Category: News

Sanctioning Terrorist Activities by Iran, Accelerating Disaster Assistance and Expanding Healthcare Opportunities for Native Americans

3 min read

HR 589, HR 3152, S 1528, S 70, S 460, S 1271MAHSA Act (HR 589) – The Mahsa Amini Human Rights and Security Accountability (MAHSA) Act is a bipartisan bill that was introduced on Jan. 27 by Rep. Jim Banks (R-IN). The purpose of this bill is to impose sanctions on the leaders of Iran for supporting human rights abuses and terrorism. The sanctions block both property and visas owned by certain foreign individuals and entities affiliated with Iran. The bill passed in the House on Sept. 12 and currently resides in the Senate.

Fight CRIME Act (HR 3152) – This bipartisan bill was introduced by Rep. Michael McCaul (R-TX) on May 9. It imposes visa- and property-blocking sanctions specific to Iran’s missile-related activities, including acquiring, developing, transporting, or deploying missiles or related items, such as drone technologies. These sanctions also may be imposed on adult family members of people directly involved, as well as foreign individuals and entities that engage in transactions and knowingly provide support for the Missile Technology Control Regime (MTCR). This legislation was passed in the House on Sept.12 and is under consideration in the Senate.

Disaster Assistance Simplification Act (S 1528) – This bipartisan bill aims to facilitate streamlined information sharing among federal disaster assistance agencies, accelerate life-saving assistance to disaster survivors, and expedite the ability for communities to recover from disasters, as well as other purposes. The legislation was introduced by Sen. Gary Peters (D-MI) on May 10 and was passed in the Senate on July 27. It is presently under review in the House.

Tribal Trust Land Homeownership Act of 2023 (S 70) – Introduced by Sen. John Thune (R-SD) on Jan. 25, this bill mandates that the Bureau of Indian Affairs expedite processing and completion of residential and business mortgage applications within certain deadlines (e.g., provide approval or disapproval within 20 or 30 days, depending on the type of application). The bipartisan bill passed in the Senate on July 18 and is currently under consideration in the House.

Urban Indian Health Confer Act (S 460) – This Act, introduced by Sen. Tina Smith (D-MN) on Feb. 15, passed in the Senate on July 18 and is currently in the House. Its purpose is to expand the requirements of the Indian Health Service (IHS) on matters relating to both American Indians and Alaskan Natives. At present, the IHS is required to confer only with urban Indian organizations. However, this new bill would mandate that the U.S. Department of Health and Human Services (HHS) ensure that the IHS and other agencies consult on matters related to the Indian Health Care Improvement Act, as well as other healthcare provisions for Native Americans. The Act passed in the Senate on July 26 and has been forwarded to the House.

FEND Off Fentanyl Act (S 1271) – The objective of this bill is to impose sanctions on individuals, cartels and transnational criminal organizations involved in trafficking illicit fentanyl and related products. The legislation was introduced by Sen. Tim Scott (R-SC) on April 25 and was assigned to the committee for review on June 21. This bipartisan bill is co-sponsored by 32 Republicans, 32 Democrats and two Independents. It has a high probability of being passed by both houses and enacted by the president.

Securing Your Identity: The Role of Decentralized Identity Systems in Data Breach Prevention

4 min read

How to Securing Your IdentityData breaches have been on the rise as cybercriminals keep coming up with new ways to steal user-sensitive information. Just in the second quarter of 2023, 110.8 million user accounts were breached. Of these accounts, 49.8 million were from the United States, accounting for 45 percent of the global figure. However, amid the rising threats, a revolutionary concept known as decentralized identity systems has created a solution to reduce data breach cases.

Data Breaches and the Current State of Identity Management

A data breach happens when unauthorized individuals or entities gain access to sensitive information, often for malicious purposes. These breaches can happen to anyone, from individuals to large corporations, and they come with severe consequences that could include financial losses, reputation damage, and identity theft.

The current identity systems are centralized and have inherent vulnerabilities and limitations. These centralized identity systems involve a central authority, such as a government agency or a corporation, storing and managing individuals’ personal information. This means that if a hacker breaches the central authority’s security, he or she gains access to a vast amount of sensitive data.

Furthermore, since the centralized systems often collect extensive personal information, the practice raises concerns about data privacy. The entities storing user data predominantly control and monetize it, which has led to discomfort and distrust among users.

