Researcher says can hack GMs OnStar app, open vehicle, start engine | Reuters

Researcher says can hack GMs OnStar app, open vehicle, start engine | Reuters.

Cyber breach hits home appliances, cars and many other every day products that now use computer chips.  In the same manner as hackers target computers, other every-day products can be hacked into and altered.  In this case, a researcher has found a way to open and start Genral Motors vehicles through OnStar.



How Big Data Efforts are Affecting Cyber Security

Just about every month of the past year has brought news of a new data breach, leak, or hack at a major company. The most recent target was the U.S. federal government itself. These breaches are concerning for any company that relies on the Internet as a significant portal. Furthermore, the damage of such breaches can be extensive. The Ponemon Institute conducts an annual study analyzing data breaches. For 2015, the researchers found that the average cost of a breach is $3.8 million, with an average cost per record of $154.

Big Data

One of the largest changes to e-commerce and business in general over the past few years has been the rise of big data. Collecting data about customers and browsers is a powerful means to understand the company’s customer base, decide how to design new products, and determine the direction of marketing campaigns. Having detailed customer data opens up many new options for the company.

However, big data is also a major security concern. Storing customer information raises online privacy concerns even before online security becomes an issue, and if that information is also vulnerable to security breaches, then the company faces a significant risk. The level of risk depends on what kind of data the company actually retains. The more personally identifiable and detailed the information is, the greater the risk that it will attract the attention of a hacker and the larger the potential fallout from a data breach.

It is important that any company working with customer data be aware of the consequences of a data breach. For example, customers may become vulnerable to identity theft or fraud. If the breach is large, then it might make the news, hurting the company’s reputation. The loss of trust due to the online privacy violation also damages the company’s relationships with existing customers. The company exposes its own customers to risk when breaches occur.

Sources of Vulnerability

There are several potential ways for a company to become vulnerable to a potential hack. The first is a straightforward data breach. The company’s online security is simply unable to stop a given attack. A breach like this arises because the security was out of date or was not capable of handling a category of attack. These attacks can be hard to stop- the best security software is expensive, and not all of it can stop any kind of attack. Often, a combination of security software and good IT policy is necessary. In computer security it is referred to as a “layered approach” creating multiple layers of security software and procedures.

There are also more preventable types of attacks. For example, hackers might exploit mistakes or outdated software in order to gain entry into a computer on a company network. There are sometimes good reasons to delay applying patches and updates, but that practice often leaves holes in the company’s defenses if those updates solve security problems in the software. Part of the problem is that such security updates often also involve published information about the security vulnerability that the patch is meant to solve, so the information about how to exploit the hole is public knowledge.

Another form of attack is when attackers use phishing/spear fishing (email based malware) or similar methods to gain access to passwords, enabling them to have direct access to sensitive systems. This is where IT policy becomes critical. No security software can solve human error. Having proper policies in place about what kinds of passwords to use, how often to rotate them, and limiting the amount of Internet-facing assets in place can help to prevent attacks by making the company both harder to reach and harder to crack. This is as much an issue of company culture as it is an issue of software.

The Risk

The major question that every manager should consider when it comes to using potentially sensitive data is whether the benefits are worth the risk. Clearly, many of the major companies that appear in the news as hacking targets, like Target, believe the benefits to be worth the cost even after an attack: Target has committed to beefing up security, not to reducing its use or retention of data. They believe that they gain so much from collecting data that even an actual breach was not enough to convince them to stop the practice.

On the other hand, as a large company, Target has more resources to help it weather a storm of controversy. A smaller company might not be able to withstand the loss of trust between the company and consumers in the event of a breach, and its reputation might not recover from such an event. Online privacy is becoming a growing concern as customers become more aware of just how much data about them companies collect, so they might become less tolerant of data collection and breaches in the future.

Florida Supreme Court to Decide Workers Comp Constitutionality

Just recently a legal challenge to the constitutionality of Florida workers compensation system that was thrown out by a state appeals court may be headed to the Florida Supreme Court.

In this case the plaintiffs would like the state’s high court to listen to their appeal of the state’s Third District Court of Appeals ruling that occurred on June 24th.

The ruling came in response to a 2014 judgement made by the Florida 11th Circuit Court Judge Jorge Cueto, who determined that the “exclusiveness of liability” provision of the workers compensation law in Florida is unconstitutional.  It was Cueto who ruled that the benefits provided under the workers compensation law are inadequate to qualify as an exclusive remedy for injured workers.

Read the case history by clicking the link below.

Padgett Plaintiffs Ask Florida Supreme Court to Decide Workers Comp Constitutionality – Carrier Management.

Ohio Workers’ Comp Bureau Begins Overcharge Repayments

The Ohio Bureau of Workers’ Compensation is beginning to cut checks to state employers who were overcharged for insurance premiums from 2001 through 2009.

The state has mailed approximately 24,140 checks totaling $255 million to affected businesses in June, which represents 60% of the $420 million the state agreed it owed as a result of a settlement last summer.

Ohio Workers’ Comp Bureau Begins Overcharge Repayments.

Independent Contractor Compliance and Misclassification Update

A hot topic being discussed recently is independent contractor misclassification.  With cases such as the recent FedEx Ground suit that settled for $228 million the subject has attracted the attention of many CEOs and has them questioning whether independent contractors used by their companies are classified correctly.

Here are a couple steps companies can take to limit their exposure to independent contractor (IC) misclassification risk:

  • “Properly restructuring, re-documenting, and re-implementing their independent contractor relationships in a manner that enhances their IC compliance.”
  • “Not assuming that they are free from misclassification exposure simply by retaining contractors who operate in the form of business entities, such as corporations or LLCs.”

To take a deeper dive into six related court cases that discuss IC misclassification further select the link below.

Independent Contractor Compliance and Misclassification News Update


Construction bears more opioid-related costs than other industries | Business Insurance

The cost of opioid use is greater for injured construction workers than for injured workers in other industries, according to a new analysis by insurer CNA Financial Corp.   Spending on opioids in the construction industry is 5% to 10% higher than other industries, according to the analysis of claims from 2009 to 2013.“The opioid abuse epidemic is taking a toll on many aspects of the U.S. economy, including businesses workers compensation losses,” Bill Boyd, senior vice president of risk control for CNA, said Monday in a statement. “The delay of returning injured employees to work can affect operations and, therefore, negatively impact a companys bottom line.”Oklahoma, Texas and Florida have higher frequencies of painkiller abuse among injured construction workers than many other states, the analysis shows.

via Construction bears more opioid-related costs than other industries | Business Insurance.

Prescription cost per workers comp claim rose 7.3% in 2014 | Business Insurance

While the average cost per workers compensation claim increased in 2014, the number of prescriptions per injured worker and the average morphine equivalent dose per script declined, Coventry Workers’ Comp Services said Tuesday.Due primarily to a 10% increase in the average wholesale price of medications commonly prescribed to injured workers, the overall average cost per claim rose 7.3% in 2014 compared with 2013, according to Downers Grove, Illinois-based workers comp care and cost manager’ 2014 First Script Drug Trends Analysis.

Increased prices to cover patents that will expire in the future and potential product shortages were among the biggest factors in the overall average wholesale price increase last year.

via Prescription cost per workers comp claim rose 7.3% in 2014 | Business Insurance.

Changing demographics reset workplace safety | Business Insurance

Changing workplace demographics are creating several new challenges for risk managers, notably in the area of safety.   An aging workforce requires new approaches to workplace safety, observers say, noting the effect of older employees on workers compensation costs and the need for work processes and equipment to be re-examined and modified. 

via Changing demographics reset workplace safety | Business Insurance.