Cyber Risk, Insurance and Internet - Cyber Security Informer

Cyber Insurance: The Good, the Bad, and the Ugly

IT Security Guru

JUNE 28, 2022

Enter cyber insurance. We insure almost everything – our homes, our cars, even our lives. At first glance, it seems odd that most businesses don’t insure against something as potentially devastating as cybercrime. Unfortunately, transferring traditional insurance models to the cyber-sphere isn’t an easy task.

Cyber Insurance

Cyber Insurance Insurance Small Business Marketing

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Cyber Risk

Cyber Risk Risk Financial Services Banking

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Unisys, for instance, was found to have framed cyber risks hypothetically even though its systems had already been breached, exfiltrating gigabytes of data. Other companies may continue to rely on hiding the ball, scapegoating and relying on insurance to cover the losses. SEC investigators gathered evidence that Unisys Corp.,

CISO

CISO CSO Risk Cyber threats

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Annual Reports: How They Warn of Cyber Risk

SecureWorld News

OCTOBER 20, 2021

However, we were most interested in seeing how Accenture articulated a particular business risk: the risk from a cyberattack. On page 34 of the report, Accenture dives into the risk that cyber poses to the business. L egal, reputational and financial risks? That's where the fine print comes in.

Cyber Risk

Cyber Risk Risk Insurance Cyber Insurance

Scanning for Flaws, Scoring for Security

Krebs on Security

DECEMBER 12, 2018

Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices? Data accidentally released by FICO about the Cyber Risk Score for ExxonMobil.

Cyber Risk

Cyber Risk Energy and Utilities Risk Marketing

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

Seara Jose Seara , CEO, DeNexus Recent regulatory updates highlight a shift toward robust cyber risk governance, requiring organizations to adapt. emphasizes governance, while the SEC mandates cyber risk reporting and incident disclosures. The NIST Cybersecurity Framework 2.0

Cybersecurity

Cybersecurity CISO Risk Government

As market for cyber insurance booms, watchdog calls for better data

SC Magazine

MAY 24, 2021

In a report released May 20, the Government Accountability Office looked at how the private cybersecurity insurance market has developed over the past five yearsRich Baich is global chief information security officer for insurance giant AIG. Photo by Spencer Platt/Getty Images).

Cyber Insurance

Cyber Insurance Insurance Marketing Cyber Risk

Checklist for Getting Cyber Insurance Coverage

Thales Cloud Protection & Licensing

MAY 10, 2022

Checklist for Getting Cyber Insurance Coverage. As cyber criminals mature and advance their tactics, small and medium businesses become the most vulnerable because they lack the capacity – staff, technology, budget - to build strong cyber defenses. The necessity for cyber-insurance coverage.

Cyber Insurance

Cyber Insurance Insurance Cyber Risk Cyber Attacks

RSAC insights: How ‘TPRM’ can help shrink security skills gap — while protecting supply chains

The Last Watchdog

JUNE 2, 2022

Third-Party Risk Management ( TPRM ) has been around since the mid-1990s – and has become something of an auditing nightmare. Related: A call to share risk assessments. Cyber risks profiling. CyberGRX’s global cyber risk Exchange caught on quickly. I’ll keep watch and keep reporting.

Cyber Risk

Cyber Risk Risk Digital transformation Insurance

RSAC insights: CyberGRX finds a ton of value in wider sharing of third-party risk assessments

The Last Watchdog

MAY 10, 2021

It turns out there is a ton of third-party risk profiles sitting around not being put to any kind of high use. Back in the mid-1990s, big banks and insurance companies came up with something called “bespoke assessments” as the approach for assessing third party vendor risk. Crowdsourcing risk profiles.

Risk

Risk Cyber Risk Insurance Banking

Cloudflare Helps Businesses Manage Their Cyber Risk; Announces Partnerships with Leading Cyber Insurers and Incident Response Providers

CyberSecurity Insiders

DECEMBER 11, 2021

(NYSE: NET), the security, performance, and reliability company helping to build a better Internet, today announced it is partnering with leading cyber insurance companies to help businesses manage their risks online. As a result, some insurance companies have had to raise premiums to cover their costs.