The centralized systems also create a fragmented user experience. This is because different platforms, such as social media, online retailers, news websites, etc., require users to create accounts. Users then must juggle multiple usernames, passwords, and data formats, complicating the digital experience. Businesses also incur high costs associated with ensuring secure systems, the latest infrastructure, and compliance.

How Decentralized Identity Systems Can Help Prevent Data Breaches

Decentralized identity systems are an alternative to centralized identity management. These systems put individuals in control of their own digital identities. The decentralized identity systems are enabled by technologies such as Web3, a concept based on a trust framework for identity management. Web3 evolution has led to decentralized identifiers, and this allows for secure management of user data and authentication through blockchain wallets.

Using blockchain technology ensures the security and immutability of identity data. Once information is added to the blockchain, it cannot be altered or deleted without the user’s consent.

However, they allow users to have control over their identity information. Users choose what data to share and with whom, enhancing privacy and security. There is no need for third parties to verify user identity.

Since users store data on their devices or a location they choose, it eliminates single points of failure. Instead of a centralized authority, identity data is distributed across a decentralized network of nodes. Additionally, these systems use advanced cryptographic keys, allowing only the user to access their data.

Decentralized identity systems are already making an impact in various industries, such as healthcare, financial services, and government services. The security benefits of decentralized identity include:

  • Enhanced Security

Decentralized identity systems offer robust security measures. With data stored on a blockchain, it becomes exceedingly difficult for hackers to breach the system. Even if one node is compromised, the decentralized nature of the network ensures that other nodes maintain the integrity of the data.

  • Privacy Control

Users regain control over their personal information. They decide what data to share and retain the ability to revoke access at any time. This puts an end to excessive data collection by corporations and governments.

  • Reduced Identity Theft and Fraud

Decentralized identity systems make it incredibly challenging for fraudsters to impersonate individuals or access their data. This significantly reduces the risk of identity theft and related fraudulent activities.

  • New Economic Models
    Decentralized identity models can create new economic models where consumers are awarded when they choose to share their data with service providers.

While decentralized identity systems offer promising solutions, they are not without challenges. The widespread adoption of decentralized identity systems presents scalability challenges. Another challenge is usability, as complexity can deter individuals and businesses from embracing this technology. The need for a regulatory framework is another challenge, as it is necessary to address factors related to legal and compliance.

Conclusion

Decentralized identity systems offer hope in an age where data breaches are a constant threat. These systems can revolutionize how users secure their digital identities by putting control back into individuals’ hands. While challenges exist, the benefits of enhanced security, privacy control, and reduced fraud make decentralized identity systems a promising solution in the ongoing battle against data breaches.

Work and Social Security Benefits

4 min read

Working and Social Security BenefitsYou can work and still receive Social Security benefits, but how much you receive depends on a number of factors.

First, if you do plan to continue working after becoming eligible to receive benefits, you might consider delaying filing for benefits for as long as possible. That’s because the earlier you begin drawing benefits, the lower the amount you will receive. In fact, your monthly payout will be permanently reduced from what you’ll receive if you wait until full retirement age (FRA).

Your FRA depends on the year you were born (note that for people born on Jan. 1 of any year, they should refer to the previous year):

  • Born 1943-1954: full retirement age is 66
  • Born in 1955: 66 plus two months
  • Born in 1956: 66 plus four months
  • Born in 1957: 66 plus six months
  • Born in 1958: 66 plus eight months
  • Born in 1959: 66 plus 10 months
  • Born in 1960 or later: 67

Benefit Reduction Due to Work

If you are working and begin drawing benefits before your full retirement age, your payout could be further reduced if you earn more than the prescribed income limit. In 2023, the annual earnings limit is $21,240. In this scenario, Social Security will deduct $1 from your benefits for each $2 in excess of the limit.

Benefit Reduction in Your FRA Year

The benefit reduction amount and the earned income limit both change the year you reach FRA. In 2023, the earned income limit is $56,520. In this year only, the reduction is adjusted to $1 for every $3 in excess of $56,520, but only up until the month you reach FRA. After that, there will no longer be a reduction due to work income.

In the first full month after your FRA, Social Security will begin paying out your total eligible amount (which depends on the age you started drawing benefits) for any whole month after FRA, regardless of how much more you earn that year (and every year thereafter). In other words, from that point on, you will receive the full amount you were eligible for at the age you began drawing benefits.

