Connect with us

Business

LifeLabs cyberattack one of 'several wake-up calls' for eHealth security and privacy – CBC.ca

Published

 on

LifeLabs cyberattack one of 'several wake-up calls' for eHealth security and privacy – CBC.ca


The data breach of the Canadian laboratory testing company LifeLabs is one of “several wake-up calls” for security and privacy challenges that come with the push for a medical system in which eHealth plays a significant role.

“The medical field for us is one of the worst when it comes to cyber security practices,” said David Kennedy, cyber security expert and founder and CEO of TrustedSec, an information security consulting firm.

“What’s interesting about the large push for electronic patient health-care information that you put online is that a lot of these organizations are not designed to withstand attacks.”

Many health-care organizations and professionals are big advocates for eHealth. On its website, Heath Canada describes eHealth as “an essential element of health-care renewal,” which will “result in benefits to Canadians through improvements in system accessibility, quality and efficiency.”

The Electronic Health Record, for example, allows the sharing of necessary information between care providers across medical disciplines and institutions. 

But on Monday, LifeLabs — Canada’s largest provider of general diagnostic and specialty laboratory testing services — announced that a cyberattack on its computer systems had forced the company to pay a ransom to retrieve the sensitive information of millions of customers.

LifeLabs president Charles Brown wrote that information related to about 15 million customers, mainly in British Columbia and Ontario, may have been accessed during the breach.

LifeLabs announced that a cyberattack on its computer systems had forced the company to pay a ransom to retrieve the sensitive information of millions of customers. (Cultura RF/Getty Images)

Other security breaches

And that attack was just the most recent breach in Canada. Just months ago, hackers crippled the computer systems of three Ontario hospitals. 

Meanwhile, in Alberta, breaches have included the disappearance of an unencrypted hard drive containing the personal health information of 650 patients at the Mazankowski Alberta Heart Institute in August, and the inappropriate access of 2,158 electronic health records by Alberta Public Laboratories staff at the Red Deer Regional Hospital Centre earlier this year.    

We’ve probably had several wake-up calls, but it still seems like lots of folks are asleep at the wheel,” said Beau Woods, a cyber safety innovation fellow with the U.S. think-tank Atlantic Council.

Woods suggested it was troubling that Brown didn’t know whether or not the LifeLabs records were encrypted.

“Whether or not encrypted records would have protected the data in this case is to be seen,” he said. “The fact that the CEO, even after probably talking to IT can’t say whether the records are encrypted, says that there’s some kind of fundamental breakdown in governance.”

Hackers like to target hospitals and medical facilities, which are often on very tight IT budgets, said David Masson, director of enterprise security for Darktrace, a cyber AI company.

“They know they’ll be struggling to actually secure their IT networks. So they will see them as easy targets. And that’s why they go after them,” Masson said. 

So security usually falls by the wayside in many cases for most organizations. Security ends up being a very small percentage if any in most hospitals, most health-care providers.– David Kennedy, founder and CEO of TrustedSec

One of the problems is that medical institutions see themselves solely as health-care providers, meaning IT security doesn’t get the focus it needs, TrustedSec’s Kennedy said. 

“So security usually falls by the wayside in many cases for most organizations. Security ends up being a very small percentage if any in most hospitals, most health-care providers that we see out there today.”

Tom Keenan, a University of Calgary professor who specializes in cyber security and researched the issue of electronic health records, said not all hospitals are lax when it comes to IT security, and that it varies across Canada how well hospitals treat the issue.

While human error is often the weakest link, another factor, he said, is that people who build these systems also sell optional extras for security.

‘Take extra measures’

In one particular case he studied, the people who ran the health authority knew they had vulnerabilities and bought an extra auditing package, but never installed it.

“We can take extra measures,” he said. “We need to tighten things up.

Despite the security issues, Keenan said there’s no need to pause when it comes to the push for eHealth, but just beef up security.

