Tuesday, October 30, 2012

Life Story of A Star in the Making - Crisitano Ronaldo

A much-vaunted prodical player when picked up by Man. United from Sporting Lisbon in 2003, Cristiano Ronaldo is maybe, apart from David Beckham, the best-known player on the planet.

He has since been awarded the FIFA World Player of the Year in 2008. He is a winger who scored 42 goals across all competitions in 2007-08, Ronaldo will be expected to do what he has yet to do - and that's light up an international tournament, like the upcoming Soccer worldcup.

HUMBLE BEGINNINGS
Crisitano Ronaldo born on 5th February 1985, on the Portuguese island of Madeira, . Named after Ronald Reagan, due to his father`s admiration for the actor, few would have wagered that this child would make it to the very top of the world soccer ranking, especially with Madeira being mainly being agricultural. He has one brother and two sisters, it is family whom he chooses as the most important in his life.
On the back streets of this tiny island that Ronaldo learnt his first few tricks, until he was scouted that is. By the time he was 12, Ronaldo had established himself as the best player on Madeira, utilizing his great talent and speed to pass full grown defenders for Andorinha.

Having been scouted as a mega talent, the big Portuguese clubs had to scrap it out for his signature. Though Porto and Boavista both attempted to sign him, he could only ever play for Sporting Lisbon the soccer club he supported since he was a boy.
Progressing through the youth ranks he impressed all who he worked with him. At the tender age of 17, Ronaldo was thrown in at the deep end with his first game against Moreirense. He scored twice which not only gave him a dream debut, but also endeared him to the fans who soon learnt to chant for him to have the ball. A goal against title-rivals Boavista also saw him rise to the top of the "Fan`s Favorites" list.
His skills were being watched closely by all of the big clubs in Europe, including Liverpool and Juventus.
His dazzling skills put England U-17s out, and everyone who watched felt they had seen something extraordinary.
At the end of his first season at Sporting Lisbon he was loaned to Liverpool. Though he was extremely happy at Sporting, he was also flattered by the interest of such a big Premier League club.

A STAR IS BORN.
Sporting Lisbon finished top in the league, and Ronaldo was hailed as the future of the club, alongside other Portuguese Star Quaresma.
Ultimately both moved on. The money on the table was way too much for the Portuguese club to turn down. Best-friend Quaresma ended up at Barcelona, whilst Ronaldo landed at the bright red of Man. United.
The deal saw Ronaldo become the most expensive teenage signing in the UK, with Man. United paying 12.24 million spread equally over two seasons. Those who had not seen him play baulked at the price for an unproven player!
An so, on 12th August 2003, Cristiano Ronaldo held up the famous Red shirt, with his favourite number 7 (it is hero Figo`s number) for all the press to see. A new star had been born.
After winning all there was to win with man. United, in the summer of 2009 Ronaldo finally earned his dream move to Real Madrid. Yet another world record fee of 80 million was paid for him as part of the new era of galacticos at the Bernabeu.
The tricky winger made his debut for his country in a 1-0 victory against Kazakhstan in 2003 and was named in the squad for Euro 2004 in Portugal.
He had the chance to come of age at the Germany hosted 2006 World Cup, though one of the memorable images of the tournament was his wink at the bench after Manchester United team-mate Wayne Rooney was sent off in a match against England. He also came in for fierce criticism for diving, which resulted in him being booed at games and it probably cost him the Young Player of the Tournament award.
He only scored once at Euro 2008, but after former Manchester United assistant coach took over with Portugal, Ronaldo has been named captain, though some would argue he is not their most influential player.
With South Africa 2010 on the horizon, Ronaldo has the talent,ability and now the experience to make an impact for Portugal provided he can shake off his devils of the past.
On the commercial front Cristiano Ronaldo is not too different from the likes of other soccer celebrities. He earns a fortune from plenty of endorsed Cristiano Ronaldo cleats, Cristiano Ronaldo t shirts, Shin guards and various other equipment and memorabilia, as is common place in today's modern soccer game.

Wednesday, October 24, 2012

Payday Loans No Fax: Money, When You Exactly Needs

Sometimes the money shortage in the mid of a month compels the salaried people to look for forward for monetary support from family and friends. You might need in order to get rid of any expensive bill on a credit card or to pay for utilities bills like telephone and electricity. Payday Loans No Fax is a great financial help and free from any type of faxing documents to the lending company.