You might wonder if you will ever receive the money that was held back due to your excess income. The answer is yes. Starting the following January, after you turn full retirement age, your Social Security benefit will increase to reflect those previously lost benefits.

Work Advantages

If working while drawing Social Security seems like a bad idea, consider that you could benefit from a couple of advantages. First, the automatic benefit reductions that occur while you’re working will help reduce your income tax liability for those years. Second, your work income could increase your permanent Social Security payout if any or all of those years before FRA are among your 35 highest-earning years. As you continue to pay FICA taxes on your work income, the benefit is recalculated every year. This is a way to increase your lifetime benefit if you begin drawing Social Security early.

Work Until Age 70

The most strategic way to earn the highest possible lifetime benefit from Social Security is to keep working and delay drawing Social Security benefits until age 70. This is because during the years between your official FRA and the month you turn 70, you can earn additional credits that reward you for delaying. This will permanently bump up your payout.

If You Go Back to Work

Also, be aware that if you’ve already started drawing Social Security benefits but wish you hadn’t, you can cancel your application as long as you do so in the first 12 months. Note that you are required to pay back all of the money you received from Social Security, including any spousal benefit that was based on your earnings record and all Medicare premiums that were deducted from your benefits. However, doing so could reset your benefit to a higher amount when you reapply later – if your subsequent annual income counts among your highest 35 years of earnings.

If you have already reached your full retirement age (but have not yet turned age 70), you no longer have the option cancel your application. However, you can have your Social Security benefit suspended, which might reduce your tax bill while you continue working.

Monitoring Trade Agreements with Taiwan, Promoting Plain-Language Rules, and Expanding Recruiting and Training for Law Enforcement

3 min read

Monitoring Trade Agreements with Taiwan, Promoting Plain-Language Rules, and Expanding Recruiting and Training for Law EnforcementUnited States-Taiwan Initiative on 21st-Century Trade First Agreement Implementation Act (HR 4004) – This bipartisan bill was introduced on June 12 by Rep. Jason Smith (R-MO). The purpose of this bill is to convey approval by Congress of the June 1 trade agreement between the United States and Taiwan. The bill addresses customs administration and regulatory practice issues, as well as dictates conditions for negotiations of subsequent trade agreements. Among its provisions, the bill requires that the U.S. Trade Representative share all negotiating texts with Congress prior to being sent to Taiwan or any parties outside of the executive branch. The bill passed in the House on June 21 and in the Senate on July 18. It was signed into law by the President on Aug. 7.

Providing Accountability Through Transparency Act of 2023 (S 111) – This bill, which was signed into law on July 25, requires each agency to provide a 100-word plain language summary of each new proposed rule posted at regulations.gov. The legislation was introduced by Sen. James Lankford (R-OK) on Jan. 26; passed in the Senate on June 22; and in the House on July 17.

Securing the U.S. Organ Procurement and Transplantation Network Act (HR 2544) – This bipartisan bill was introduced by Rep. Larry Bucshon (R-IN) on April 10. It modifies operations of the Organ Procurement and Transplantation Network, which is managed by the Health Resources and Services Administration (HRSA). In the past, the network of professionals was managed by only one organization, but this new bill allows the HRSA to award multiple grants, contracts or cooperative agreements for network management. The legislation was passed in the House on July 25, in the Senate on July 27 and is currently awaiting signature by President Biden.

Strong Communities Act of 2023 (S 994) – Introduced by Sen. Gary Peters (D-MI) on March 28, this bill permits funding by the Community Oriented Policing Services (COPS) grant program to be used to train officers and recruits who agree to serve in law enforcement agencies in their local communities. The bipartisan bill passed in the Senate on July 26 and is currently under consideration in the House.

Recruit and Retain Act (S 546) – Introduced by Sen. Deb Fischer (R-NE) on Feb. 28, this bill expands the Community Oriented Policing Services (COPS) grant program to enable law enforcement agencies to use funding for recruitment activities such as career and job fairs, as well as lower application fees for things like background checks, testing and psychological evaluations. The Act passed in the Senate on July 26 and has been forwarded to the House.

 

 

Department of Veterans Affairs Office of Inspector General Training Act of 2023 (S 1096) – This Act would require new Veterans Affairs (VA) employees to undergo training on how to report misconduct, respond to requests from and cooperate with the Office of the Inspector General. The bill was introduced on March 30 by Sen. Margaret Hassan (D-NH) and was passed in the Senate on July 13. Its fate now rests in the House.

