaps, broken seals, loose hinges or missing screws). Further, make sure that each door can connect firmly to its latch without getting stuck on the frame before fully closing. Schedule repairs when necessary.
Have a certified professional conduct a visual inspection and—in the case of rolling doors—a drop test (a test that confirms the door works as it should and completely closes) on your property’s fire doors at least once every year. Based on the results, schedule repairs and make door replacements as needed.
California’s Leader in Insurance and Risk Management
As one of the fastest-growing agencies in California, GDI Insurance Agency, Inc. is able to provide its clients with the latest and greatest of what the insurance industry has to offer and much, much more. The GDI team has developed an “insurance cost reduction” quoting plan, that provides you with the best coverage at the best rate!
We are headquartered in Turlock, CA, with locations across the heart of California’s Central Valley, Northern California and beyond to provide a local feel to the solutions and services we provide our clients. We pride ourselves on exceeding our client’s expectations in every interaction to make sure that our clients know how much we value and appreciate their business.
Tens of thousands of organizations around the world using Microsoft’s Exchange Server have been compromised by a cyber hack campaign suspected to have ties to China. This campaign exploited software vulnerabilities to seize control of systems and steal data, according to researchers.
Security researchers at Volexity first detected the cyber hack in January, according to Microsoft. Volexity has provided a full overview of the technical details on its website. FireEye’s Mandiant also reported evidence that the campaign hit U.S. retailers, local governments, a university and an engineering firm. Cybersecurity blogger Brian Krebs reported at least 30,000 U.S. organizations could be affected, among them being small businesses and municipalities.
Cyber Hack Microsoft Update
In a blog post, Microsoft researchers detailed the recent exploits of a highly skilled and sophisticated threat actor they call Hafnium. The threat actors were able to infiltrate Microsoft’s Exchange Server software using stolen credentials or zero-day vulnerabilities. They could then create web shells with administrative access, allowing the bad actors to steal data or control systems remotely.
According to Microsoft, the group typically targets U.S. entities, especially infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks and other nongovernmental organizations.
Microsoft issued emergency security updates to protect Exchange Server customers. It should be noted that the hack is not related to the recent SolarWinds supply chain attack. Multiple security researchers reported that, after Microsoft issued its patch, hackers seemed to have kicked the hacking campaign into overdrive to access as many unpatched systems as possible.
The Biden administration will reportedly convene a task force to investigate the hack, and the federal Cybersecurity and Infrastructure Security (CISA) issued an alert to help organizations determine whether they may have been compromised.
On Twitter, former CISA head Christopher Krebs called the event a huge hack, adding that the affected parties dwarf the already-high reported numbers. Any organization using Outlook Web Access should be checking whether it has been compromised, according to Krebs.
“[The compromise] is going to disproportionately impact those that can least afford it,” Krebs said in a Tweet. “Incident response teams are burned out, and this is at a really bad time. Few organizations should be running exchange servers these days.”
Hacking the email systems of hundreds of thousands of organizations could not only lead to intellectual property theft but could also give rise to data breaches, business email compromise attacks, funds transfer fraud and other risks that would trigger insurance policies that cover cyber events. Having built backdoors into countless systems, the malicious actors can also come and go freely unless detected and locked out quickly, making patching and quick remediation essential.
The event comes at a time when federal lawmakers have been advised to quickly streamline the process of sharing threat information between the government, security firms and the private sector. A recent Senate hearing revealed some willingness on the part of lawmakers to move toward mandatory breach reporting with possibly liability protections for breached parties.
California’s Leader in Insurance and Risk Management
As one of the fastest-growing agencies in California, GDI Insurance Agency, Inc. is able to provide its clients with the latest and greatest of what the insurance industry has to offer and much, much more. The GDI team has developed an “insurance cost reduction” quoting plan, that provides you with the best coverage at the best rate!
We are headquartered in Turlock, CA, with locations across the heart of California’s Central Valley, Northern California and beyond to provide a local feel to the solutions and services we provide our clients. We pride ourselves on exceeding our client’s expectations in every interaction to make sure that our client’s know how much we value and appreciate their business.
We use cookies to optimize our website and our service.
Functional cookies
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