This fund opportunity is appropriate in urgent financial condition and needy individual can fetch desired funds within 24 hours directly into his bank account. As its title suggests these loans are parts of payday loans and offers you desired funds on the same day without faxing any sort of documents.

Whether you need loan for paying utilities bills like telephone or electricity, organizing a tour, wedding expenses, shopping, or other all expenses can be answered with this loan facility. There is no need of bank statement of the bank to send the lender for approval. All applicant need to borrow funds is to fill an application online with required personal information. This information includes your full name, present residence address, company's information and ID proof of the country.

These loans are basically for short term just for one to four weeks. Fund ranges from 80 to 1500 can be easily availed without any hassle and wasting time. Your repayment on due date is very important as late payment of these loan carries high interest rates and it is quite hard for the salaried people to manage them from their fixed salary.

As these loans are usable just for four week maximum, most of the lenders don't waste their time in checking the credit history and collateral. This financial help is free from collateral pledging so beneficial for tenants and home owner. Anyone who have good repayment ability can easily apply for these credits and by repaying on time can improve the credit status.

Sunday, October 21, 2012

Importance Of Medical Tests Before Buying Medical Insurance

A commonplace advertisement from insurance companies is 'no medical tests required to purchase an insurance policy'. People are attracted to the convenience of no-test policy compared to the one that requires all medical tests. But is it really right to purchase a policy without knowing your health condition?

Every individual going to buy an insurance policy whether health or life insurance needs to undergo medical tests as prescribed and should be aware of his health condition. This article discusses the importance and reasons for getting an insurance policy after taking medical tests appropriately.

Premiums are based on health condition
The premiums of an insurance policy (health or life) are charged based on the individual's health condition. You need to make a declaration about your health condition in policy application form and the insurer fixes a premium rate on the basis of your discloser.

For understanding this clearly, lets take an example of two persons. Of them, one has high sugar levels and the other person has normal sugar levels. If both take insurance policy from a company that does not require medical tests then both will be charged same premium. But in reality, the premiums for normal persons should be less than the premiums of others with health issues.

The policies that require no-medical tests are:

Low value policies: Policies that do not consider health tests offer cover not more than Rs 5 lakh. So, if you are looking for a higher cover, that serves your life/health insurance needs, then you should take pure protection policy that requires you to undergo medical tests.

Prone to rejection easily: In most cases, the person who is taking insurance without a medical test may not be aware of his/her health condition. S/He may suffer from an illness and may not know about it till a medical test is conducted. In such a case, an insurer can reject the claim as these policies contain suppressed facts of your health condition with no proper underwriting. So, these kind of unintentional mistakes may simply deprive insurance cover even for those paying huge premiums.

Cover may be inadequate: If you get policies that require no medical tests, then you will also get the policy that has no appropriate insurance cover. It is like getting insured, but having no adequate insurance protection.

It is the actual responsibility of insurance company to determine the health condition of an insurance buyer. An insurance company simply cannot deny the claim as it is its responsibility to subject the policyholder to medical tests and then fix the premium.

Thus, a detailed medical examination that requires blood and urinalysis related tests, blood sugar, ECG, blood count, blood pressure, blood serum tests etc. will benefit you manifold. It provides your health condition report which tells you how fit you are. If you are suffering from any illness, get it cured before it ruins your health. Get complete medical record of your health before buying insurance policy.

Saturday, October 20, 2012

Mortgage Market In Ireland

Home loan marketplace within Ireland is a top demonstrator associated with mortgage administration in remaining planet. Such as Ireland mortgage loan where the credit is actually secured simply by actual home with the use of home financing take note, customer will be requested to cover monthly installments which can be includes curiosity and also principle quantity. And also, by the end from the mortgage this is the moment once the mortgage arrives a conclusion, the house is assigned to customer. Based upon the particular agreement between your customer and also the loan company attention is set.

Ireland mortgage loan interest rates tend to be at the mercy of marketplace forces which were playing prominent role inside backing and also destabilizing the mortgage industry for greater than 30 years, particularly after the deregulation. Furthermore, mortgage loan interest in Ireland is determined by the danger involved in this we.e. more risky the home loan to cover, increased the eye fee. In the same way, those who are searching for low interest rate rate in Ireland should mortgage loan interest very first given that it ultimately has an effect on the actual range of handing over again the loan in the long run.

