Information Security, InfoSec and Insurance

Demand, CyberInsurance, and Automation/AI Are the Future of InfoSec

Daniel Miessler

NOVEMBER 6, 2020

I think there are four main trends that will play out in the field of information security in the next 20 years. 2021-2030) A Surge in Demand for InfoSec people will result in many more professionals being trained and placed within companies, likely using more of a trade/certification model than a 4-year university model.

InfoSec

InfoSec Insurance Artificial Intelligence Cybersecurity

Thinking About the Future of InfoSec (v2022)

Daniel Miessler

MARCH 20, 2022

I’m starting a new series with this 2022 edition where I think about what Information Security could or should look like in the distant future—say in 2050. The ideas will cover multiple aspects of InfoSec, from organizational structure to technology. You need these inspections or else you can’t get insured.

InfoSec

InfoSec Insurance Technology Engineering

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

The SEC says First American derives nearly 92 percent of its revenue from its title insurance segment, earning $7.1 Title insurance protects homebuyers from the prospect of someone contesting their legitimacy as the new homeowner. Title insurance is not mandated by law, but most lenders require it as part of any mortgage transaction.

Insurance

Insurance Risk Financial Services CISO

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Safety first: Will insurance companies stall or accelerate cybersecurity progress?

SC Magazine

FEBRUARY 8, 2021

Every time a driver buckles up or an airbag is deployed we see the powerful influence of the insurance companies who insisted those measures become mandatory. Now, those insurers are poised to drive cybersecurity investment by insisting that organizations meet certain criteria to qualify for coverage. A maturing model.

Insurance

Insurance Cybersecurity Cyber Insurance Government

The CPRA: What You Should Know as an InfoSec Professional

SecureWorld News

DECEMBER 1, 2022

A panel of practitioner experts breaks it all down in our recent Remote Sessions webcast, "Countdown to CPRA: What Information Security Professionals Need to Know Now," now available on-demand. Cyber insurance (critical). Well documented policies and standards for employees (data handling). Endpoint encryption for all laptops.

InfoSec

InfoSec Cyber Insurance Consumer Protection Insurance

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

SecureWorld News

JULY 31, 2023

Cybersecurity professionals have various views on last week's news from the United States Securities and Exchange Commission (SEC) when it surprised the InfoSec community and the C-suites of corporate America. What about providing D&O (directors and officers liability) insurance to CISOs? After all, a CISO can't do it all.

CISO

CISO InfoSec Risk Cybersecurity

Hive Ransomware gang leaked 550 GB stolen from Consulate Health Care

Security Affairs

JANUARY 7, 2023

employees info (social security numbers, emails, addresses, phone numbers, photos, insurances info, payments, etc.), and customers info (medical records, credit cards, emails, social security numbers, phone numbers, insurances, etc.). Negotiations fell apart and 3 days quickly turned into 3 hours.

Ransomware

Ransomware Insurance Data breaches InfoSec

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

are subject to laws such as the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (the HITECH Act), as well as regulations such as the Clinical Laboratory Improvements Amendments (CLIA). Security, Privacy and Compliance Can Conflict.

Data privacy

Data privacy Encryption Data breaches Insurance

The Rise of Data Sovereignty and a Privacy Era

SecureWorld News

JUNE 24, 2024

Additionally, there sectoral privacy regulations in the United States, such as the Health Insurance Portability and Accountability Act (HIPAA), and state level regulations like the California Consumer Privacy Act (CCPA). Information Security & Privacy are inextricably intertwined only when the data is about people.

IoT

IoT InfoSec Artificial Intelligence Risk

An initial access broker claims to have hacked Deutsche Bank

Security Affairs

NOVEMBER 11, 2022

db.com @DeutscheBank c/o @osint_ben @Europol @DTCERT #cybersecurity #infosec @campuscodi @LawrenceAbrams pic.twitter.com/qFhwQ5zSIY — Dominic Alvieri (@AlvieriD) November 11, 2022. Alvieri speculates that the IAB is the same broker who recently offered for sale access to the systems of the Australian health insurance Medibank.

Banking

Banking Hacking InfoSec Insurance

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

SecureWorld News

JUNE 13, 2023

It was fitting that the opening keynote panel for SecureWorld Chicago on June 8th was titled " Making the Cybersecurity Music: Navigating Challenges and Opportunities in Today's InfoSec Landscape. Well, information security, cybersecurity happens to be a critical part of the business, being able to achieve strategic objectives. "You

Cybersecurity

Cybersecurity CISO InfoSec Risk

12 Pieces Examining Trends in Cybersecurity for 2023

SecureWorld News

DECEMBER 29, 2022

Some were unexpected, and many were predictable, but all are important to consider when making plans for security in 2023.". Top 3 Information Security Hiring Trends for 2023 – " Here are three key takeaways to keep in mind when researching for a new role in InfoSec in 2023. ".

Cybersecurity

Cybersecurity CISO Artificial Intelligence Cyber Insurance

Zombie API vs Shadow API: The Crashtest

IT Security Guru

JUNE 26, 2023

Pick Your Path ® was another one that I remember) It’s been around a long time, and a few years ago the Infosec Institute gamified information security by creating the “Zombie Invasion” game. He holds (ISC)2’s SSCP along with CompTIA’s Pentest+ and Security+ certifications, a B.S.

