Posts Tagged ‘cybersecurity’

virtual digits abstract illustration, shadow figures with magnifying glass oversight

Breach Detection: Top Signs Your Business Has Been Hacked

Breach Detection: Top Signs Your Business Has Been Hacked

In 2024, cybersecurity has firmly entrenched itself in the public imagination. It seems like barely a week goes by, for example, without a high-profile data breach. Terms like “hacking,” “malware” and even “multi-factor authentication” have become part of our everyday vernacular. Even extensive security training is now routine at many workplaces.

Yet despite this welcome increase in awareness and understanding, it can still be difficult to know exactly when your network has suffered a breach – which can have serious consequences for your business. That’s because the faster you can detect a malicious incident, the faster you can begin remediation, prevent financial or reputational fallout, and get your agency back on track. Let’s explore what potential breaches can look, feel and sound like. We will also examine steps you can take to respond in the unfortunate event of an incident.

What does a breach look like?

One of the biggest warning signs that something is amiss with your business network is simply unusual activity that you can typically see within your technology or security software. While this can sound like vague advice, it really isn’t when you know what to look for, including:

  • Strange or unrecognized logins.
  • Odd purchases made through business accounts.
  • Unauthorized changes to your account settings.
  • Unfamiliar devices connecting to your systems or network.
  • Abnormal spikes in data use or activity.

What does a breach feel like?

The warning signs of a breach are not solely visual. You can also be tipped off by how your network feels and the way your software performs. A cyberattack may result in a dramatic slowdown in performance. There is no universal experience, of course, but some of the common performance problems include:

  • Slow network speeds or crashing applications.
  • General connectivity problems.
  • Inefficient CPU or system memory usage.
  • Poor customer experience.

What does a breach sound like?

When it comes to network breaches, it may feel a bit odd to talk about warning signs that you can hear. While your technology systems aren’t typically going to tip you off this way, your agency’s human stakeholders might. Keep your ears open for feedback from those who interact with your digital assets and infrastructure. Their thoughts, feelings and experiences may prove crucial to discovering a breach and taking corrective action. Some comments that you need to take very seriously are:

  • Reports of increased phishing attempts or other suspicious emails.
  • Complaints from customers about using your digital assets.
  • Increased IT support desk tickets, depending on if you have managed security in place.
  • Occasionally, albeit rarely, compromised devices can also emit auditory signals that suggest something has gone wrong.

A four-point plan to respond to breaches

If you notice these abnormal activities, don’t brush them off! Instead, take the following four actions to contain the potential damage and reestablish your security perimeter.

  • First: Secure your compromised accounts, which can involve switching passwords and establishing multi-factor authentication if you don’t have it in place already. You should also disable affected accounts, notify all affected stakeholders, and begin preserving evidence of what has occurred.

  • Second: Focus next on investigating the malicious activity. Develop an overview of the incident by assessing the “who,” “what,” “when,” and “where” of the network breach. The purpose of this exercise is two-fold: You want to determine the scope of the problem while also determining the root causes so you can ensure it doesn’t happen again.

  • Third: Build a plan to improve the long-term security of your IT systems and to prevent similar breaches. Conduct a comprehensive review of your vulnerabilities. Implement stronger access controls, encryption protocols and cybersecurity approaches. Finally, update training programs to keep employees apprised of security changes and reinforce security standards across your organization.

  • Fourth: Don’t forget to adhere to all relevant standards and requirements regarding data breach notification. Then, conduct a review of your compliance obligations to ensure you are taking appropriate due diligence and properly protecting sensitive personal information.

A thrilling yet threatening business era

Seven decades into the information age, more people than ever are aware of both the promise and the perils of using digital systems in both life and work. Yet while cybersecurity awareness has never been more widespread than it is today, some of the common signs and symptoms of a data breach are not that widely known. Learning more about them and keeping your co-workers and team apprised is a great way to sharpen your defenses and respond decisively should the need arise.

man peering over a desk with the words "who you gonna call?"

Data Breach Prep: Texas

When a data breach occurs, it’s an intense, frightening moment. Who you ‘gonna call? Ghostbusters aren’t the ones for this job, so the best way to make the specter of a breach less scary is to have an incident response plan in place; to know what your legal and regulatory requirements are; and to have the contact information that you need close at hand.

