Travelers RMplusonline

Tools to help protect from costly litigation
A service provided to Travelers Bond & Specialty Insurance management liability policyholders by The McCalmon Group, Inc.

Welcome to the redesigned Risk Management Plus+ Online, a robust website brought to you by Travelers designed to help you mitigate your management liability and crime exposures. The new Risk Management Plus+ Online includes articles, checklists, best practice minute videos, podcasts, and a sample employee handbook to help you manage not only your employment practices risks, but also cyber, crime, directors & officers, fiduciary, kidnap & ransom, and identity fraud exposures. The site has been redesigned to provide this content in a streamlined and efficient manner.

Cloud Apps And Cloud Storage: The Cyber Risks Associated With Both

March 24, 2022

Cybercriminals have become more successful at delivering malware through cloud apps.

Netskope, a threat and data protection provider, has blocked an increasing number of malware downloads from cloud apps, which now make up an increasing share of total malware downloads. The percentage of malware downloads from cloud apps increased from 46 percent to 73 percent and then plateaued at 66 percent.

Google Drive replaced Microsoft OneDrive to become the top app for malware downloads in 2021.

The number of credential attacks against managed cloud apps remained level in 2021 compared to 2020. These attacks comprise more than half of all managed cloud app instances. However, the number of sources of these attacks increased markedly in 2021, with each source carrying out fewer login attempts.

Cybercriminals are also continuing to deliver malware in Microsoft Office documents. Emotet led to a spike in malicious Office documents in the second quarter of 2020. Malicious Microsoft Office documents now represent one-third of all malware downloads, compared to one-fifth before Emotet. The quality of malicious documents also remains higher post-Emotet.

Employees left their jobs at twice the rate in 2021 than in 2020, increasing the risk from insider threats. More than one in seven employees who left their jobs used personal Cloud Storage apps to take organizational data with them.

The popularity of Cloud Storage apps among users is a primary reason they are increasingly used for malware downloads and insider threats. "Cloud and Threat Report: January 2022 Edition" www.netskope.com (Jan. 2022).

Commentary

The Federal Trade Commission (FTC) provides organizations with six tips to increase their cybersecurity when using cloud apps.

First, utilize security features offered by the cloud service provider. Follow guidance for how to configure your settings in the most secure way possible. Protect cloud storage apps with strong, unique passwords and multi-factor authentication. Unless there is a legitimate business necessity, employees should not have access to your cloud resources.

Second, regularly inventory what you keep in the cloud. Knowing where your data is and making sure security configurations and access rights align with the sensitivity of your data are essential to data management. Test for misconfigurations and potential security failings.

Third, do not store sensitive information unless there is a legitimate need to do so. Although cloud storage provides a lot of storage room, resist the temptation to keep data “just in case.”

Fourth, consider encrypting data that you rarely use. If the data contains sensitive information, you should encrypt it no matter where it is stored.

Fifth, pay attention to credible warnings you receive from cloud providers or security researchers. Investigate your cloud storage app and check security settings.

Finally, detail who oversees what in cloud contracts but remember that securing your data is ultimately your responsibility. Using a cloud service does not mean you outsource data protection. Use security tools provided by the app but also have your own written data security program detailing how you will protect sensitive information. Elisa Jillson and Andy Hasty “Six steps toward more secure cloud computing” www.ftc.gov (Jun. 15, 2020).

Finally, your opinion is important to us. Please complete the opinion survey:

Additional Resources

Twitter Feed

Travelers @Travelers - 11 hours ago

RT @unitedwayinc: Thank you @Travelers Leadership Development Program for inviting us to build Literacy Kits & facilitate our Making Choice...
- Reply
- Retweet
- Favorite
Travelers @Travelers - 12 hours ago

On #WednesdayswithWoodward, renowned mediation expert Kenneth R. Feinberg explained overseeing high-profile victims... twitter.com/i/web/status/1...
- Reply
- Retweet
- Favorite
The McCalmon Group @The McCalmon Group - 14 hours ago

Leverage Training To Lower FLSA Risks bit.ly/3xYlmUu
- Reply
- Retweet
- Favorite
Travelers @Travelers - 1 day ago

Work-related pressures may compel drivers to respond to calls, texts or emails, according to the 2022 Travelers Ris... twitter.com/i/web/status/1...
- Reply
- Retweet
- Favorite
The McCalmon Group @The McCalmon Group - 1 day ago

Terminate Respectfully And Lower Your Risk Of Regulator Backlash bit.ly/3bygCxl
- Reply
- Retweet
- Favorite
Travelers @Travelers - 27 Jun

Thank you to all the volunteers and partners who helped make this year's #TravelersChamp a success. A big shout-out... twitter.com/i/web/status/1...
- Reply
- Retweet
- Favorite
Travelers @Travelers - 27 Jun

RT @TravelersChamp'>TravelersChamp: What. A. Week. #TravelersChamp
- Reply
- Retweet
- Favorite
The McCalmon Group @The McCalmon Group - 27 Jun