Escalating costs regarding properties in Ireland possess inspired the actual home loan industry and for that reason a top interest rate will be charged for home loan inside Ireland. Home loan market inside Ireland provides various types of interest rates which includes fixed rate mortgage loan, caped price mortgage, as well as low cost fee mortgage. In a fixed rate mortgage loan there's regularity within rate of interest provided by loan provider for a arranged period of time that might lengthen to two, Three, Several, A few as well as 10 years which actually is actually susceptible to a partnership involving the borrower and also loan company.

Apart from set interest mortgage loan, a assigned interest home loan is quite well-liked inside the Ireland. Inside a capped rate of interest mortgage loan the financial institution promises to not to boost the interest rate above the actual cap for many time frame. In several techniques a prescribed a maximum rate of interest is like a set fee; nonetheless, variation is always that there is overall flexibility inside reduced and also previously mentioned limitations of great interest price. Inside prescribed a maximum rate of interest mortgage loan, the interest rate is held in between a couple of factors arranged mutually simply by lenders and borrower for time ranging from 24 months to many years. Another type of Ireland home loan rate of interest will be discount rate wherein loan companies arranged margin reduction in the typical adjustable rate which will is actually 2% and set for some time period including 12 months to years mutually decided from the loan company and debtor. A person's eye price about home loan tempts loan companies to be able to give the borrowed funds in order to customer; consequently, it can be regarded as crucial function associated with a mortgage and had it not necessarily been in living perhaps there'd not have been a complete gamut associated with mortgage loan.

In a typical mortgage offer a house customer or even contractor obtains funding both to buy or safe contrary to the house from the loan provider that could both end up being someone or perhaps an start. Furthermore, the borrowed funds can either end up being immediate from your lenders or from the large financial company based upon each case and its particular uniqueness. Based upon your need and also size of mortgage as well as the safety distribution, the interest rate is dependant on lender and also customer about shared knowing.

Loan companies as well as consumers mutually decide upon the size of the borrowed funds, maturity of the bank loan, interest, approach to paying down the borrowed funds, etc. and others. Even though there have been some regulating constraints inside home loan market in Ireland, those restrictions are shadow associated with previous right now and also the marketplace forces in Ireland decide the state of home loan rate of interest. Additionally, given that Early in the eightys, the actual Ireland may be viewing tremendous growth with regards to mortgage offers and competitive interest rates available for consumers.

Thursday, October 18, 2012

Flee The Temptation Of No Fax Payday Loans

If you require a tiny amount of financial assistance a cash advance can be an enormous benefit. There are times though that it is important to get as much help as plausible in order to move back on target and many instances this implies learning how to circumvent the trap of a cash loan in order to possess the best economic answers plausible. Being stuck in the cycle of repeated check advances could be an enormous pull on your finances and it is possible to really destroy your finances extremely rapidly.

One of the most critical things to remember when you are utilizing a cash advance is you have to be certain that your budget is being properly controlled. If you are wasting money on wasted expenses then it is frequently extremely hard to avoid each of the needs that you posess for a bit of temporary money. Knowing that your budget is tugged hard makes it extremely complicated to really get all of the cash you need together to avoid the utilization of a payday advance.

With the rather expensive charges that are linked with a paycheck loan it is critical that you do your absolute best to pay the advance off as rapidly as plausible. With costs that average about for each 0 that you borrow, the costs of rolling over the loan continuously could quickly balloon out of handle. It is extremely important to your budget that the paycheck advance be repaid as fast as possible. Having the money required to pay off the advance is often not easy to find, but getting the cash together speedily could save you a ton ultimately.

While it might appear like a wonderful idea to repeatedly run out and acquire a paycheck advance it could do some serious destruction to your finances after a span of time. The money that you are spending on payday loan charges typically have a much better place where they could be beneficial in your budget. Obtaining a strong grip on your budget can spare you much of the paycheck loan fees that you are normally spending out. This acts to help you at getting your finances back on track. While the money that a check advance offers could be quite helpful, it is a complication when you are repeatedly renewing the loan because you are experiencing a horrible lack of cash due to the costs assessed.

