Guarding against cyberattacks

Data breaches, malware and related frauds can cost an organization very dearly. The effects of cyber fraud are rather alarming:

It was estimated that cyberattacks amounted to a loss of at least a trillion dollars to the US economy in 2013, up by more than 25% over the previous year. The US continues to be the largest target and sufferer of cyberattacks. It accounts for more than a third of all cyberattacks that happen all around the world, followed by India, which is a distant second, at a ninth of that of the US.

Security

In terms of numbers of cyber attackers, the top cyber attackers are found predominantly in the developed world, with three of the top countries for cyber attackers belonging to the west. Germany is home to over a million cyber attackers, followed closely by the US, which had close to a million attackers in late 2013, followed by Mongolia and France.

 

A huge variety of losses

In addition to the financial loss that organizations face in the aftermath of a cyberattack, they have to also contend with other losses that are of a grave nature. Organizations in which fraud happens risk their reputation. They go down in the market as being run by incompetent and untrustworthy people at the top. Deloitte lists a number of other losses, both hidden and overt, that cyberattacks cause to organizations. These are some of them:

  • Inability to meet regulatory compliance and having to pay fines levied by regulatory agencies
  • Payment of losses and fees spent on litigation
  • Costs relating to taking measures to improve security
  • Cost of the investigation
  • Loss caused by disruption to business
  • Loss of intellectual property
  • Increased cost of insurance

Dollarphotoclub_64869762_2-1438304252

What can be done about this?

If organizations need to prevent negative scenarios such as these; they have to implement a number of security measures and procedures. These security measures need to be in the form of an Incident Response Program that will allow organizations the ability to respond to such attacks with dexterity, while at the same time making sure that their business operations do not get disrupted.

This calls for establishing Key Performance Indicators (KPI) to help to determine if organizations’ Information Systems Incident Response program meets business objectives and operational metrics for ongoing process improvement.

kpi_infographic_1_2

Get to understand the ways of implementing cyber security

The ways of putting such a system in place will be the learning a webinar from Compliance4All, a leading provider of professional trainings for all the areas of regulatory compliance. Michael Redmond Consultant, a well-known speaker and author who also conducts ISO Certification Training for PECB, will be the speaker at this webinar. Michael is the Chapter President for Association of Contingency Planners Eastern Great Lake Chapter and an active member of ISSA.

Please log in to Business Continuity Planning to register for this webinar.

The key learning imparted by this training session is the ways of creating, testing and implementing an effective cyber Incident program to counter cyber threat and malware attacks. It will explain how to measure an organization’s susceptibility to a cyberattack. The speaker will explain the critical action areas in such events.

Ms. Redmond will explain all the measures that organizations need to take in order to avert a cyberattack, during the course of which she will discuss the following:

  • How to tailor and enhance an existing security training program and set up requirements for specific audiences
  • How to strengthen IT Risk Management – Integrate Information Security risk management with enterprise risk management
  • How to build an IS regulation review process, schedule and regulation requirements

This session will be of high value to those professionals who are at the forefront of security operations, such as Information Security Managers, CEO, CIO, CFO, CSO, Technology Managers, Risk Managers, Compliance Managers, and Auditors.

The speaker will cover the following areas at this webinar:

  • Adopting a systematic approach to risk tracking to enhance the effectiveness of the Cyber Incident Program
  • Outlining the critical actions to take if an event affects the company or its partners
  • Understanding an organizations’ susceptibility to a Cyber Attack
  • Cyber Incident Response: Getting started, research, training, testing and maintaining
  • Standards and Best Practice: ISO 27001, ISO 27035, ISO 27005. NIST, FFIEC, HIPPA and HITRUST.

A look into the 21st Century Cures Act

Considered one of the most significant changes to be introduced into the American healthcare sector since the passage of the Affordable Care Act; the 21st Century Cures Act was one of the last legislative acts of outgoing president Barack Obama. Signed into law in December 2016; the 21st Century Cures Act seeks to strengthen medical research, foster innovation and accelerate the development of innovative treatments for chronic ailments such as cancer.

The 21st Century Cures Act aims at strengthening funding for the National Institutes of Health (NIH) by allocating over $ six billion to them. Of this, nearly $ five billion will go towards biomedical research funding. One of the highlights of the 21st Century Cures Act is the allocation of nearly $ two billion for the “Beau Biden Cancer Moonshot” initiative, which is in honor of the Vice President Joe Biden’s son, who succumbed to brain tumor.

A different take on health improvement

This approach is a significant one, considering that researchers from some of the nation’s best-known science universities depend on NIH funding for their research. Nearly two thirds of the major drugs that are in the market since 2000 have been the result of NIH research.