While this new series of blogs is not intended to provide legal advice, it is intended to provide you with recommendations for resources that may be useful; to increase awareness regarding notification and reporting requirements; and to provide helpful notification contact information, unique to each state. In each issue, we will present you with contact information regarding a different state in which Alliant National is licensed, and in which you may be its appointed agent. It is up to you to make sure that you know when to use these contacts – either because you are legally required to do so, or because you have optionally decided to provide notification. Lastly, for our legal disclaimers, we’ve made our best efforts to acquire the correct and current contact information, but we can make no guarantees as to its accuracy or that the information will not change over time.

Understanding State Reporting Responsibilities

There are two kinds of laws that impact your reporting responsibilities: (1) state data breach notification laws that generally apply to all entities who “own” data, and (2) insurance data security laws that apply to those who are regulated for doing the business of insurance. A great summary of the state data breach notification laws is published quarterly by the law firm of Foley & Lardner. Another useful resource for tracking both the state data breach notification laws and the insurance data security laws is a tool published by the law firm of Lewis & Brisbois

Now that we’ve discussed both the general and insurance data breach notification laws, please be aware that sometimes notification requirements derive from other sources, including statutes which are not labeled as Insurance Data Security Laws (or which don’t even fall under the category of such laws), and bulletins issued by insurance regulators.

State data breach notification laws vary from state to state and may have some exemptions which apply to you, but often include the following common components:

  • Notification to affected state residents without unreasonable delay.
  • Notification to certain agencies, including state attorneys general and/or consumer reporting agencies under certain circumstances.

The variances are quite considerable and include (but are not limited to) how (e.g. by what method) to give notice, permitted delays when a law enforcement agency investigation is pending, timing of the notice, what particular information is required information to be provided, and record retention.

Consumer Reporting Agency Notification

For your convenience, when these laws do require notification to Consumer Reporting Agencies, the following information may be helpful to you:

Common Notification Requirements

Insurance Data Security Laws also vary from state to state and may have some exemptions that apply to you (typically based upon the size of the licensee, its year-end total assets, and its gross annual revenue), so, again, be sure to check your state’s specific requirements. However, these laws generally include the following common notification components:

  • Notification to the insurance commissioner of the cybersecurity event (usually within three days in most states).
  • Notification to affected state residents without unreasonable delay.
    • But if you’ve had a breach and determined that notice is not required (according to the state law or other authority), then typically that determination is required to be documented in writing and retained for at least five (5) years.
  • Notification (usually within 10 days) to a covered third-party (such as your *title insurance underwriter) when you have determined or believe that a breach occurred.
    *(for Alliant National Title, you can contact Elyce Schweitzer, Regulatory Compliance Officer, at eschweitzer@alliantnational.com)

Texas Notification Requirements And Contact Information  

Contact Information Pursuant to State Data Breach Notification LawsContact Information Pursuant to Insurance Data Security Laws (or Pursuant to Other Authority Requiring Notice to Regulator)
Tex. Bus. & Com. Code §§ 521.002, 521.053, 521.151-152 (these are all sections of the Identity Theft Enforcement and Protection Act but note that Tex. Bus. & Com. Code § 521.053 is the statute pertaining to actual notification / reporting requirements).   When breach affects ≥ 250 residents, notify: * TX Attorney General whose informational webpage for data breach reporting is  https://texasattorneygeneral.gov/consumer-protection/data-breach-reporting; from there, access online data breach reporting form at https://oag.my.site.com/datasecuritybreachreport/s/   When breach affects > 10,000 residents, notify: *Consumer Reporting Agencies (see contact information provided above)No Insurance Data Security Law.  However, Commissioner’s Bulletin #B-0009-23 requires data breach reporting to the Texas Department of Insurance (TDI):   *For all other regulated entities and individuals (besides domestic insurance companies and HMOs), send breach notices to CyberReporting@tdi.texas.gov.
foreboding cyborg

AI Safety For Small Business

The rapid rise of AI in business sometimes evokes memories of the 1984 sci-fi classic The Terminator, and particularly its description of a technology that “can’t be reasoned with,” “can’t be bargained with,” and which “will not stop, ever” until it completes its mission.

We’re obviously a long way off from cyborgs, but all signs indicate that AI’s march forward will inevitably disrupt the way people work in our industry. This disruption will come − ready or not. Fostering a culture of adaptability will be important as we position our teams to capitalize on tomorrow’s opportunities. The good news is that, with appropriate safeguards in place, people can work in parallel with AI to radically increase productivity. Let’s discuss some steps you can take to keep people, processes and data safe as you consider AI use in your business.  