Cyber Insurance

Cyber Insurance Insurance Cyber Risk Risk

Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats

The Security Ledger

OCTOBER 23, 2018

In this episode of the podcast (#117), we go deep on one of the hottest sectors around: cyber insurance. In the first segment, we talk with Thomas Harvey of the firm RMS about the problem of “silent cyber” risk to insurers and how better modeling of cyber incidents is helping to address that threat.

Insurance

Insurance Cyber Risk Risk Cyber Insurance

Spotlight on Cybersecurity Leaders: Kip Boyle

SecureWorld News

NOVEMBER 2, 2022

He helps senior decision makers overcome cybersecurity sales objections and manages unlimited cyber risks through rigorous prioritization. In the private sector, he was a CISO for an insurance company, credit card processor, bank, credit union, and IT Managed Service Provider. See the conference agenda and register here.

Cybersecurity

Cybersecurity Cyber Insurance Insurance Cyber Risk

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

The Last Watchdog

APRIL 8, 2024

Related: The ‘cyber’ case for D&O insurance Vanessa Pegueros knows this all too well. She serves on the board of several technology companies and also happens to be steeped in cyber risk governance. Boards must evolve or their organizations will fail.

CISO

CISO Risk Cybersecurity Insurance

Report: Cyberattacks drive 185% spike in health care data breaches in 2021

SC Magazine

JULY 13, 2021

Lastly, the report warns entities not to rely on cyber insurance as the rates have skyrocketed in response to the rise in ransomware attacks. Some insurers are also jacking up the cost of deductibles and limiting the types of entities they’re willing to insure.

Data breaches

Data breaches Insurance Healthcare Education

Cybersecurity Snapshot: WEF Offers AI Security Best Practices, as DORA Regulation Places Strict Cyber Rules on Banks

Security Boulevard

JANUARY 24, 2025

Are we clear on who must be involved in assessing and mitigating AI adoption cyber risks? By assessing and mitigating cyber risks, leaders can align AI adoption with organizational goals and resilience needs, reads the companion WEF article Securing innovation: A leaders guide to managing cyber risks from AI adoption.

Banking

Banking Cybersecurity Artificial Intelligence Ransomware

Episode 218: Denial of Sustenance Attacks -The Cyber Risk To Agriculture

The Security Ledger

JUNE 24, 2021

In just the past four months, the United States has contended with a major escalation of cyber risk in critical infrastructure with two, major attacks that disrupted critical sectors. Episode 158: How NotPetya has Insurers grappling with Systemic Cyber Risk. The repercussions of those attacks were easy to see.

Cyber Risk

Cyber Risk Risk Cyber Attacks Ransomware

CISA, SolarWinds up interest in security scoring

SC Magazine

FEBRUARY 10, 2021

The Cybersecurity and Infrastructure Security Agency (CISA) recently included security ratings or scoring as part of its cyber risk reduction initiative. The Cybersecurity and Infrastructure Security Agency (CISA) recently included security ratings or scoring as part of its cyber risk reduction initiative.

Cyber Insurance

Cyber Insurance Insurance Cyber Risk Government

Higher Ed Ransomware Attack: University Pays Hackers $450,000

SecureWorld News

AUGUST 21, 2020

The end result was hefty payment: "After careful consideration, the university decided to work with its cyber insurance provider to pay a fee to the ransomware attacker. This was done as a proactive and preventive step to ensure information was not released on the internet.". And number one is cyber insurance.

Ransomware

Ransomware Cyber Insurance Insurance Backups

Q&A: Why SOAR startup Syncurity is bringing a ‘case-management’ approach to threat detection

The Last Watchdog

MARCH 1, 2019

This, in short, is the multi-headed hydra enterprises must tame in order to mitigate rising cyber risks. The ability to prove you have a process, and demonstrate the audit trail showing you used that process, will become the subject of increased scrutiny by regulators and cyber insurance underwriters. Smart money.

Threat Detection

Threat Detection Digital transformation Marketing Firewall

2023 Cybersecurity Predictions from Marcus Fowler, Darktrace

CyberSecurity Insiders

DECEMBER 18, 2022

In 2023, ‘knowing thy enemy’ in cyber will be more complicated than ever before – but it is critical that organizations remain aware of the realities of cyber risk and cease to focus on the ‘boogie man’ of the internet that features in sensationalist reporting.