“We don’t want to slow it down. If anything, we want to speed it up,” he said. “Full steam ahead but with due regard to caution.”

“I trust my lab, but I would also like them to publish periodically [that they’ve] been audited by a third-party cyber security company.

There’s a lot of cyber hygiene things that you could do that aren’t expensive — that actually can be less costly than not doing them.– Beau Woods, cyber security expert

As well, medical facilities should hire cyber security firms to conduct penetration tests, to determine the vulnerability of their system, he said.

Woods, the cyber security expert, said there are some simple remedies for medical facilities, like updating their software or having multi-factor authentication.

“There’s a lot of cyber hygiene things that you could do that aren’t expensive — that actually can be less costly than not doing them,” he said. “Not looking at cost of breaches and things like that, just operationally less costly and more secure.”

University of Calgary Prof. Tom Keenan says not all hospitals are lax when it comes to IT security, and that it varies across Canada how well hospitals treat the issue. (Kate Adach/CBC)

Sandy Buchman, president of the Canadian Medical Association, said he believes in terms of the human component of security, hospitals are making “extreme efforts” to protect patient privacy.

‘Breaks down trust’

But he said he understands how incidents like the LifeLabs data breach can shake a patient’s trust. 

“It could be something way beyond a physician or hospital’s control, like these cyberattacks that are occurring, but it still breaks down trust in the overall system.

The medical community has to be diligent and press for the improvements needed in the security of personal health information, he said.

“We have to be better as a health-care community in demanding that. I’m not a cyber security expert. I know we can’t let off the pressure — to be pressing for this at all times in whatever ways are technologically possible.”

Let’s block ads! (Why?)



Source link

Business

The 5 Big Banks in Canada

Published

 on

Banks in Canada

The Big Five Banks is a term used in Canada to describe the five largest banks: Royal Bank, The Bank of Montreal, Canadian Imperial Bank of Commerce, The Bank of Nova Scotia, and TD Canada Trust.

Occasionally, the term “Big Six Banks” is used, with the sixth bank referring to the National Bank of Canada. As of March 2008, the Big Six Banks and Laurentian Bank of Canada are the largest banks in Canada. The Five Big Banks hold over $100 billion in assets, and they are all based in Toronto. World Atlas provides the following data on each of the Big Five Banks.

1. Royal Bank of Canada

The Royal Bank of Canada is the largest of the Big Five with respect to net revenue (C$12.431 billion in 2018) and capitalization (C$150.35 billion as of early 2020). The Royal Bank of Canada has over 16 million clients worldwide, over 74,000 full-time employees and over 1,300 branches. Founded in 1864 in Halifax, Nova Scotia, the bank financed the lumber and timber industries. It was known as the Merchants Bank of Halifax. The Royal Bank of Canada gives 1% of its income to charity.

2. Toronto-Dominion Bank

The second-largest bank in Canada, the Toronto-Dominion Bank has the most assets, which are valued at C$1.4 trillion as of July 2019. This bank has over 22 million clients worldwide, 85,000 full-time employees and over 1,100 branches. The bank was the result of a merger of the Bank of Toronto and the Dominion Bank in 1955.

3. Bank of Nova Scotia

The Bank of Nova Scotia, or Scotiabank, is the next largest bank in Canada with assets valued at C$998 billion as of late 2019, the revenue of C$28.8 billion in 2018 and capitalization of C$87.55 billion. The bank has over 23 million customers worldwide, 89,000 full-time employees and over 1,000 branches in Canada. This bank offers to trade on both the New York and Toronto Stock Exchanges.

Also founded in Halifax, Nova Scotia—this one in 1832—the bank moved its headquarters to Toronto in 1900 to improve the transAtlantic trade industry.

