But often invested in for the wrong reasons.

Money market funds are about managing income.

As superintendents, we must make the system work for all students—however socially, politically, and professionally dangerous it may be, writes Demond A. Means.

Indians make up one in 10 of all foreign-born doctors in the UK's National Health Service (NHS) and therefore face a greater risk from the coronavirus pandemic, according to a new report published on...

J Jumadi, Nick Malleson, Steve Carver and Duncan Quincey: Managing disasters caused by natural events, especially volcanic crises, requires a range of approaches, including risk modelling and analysis. Risk modelling is commonly conducted at the community/regional scale using GIS. However, people and objects move in response to a crisis, so static approaches cannot capture the dynamics of the risk properly, as they do not accommodate objects’ movements within time and space. The emergence of Agent-Based Modelling makes it possible to model the risk at an individual level as it evolves over space and time. We propose a new approach of Spatio-Temporal Dynamics Model of Risk (STDMR) by integrating multi-criteria evaluation (MCE) within a georeferenced agent-based model, using Mt. Merapi, Indonesia, as a case study. The model makes it possible to simulate the spatio-temporal dynamics of those at risk during a volcanic crisis. Importantly, individual vulnerability is heterogeneous and depends on the characteristics of the individuals concerned. The risk for the individuals is dynamic and changes along with the hazard and their location. The model is able to highlight a small number of high-risk spatio-temporal positions where, due to the behaviour of individuals who are evacuating the volcano and the dynamics of the hazard itself, the overall risk in those times and places is extremely high. These outcomes are extremely relevant for the stakeholders, and the work of coupling an ABM, MCE, and dynamic volcanic hazard is both novel and contextually relevant.

Delmarva farmers interested in learning more about protecting commodities revenue and crop insurance sign-ups before the March 15 deadline can attend a free risk management workshop next month. The March 5 event will be 8 a.m. to 3:30 p.m. at the Carvel Research and Education Center, Georgetown.

Media: Images of fire ants can be found at the Center for Invasive Species and Ecosystem Health. DOVER, Del. – The Delaware Department of Agriculture (DDA) is alerting local businesses and purchasers of tropical nursery stock of the recent detection of fire ants in a shipment of palm trees imported from Florida. The red imported […]

April Designated as Lung Cancer Screening Awareness Month DOVER – Dramatic “before-and-after-smoking” inflatable lungs shared center stage with Governor John Carney as he urged Delawareans at high risk of lung cancer to get life-saving screenings. Governor Carney proclaimed April as Lung Cancer Screening Awareness Month in Delaware at the Delaware Cancer Consortium’s (DCC) annual retreat […]

As part of National Alzheimer’s Awareness Month, the Delaware Division of Public Health (DPH) urges Delawareans to make lifestyle adjustments to help reduce their risk factors for Alzheimer’s and dementia.

NEW CASTLE (March 9, 2020) – The Delaware Division of Public Health (DPH) advises older Delawareans and people with severe chronic health conditions to follow guidance issued by the Centers for Disease Control and Prevention (CDC) encouraging them to “avoid crowds as much as possible” as a way to reduce their risk of contracting coronavirus […]

NEW CASTLE (March 12, 2020) – The Department of Health and Social Services (DHSS) is recommending that all Delaware nursing homes, long-term care facilities and adult day-care centers temporarily end visitation as a way to reduce the risk of residents and clients contracting coronavirus disease (COVID-19). The recommendation follows the Centers for Disease Control and […]

The objective of a good asset allocation plan is to develop an investment portfolio that helps you reach your financial goals with the degree of risk you find comfortable

Investors should continue to invest in small savings schemes as the interest rates are still higher than that of bank FDs. They should look at tax-free bonds and avoid company deposits.

Though there is an additional 15-day grace period due to the Covid-19 lockdown for renewal of insurance policies, pay the premium if you have the cash flow. And buy a health insurance plan if you don’t have one

Debt schemes of mutual funds for long have been seen as low risk, but shuttering six schemes and leaving investors in a lurch will impact investor sentiment.

