Duo's Security Blog

APRIL 25, 2022

For as long as organizations have existed to grow crops, move goods or produce items there have been insurance firms to help these markets survive cyclical events. One of the most important steps they can take to safeguard their businesses is to employ multi-factor authentication ( MFA ). But not all MFA solutions are created equal.

Insurance 115

Insurance Risk Marketing Authentication 115

Thales Cloud Protection & Licensing

MARCH 19, 2025

Insurance, a study in Stagnation The insurance industry remained stagnant in consumer trust, securing only 24% confidence in 2025unchanged from 2024. While insurers benefit from regulatory oversight like the banking sector, persistent friction points like opaque claims processes and intrusive data collection eroded goodwill.

Insurance 71

Insurance Banking Authentication Data privacy 71

Security Boulevard

NOVEMBER 18, 2022

What Is Encryption Key Management? To keep data safe, it is encrypted and decrypted using encryption keys. Types of Encryption Keys. There are two main types of encryption keys : symmetric and asymmetric. Symmetric key encryption uses a single key to both encrypt and decrypt data. brooke.crothers.

Encryption 122

Encryption Digital transformation Insurance IoT 122

Krebs on Security

JANUARY 19, 2022

is perhaps better known as the online identity verification service that many states now use to help staunch the loss of billions of dollars in unemployment insurance and pandemic assistance stolen each year by identity thieves. prompts users to choose a multi-factor authentication (MFA) option. These days, ID.me

Mobile 364

Mobile Accountability Insurance Government 364

CyberSecurity Insiders

AUGUST 1, 2022

While verification and authentication are terms that are often used interchangeably, they are in fact two separate operations. Digital verification and authentication play a critical role in preventing fraud and cyberattacks. However, if an insurance company uses a legacy system (see “ What is a legacy system in insurance?

Authentication 121

Authentication Passwords Technology Insurance 121

eSecurity Planet

MARCH 17, 2025

Since its emergence in 2021, Medusa has targeted over 300 victims across various critical infrastructure sectors, including medical, education, legal, insurance, technology, and manufacturing. Attackers employ a double extortion strategy, encrypting victim data and threatening to publicly release it if the ransom is unpaid.

Ransomware 76

Ransomware Backups Firmware Insurance 76

Krebs on Security

DECEMBER 8, 2022

First spotted in mid-August 2022 , Venus is known for hacking into victims’ publicly-exposed Remote Desktop services to encrypt Windows devices. Using hard-to-crack unique passwords to protect sensitive data and accounts, as well as enabling multi-factor authentication. Encrypting sensitive data wherever possible.

Healthcare 323

Healthcare Backups Ransomware Insurance 323

CyberSecurity Insiders

MAY 10, 2023

According to the Insurance Information Institute , there was a 45-percent increase in identity theft in 2020, and the rapid digital transformation that took place during 2020 would not have helped improve this figure. Authentication also reduces the overall likelihood of compromising information.

Authentication 109

Authentication Insurance Identity Theft Digital transformation 109

eSecurity Planet

DECEMBER 7, 2023

Encryption uses mathematical algorithms to transform and encode data so that only authorized parties can access it. What Encryption Is and How It Relates to Cryptology The science of cryptography studies codes, how to create them, and how to solve them. How Does Encryption Process Data? How Does Encryption Process Data?

Encryption 116

Encryption Passwords IoT Firewall 116

Security Affairs

MARCH 13, 2025

As of February 2025, Medusa developers and affiliates have impacted over 300 victims from a variety of critical infrastructure sectors with affected industries including medical, education, legal, insurance, technology, and manufacturing.” The attackers are also spotted manually disabling and encrypting virtual machines.

Ransomware 67

Ransomware Encryption Cryptocurrency Insurance 67

eSecurity Planet

OCTOBER 5, 2021

Passwords are the most common authentication tool used by enterprises, yet they are notoriously insecure and easily hackable. At this point, multi-factor authentication (MFA) has permeated most applications, becoming a minimum safeguard against attacks. Jump to: What is multi-factor authentication? MFA can be hacked.

Authentication 105

Authentication Passwords Mobile Accountability 105

Thales Cloud Protection & Licensing

FEBRUARY 3, 2025

HIPAA ensures that businesses treat your personal health information with extra care, encrypting it, restricting who can access it, and ensuring systems that store it are secure and continuously tested. To compound issues, identity and encryption management complexity is a serious issue. What is HIPAA? Who does it apply to?

Healthcare 62

Healthcare Penetration Testing Insurance Encryption 62

Malwarebytes

OCTOBER 11, 2023

The Philippine Health Insurance Corporation (PhilHealth), has confirmed that it was unprotected by antivirus software when it was attacked by the Medusa ransomware group in September. Stop malicious encryption. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently.