InfoSec

InfoSec Manufacturing Risk Software

The Top 5 Reasons to Use an API Management Platform

Security Affairs

NOVEMBER 20, 2023

Over the course of his 20+ years of IT and Security, Ross has served in a variety of operations and infosec roles for companies in the manufacturing, healthcare, real estate, business insurance, and technology sectors. He holds (ISC)2’s SSCP along with CompTIA’s Pentest+ and Security+ certifications, a B.S.

Authentication

Authentication Government Technology Risk

How Not to Pay the Ransom? No Soup For You, Ransomware!

Thales Cloud Protection & Licensing

AUGUST 11, 2021

Be it health care or information security, it reasonably attempts to take actions in advance. Ransomware incidents covered by cyber insurance policies. Insurance is a valid and efficient tool mitigating the risks of encryption posed by your system's exposure to malware.

Ransomware

Ransomware Insurance Encryption Cyber Insurance

The TikTok Ban Bill, Your Car is Spying on You, Signal’s Username Update

Security Boulevard

MARCH 17, 2024

In episode 321, the hosts discuss how connected cars are sharing driving data with insurance companies, potentially leading to increased rates for drivers. The episode also covers a significant update […] The post The TikTok Ban Bill, Your Car is Spying on You, Signal’s Username Update appeared first on Shared Security Podcast.

Insurance

Insurance Surveillance Data privacy InfoSec

Information risk and security for professional services

Notice Bored

APRIL 20, 2022

I am currently drafting a guideline on information security, privacy, governance, compliance and other controls to mitigate unacceptable information risks in professional services. Small, immature organisations may not have that luxury, and hence may have little option but to accept whatever the counterparty suggests/requires.

Risk

Risk Energy and Utilities Computers and Electronics Telecommunications

Mapping HIPAA to ISO 27001: A Comprehensive Guide

Centraleyes

DECEMBER 7, 2024

Two Foundational Frameworks: ISO 27001 and HIPAA With the growing number of risks in the information security space, a standardized approach is crucial to protecting an organization’s operations. Two foundational frameworks for data protection and security are HIPAA and ISO 27001.

Healthcare

Healthcare Information Security Risk Surveillance

Security Awareness Training and Human Risk Management Company AwareGO Achieves Year of Outstanding Growth

CyberSecurity Insiders

FEBRUARY 3, 2022

Over half of AwareGO’s customers come from industries that are number one targets for cybersecurity attacks, including finance and insurance as well as manufacturing and energy. Monthly active users grew by 200% and monthly recurring revenue grew by 116%.

Security Awareness

Security Awareness Risk Marketing InfoSec

Verizon DBIR: Analysis of Verizon DBIR Report

NopSec

MAY 21, 2020

The Verizon 2020 DBIR report is out again – [link] – and most of the information security industry is busy reading and analyzing it cover to cover. I am sure all my infosec colleagues analyzed the report cover-to-cover and more specifically from the incident response and intrusion detection perspective.

Malware

Malware Social Engineering Internet Internet

The Hacker Mind Podcast: Tib3rius

ForAllSecure

JANUARY 11, 2023

Tib3rius from White Oak Security discusses his experience as a web application security pen tester, his OSCP certification, and how he’s giving back to the community with his Twitch , Youtube , and tools he's made available on GitHub. So honestly, every single kind of web app is just a portal to information. VAMOSI: Yeah.

DNS

DNS Hacking Penetration Testing Education

Security pros rely on peer groups and open communication for help with stress

SC Magazine

MAY 25, 2021

This nonstop barrage of security crises has made certain infosec leaders and practitioners more aware than ever of the job’s impact on mental healthy, and the importance to protect against stress, exhaustion and burnout. But how have they been managing?

InfoSec

InfoSec CISO Media Cybersecurity

Cyber Security Informer

Demand, CyberInsurance, and Automation/AI Are the Future of InfoSec

Thinking About the Future of InfoSec (v2022)

Webinars

Trending Sources

First American Financial Pays Farcical $500K Fine

Webinars

Safety first: Will insurance companies stall or accelerate cybersecurity progress?

The CPRA: What You Should Know as an InfoSec Professional

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

Hive Ransomware gang leaked 550 GB stolen from Consulate Health Care

Security Compliance & Data Privacy Regulations

The Rise of Data Sovereignty and a Privacy Era

An initial access broker claims to have hacked Deutsche Bank

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

12 Pieces Examining Trends in Cybersecurity for 2023

Zombie API vs Shadow API: The Crashtest

The Top 5 Reasons to Use an API Management Platform

How Not to Pay the Ransom? No Soup For You, Ransomware!

The TikTok Ban Bill, Your Car is Spying on You, Signal’s Username Update

Information risk and security for professional services

Mapping HIPAA to ISO 27001: A Comprehensive Guide

Security Awareness Training and Human Risk Management Company AwareGO Achieves Year of Outstanding Growth

Verizon DBIR: Analysis of Verizon DBIR Report

The Hacker Mind Podcast: Tib3rius

Security pros rely on peer groups and open communication for help with stress

Stay Connected