Cybersecurity

Cybersecurity CISO Insurance Ransomware

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

The Last Watchdog

DECEMBER 12, 2023

Related: Adopting an assume-breach mindset With that in mind, Last Watchdog invited the cybersecurity experts we’ve worked with this past year for their perspectives on two questions that all company leaders should have top of mind: •What should be my biggest takeaway from 2023, with respect to mitigating cyber risks at my organization?

Cybersecurity

Cybersecurity Social Engineering Cyber threats Software

NEW TECH: Brinqa takes a ‘graph database’ approach to vulnerability management, app security

The Last Watchdog

APRIL 18, 2019

Imposing just the right touch of policies and procedures towards mitigating cyber risks is a core challenge facing any company caught up in digital transformation. Related: Data breaches fuel fledgling cyber insurance market. Enterprises, especially, tend to be methodical and plodding. Talk more soon.

Digital transformation

Digital transformation Cyber Risk Risk Penetration Testing

5 Trends to Watch for Cybersecurity in 2023

SecureWorld News

DECEMBER 7, 2022

Scott Register, VP of Security Solutions at Keysight Technologies, discusses this trend: "Deepfake technology to date has resulted in political confusion, internet chatter, and some amusing mashup videos, but expect this to change in the near term. Cyber insurance trends in 2023.

Cybersecurity

Cybersecurity Cyber Insurance Insurance Social Engineering

Security Roundup July 2024

BH Consulting

JULY 17, 2024

Cyber insurance: whisper it, but it seems to be working Cyber insurance premiums have dropped by 15 per cent compared to their peak in 2022. Even though more companies are buying cyber insurance, Howden found prices are falling through a combination of more providers in the market, and companies improving their security.

Cyber Insurance

Cyber Insurance Insurance Risk Marketing

Spotlight: as Attacks Mount, how to secure the Industrial Internet

The Security Ledger

DECEMBER 19, 2018

is poised to transform the global economy, Hanna said, but not if the issue of cyber risk can't be managed. ” is poised to transform the global economy, Hanna said, but not if the issue of cyber risk can’t be managed. "Industry 4.0" We talk about how that might be. Read the whole entry. »

Internet

Internet Internet IoT Cyber Risk

Podcast Episode 122: will 5G increase Internet of Things Risk?

The Security Ledger

NOVEMBER 26, 2018

But what new kinds of Internet of Things use cases may become possible? » Related Stories Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats Episode 114: Complexity at Root of Facebook Breach and LoJax is a RAT You Can’t Kill How Digital Transformation is forcing GRC to evolve. . »

Internet

Internet Internet Telecommunications Risk

What is Cybersecurity Risk Management?

eSecurity Planet

FEBRUARY 11, 2022

Risk management is a concept that has been around as long as companies have had assets to protect. The simplest example may be insurance. Life, health, auto, and other insurance are all designed to help a person protect against losses. Risk Mitigation Steps. Enhancing Risk Management. Advanced Encryption.

Risk

Risk Cybersecurity Encryption Technology

Deciphering the Omnibus for Medical Device Security

NetSpi Executives

OCTOBER 17, 2023

Updated Definition of a Cyber Device In the Omnibus legislation, a “cyber device” is defined by three key attributes: It includes software validated, installed, or authorized by the sponsor, indicating its integral role in device functionality. It must possess the ability to connect to the internet.

Healthcare

Healthcare Manufacturing Cyber Risk Risk

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

The Last Watchdog

FEBRUARY 25, 2019

These vendors drilled down on “governance and attestation,” coming up with advanced ways to enable companies to monitor and report cyber risk profiles to government and industry auditors. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

Government

Government Authentication Technology Data breaches

‘How can I help you today?’ Scammers dupe online support agents through live chat platforms

SC Magazine

JULY 8, 2021

Devon Ackerman, managing director and head of incident response for North America with Kroll’s Cyber Risk practice, said that the malicious actors behind this growing trend are “directly tied to ransomware groups” and are likely using automated scripts to seek out “Contact Us” or chat forms on the internet that they can abuse.

Phishing

Phishing Antivirus Scams Malware

Why Healthcare IoT Requires Strong Machine Identity Management

Security Boulevard

MAY 30, 2022

Applications like personal healthcare, biosensors, smart beds, smart pills, the health insurance industry, robotics, and other specializations are only expanding the scope of IoMT. The use of internet connected medical devices can be incredibly scary if the right security isn’t put in place. Hackable pacemakers.