Antivirus 124

Antivirus Insurance Ransomware Healthcare 124

The Last Watchdog

DECEMBER 18, 2024

Part three of a four-part series In 2024, global pressure on companies to implement advanced data protection measures intensified, with new standards in encryption and software transparency raising the bar. Tech companies are adopting cybersecurity by design, embedding encryption, biometrics, and multi-factor authentication into products.

Cybersecurity 130

Cybersecurity CISO Risk Government 130

Duo's Security Blog

FEBRUARY 4, 2025

With the rate that new threats emerge, it may come as no surprise that cyber liability insurance can be traced back to 1997. In its modern iteration, cyber liability insurance mitigates the losses and business costs associated with cyber incidents and resulting downtime. What would an insurer do? At least not alone.

Cyber Insurance 64

Cyber Insurance Insurance Authentication Risk 64

Thales Cloud Protection & Licensing

JANUARY 22, 2025

The Health Insurance Portability and Accountability Act (HIPAA), enacted in 1996, established national standards to safeguard sensitive patient health information (PHI) and prevent unauthorized disclosures. New measures proposed by HHS Multi-Factor Authentication (MFA) : Clear definitions to enhance security when accessing sensitive systems.

Healthcare 62

Healthcare Cybersecurity Data breaches Encryption 62

Thales Cloud Protection & Licensing

OCTOBER 24, 2024

The cybersecurity regulations apply to entities overseen by the NYDFS, such as financial institutions, insurance companies, agents, and brokers, as well as banks, trusts, mortgage lenders and brokers, money transmitters, check cashers, and other related businesses.

Financial Services 62

Financial Services Cybersecurity CISO Backups 62

Thales Cloud Protection & Licensing

JANUARY 16, 2025

Some of the most important are Gramm-Leach-Bliley Act ( GLBA ), the National Association of Insurance Commissioners ( NAIC ) Data Security Model Law, the New York Department of Financial Services ( NYDFS ) Cybersecurity Regulation, and the National Credit Union Administration ( NCUA ) cybersecurity guidance.

Financial Services 62

Financial Services Encryption Insurance Government 62

CyberSecurity Insiders

SEPTEMBER 20, 2021

Encryption and data backup. Data encryption is a protection strategy that renders data useless even when an intruder accesses it. Encrypting all your company’s sensitive data and private information ensures that it’s protected from data breaches. Invest in cybersecurity insurance.

Cybersecurity 121

Cybersecurity Insurance Passwords Encryption 121

Thales Cloud Protection & Licensing

JULY 4, 2022

How Cybersecurity Insurance Can Work To Help An Organization. In the last 20+ years, cybersecurity insurance has added risk transference to the available palette of palliative choices. I recently spoke with Neira Jones and Danna Bethlehem about how cybersecurity insurance can work to help an organization. regulations.

Insurance 71

Insurance Cybersecurity Risk Ransomware 71

Security Affairs

OCTOBER 9, 2021

. “On June 3, 2021, CMG experienced a ransomware incident in which a small percentage of servers in its network were encrypted by a malicious threat actor. CMG discovered the incident on the same day, when CMG observed that certain files were encrypted and inaccessible.” ” continues the notification.

Media 123

Media Ransomware Identity Theft Insurance 123

Adam Levin

NOVEMBER 17, 2020

Mobile payment platforms, like Apple Pay and Google Pay, use advanced technology, like fingerprint authentication and tokenization (in which credit card account numbers are replaced by randomly generated numbers) to provide brick-and-mortar shoppers with an added layer of security. SSLs ensure all data is encrypted. Look for the lock.

Scams 243

Scams Retail Banking Passwords 243

Security Boulevard

MARCH 14, 2025

and strong authentication mechanisms like OAuth 2.0 It mandates robust authentication methods, including mutual TLS (mTLS), and stringent access restrictions for APIs interacting with operational technology (OT) systems. Secure authentication mechanisms must be implemented to maintain the integrity and security of financial APIs.

Authentication 52

Authentication Threat Detection Government Data breaches 52

The Last Watchdog

OCTOBER 26, 2021

With digital transformation leading to a boom in the use of digital certificates, our bedrock authentication and encryption framework is at an inflection point, where the demand and adoption of automation is set to rapidly accelerate to keep up with technology requirements. PKI touches nearly every aspect of our connected technologies.