How Businesses Can Leverage Data and Personalization for Targeted Campaigns and Growth

4 min read

Data and Personalization, Targeted CampaignsMarketing efforts today depend on collecting, analyzing, and leveraging data to make informed decisions. Therefore, business owners need to understand how to harness the power of data and personalization to create targeted campaigns that drive growth.

Importance of Data and Personalization in Modern Business

Businesses today collect loads of data, enabling them to understand their customers’ preferences, behaviors and interests. The data comes from different channels, such as a business website, emails, or social media. It is then used to identify patterns and trends to make informed marketing decisions. This yields valuable insights that help craft highly personalized and effective marketing strategies.

Data is the foundation of personalization strategies. Personalization involves tailoring customer experiences to meet individual interests, needs, and preferences. It aims to build strong customer relationships, encourage engagement, and drive revenue and growth.

Personalization takes different approaches, such as recommendations based on previous purchases, creating unique landing pages, or sending emails based on customer browsing behavior. For example, e-commerce websites recommend products based on user browsing history and search queries.

Business owners can’t afford to ignore personalization since customers today are more informed, can easily access information, have more options, and have more control over purchase decisions. Furthermore, customers are more demanding and want to be recognized as individuals, expecting to receive personalized experiences. This has rendered traditional, one-size-fits-all marketing strategies obsolete.

How Businesses Can Use Data and Personalization for Targeted Campaigns and Growth

Using a data-driven approach, a business can create campaigns that deliver the right message to the right audience at the right time by doing the following:

1. Audience segmentation

Capturing the attention of a specific audience segment leads to higher conversion rates. To do this, a business can leverage data insights to segment the target audience. This means it is possible to categorize potential customers based on demographics, interests, or browsing behavior.

2. Crafting personalized content

Once segmentation is complete, it becomes possible to create tailored campaigns that resonate with each segment’s unique preferences. Aside from addressing customers by their names, it involves delivering content that speaks directly to their needs, interests, and pain points. This could include product recommendations based on past purchases or sending targeted offers that align with customer browsing history.

3. Omnichannel personalization

Customers interact with businesses using various channels, such as a business website, social media, emails, and mobile apps. A business can integrate data and personalization efforts to ensure a seamless journey for customers, regardless of where they engage. Additionally, it is crucial to deliver consistent and personalized experiences across these channels.

4. Continuous improvement in data-driven campaigns

Data insights also help guide businesses on the most suitable content and distribution strategies. They can analyze types of content performing well and in which channels. For example, a business can conduct A/B testing to compare campaign and content variations to identify the most effective approach for each segment.  

5. Measuring and analyzing results

To establish the effectiveness of personalized campaigns, a business will need to develop clear key performance indicators (KPIs) and measurement methods. One way to measure the impact of personalization is through customer engagement. This is done by measures such as click-through rates on personalized emails, customer retention rates, customer lifetime value, customer feedback, and number of sales.

It is worth noting that to make the most out of data insights. It is helpful to invest in advanced analytics tools or collaborate with data experts.

6. Adapting to changing trends

The digital landscape is evolving constantly, with new technologies and trends emerging regularly. Businesses must stay updated on these changes and adapt their personalization strategies accordingly. Remaining flexible and open to innovation ensures that the company’s targeting efforts are relevant and effective.

Data Privacy and Security

Although personalization in modern business is crucial, it must be balanced with privacy concerns. First, a business must be transparent about the data it collects and how it will be used. In addition, businesses need to be careful with the data they collect. They must ensure data security by safeguarding data storage and using safe transmission methods, have access control limits, and regularly audit data privacy policies and practices. Customers should be allowed to opt out of data collection and personalization efforts easily.

Customer data must be well protected to ensure compliance with relevant regulations. It also helps build trust with customers. Besides, a breach of trust can severely affect a business’s reputation and growth.

Widow/er Social Security Benefits

5 min read

Widower Social Security BenefitsA widow or widower is eligible for a survivor’s benefit from Social Security even if they never worked – as long as the deceased spouse qualified for benefits based on his or her own income record. Also, note that surviving spouses must have been married to their most current spouse for at least the nine months prior to their passing or for 10 years if the couple was divorced.