4. Bank of Montreal

The Bank of Montreal is the fourth largest Canadian bank with C$852.2 billion worth of assets in late 2019, the revenue of C$22.8 billion and capitalization of C$64.81 billion as of early 2020. The bank has over 7 million clients in Canada and 939 branches. The bank has over 47,000 employees. It was founded in 1817 and is the oldest bank in Canada. Throughout crises such as World War I, the Great Depression, World War II, and the 2008 Global Financial Crisis, the Bank has consistently met dividend payments.

5. Canadian Imperial Bank of Commerce

The Canadian Imperial Bank of Commerce has C$597 billion in assets, the revenue of C$17.834 billion for 2018, and capitalization of C$48.01 billion. The bank has over 11 million clients worldwide, 1,100 branches in Canada and over 44,000 full-time employees worldwide. The bank was formed in 1961 when the Canadian Bank of Commerce and the Imperial Bank of Canada merged.

Continue Reading

Business

U.S. lawmakers press GM CEO on California emissions

Published

 on

U.S. lawmakers press GM CEO on California emissions

General Motors Chief Executive Mary Barra faced questions from U.S. lawmakers on Wednesday on a workers’ vote at a company plant in Mexico and the company’s support for emissions reductions.

Barra met with House of Representatives Speaker Nancy Pelosi and other senior Democrats on Capitol Hill, and touted the company’s decision announced earlier in the day to boost spending on electric and autonomous vehicles to $35 billion through 2025.

“We’re committed to an all-EV future,” Barra said in brief comments to Reuters after the meeting. “We had a lot of conversations about a lot of things that we can do to enable EV adoption.”

Until November, GM backed the Trump administration’s effort to block California from setting tougher emissions standards than the federal government.

Pelosi had expressed disappointment with GM’s support for Republican President Donald Trump’s position on the emissions rules, a source briefed on the matter said, and she urged GM to work with California and the Biden administration to reach the strongest possible vehicle emissions standards.

The administration of Democratic President Joe Biden is set to unveil revised vehicle emissions rules in July.

GM said last week it backs emissions reductions outlined in a 2019 deal struck between California and other major automakers, but wants the federal government to endorse changes to speed the adoption of electric vehicles.

Barra also faced questions about a delayed worker vote at a GM plant in Silao, Mexico.

Mexico’s Labor Ministry scrapped an initial union-led vote in April, citing “serious irregularities,” and later ordered the GM union to hold a new ballot within 30 days of its May 11 statement. No vote has been scheduled

The U.S. Trade Representative’s Office in May asked Mexico to review potential labor abuses at the Silao plant under the United States-Mexico-Canada Agreement (USMCA).

Last month, U.S. Representatives Dan Kildee, Bill Pascrell and Earl Blumenauer, all Democrats, pressed GM to answer questions about potential abuses in Mexico.

“We want to see some real demonstration of embracing the labor standards in Mexico — more than compliance,” Kildee told Reuters after the meeting. “The situation in Silao — I raised that with Mary — that’s a problem.”

The Democrats urged GM to commit to providing workers with physical copies of the contract, publicly posting contracts and to meet other requirements.

Kildee offered additional steps GM could take to support workers and meet USMCA requirements, and the three lawmakers followed up with a written list of suggested actions, congressional aides said.

The suggestions “would be tangible demonstrations of GM’s commitment to lead on compliance with the new labor standards,” Kildee told Reuters.

Earlier Wednesday, some House lawmakers on a trade panel, including Kildee, had a virtual meeting with Mexico’s ambassador to the United States in which the GM labor issued was raised.

 

(Reporting by David Shepardson; Editing by Leslie Adler)

Continue Reading

Business

Presenting Your Professional Experience: Numbers Are Your Friends

Published

 on

B.C. has met its goal of hiring more than 1200 contact tracers

Numbers rule the business world—revenue, headcount, process time, value increase, number of clients, inventory count, profit margin, credit rating, customer satisfaction score. Numbers indicate and measure success or failure, whether a business activity is positive or negative to the bottom line. You’d be hard-pressed to find a business decision made without some factoring in of “the numbers,” be it stats, cost, the potential return on investment.