As credit risk funds may see redemption pressure because there are no takers for lower-rated paper, investors can opt for liquid and overnight funds.

Gold plays an important role as a diversifier in a portfolio due to its less than perfect correlation with other asset classes.

Many of the buzzy applications of AI in healthcare we hear about involve medical IoT, computer vision for radiology or disease prediction. But the fact is, many health institutions that just aren’t there yet with adoption. With limited budgets and dated systems, can public health agencies tap into the power [...]

The post Can AI in healthcare help us identify high-risk people across systems? appeared first on Government Data Connection.

All regions in China have seen their risk level downgraded to the lowest level starting Thursday, state-run China Daily reported.

But campaign group concerned about selected modelling tools

Indonesia’s Lion Air firms up moves to drop a $22 billion order for the 737 in favour of the Airbus jet, according to a person with knowledge of the plan.

To tackle the current crisis arisen from the COVID-19 outbreak and the consequent nationwide lockdown, the government and the RBI have announced many measures to ease the stress of businesses. 

NBFCs have been asking for a bail-out in the form of a government credit guarantee or a TARP –like structure.

Fusarium wilt with tropical race 4 (TR4) strain is a soil-borne fungal disease that affects mainly cavendish varieties of banana.

There are a number of best practices that can work to improve your organization’s security posture. Following these will help you put the right defenses in place, and become the building blocks of a solid plan to ensure you react to a breach.

DomainTools is providing a free, curated list of high-risk COVID-19-related domains to support the community during the Coronavirus crisis. The list will be updated daily and available for CSV download.

This Metasploit module abuses a known default password in IBM Data Risk Manager. The a3user has the default password idrm and allows an attacker to log in to the virtual appliance via SSH. This can be escalate to full root access, as a3user has sudo access with the default password. At the time of disclosure, this is a 0day. Versions 2.0.3 and below are confirmed to be affected, and the latest 2.0.6 is most likely affected too.

Asterisk Project Security Advisory - The RTP support in Asterisk maintains its own registry of dynamic codecs and desired payload numbers. While an SDP negotiation may result in a codec using a different payload number these desired ones are still stored internally. When an RTP packet was received this registry would be consulted if the payload number was not found in the negotiated SDP. This registry was incorrectly consulted for all packets, even those which are dynamic. If the payload number resulted in a codec of a different type than the RTP stream (for example the payload number resulted in a video codec but the stream carried audio) a crash could occur if no stream of that type had been negotiated. This was due to the code incorrectly assuming that a stream of the type would always exist.

Asterisk Project Security Advisory - A memory leak occurs when an Asterisk pjsip session object is created and that call gets rejected before the session itself is fully established. When this happens the session object never gets destroyed.

IBM Data Risk Manager (IDRM) contains three vulnerabilities that can be chained by an unauthenticated attacker to achieve remote code execution as root. The first is an unauthenticated bypass, followed by a command injection as the server user, and finally abuse of an insecure default password. This module exploits all three vulnerabilities, giving the attacker a root shell. At the time of disclosure, this is a 0day. Versions 2.0.3 and below are confirmed to be affected, and the latest 2.0.6 is most likely affected too.

Many nonprofits handle sensitive personal information belonging to community members — whether it's names or email addresses or payment information. But are you handling this data properly to prevent a data breach?

This post is by no means exhaustive — after all, every nonprofit handles different sorts of data, and each organization has different security needs. That said, these are some practical things to think about when you review your handling of sensitive personal information.

#1 Risk: Malware and Software Vulnerabilities

The Problem

This one may seem obvious, but with so many other security risks out there, it's easy to forget that malware still poses a major threat to your organization's data.

How You Can Mitigate It

To start, make sure you have antivirus software installed, and that it's up to date. In addition, you'll want to make sure your operating system and any software installed are also up to date, with all security patches installed.