One of the final considerations that you have to remember is only acquiring the bare lowest sum that you require. If you are getting money when you truly don't need it you run a danger of getting yourself deeply into debt. It is very crucial to instead take your time and make certain that you are only obtaining what you really require. One of the biggest mistakes that consumers make is obtaining far more than they need or borrowing money when they don't really have to borrow cash. Bypassing this lure is important to your financial survival, if you waste time by merely borrowing money when you don't require it, the results to your finances can be devastating. It is extremely important to keep a careful look on your budget to be sure you are picking wise choices.

Wednesday, October 10, 2012

History Of Indian Capital Markets

The history of the Indian capital markets and the stock market, in particular can be traced back to 1861 when the American Civil War began. The opening of the Suez Canal during the 1860s led to a tremendous increase in exports to the United Kingdom and United States. Several companies were formed during this period and many banks came to the fore to handle the finances relating to these trades. With many of these registered under the British Companies Act, the Stock Exchange, Mumbai, came into existence in 1875.

It was an unincorporated body of stockbrokers, which started doing business in the city under a banyan tree. Business was essentially confined to company owners and brokers, with very little interest evinced by the general public. There had been much fluctuation in the stock market on account of the American war and the battles in Europe. Sir Premchand Roychand remained a kingpin for many years.

Sir Phiroze Jeejeebhoy was another who dominated the stock market scene from 1946 to 1980. His word was law and he had a great deal of influence over both brokers and the government. He was a good regulator and many crises were averted due to his wisdom and practicality. The BSE building, icon of the Indian capital markets, is called P.J. Tower in his memory.

The planning process started in India in 1951, with importance being given to the formation of institutions and markets. The Securities Contract Regulation Act 1956 became the parent regulation after the Indian Contract Act 1872, a basic law to be followed by security markets in India. To regulate the issue of share prices, the Controller of Capital Issues Act (CCI) was passed in 1947.

The stock markets have had many turbulent times in the last 140 years of their existence. The imposition of wealth and expenditure tax in 1957 by Mr. T.T. Krishnamachari, the then finance minister, led to a huge fall in the markets. The dividend freeze and tax on bonus issues in 1958-59 also had a negative impact. War with China in 1962 was another memorably bad year, with the resultant shortages increasing prices all round. This led to a ban on forward trading in commodity markets in 1966, which was again a very bad period, together with the introduction of the Gold Control Act in 1963.

The markets have witnessed several golden times too. Retail investors began participating in the stock markets in a small way with the dilution of the FERA in 1978. Multinational companies, with operations in India, were forced to reduce foreign share holding to below a certain percentage, which led to a compulsory sale of shares or issuance of fresh stock. Indian investors, who applied for these shares, encountered a real lottery because those were the days when the CCI decided the price at which the shares could be issued. There was no free pricing and their formula was very conservative.

The next big boom and mass participation by retail investors happened in 1980, with the entry of Mr. Dhirubhai Ambani. Dhirubhai can be said to be the father of modern capital markets. The Reliance public issue and subsequent issues on various Reliance companies generated huge interest. The general public was so unfamiliar with share certificates that Dhirubhai is rumoured to have distributed them to educate people.

Mr. V.P. Singh's fiscal budget in 1984 was path-breaking for it started the era of liberalization. The removal of estate duty and reduction of taxes led to a swell in the new issue market and there was a deluge of companies in 1985. Mr. Manmohan Singh as Finance Minister came with a reform agenda in 1991 and this led to a resurgence of interest in the capital markets, only to be punctured by the Harshad Mehta scam in 1992. The mid-1990s saw a rise in leasing company shares, and hundreds of companies, mainly listed in Gujarat, and got listed in the BSE. The end-1990s saw the emergence of Ketan Parekh and the information, communication and entertainment companies came into the limelight. This period also coincided with the dotcom bubble in the US, with software companies being the most favoured stocks. There was a melt down in software stock in early 2000. Mr. P Chidambaram continued the liberalization and reform process, opening up of the companies, lifting taxes on long-term gains and introducing short-term turnover tax. The markets have recovered since then and we have witnessed a sustained rally that has taken the index over 13000.