Healthcare

Healthcare IoT Manufacturing Risk

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

SecureWorld News

JULY 31, 2023

If you are a CISO today who is not getting face time with the board, look at this as an opportunity to continue to press for the need to discuss the current state and cyber risks currently being faced by the company. What about providing D&O (directors and officers liability) insurance to CISOs? That's not addressed either."

CISO

CISO InfoSec Risk Cybersecurity

Top Cyber Attacker Techniques, August–October 2024

Digital Shadows

NOVEMBER 26, 2024

Initial Access Broker (IAB) activity increased by 16% during the reporting period, heavily targeting US-based organizations due to perceived financial capability from cyber insurance. Moreover, RDP ports are often exposed to the internet, which allows threat actors to easily scan for open ports and launch brute-force attacks.

Cyber Attacks

Cyber Attacks Phishing Ransomware Cyber Insurance

Podcast Episode 119: EFF on Expanding Researchers Rights and AT&T talks IoT Security Fails

The Security Ledger

NOVEMBER 6, 2018

» Related Stories Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats Spotlight Podcast: At 15 Cybersecurity Awareness Month Grows with Cyber Risk Spotlight Podcast: 15 Years Later Is Cybersecurity Awareness Month Working? Read the whole entry. »

IoT

IoT Computers and Electronics Internet Internet

AON ACQUIRES CYTELLIGENCE, A LEADING INTERNATIONAL CYBER SECURITY FIRM WITH DEEP EXPERTISE IN CYBER INCIDENT RESPONSE AND DIGITAL FORENSIC INVESTIGATIONS

Cytelligence

FEBRUARY 4, 2020

The 2019 Cybersecurity Almanac published by Cisco and Cybersecurity Ventures predicts that cyber events will cost $6 trillion annually by 2021, as companies are digitizing most of their processes and are often operating remotely. Global cyber insurance premiums are expected to grow from $4 billion in 2018 to $20 billion by 2025.

Penetration Testing

Penetration Testing Insurance Data preservation Risk

Top 9 Cybersecurity Challenges SMEs Currently Face

Responsible Cyber

APRIL 8, 2020

The Internet of Things (IoT) is undeniably the future of technology. To mitigate cyber risks, small and medium businesses must develop a strategy to improve their cybersecurity posture. Although cloud technology is getting more secure, new vulnerabilities and loose ends make it a security concern worth paying attention to.

Cybersecurity

Cybersecurity DDOS Small Business Phishing

FFIEC Will Sunset the Cybersecurity Assessment Tool: Everything You Need to be Prepared

Centraleyes

SEPTEMBER 11, 2024

The council’s cybersecurity efforts are crucial in promoting regulatory cooperation and creating guidance for cybersecurity risk management across the financial sector. Both of these tools are highly relevant to financial institutions and offer targeted guidance on managing cyber risks while aligning with regulatory standards.

Cybersecurity

Cybersecurity Risk Cyber Risk Identity Theft

Episode 155: Disinformation is a Cyber Weapon and APTs warm to Mobile Malware

The Security Ledger

AUGUST 1, 2019

» Related Stories Israeli Group Exploited WhatsApp to Spy on Users Episode 158: How NotPetya has Insurers grappling with Systemic Cyber Risk Episode 149: How Real is the Huawei Risk? Also: Adam Meyers of CrowdStrike joins us to talk about that company's first ever report on mobile malware, which is.

Mobile

Mobile Malware Insurance Cyber Risk

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

VoIP phishing and impersonation also victimized millions of corporate employees across the world , contributing to an even greater cyber threat. The contemporary world has witnessed the rise of the Internet and global communication, and collaboration technologies, including mobile data use and the culture of bring your own device [BYOD].

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

Cybersecurity Snapshot: Study Raises Open Source Security Red Flags, as Cyber Agencies Offer Prevention Tips Against Telecom Spying Attacks

Security Boulevard

DECEMBER 6, 2024

Disconnect unneeded internet-facing infrastructure and monitor the infrastructure that does need to be exposed to the internet. Thats according to Corvus Insurances Q3 2024 Cyber Threat Report , which said many of the ransomware attacks in Q3 leveraged outdated VPN software and poorly protected VPN gateways.