When Can You Claim?

A widow/er may apply for benefits once she turns age 60, age 50 if she qualifies as disabled or if she is responsible for the care of a child under age 16 (or a mentally or physically disabled child aged 16 or older). However, if the widow/er applies for a surviving spouse’s benefit starting at age 60/50, that benefit will be permanently reduced from the maximum amount available if she were to wait until her own full retirement age.

What Is Full Retirement Age for the Widow/er?

For anyone born from 1945 to 1955, their full retirement age (FRA) is 66. If born between 1955 and 1959, FRA increases by two months each year from age 66 to 67. FRA is age 67 for anyone born in 1960 or later.

How Much Can You Get?

First and foremost, all Social Security beneficiaries receive the highest benefit for which they qualify. Therefore, if a surviving spouse would receive a higher benefit from her own record of earnings than that of the deceased spouse, then that’s the amount she will receive.

If the deceased was receiving Social Security disability benefits when he passed, the survivor benefit is based on the deceased’s disability benefit.

Normally, the spousal benefit equals half the benefit of the higher-earning spouse. However, the surviving spouse’s benefit equals 100 percent of what the deceased worker would have received, including any delayed retirement credits he earned by postponing benefits to age 70.

The minimum surviving spouse benefit at age 60 is 71.5 percent of the available amount. This represents a permanent loss of 28.5 percent of the benefit available at FRA. The widow/er benefit is reduced for each month shy of his or her own FRA, so the closer they get to FRA before applying, the higher the benefit. The amount freezes once they begin drawing benefits, although it will increase incrementally based on cost-of-living adjustments.

The maximum benefit a widow/er may receive is 100 percent of what the deceased spouse would receive if he was still alive. However, that amount may already be reduced. For example, if the deceased began drawing benefits at age 62 instead of waiting until FRA, then that is the maximum benefit the widow/er is eligible for. If she begins drawing early before her own FRA, that benefit will be reduced further.

Ideally, the deceased will not have started receiving Social Security before his death. In this scenario, even if he died in his 50s, his maximum benefit is what he would have received at FRA. Now it’s up to the widow/er to time her survivor benefit – she can wait until her own FRA or take a permanently reduced benefit.

Delay Strategy

One strategy a widow/er may want to consider is to begin her own benefit at age 62, even if it is less than what she would draw as a survivor. Then, she can delay drawing the survivor benefit until it grows higher – ideally, the highest benefit at her FRA.

If the widow/er does not have her own benefit from earnings or can’t live on that amount alone, she may want to withdraw income from other sources, such as retirement savings or an annuity. While that may reduce her overall net worth, it’s important to remember that the Social Security benefit continues for life, so it may be worthwhile to get the highest benefit possible. Other accounts, such as an IRA or 401(k), will stop paying out income once they are depleted.

If the widow/er has a stronger earnings record, another option is to begin drawing the survivor’s benefit early and delay taking her own benefit until FRA or age 70, to receive a higher benefit for life based on her own record. Once she applies for her own benefit, the payout will increase to a higher amount.

Seek Professional Advice

Knowing when to begin drawing a widow/ers benefit can be challenging. The best option is usually based on factors such as other income resources and even the widow’s health. If in poor health and not expected to live many years, it may be wise to begin the survivor’s benefit as soon as possible. Otherwise, it’s probably better to wait and get a higher payout for as long as she lives.

Another thing to keep in mind is that if the widow/er doesn’t know the deceased spouse’s FRA benefit at the time of death, she is not likely to find out until age 60. The Social Security shuts down the deceased’s account at death and won’t reveal the benefit until the widow/er is of qualifying age to begin receiving it. It’s always a good idea for both spouses to check (and share with each other) their accrued benefits each year so that they have accurate numbers to plan with in case one spouse passes away.

Compensating Service Members and Establishing Rules and Procedures for Ethical Matters

3 min read

S 467,S 777,S 30,S 822,S 829,S 359,HR 3831CADETS Act (S 467) – This bipartisan bill was introduced on Feb. 16 by Sen. Gary Peters (D-MI). The purpose of this bipartisan bill is to change the age requirements (previously limited to age 25 and younger) for the Student Incentive Payment Program. This program provides financial support to cadets of state maritime academies who enlist or commission in the Navy Reserve at the time of their graduation. The bill passed in the Senate on March 29 and in the House on June 14. It was enacted on June 30.