In addition, the 21st Century Cures Act will also have a major impact on mental health. This is one of the most notable features of this Act. It allocates over a billion dollars for addressing opioid and other addictions in the US, and the health-related complications that arise from them, which is a significant contributor to the fall in national health standards and productivity of the population in its prime.

Will the 21st Century Cures Act change the FDA approval process?

While addressing this core aspect of scientific research in helping to treat chronic diseases; the 21st Century Cures Act also focuses on another very critical point of medicines: The FDA. Since no drug can ever enter the market without FDA approval and the FDA approval process is very lengthy, expensive and cumbersome; the 21st Century Cures Act seeks to address this fundamental issue by suggesting changes into the approval process for new drugs, as well as medical devices.

Concerns and criticisms

Reservations have been expressed about the effectiveness of the 21st Century Cures Act. The main concern is that the regulatory approval process of drugs from the FDA could get diluted, causing a risk to the lives of the patients, thereby reducing the ability of the FDA to protect lives with its regulations.

There are many issues at stake in this highly important legislation. A webinar that is being organized by Compliance4All, a leading provider of professional trainings for all the areas of regulatory compliance, will discuss the prospects and downsides of this very important law.

At this webinar, John E. Lincoln, a very experienced medical device and regulatory affairs consultant, will offer a complete insight into the provisions of the 21st Century Cures Act. This webinar will be highly meaningful and useful for research institutions and organizations that are directly concerned and connected with the FDA and its administration of emerging technologies and general health. Enroll for this webinar by registering at http://www.compliance4all.com/control/w_product/~product_id=501213?Worpress-SEO

Analysis of all the major aspects of the 21st Century Cures Act

John will explain and analyze all the main areas of the 21st Century Cures Act. He will scrutinize how the Act will concern the FDA, the impact it will have on other areas of the Federal government, and the possible benefits and drawbacks for industries and research institutions that will get directly and indirectly affected by the Act, and the general public.

John will cover the following areas at this webinar:

  • The Act’s 3 Main Areas
  • Increased Funding for Medical Research
  • Speed the Development and Approval of Experimental Treatments
  • Overhaul Federal Policy on Mental Health Care
  • Stated Advantages
  • Concerns Expressed
  • What Has Happened So Far

http://www.foxnews.com/health/2017/01/24/how-21st-century-cures-act-will-save-lives-through-research.html

Getting a grasp of the FDA’s New Enforcement of 21 CFR Part 11

That the FDA has become more rigorous in the enforcement of Part 11 through its new Part 11 and on-going data integrity inspection and enforcement program is evident in this: In just the last three years, it issued more than 30 Warning Letters with Part 11 and data integrity violations. The most common citations are related to not only inadequate integrity, security and availability of electronic records, but also to validation of software and computer systems.

Among the most important questions about the program is what major findings inspectors are looking at. So, companies need to be even more vigilant then before in implementing their electronic records. In view of these developments, it is essential to have in place a proper and foolproof process for ensuring integrity, authenticity and availability of electronic records.

A learning session on understanding the matter

A webinar from Compliance4All, a leading provider of professional trainings for all the areas of regulatory compliance, will explain how to achieve all these. Dr. Ludwig Huber, Ph.D., who is Director of Labcompliance, will be the speaker at this session. To understand how to get a grasp of the FDA’s thinking on Part 11 enforcement, please register for this webinar by visiting http://www.compliance4all.com/control/w_product/~product_id=501062

Practical lessons

Dr. Huber will use industry proven case studies on how to avoid 483 inspectional observations and Warning Letters. With this learning, participants will be able to learn how to prepare their organization for trouble-free Part 11 related inspections.

Dr. Huber will set out detailed, six-step plans for helping companies maintain these records. The learning at this webinar will also feature several other strategies and learning experiences to make sure that there will be no surprises should an FDA visit a participant’s company.

Dr. Huber will include three SOPs as an additional bonus to enable easy implementation for participants to this webinar. These are the ones:

o  Checklist: Part 11 compliance

o  Case Studies: How to avoid Part 11 related 483’s and Warning Letters

o  SOP: Electronic Audit trail: Specifications, Implementation, Validation

These are the areas this webinar will cover:

o  FDA’s current inspection and enforcement practices

o  FDA’s new interpretation: learning from FDA inspection reports

o  Strategy for cost-effective implementation of Part 11: A six step plan

o  Recommended changes to existing Part 11 programs to reduce costs

o  Justification and documentation for the FDA and your management

o  Going through case studies from laboratories, offices and manufacturing with graphical workflow of records, step-by-step description, recommendations for individual Part 11 requirements with justifications and documentation for the FDA and your management.

o  Case studies how to avoid or respond to Part 11 related observations with corrective actions to fix current issues and preventive actions to prevent reoccurrence of the same or similar issues.

o  How to prepare your company for Part 11 Inspections.