AI: Amazing promise with potential pitfalls

You have likely already dipped your toe into applications like Chat GPT and Google Bard, and you’ve probably been amazed by the results. Leveraging sophisticated language models, these applications have an uncanny ability to understand user input and to generate responses that mimic human communication. End users have put these tools to work generating content, conducting research, designing graphics and even producing full application and website code.  

The ChatGPTs of the world are undoubtedly marvels of engineering, but using these programs without restraint may imperil sensitive consumer and company data. Moreover, AI models are not an exact science, with research pointing to how outputs are often marred by programmer bias and inaccurate information. Finally, relying on AI-generated code without additional review can cause problems with your website or other digital real estate. Safe to say, it is wise to proceed with caution.             

Cover your bases

So how then can you unleash AI’s power while maintaining your security posture? I wish I could say there was a silver bullet, but in reality, it requires a multi-prong security approach. Here are some areas to consider when developing a plan your business:

  • Information classification and hierarchy: A great place for title agencies to begin is to build a classification hierarchy for the data held within your corporate ecosystem. Apart from our consideration of AI, a classification system like can be deeply important for risk management and creating customized data controls. Once you have this in place, it is much easier to instruct your team regarding the types of data that can be used within an AI system and what must be kept sequestered.
  • End user education: Unless you have extensive experience with language models, it can be difficult to understand how AI applications work and how to use them safely. Seeking out resources and training can be an important step toward making the most of specific AI tools while still adhering to corporate policies and procedures.
  • Incident response: This is a standard part of your typical cybersecurity plan. Designed to encompass all actions your organization will take in the event of data breach or other security problem, it is advisable to expand your incident response plan to also include AI. That way, you will be able to execute efficiently in the event of an issue and mitigate potential negative impacts.

  • Compliance and regulations: Given the rapid rise of AI, it’s not surprising that lawmakers and regulators have lagged in their attempts to address the potential negative consequences of these new technologies. But you can bet regulation is coming.Considering the large volume of personal data title professionals deal with every day, it is enormously important to stay apprised of regulatory developments so you can respond appropriately and remain compliant.

AI will be back, but we can be ready

Easily one of the most memorable quotes from The Terminator comes when Arnold Schwarzenegger remarks in a complete deadpan, “I’ll be back.” This iconic line also describes where we currently are with the AI revolution. When ChatGPT was released on November 30, 2022, it was lauded as a revolution in the modern workforce. While some of that early hoopla has now died down, there is no doubt that the AI will come roaring back as it continues to integrate into our workflows. The only real question is whether we will be ready to deploy future iterations of this technology to maximize efficiency without sacrificing safety. By updating your security plan now, you will be better positioned to embrace AI advancements, ensuring a balance between technological progress and cybersecurity.

Crime Watch Banner with computer hacker in the background and people celebrating in the foreground

Alliant National’s Crime Watch Program Caps Off Another Successful Year

Alliant National’s Crime Watch Program is a great example of the old saying that the best defense is a good offense. Designed to incentivize Alliant National’s policy-issuing agents to detect and prevent fraud, the program had a banner year during 2023. Working together, Alliant National’s network of agents prevented scores of fraudulent transactions from going forward over the past 12 months. These efforts not only protected against sizable losses but helped promote a safer and more secure industry. Now that the year has wrapped up, let’s dig into the numbers.

A problem of incredible scope

With property information readily available with a click of the mouse, it is easier than ever for bad actors to research and identify potential targets. The result has naturally been a huge uptick in criminal activity over the last few years. In fact, FBI data indicates that “more than 13,000 people were victims of wire fraud in the real estate and rental sector in 2020, with losses of more than $213 million — an increase of 380% since 2017.”[i]

Fighting fraud requires all hands on deck

To help empower independent agents and assist the title industry in combating fraud, Alliant National initiated its Crime Watch Program several years ago. The initiative rewards agents $1,000 each time they prevent a fraudulent transaction – and the results have been impressive. Year after year, Alliant National’s agents have helped stem the tide of criminals targeting the industry, identifying fraudulent behavior and saving consumers from financial loss and unnecessary stress.

During the program’s lifespan, we’ve seen a number of best practices to help prevent fraud:

  • Never accept wire instructions over email.
  • Double-check all contact information. Then, check it again.
  • Always send wire instructions through a secure, encrypted communication channel.
  • Pay particular attention to any last-minute changes with a transaction, especially with wire transfer information.
  • Speak directly to clients to make sure they are who they say they are.
  • Become as familiar as you can with the history of the property you’re working with and watch for any irregularities.
  • Stay current with all continuing education classes to remain apprised of the latest developments in title fraud and cybercrime.
  • Trust your gut when something feels off and work closely with colleagues to have a unified front against fraudsters.
  • Use real world examples of fraudulent activity to educate colleagues or employees on how to spot fraud.
  • Have a response plan in place if a fraudster is able to get around your agency’s defenses.