 

Hiring is a business decision.

 

To make a strong case for yourself (Envision your selling features.) throughout your resume use numbers, the language of business, to quantify your results and establish yourself as someone who can bring value to an employer. Using numbers shows you understand how companies operate and that they exist to make a profit. Most importantly, using results-achieved numbers displays your value.

 

Which job seeker displays better value?

 

Candidate 1: Duties included taking field measurements and maintaining records, setting up and tracking project using Microsoft Project.

 

Candidate 2: Spearheaded the Hazzard County water decontamination project, finishing $125,000 under budget due to a 25% decrease in staff allocation time.

 

Which job seeker gives a clearer picture of their responsibilities?

 

Candidate 1: Supervised team leaders.

 

Candidate 2: Supervised 3 team leaders, collectively responsible for 40 CSRs answering 1,750 – 2,500 calls daily.

 

Which job seeker shows their work ethic?

 

Candidate 1: Completed first editing pass on articles.

 

Candidate 2: Reviewed and evaluated 50 – 75 articles per week, deciding whether to reject the article, forward it to the editorial team, or send it back to the author with revision suggestions.

 

Information quantified means something. Information not quantified is just an opinion. Most resumes are just a list of opinions, thus quantifying your professional experience will set you apart from your competition.

 

TIP: Always use bullets, not paragraphs, to describe your professional experiences.

 

For each position you list on your resume, ask yourself:

 

  • Did I increase my employer’s revenue? How?
  • Did I save my employer money?
  • Did I save time?
  • Was my boss(es), colleagues, staff, customers, vendors, and leadership team members happier because of me?
  • How did I contribute to improving my employer’s business?

 

When answering these questions, quantify (percentage, range, monetary, frequency, before/after comparison, ratio). Creating a resume that WOWs requires filling it with quantified results-rich statements.

 

  • Reduced customer complaints by 47% by implementing a formal feedback system.
  • Improved product delivery time 22% after assigning clarified monthly job tasks to team members.
  • In 2020, grew revenue 33%, and improved gross margin by 22%, by standardizing business operating procedures.
  • Produced $1.75M in cost-savings after renegotiating the company’s supply and service contracts (14 vendors).
  • Built sales organization from the ground up, hiring and training 15 sales representatives within 6 months.
  • In 2019, generated over $7.25M in additional revenue by identifying, pursuing, and securing 4 new international contracts.

 

As I mentioned a few columns back, your resume must clearly and succinctly answer one question: How did you add or bring value to your employers? When it comes to answering this question, numbers are your friends.

 

Something to keep in mind: The king of numbers, the only metric in business that matters, the one that keeps a business alive and profitable, is revenue. As much as possible, throughout your resume and cover letter, demonstrate the results you’ve achieved that were added value to your employer’s financial success.

 

Don’t write on your resume what’s become a cliche, “result-oriented.” Don’t write it on your LinkedIn profile. Don’t say it during an interview. Show your results! “In 2017, I increased sales by 29% by creating upsell opportunities for my 8-member sales team to offer.”

 

Additional tips when bulleting your professional experience:

 

  • Employment dates need to be month/year. Only indicating years is a red flag you’re trying to cover up employment gaps.
  • Under 2 Lines. Your bullets shouldn’t be more than 2 lines.
  • The first 5 – 8 words are critical. When skimming a resume, the reader will likely read the first few words of a bullet then, unless their interest is piqued, move on to the next bullet. The first few words need to be captivating.

 

Next week I’ll cover presenting your education, skills, and certifications. These need to demonstrate your career path, not that you simply attended classes.

______________________________________________________________

 

Nick Kossovan, a well-seasoned veteran of the corporate landscape, offers advice on searching for a job. You can send him your questions at artoffindingwork@gmail.com.

 

Continue Reading

Trending