Veterans’ Compensation Cost-of-Living Adjustment Act of 2023 (S 777) – This bipartisan bill, which was signed into law on June 14, requires the Department of Veterans Affairs to increase the amount of wartime disability compensation by the same percentage as the cost-of-living increase benefits for Social Security recipients, effective on Dec. 1, 2023. The bill also authorizes a similar adjustment to compensation for people who have not received compensation for a service-connected disability or death. The bipartisan bill was introduced by Sen. Jon Tester (D-MT) on March 14.

Fiscal Year 2023 Veterans Affairs Major Medical Facility Authorization Act (S 30) – This Act authorizes the development of and funding for major medical facility projects by Department of Veterans Affairs during this fiscal year. The bill was introduced by Sen. Jon Tester (D-MT) on Jan. 24. The legislation was passed in the Senate on March 21, in the House on June 20, and was signed into law by President Biden on July 18.

Modification to Department of Defense Travel Authorities for Abortion-Related Expenses Act of 2023 (S 822) – Introduced by Sen. Joni Ernst (R-IA) on March 15, this bill would reverse the Pentagon’s new policy of paying for travel if a military service member goes outofstate for access to reproductive health care. The new rule was in response to recent state laws that functionally banned abortion in locations where military bases are located. Support for the Act is generally split among partisan lines, with Republicans advocating and Democrats opposing. A similar bill has been introduced in the House. The Senate bill is currently under committee review.

Disclosing Foreign Influence in Lobbying Act (S 829) – This bill was introduced in the House by Sen. Chuck Grassley (R-IA) on March 16. It mandates that registered lobbyists must disclose their relationship with any foreign countries or political parties involved in the direction, planning, supervision or control of the lobbyist’s activities. This bipartisan bill (co-sponsored by four Democrats, two Republicans and one Independent) passed in the Senate on June 22. It has been forwarded to the House for consideration.

Supreme Court Ethics, Recusal and Transparency Act of 2023 (S 359) – This Act is designed to strengthen the code of ethics to restrain inappropriate activities of U.S. Supreme Court Justices. Provisions of the bill include expanding circumstances under which a judge must be disqualified; adopting rules for the disclosure of gifts, travel and income received by the justices and law clerks; and establishing procedures to receive and investigate complaints of judicial misconduct. The bill was introduced on Feb. 9 by Sen. Sheldon Whitehouse (D-RI) and is awaiting a formal report out of committee.

AI Disclosure Act of 2023 (HR 3831) – This legislation, introduced on June 5 by Rep. Ritchie Torres (D-NY), would require that any content produced by AI (which includes ChatGPT) be accompanied by a disclaimer that reads: “This output has been generated by artificial intelligence.” The bill has yet to be assigned to committee for review.

Insider Threats: Identifying, Mitigating and Preventing Internal Security Risks in Organizations

4 min read

Insider ThreatsOne of the most devious and often underestimated dangers in cybersecurity comes from within an organization. These dangers originate from individuals within the organization who have access to sensitive data and systems, making them potentially dangerous adversaries capable of causing significant harm. Understanding, identifying, mitigating, and preventing these internal security risks are paramount for safeguarding an organization’s assets and preserving its integrity.

What is an Insider Threat?

Insider threats are security risks posed by employees, contractors, vendors, or anyone who has access to an organization’s data or systems. Accidental or intentional insiders cause internal threats. An accidental insider could unknowingly cause breaches due to negligence, human error or falling prey to social engineering tactics. For example, an employee clicks on a link in a phishing email, causing a malware infection.

On the other hand, insiders can intentionally engage in data theft, sabotage, or intellectual property theft, driven by motives such as financial gain, revenge or espionage.

A good example took place in May 2022 when a Yahoo employee stole trade secrets after receiving a job offer from The Trade Desk, a competitor. Another example is that of an employee fired from Stradis Healthcare who hacked into the former employer’s network in March 2020 and deleted critical shipping data.

According to the 2023 Insider Threat Report by Cybersecurity Insiders, 74 percent of organizations say insider attacks have become more frequent. The same percentage of organizations also believe they are at least moderately vulnerable to insider threats.