2023 was a successful year of fraud busting

For Alliant National’s Crime Watch Program in 2023, past successes were prelude to a tremendous year of fraud busting. Collectively, agents identified and prevented over 25 instances of fraud, totaling more than $280 million in proposed liability. The agents involved in stopping these fraudsters came from a variety of states – including Florida, Missouri and Texas – and the specifics of each fraudulent transaction also ran the gamut. Some of the top schemes encountered by agents included:  

  • Business email compromise
  • Seller impersonation
  • Fraudulent contracts
  • Fraudulent documents like passports
  • Fraudulent cashiers’ checks

Let’s stop fraudsters in 2024

Everyone has their own New Years’ resolutions, but for the title insurance industry, one of the most important should be taking all available actions to detect and ultimately prevent fraud. Since the inception of Alliant National’s crime watch program, we have seen how powerful it is when agents proactively address suspicious transactions. While not all fraud can be prevented, the program is a testament to what the industry can do when it unites against criminals.

Want to learn more about Alliant National’s crime watch program and how your agency can get rewarded for stopping fraudsters? Start here.


[i] Wire Fraud (nar.realtor)

VPN concept

Securing Remote Work: Essential VPN Features For Your Agency

Virtual private networks (VPNs) are a type of technology that allow businesses like yours to secure and encrypt connections to corporate networks and resources from remote locations. If you think back to the COVID-19 pandemic and the explosion of remote work, then it becomes easy to understand why VPNs have surged in popularity in recent years. If you’re considering taking the plunge and purchasing a VPN solution for your agency, you’ll want to read on for some best practices and tips.

Why VPN?

VPNs are used across industry verticals and are particularly common in finance, healthcare and, yes, insurance. These fields routinely deal with large amounts of highly sensitive information. Ensuring data security and cyber resilience is integral to business longevity, making selecting a VPN provider a strategic business decision.

Focus on top features and industry compliance

As you explore the market, you will quickly see there are many VPN providers to choose between. Cut through the noise by focusing on key priorities and features like:

  • Robust encryption: Look for a VPN provider that offers 256-bit encryption, which is the industry standard for ensuring that data sent over your network is unreadable to unauthorized parties.

  • Secure cybersecurity protocols: Verify that your provider offers tunneling protocols like OpenVPN, L2TP/IPsec or IKEv2/IPsec.

  • No logging: Unprotected online activity is logged by a variety of sources – including internet service providers,cookies, search engines and third-party services.A VPN service will protect you from this type of surveillance and tracking.

Any VPN you choose must also be compliant. Before implementing a service, stay apprised of all regulations that your title agency may be subject to and verify that your VPN will meet and exceed any requirements.

User management and ease of use

Ease of use and intuitive management are critical factors when considering VPNs. This goes double if you are working with a team that is heavily dispersed. Inquire with vendors about the learning curve involved with adding this tool to your security stack. Any worthwhile provider will walk you through how to set up or remove users, add permission levels or implement two-factor authentication.

Scalability and flexibility

Your business is always evolving. Therefore, you need to work with a VPN provider whose product is flexible and scalable enough to support your team as it continues to grow. Some factors to consider include:

  • Network capacity: You will want to inquire into any provider’s network and carrying capacity. Remind yourself to ask about how they handle fluctuations in network traffic and how they prevent service quality from degrading during periods of high use.
  • Remote work: Your VPN provider should also support remote work – regardless of whether your agency currently has a telecommuting policy. You need to know that your provider’s solution can handle simultaneous, dispersed connections.
     
  • Load balancing: Another critical point to investigate is load balancing and redundancy. A VPN that can scale effectively along with your business should come with strong measures in place for distributing network traffic in a way that avoids failures and downtime.

Stay safe and productive online

When your team is armed with a good VPN, they can stay productive and secure regardless of whether they are in the office or working at home. Following these tips can help you gain this additional level of protection, allowing you to then do what you do best: continuing to meet the needs of your customers.

Let's Connect

Discover more stories and conversations on our social media networks,
or drop us a line on our contact page.


The Independent Underwriter for
the Independent AgentSM