Several systemic changes have taken place during the short history of modern capital markets. The setting up of the Securities and Exchange Board (SEBI) in 1992 was a landmark development. It got its act together, obtained the requisite powers and became effective in early 2000. The setting up of the National Stock Exchange in 1984, the introduction of online trading in 1995, the establishment of the depository in 1996, trade guarantee funds and derivatives trading in 2000, have made the markets safer. The introduction of the Fraudulent Trade Practices Act, Prevention of Insider Trading Act, Takeover Code and Corporate Governance Norms, are major developments in the capital markets over the last few years that has made the markets attractive to foreign institutional investors.

This history shows us that retail investors are yet to play a substantial role in the market as long-term investors. Retail participation in India is very limited considering the overall savings of households. Investors who hold shares in limited companies and mutual fund units are about 20-30 million. Those who participated in secondary markets are 2-3 million.

Capital markets will change completely if they grow beyond the cities and stock exchange centers reach the Indian villages. Both SEBI and retail participants should be active in spreading market wisdom and empowering investors in planning their finances and understanding the markets.

Monday, October 1, 2012

Device Hardening, Vulnerability Scanning and Threat Mitigation for Compliance and Security

All security standards and Corporate Governance Compliance Policies such as PCI DSS, GCSx CoCo, SOX (Sarbanes Oxley), NERC CIP, HIPAA, HITECH, GLBA, ISO27000 and FISMA require devices such as PCs, Windows Servers, Unix Servers, network devices such as firewalls, Intrusion Protection Systems (IPS) and routers to be secure in order that they protect confidential data secure.

There are a number of buzzwords being used in this area - Security Vulnerabilities and Device Hardening?
'Hardening' a device requires known security 'vulnerabilities' to be eliminated or mitigated. A vulnerability is any weakness or flaw in the software design, implementation or administration of a system that provides a mechanism for a threat to exploit the weakness of a system or process.
There are two main areas to address in order to eliminate security vulnerabilities - configuration settings and software flaws in program and operating system files.
Eliminating vulnerabilites will require either 'remediation' - typically a software upgrade or patch for program or OS files - or 'mitigation' - a configuration settings change. Hardening is required equally for servers, workstations and network devices such as firewalls, switches and routers.

How do I identify Vulnerabilities?
A Vulnerability scan or external Penetration Test will report on all vulnerabilities applicable to your systems and applications.
You can buy in 3rd Party scanning/pen testing services - pen testing by its very nature is done externally via the public internet as this is where any threat would be exploited from.
Vulnerability Scanning services need to be delivered in situ on-site. This can either be performed by a 3rd Party Consultant with scanning hardware, or you can purchase a 'black box' solution whereby a scanning appliance is permanently sited within your network and scans are provisioned remotely.
Of course, the results of any scan are only accurate at the time of the scan which is why solutions that continuously track configuration changes are the only real way to guarantee the security of your IT estate is maintained.

What is the difference between 'remediation' and 'mitigation'?
'Remediation' of a vulnerability results in the flaw being removed or fixed permanently, so this term generally applies to any software update or patch. Patch management is increasingly automated by the Operating System and Product Developer - as long as you implement patches when released, then in-built vulnerabilities will be remediated.
As an example, the recently reported Operation Aurora, classified as an Advanced Persistent Threat or APT, was successful in infiltrating Google and Adobe. A vulnerability within Internet Explorer was used to plant malware on targeted users' PCs that allowed access to sensitive data. The remediation for this vulnerability is to 'fix' Internet Explorer using Microsoft released patches.
Vulnerability 'mitigation' via Configuration settings ensures vulnerabilities are disabled. Configuration-based vulnerabilities are no more or less potentially damaging than those needing to be remediated via a patch, although a securely configured device may well mitigate a program or OS-based threat.
The biggest issue with Configuration-based vulnerabilities is that they can be re-introduced or enabled at any time - just a few clicks are needed to change most configuration settings.

How often are new vulnerabilities discovered?
Unfortunately, all of the time! Worse still, often the only way that the global community discovers a vulnerability is after a hacker has discovered it and exploited it. It is only when the damage has been done and the hack traced back to its source that a preventative course of action, either patch or configuration settings, can be formulated.
There are various centralized repositories of threats and vulnerabilities on the web such as the MITRE CCE lists and many security product vendors compile live threat reports or 'storm center' websites.

So all I need to do is to work through the checklist and then I am secure?
In theory, but there are literally hundreds of known vulnerabilities for each platform and even in a small IT estate, the task of verifying the hardened status of each and every device is an almost impossible task to conduct manually.