Experts attribute the rise in insider threats to various factors, including the effect of economic instability leading to businesses focusing on revenue growth and leaving gaps in security investments. There also has been an increase in layoffs in the tech industry that can result in disgruntled ex-employees doing damage as they leave the workplace. Overworked employees also might cut corners that create security issues, such as configuration, system access or unused accounts. Insider threats are also made more complex as many organizations migrate their workloads to the cloud, introducing new challenges.

How to Identifying Insider Threats

Insider threats are difficult to detect. However, it helps to look out for compromise indicators such as inappropriate behavior. Here is a more specific list of red flags:

  • Unusual access and log in, especially from an insider who doesn’t have certain access rights to data or systems.
  • Abnormal network search activity for sensitive information on networks, intranets, databases, or applications.
  • Unusual copying or downloading of sensitive information to an unauthorized destination such as email or removable media.
  • Misuse of tools, either foreign or installed. Detecting unfamiliar tools on a system is a compromise indicator. However, a savvy insider may even use trusted enterprise tools to execute an attack. In such a case, behavior such as access to a system outside regular working hours or access from unusual locations could indicate a compromise.
  • Unwillingness to comply with security policies. Employees who consistently disregard security protocols and policies might pose a risk to the organization’s security.

Mitigating Insider Threats

Proactive measures that can help mitigate insider threats include:

  • Employee training and awareness: Conduct regular security awareness and training programs to educate employees about the significance of insider threats and their role in preventing them.
  • Role-based access control: Implement a robust access control model that ensures individuals have access to only the resources required for their specific job roles, reducing the potential impact of an insider breach.
  • Behavioral analytics: Employ advanced analytics tools to monitor user behavior and detect inconsistencies that could indicate suspicious actions.
  • Develop clear exit procedures: these include the revocation of access privileges and retrieval of company-owned devices and sensitive information from employees leaving the organization.
  • Continuous monitoring and adaptation: Insider threats keep evolving, necessitating ongoing monitoring and constant adaptation of new security measures.

Preventing Insider Threats

  • Conduct comprehensive background checks and verify references during the hiring process to minimize the risk of malicious insiders entering the organization.
  • Ensure employees have proficient skills in deploying and managing complex cloud solutions.
  • Encourage open communication, foster mutual trust, and support employees to reduce the likelihood of disgruntlement.
  • Extend security considerations to contractors, suppliers, and partners with access to the organization’s data or systems.
  • Implement endpoint security solutions to monitor and analyze activities on user devices such as workstations or laptops.

Conclusion

While staying alert for cyberattacks from outside is critical, organizations must not forget that the most significant risk can come from inside the business. Even with the most comprehensive cybersecurity defenses against external hackers, failing to create proactive measures for internal security leaves critical assets open to hidden dangers within the organization’s walls.

Organizations such as the Cybersecurity and Infrastructure Security Agency (CISA) provide information and resources to assist in developing new or improving existing insider threat mitigation programs.

The Ins and Outs of a Reverse Stock Split

4 min read

Reverse Stock Split, What are Reverse Stock SplitWhen a company decides to conduct a reverse stock split, also referred to as a stock consolidation, the number of shares available to investors is reduced.

In a normal (forward) stock split, a company increases its number of outstanding shares without changing their market value. For example, one share of stock valued at $200 may split into two shares, with the shares then valued at $100 each. So, with a shareholder who holds 10 shares for a total of value of $2,000, a traditional one-to-two (1:2) stock split would change his holding to 20 shares – still valued at $2,000. The difference is that the value of each stock would change from $200 to $100.

The opposite occurs with a reverse stock split; a company decreases its number of outstanding shares without changing their market value. Using the same example, a shareholder who owns 10 shares at $200 would hold only five shares after a 2:1 reverse stock split. However, the worth of each share would double in value to $400.

Why Conduct a Reverse Stock Split?

A reverse stock split often indicates that a company is in financial distress, its stock price is on a downward spiral and it wants to reverse that momentum by giving investors a higher share value. This makes individual stocks more valuable to sell. In many cases, the company’s sinking stock price puts it in danger of losing its place on a stock exchange, which would then limit the pool of possible buyers – particularly fund managers and stock brokers. In most cases, companies that conduct a reverse stock split are small, lightly traded companies as well as some exchange-traded funds.