Cybersecurity

Cybersecurity VPN Ransomware Software

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Company Sector Year Status Vicarius Vulnerability management 2022 Private Dragos ICS and OT security 2021 Private Safeguard Cyber Risk management 2021 Private CyberGRX Risk management 2019 Private Signifyd Fraud protection 2018 Private RedOwl Security analytics 2015 Acquired: Forcepoint. AllegisCyber Investments.

Cybersecurity

Cybersecurity Technology Marketing Healthcare

RSAC insights: Security platforms arise to help companies discover, assess and mitigate cyber risks

The Last Watchdog

JUNE 6, 2022

Unmanaged smartphones and laptops, misconfigured Software as a Service (SaaS) apps, unsecured Internet access present more of an enterprise risk than ever. The increased number of these cyber assets means that there’s more cyber assets that can potentially be vulnerable,” Smith says. Need a roadmap?

Cyber Risk

Cyber Risk Risk CISO Cloud Migration

Top Cyber Attacker Techniques, August–October 2024

Digital Shadows

NOVEMBER 26, 2024

Initial Access Broker (IAB) activity increased by 16% during the reporting period, heavily targeting US-based organizations due to perceived financial capability from cyber insurance. Moreover, RDP ports are often exposed to the internet, which allows threat actors to easily scan for open ports and launch brute-force attacks.

Cyber Attacks

Cyber Attacks Phishing Ransomware Cyber Insurance

Cyber Insurance: The Good, the Bad, and the Ugly

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

Webinars

Trending Sources

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Webinars

Annual Reports: How They Warn of Cyber Risk

Scanning for Flaws, Scoring for Security

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

As market for cyber insurance booms, watchdog calls for better data

Checklist for Getting Cyber Insurance Coverage

RSAC insights: How ‘TPRM’ can help shrink security skills gap — while protecting supply chains

RSAC insights: CyberGRX finds a ton of value in wider sharing of third-party risk assessments

Cloudflare Helps Businesses Manage Their Cyber Risk; Announces Partnerships with Leading Cyber Insurers and Incident Response Providers

Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats

Spotlight on Cybersecurity Leaders: Kip Boyle

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

Report: Cyberattacks drive 185% spike in health care data breaches in 2021

Cybersecurity Snapshot: WEF Offers AI Security Best Practices, as DORA Regulation Places Strict Cyber Rules on Banks

Episode 218: Denial of Sustenance Attacks -The Cyber Risk To Agriculture

CISA, SolarWinds up interest in security scoring

Higher Ed Ransomware Attack: University Pays Hackers $450,000

Q&A: Why SOAR startup Syncurity is bringing a ‘case-management’ approach to threat detection

2023 Cybersecurity Predictions from Marcus Fowler, Darktrace

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

NEW TECH: Brinqa takes a ‘graph database’ approach to vulnerability management, app security

5 Trends to Watch for Cybersecurity in 2023

Security Roundup July 2024

Spotlight: as Attacks Mount, how to secure the Industrial Internet

Podcast Episode 122: will 5G increase Internet of Things Risk?

What is Cybersecurity Risk Management?

Deciphering the Omnibus for Medical Device Security

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

‘How can I help you today?’ Scammers dupe online support agents through live chat platforms

Why Healthcare IoT Requires Strong Machine Identity Management

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

Top Cyber Attacker Techniques, August–October 2024

Podcast Episode 119: EFF on Expanding Researchers Rights and AT&T talks IoT Security Fails

AON ACQUIRES CYTELLIGENCE, A LEADING INTERNATIONAL CYBER SECURITY FIRM WITH DEEP EXPERTISE IN CYBER INCIDENT RESPONSE AND DIGITAL FORENSIC INVESTIGATIONS

Top 9 Cybersecurity Challenges SMEs Currently Face

FFIEC Will Sunset the Cybersecurity Assessment Tool: Everything You Need to be Prepared

Episode 155: Disinformation is a Cyber Weapon and APTs warm to Mobile Malware

Cyber Security Awareness and Risk Management

Cybersecurity Snapshot: Study Raises Open Source Security Red Flags, as Cyber Agencies Offer Prevention Tips Against Telecom Spying Attacks

Top VC Firms in Cybersecurity of 2022

RSAC insights: Security platforms arise to help companies discover, assess and mitigate cyber risks

Top Cyber Attacker Techniques, August–October 2024

Stay Connected