Digital transformation 230

Digital transformation eCommerce Internet Internet 230

Adam Levin

NOVEMBER 30, 2018

“The company recently discovered that an unauthorized party had copied and encrypted information, and took steps towards removing it,” Marriott disclosed in a statement. The vulnerability that the hackers took advantage of had been in place and used for “unauthorized access,” according to the company statement, since 2014.

Identity Theft 165

Identity Theft Financial Services Media Password Management 165

Thales Cloud Protection & Licensing

OCTOBER 14, 2024

A lack of multifactor authentication (MFA) to protect privileged accounts was another culprit, at 10%, also 7 percentage points lower than average. Among FinServ organizations, 73% have adopted multifactor authentication (MFA) to secure cloud data access, nearly matching the overall average of 74%.

Financial Services 62

Financial Services Threat Reports Authentication Banking 62

Duo's Security Blog

SEPTEMBER 1, 2023

Remote Users The web authentication process begins when the remote user wants to connect to an application. Passkeys are created, encrypted and stored by the endpoint for the target application (also known as the relying party). Multi-factor Since password-based authentication is so vulnerable, it’s typically paired with other factors.

Passwords 133

Passwords Authentication Insurance Cyber Insurance 133

Security Boulevard

JULY 10, 2023

Public key infrastructure (PKI)  offers a globally accepted standard for implementing various security protocols and authentication mechanisms.  e-commerce and online banking), and authenticate the identity of an entity in an online environment. The good news is that you don't have to reinvent the wheel.

Authentication 98

Authentication Encryption VPN Technology 98

Daniel Miessler

MARCH 20, 2022

This will include things like cloud configurations for open protocols, open ports, authenticated entities, encryption at rest, encryption in transit, who is accessing what items, etc. HT to Jeremiah Grossman to also being very early to seeing the role of insurance in InfoSec. Insurance companies. Introduction.

InfoSec 180

InfoSec Insurance Technology Engineering 180

Security Boulevard

FEBRUARY 18, 2024

Data Protection and Encryption One of the primary concerns when moving to the cloud is the protection of data, both at rest and in transit. Data encryption is a fundamental security measure that should be implemented to safeguard information from unauthorized access.

Encryption 128

Encryption Authentication Insurance Risk 128

SecureWorld News

SEPTEMBER 5, 2023

In a recent revelation, security researcher Jeremiah Fowler uncovered a significant data leak affecting one of the United States' largest health insurance companies, Cigna Health. The exposed database offered a unique glimpse into the operations of Cigna Health, one of the nation's largest health insurance providers.

Backups 107

Backups Insurance Healthcare Data breaches 107

eSecurity Planet

AUGUST 20, 2024

Enable Multi-Factor Authentication (MFA) Even if your password is compromised, MFA adds an extra layer of security by requiring a second verification form, such as a code sent to your phone or generated by an authentication app. They often include insurance and recovery assistance if your identity is compromised.

Identity Theft 131

Identity Theft Data breaches Passwords Encryption 131

Duo's Security Blog

MARCH 31, 2025

87 The implementation of multi-factor authentication (MFA) is no longer optional. With the widest range of supported authenticators, Duo helps organizations transition away from weaker SMS and phone-call 2FA and towards push-based smartphone apps with verified number matching and phishing-resistant or passwordless authenticators.

Healthcare 52

Healthcare Authentication Risk Encryption 52

Thales Cloud Protection & Licensing

JUNE 15, 2023

The most effective way to ensure data security is through encryption and proper key management. Key Management as a Service (KMaaS) allows companies to manage encryption keys more effectively through a cloud-based solution instead of running the service on physical, on-premises hardware.

Encryption 133

Encryption Data breaches Authentication Risk 133

Centraleyes

MARCH 13, 2025

Multi-factor authentication (MFA) and role-based access controls are your best friends here. Encryption Sensitive data must be encrypted, whether in transit or at rest. Saying it Like it Is: Encryption sounds intimidating, but with modern tools, its more accessible than ever.

Cybersecurity 52

Cybersecurity Financial Services Risk Encryption 52

eSecurity Planet

SEPTEMBER 19, 2022

With these tools, all passwords for an account are stored in a unique, encrypted vault only accessible using a key that the individual user possesses. Multi-factor authentication. This solution offers true two-factor authentication and impressive encryption capabilities. True two-factor authentication. Travel Mode.

Password Management 124

Password Management Passwords Software Encryption 124

Security Affairs

NOVEMBER 14, 2022

And this often happens when the hacker, the so-called threat actor, starts encrypting the computer systems. Encrypting computer systems can bring business operations to a standstill, partially because attacks usually occur when the company is least ready to respond e.g., at Christmas, during the summer, and on weekends.

Cyber Risk 141

Cyber Risk Insurance Cyber Attacks Risk 141