Even if you automate the vulnerability scanning task using a scanning tool to identify how hardened your devices are before you start, you will still have work to do to mitigate and remediate vulnerabilities.
But this is only the first step - if you consider a typical configuration vulnerability, for example, a Windows Server should have the Guest account disabled. If you run a scan, identify where this vulnerability exists for your devices, and then take steps to mitigate this vulnerability by disabling the Guest Account, then you will have hardened these devices.
However, if another user with Administrator privileges then accesses these same servers and re-enables the Guest Account for any reason, you will then be left exposed. Of course, you wont know that the server has been rendered vulnerable until you next run a scan which may not be for another 3 months or even 12 months.
There is another factor that hasn't yet been covered which is how do you protect systems from an internal threat - more on this later.

So tight change management is essential for ensuring we remain compliant?
Indeed - Section 6.4 of the PCI DSS describes the requirements for a formally managed Change Management process for this very reason. Any change to a server or network device may have an impact on the device's 'hardened' state and therefore it is imperative that this is considered when making changes.
If you are using a continuous configuration change tracking solution then you will have an audit trail available giving you 'closed loop' change management - so the detail of the approved change is documented, along with details of the exact changes that were actually implemented. Furthermore, the devices changed will be re-assessed for vulnerabilities and their compliant state confirmed automatically.

What about internal threats? Cybercrime is joining the Organised Crime league which means this is not just about stopping malicious hackers proving their skills as a fun pastime!
Firewalling, Intrusion Protection Systems, AntiVirus software and fully implemented device hardening measures will still not stop or even detect a rogue employee who works as an 'inside man'. This kind of threat could result in malware being introduced to otherwise secure systems by an employee with Administrator Rights, or even backdoors being programmed into core business applications.
Similarly, with the advent of Advanced Persistent Threats (APT) such as the publicized 'Aurora' hacks that use social engineering to dupe employees into introducing 'Zero-Day' malware.
'Zero-Day' threats exploit previously unknown vulnerabilities - a hacker discovers a new vulnerability and formulates an attack process to exploit it. The job then is to understand how the attack happened and more importantly how to remediate or mitigate future re-occurrences of the threat. By their very nature, anti-virus measures are often powerless against 'zero-day' threats.
In fact, the only way to detect these types of threats is to use File-Integrity Monitoring technology.
"All the firewalls, Intrusion Protection Systems, Anti-virus and Process Whitelisting technology in the world won't save you from a well-orchestrated internal hack where the perpetrator has admin rights to key servers or legitimate access to application code - file integrity monitoring used in conjunction with tight change control is the only way to properly govern sensitive payment card systems" Phil Snell, CTO, NNT

See our other whitepaper 'File-Integrity Monitoring - The Last Line of Defense of the PCI DSS' for more background to this area, but this is a brief summary -
Clearly, it is important to verify all adds, changes and deletions of files as any change may be significant in compromising the security of a host. This can be achieved by monitoring for should be any attributes changes and the size of the file.

However, since we are looking to prevent one of the most sophisticated types of hack we need to introduce a completely infallible means of guaranteeing file integrity. This calls for each file to be 'DNA Fingerprinted', typically generated using a Secure Hash Algorithm. A Secure Hash Algorithm, such as SHA1 or MD5, produces a unique, hash value based on the contents of the file and ensures that even a single character changing in a file will be detected. This means that even if a program is modified to expose payment card details, but the file is then 'padded' to make it the same size as the original file and with all other attributes edited to make the file look and feel the same, the modifications will still be exposed.
This is why the PCI DSS makes File-Integrity Monitoring a mandatory requirement and why it is increasingly considered as vital a component in system security as firewalling and anti-virus defences.

Conclusion
Device hardening is an essential discipline for any organization serious about security. Furthermore, if your organization is subject to any corporate governance or formal security standard, such as PCI DSS, SOX, HIPAA, NERC CIP, ISO 27K, GCSx Co Co, then device hardening will be a mandatory requirement.
- All servers, workstations and network devices need to be hardened via a combination of configuration settings and software patch deployment
- Any change to a device may adversely affect its hardened state and render your organization exposed to security threats
- file-integrity monitoring must also be employed to mitigate 'zero-day' threats and the threat from the 'inside man'
- vulnerability checklists will change regularly as new threats are identified