Beyond that, be careful what you click on. Don't download and install software from sites you don't trust. Be careful of the email attachments and links you click on — even from people you know. If you aren't expecting a file or link, click with caution.

#2 Risk: Ransomware

The Problem

Ransomware is an especially insidious form of malware that holds your computer or data hostage unless you pay a sum of money to a criminal actor. Oftentimes, ransomware will encrypt your data, preventing you from accessing it. And according to Symantec's Director of Security Response Kevin Haley, some forms of ransomware will threaten to publicly release your data.

How You Can Mitigate It

Aside from up-to-date antivirus software and taking steps to avoid infection in the first place, there isn't a ton you can do to deal with a ransomware attack once your data's been encrypted.

In that case, according to Haley, keeping up-to-date backups of your data is your best bet. That way, you'll be able to get back up and running quickly with minimal data loss. (TechSoup offers backup and recovery solutions from Veritas.)

#3 Risk: Public Wi-Fi

The Problem

Public Wi-Fi is generally fine for some things, such as browsing cat videos on YouTube, or catching up on the headlines. However, for anything involving sensitive personal information, it's a security disaster waiting to happen. Bad actors could potentially eavesdrop on what you're doing while using public Wi-Fi, leaving your data and work open to prying eyes.

How You Can Mitigate It

First off, avoid using public, unsecured Wi-Fi when handling sensitive information — whether it's internal organizational data or your own personal banking information. Using a wireless hotspot, like those from Mobile Beacon (offered through TechSoup), instead of public Wi-Fi is an easy way to keep your data more secure.

If you can't avoid public Wi-Fi, a virtual private network (VPN) is a good option — VPNs secure data between your computer and the website you're visiting. Not all VPNs provide the same level of security, though, and you'll need to make sure your VPN of choice conforms to any data security regulations that your organization may be subject to. See our previous overview of VPNs for more.

#4 Risk: Inappropriate Sharing of Sensitive Information

The Problem

Sharing sensitive information via email, messaging apps, or similar means is a risky proposition.

Email is a notoriously insecure method of communication. Email accounts are often the target of data breaches and phishing attacks. (A phishing attack is where an attacker tries to steal your account information by tricking you to enter your account information on a phony login page.)

And whether it's through email or messaging app, it's all too easy to accidentally leak data by sharing it with the wrong person.

How You Can Mitigate It

Avoid sending sensitive information to colleagues via email. It's easier said than done, we know. Maybe you need to share a list of donor contact information with your marketing department, for example. Consider uploading it to a secure file server on your network that can only be accessed by others in the office.

If your organization uses a cloud storage service like Box, consider using that instead — so long as it meets your organization's security needs. These cloud storage services usually encrypt data you upload to prevent it from getting stolen. You may also want to consider using constituent relationship management (CRM) software, a tool designed specifically to store and manage your organization's contacts.

In addition, pay attention to access permissions. If you can, restrict access to sensitive information to only those who need it. Revisit your permissions settings regularly and update them as needed.

To prevent your user accounts from being compromised in the first place, practice good account security hygiene. Use strong passwords and require your staff to use two-factor authentication.

#5 Risk: Handling Credit Card Data

The Problem

A breach involving credit card data can be embarrassing for your organization, but it could wreak financial havoc on your members and supporters. All it takes is for hackers to grab a few pieces of information to rack up credit card debt in your supporters' names.

How You Can Mitigate It

Securing credit card information is important, but you don't have to make it up as you go. Make sure your organization conforms to payment card security standards. The Payment Card Industry Security Standards Council, as well as banks and credit card issuers, provide guidelines on how to best handle credit card information to prevent breaches.

Has your nonprofit recently encountered any other notable risks? Tell us about it in the comments!

spanhidden

Computer and network security is an ever-evolving field. As technology advances, cybercriminals find new ways to exploit vulnerabilities in order to get at your personal, financial, or organizational data. We recently spoke with Symantec's Director of Security Response Kevin Haley to get an idea of what threats you'll face in the next year or two.