Are Coworkers The Cause Of Employees Resigning? You Make The Call bit.ly/3QPSTc0
- Reply
- Retweet
- Favorite
The McCalmon Group @The McCalmon Group - 27 Jun

What Employers Need To Know: Chicago's Updated Sexual Harassment Ordinance bit.ly/3btbtXn
- Reply
- Retweet
- Favorite
Travelers @Travelers - 27 Jun

RT @AlanSchnitzer: Congrats to the 2022 @TravelersChamp winner, @XSchauffele! The tournament showcased great golf and, importantly, generat...
- Reply
- Retweet
- Favorite
Travelers @Travelers - 27 Jun

RT @TravelersChamp: Hats off to Connecticut! More than $2.5 million for more than 130 charities. The event has generated more than $25 mill...
- Reply
- Retweet
- Favorite
Travelers @Travelers - 26 Jun

RT @TravelersChamp'>TravelersChamp: Xander holds off the charge for the ??. Congrats to 2022 #TravelersChamp winner, @XSchauffele!
- Reply
- Retweet
- Favorite
Travelers @Travelers - 26 Jun

RT @PGATOUR: How to follow the final day of action from @TravelersChamp ??
- Reply
- Retweet
- Favorite
Travelers @Travelers - 26 Jun

RT @TravelersChamp'>TravelersChamp: Sundays are for trophies. #TravelersChamp
- Reply
- Retweet
- Favorite
Travelers @Travelers - 24 Jun

RT @TravelersChamp: Thank you to our volunteers who help run the tournament year-over-year with a smile and a helpful hand ??. #TravelersCh...
- Reply
- Retweet
- Favorite
The McCalmon Group @The McCalmon Group - 24 Jun

Synthetic Identities And Ghost Employees bit.ly/3QJoigl
- Reply
- Retweet
- Favorite
The McCalmon Group @The McCalmon Group - 24 Jun

Ask Leslie: Can The Wrong FMLA Comments Lead To Liability? bit.ly/3u0mmGp
- Reply
- Retweet
- Favorite
The McCalmon Group @The McCalmon Group - 24 Jun

Redlining And Lending Patterns: What Should Banks Consider? bit.ly/3QHkFrb
- Reply
- Retweet
- Favorite
Travelers @Travelers - 23 Jun

Our partner, @disastersafety, just launched its Wildfire Prepared Home designation program in California. Learn mor... twitter.com/i/web/status/1...
- Reply
- Retweet
- Favorite
The McCalmon Group @The McCalmon Group - 23 Jun

Day Rate Workers: What Are The Wage And Hour Risks? bit.ly/3NbeWa5
- Reply
- Retweet
- Favorite
The McCalmon Group @The McCalmon Group - 22 Jun

Settlement Alert-PA Drug Treatment Center Settles Retaliation Suit By Associate Regarding Hazard Pay bit.ly/3On8P3A
- Reply
- Retweet
- Favorite
The McCalmon Group @The McCalmon Group - 22 Jun

Cyber Alert-Kaiser States Breach Exposed Healthcare Data Of 69K Patients bit.ly/3NfSOeK
- Reply
- Retweet
- Favorite
The McCalmon Group @The McCalmon Group - 22 Jun

Direct Safety Threats And Accommodations bit.ly/39Epdhy
- Reply
- Retweet
- Favorite
The McCalmon Group @The McCalmon Group - 22 Jun

Here's when children under 5 can start receiving their COVID-19 shots on.today.com/3ycalQW
- Reply
- Retweet
- Favorite

Risk Management Plus+ Online® is a value-added service offered to certain Travelers Bond & Specialty Insurance policy holders. Many of the materials on this site are produced by The McCalmon Group, Inc., an outside risk management firm, and in using this site you are signifying your agreement to The McCalmon Group's User Agreement and Privacy Policy below. Travelers Casualty and Surety Company of America and its property casualty affiliates ("Travelers") makes no warranty, guarantee, or representation as to the accuracy or sufficiency of the content on this site. The use of the information and the implementation of any practices described on this site is at your sole discretion. Travelers disclaims all warranties, express or implied. In no event will Travelers be liable in contract or in tort for any loss arising out of the use of Risk Management Plus+ Online or any other of The McCalmon Group's content or products.

The materials contained on this site do not amend, or otherwise affect, the provisions or coverages of any insurance policy or bond issued by Travelers. It is not a representation that coverage does or does not exist for any particular claim or loss under any such policy or bond. Coverage depends on the facts and circumstances involved in the claim or loss, all applicable policy or bond provisions, and any applicable law. Availability of coverage referenced on this site can depend on underwriting qualifications and state regulations.

© 2006-2022 Travelers Inc., All Rights Reserved. © 2006-2022 The McCalmon Group, Inc., All Rights Reserved. Designated trademarks and brands are the property of their respective owners. Use of this website constitutes acceptance of The McCalmon Group's User Agreement and Privacy Policy.
Legal Notices.

Log In

RMPlusOnline Overview

Additional Resources

Twitter Feed