Impact on Small, Retail Investors

Smaller investors are more likely to be negatively impacted by a reverse stock split because they are more likely to own fewer numbers or fractional shares. For example, if a company conducts a 20:1 reverse stock split, investors receive only one share for every 20 they hold. However, if a shareholder owns less than 20 shares, he will simply be paid cash for his shares and his position would dissolve. This also holds true if the investor owns an uneven multiple of the reverse split. In the scenario of a 20:1 stock split, if the investor held 110 shares, he would receive five new post-split shares and be paid in cash for the remaining 10 shares.

How Do Stocks Perform After a Reverse Split?

While the total value of a shareholder’s holding would not change after a reverse stock split, history has shown that share prices after a reverse split tend to stagnate or continue to drop. After all, the company was likely already in financial distress, and this action serves to increase the price of a failing stock. It does not usually entice new investors or motivate current ones to invest more money in the company.

Potential Advantages and Disadvantages of Reverse Splits

To remain listed on a major stock exchange such as the NYSE or Nasdaq, a company’s share price must trade at $5 or higher. The advantage of a reverse stock split is that it increases the value of shares, which may allow them to remain listed on a major exchange. This offers value to both the investor and the company, as exchanges attract far more investors whose interest can help drive up the stock price.

Another scenario in which a reverse stock split is advantageous is if a corporation is planning to spin off a portion of its business into a separate company. By conducting a reverse stock split before the spinoff, shares of the new company are assured of having a high enough stock price to be listed on a major stock exchange.

However, a reverse stock split is most often a signal that the company is failing, is worried about a pervasive decline in its stock price, and is seeking a way to artificially increase investor share prices.

Raising the Debt Ceiling, Protecting Air Travel and Repealing the Iraq AUMF

3 min read

Raising the Debt Ceiling, Protecting Air Travel and Repealing the Iraq AUMFFiscal Responsibility Act of 2023 (HR 3746) – This Act represents a compromise reached by House Republicans and President Biden. Republicans negotiated concessions in exchange for voting to raise the debt ceiling to maintain the solvency of the federal government. These concessions included universal cuts to federal spending, the suspension of student loan repayments that began during the pandemic, additional work requirements for some Supplemental Nutrition Assistance Program (SNAP) and Temporary Assistance for Needy Families (TANF) recipients, and suspending the current $31.4 trillion debt ceiling until 2025. The bill was introduced by Rep. Patrick McHenry (R-NC) on May 29. The legislation was passed in the House on May 31, in the Senate on June 1, and signed into law on June 2 – just in time to avert the global financial crisis, it would have triggered by June 5.

NOTAM Improvement Act of 2023 (HR 346) – This bill was introduced in the House by Rep. Pete Stauber (R-MN) on Jan. 12. This Act instructs the Federal Aviation Administration (FAA) to establish a federal NOTAM system (notice to air missions, as required by international or domestic law) as well as an accompanying task force. The task force is directed to evaluate existing regulations, policies, systems, and international standards relating to NOTAMs; determine best practices, and make recommendations to improve the publication and delivery of NOTAM information. This bill passed in the House on Jan. 25, passed with changes in the Senate on May 9, finalized in the House on May 22, and was signed by the president on June 3.

A bill to amend the Tariff Act of 1930 to protect personally identifiable information and for other purposes (S 758) – This bill would require the Treasury Department to remove personal traveler information, such as Social Security and passport numbers, from transportation manifests before they become accessible to the public. The bipartisan bill was introduced by Sen. Steve Daines (R-MT) on March 9 and passed in the Senate on the same day. It is presently under review in the House.

A bill to repeal the authorizations for the use of military force against Iraq (S 316) – The purpose of this bipartisan bill is to repeal a decades-old AUMF (Authorization for Use of Military Force) against Iraq. This repeal restores Congress’ constitutional responsibility to undertake the traditional process for approving the use of military force. The bill was introduced on Feb. 9 by Sen. Tim Kaine (D-VA) and was co-sponsored by 31 Democrats, 12 Republicans, and three Independents. The bill passed in the Senate on March 29 and is currently under consideration in the House.

Administrative False Claims Act of 2023 (S 659) – Introduced by Sen. Chuck Grassley (R-IA) on March 6, this bill would modify the current provisions of fraud committed against the federal government. The current maximum fraud claim is $150,000; the bill would raise that limit to $1 million, as well as enable the federal government to recoup expenses related to the investigation and prosecution of each case. The Senate passed the bill on March 30 before sending it to the House, where it awaits a vote.