In short, expect a continuation of common threats like ransomware, as well as the emergence of new threats from connected devices and the so-called Internet of Things. Plus, keep an eye out for the resurgence of an old threat made new.

Ransomware with a Twist

Ransomware — malicious software that locks your data or otherwise compromises your computer in an attempt to extort money — is not a new threat. It's been around for a number of years in various forms. But according to Haley, a new form of ransomware doesn't just lock your files; instead, it threatens to publicly release your data unless you pay up.

For many individuals, this may simply mean an embarrassing leakage of personal data — browser history, emails, photos, and so on. For a nonprofit, especially one that deals with sensitive sociopolitical issues, the possibility of data leakage can have more serious ramifications. It could pose a threat to the community you serve.

Email That Looks Like It Came from a Co-worker

In traditional phishing attempts, scammers create an email that appears to be from a legitimate source — say, Google, Amazon, or Apple. Then they attempt to steal account information, such as usernames and passwords. But in an emerging form of phishing, hackers may use emails purportedly from co-workers or business associates to try to steal information from your organization.

For example, Haley says, you may receive an email from a vendor or a colleague asking for specific pieces of information (such as tax forms) or for money outright. The only problem is that these emails originate from scammers, not your colleagues. And once you email an important piece of information to these impersonators, there's no way to get it back.

With proper data handling, though, you can avoid these sorts of nightmares. See our recent post, 5 Data Security Risks for Nonprofits (and How to Fix Them), to learn more.

The Internet of Things Can Make People Vulnerable

From smart locks to Internet-connected appliances, the Internet of Things promises to change the way we interact with all sorts of items within our homes and offices. But with this comes the potential for security headaches.

According to Haley, these "smart" devices are rarely protected properly, and are easy to infect with malware. And this isn't just an issue that may cause problems some years down the line. Last year, as CNET reported, a network of malware-infected DVRs and webcams overloaded a number of popular websites and online services, temporarily knocking them offline.

Word Macro Viruses Make a Comeback

Perhaps the most surprising threat Haley warned about was the revival of Word macro viruses.

Macro viruses use Microsoft Word's macro programming feature — typically used to automate certain tasks within Word — to infect your computer. Macro viruses have been around for many, many years. And Word disables macros by default: If you open a Word document with a macro, you'll have to click a button to tell Word to turn on any macros within that document.

With this new wave of macro viruses, however, criminals employ social engineering trickery to goad you into turning on macros, allowing the macro virus to do its thing.

Fortunately, you can easily protect yourself from getting infected. First, don't open file attachments from people you don't know. If you receive a Word document with macros from someone you do know, confirm with that person to make sure that they intended to send the macros and that they are safe to run.

As Always, Vigilance Is Key

Although specific threats may evolve over time, good security practices never go out of style. Use a security software package and keep it updated. Enforce good account security practices within your organization.

Don't open file attachments from people you don't know, and don't open unexpected file downloads. Secure all your devices as best you can. And if something seems fishy — perhaps that email from your boss doesn't seem quite right — don't be afraid to question it.

By taking small steps like these, you might save yourself — and your organization — some serious pain.

spanhidden

Escalation in protests across the globe in 2019 are forecast to persist into the new decade, according to Verisk Maplecroft report.

Severe threats to the environment accounted for all of the five most likely long-term risks in the WEF’s Global Risks Report 2020.

Despite recurrent challenges, Afghanistan’s business environment is improving. Now the authorities are working to persuade investors the rewards are worth the risk through a series of economic and legal reforms. 

India’s ambitious plan to take the leadership position among nations as one of largest producers of renewable energy may have run into some unfavorable weather.

President Donald Trump said he was not willing to sacrifice the abundant fossil energy wealth of the U.S. on “dreams” such as renewable power.

India’s ambitious plan to take the leadership position among nations as one of largest producers of renewable energy may have run into some unfavorable weather.