Blog, Cybersecurity and Insurance - Information Management Today

Health insurer Point32Health suffered a ransomware attack

Security Affairs

APRIL 23, 2023

Non-profit health insurer Point32Health suffered a ransomware attack and has taken systems offline in response to the incident. Non-profit health insurer Point32Health has taken systems offline in response to a ransomware attack that took place on April 17. ” reads the statement published by the insurer.

Insurance

Insurance Ransomware Cybersecurity Education

U.S. Treasury Department Seeks Public Comment On Potential Federal Cyber Insurance Program

Data Matters

OCTOBER 20, 2022

Treasury Department is seeking public comment on the need and scope for a potential federal insurance response to catastrophic cyber incidents, akin to the one put in place for terrorism insurance after the attacks of September 11, 2001. The request, published by the Federal Insurance Office (FIO) in the U.S. Background.

Insurance

Insurance Marketing Cybersecurity Risk

GUEST ESSAY: Cyber insurance 101 — for any business operating in today’s digital environment

The Last Watchdog

JANUARY 20, 2020

To help mitigate the risk of financial losses, more companies are turning to cyber insurance. Related: Bots attack business logic Cyber insurance, like other forms of business insurance, is a way for companies to transfer some of numerous potential liability hits associated specifically with IT infrastructure and IT activities.

Insurance

Insurance Data breaches Cybersecurity Risk

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Demystifying Cyber Insurance

Daymark

AUGUST 15, 2023

A CISO Primer on Navigating Cyber Insurance After 10+ years of working with clients to negotiate and place cyber insurance, I’ve noticed that one of the most frequent challenges has always been getting the underwriters and my client’s information security stakeholder (like a CISO or CIO) to understand each other.

Insurance

Insurance Information Security Communications Security

NAIC Insurance Data Security Law Annual Certifications: Is Yours Due By February 15?

Data Matters

FEBRUARY 2, 2021

The National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law has been adopted in at least 11 states, with several others (including New York) having implemented either older or similar laws or administrative guidance. appeared first on Data Matters Privacy Blog.

Insurance

Insurance Security Compliance Cybersecurity

Cyber Insurance and the Changing Global Risk Environment

Security Affairs

APRIL 22, 2022

When security fails, cyber insurance can become crucial for ensuring continuity. Our reliance on digital technology and the inherited risk is a key driving factor for buying cyber risk insurance. If the technology were to become unavailable, the resulting business impact could be mitigated with cyber insurance.

Insurance

Insurance Risk Cybersecurity Ransomware

NYDFS Updates Its Cybersecurity Regulation to Protect Against Growing Cyber Threats

Hunton Privacy

NOVEMBER 8, 2023

On November 1, 2023, New York Governor Hochul announced that the New York State Department of Financial Services (“NYDFS”) amended its Cybersecurity Regulation applicable to covered financial institutions. Our previous blog post covered key proposed changes to the Cyber Regulation.

Cybersecurity

Cybersecurity IT Compliance Financial Services

Examples of IBM assisting insurance companies in implementing generative AI-based solutions

IBM Big Data Hub

DECEMBER 4, 2023

IBM can help insurance companies insert generative AI into their business processes IBM is one of a few companies globally that can bring together the range of capabilities needed to completely transform the way insurance is marketed, sold, underwritten, serviced and paid for.

Insurance

Insurance Digital transformation Compliance Cloud

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Data Matters

FEBRUARY 10, 2021

2 announcing a Cyber Insurance Risk Framework (the Framework) that describes industry best practices for New York-regulated property/casualty insurers. According to NYDFS, the incorporation of these practices should be proportionate to each insurer’s size, resources, geographic distribution, and other factors. The Framework.

Insurance

Insurance Financial Services Cybersecurity Risk

U.S. Treasury Department Seeks Public Comment On Potential Federal Cyber Insurance Program

Data Matters

OCTOBER 20, 2022

Treasury Department is seeking public comment on the need and scope for a potential federal insurance response to catastrophic cyber incidents, akin to the one put in place for terrorism insurance after the attacks of September 11, 2001. The post U.S.

Insurance

Insurance Privacy Data breaches Cybersecurity

Federal Bank Regulators Require Notifications For Material Cybersecurity Incidents

Data Matters

NOVEMBER 22, 2021

Further, bank service providers are now required to promptly notify all affected banks whenever a cybersecurity disruption lasts for four or more hours. The rule is the latest regulation requiring entities who have suffered a cybersecurity incident to promptly notify a government agency. The Board subjects all U.S.

Cybersecurity

Cybersecurity Insurance Financial Services Marketing

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Data Matters

JANUARY 14, 2019

On December 19, 2018, Ohio adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. The Act is designed to “establish standards for data security and for the investigation and notification to the Superintendent of Insurance of a cybersecurity event.”. 3965.09.

Insurance

Insurance Security Cybersecurity Data breaches

New York Regulators Call on Insurers to Strengthen the Cyber Underwriting Process

Hunton Privacy

FEBRUARY 25, 2021

As reported on the Hunton Insurance Recovery blog , on February 4, 2021, the New York Department of Financial Services (“NYDFS”), which regulates the business of insurance in New York, has issued guidelines, in the Insurance Circular Letter No. sought coverage for expenses under its property insurance policy.

Insurance

Insurance Cybersecurity Risk Education

Michigan Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Data Matters

FEBRUARY 11, 2019

On December 28, 2018, Michigan adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law in the form of Michigan H.B. The Act defines licensees as persons authorized, registered, or licensed under Michigan insurance laws or required to be so. Exclusive State Cybersecurity Standards.

Insurance

Insurance Security Cybersecurity FOIA

The Change Healthcare Cyberattack: A Wake-Up Call for Healthcare Cybersecurity

OpenText Information Management

MARCH 21, 2024

A United Call to Strengthen Cybersecurity The cyberattack spotlighted the critical need for a fortified cybersecurity framework within the healthcare sector. The American Hospital Association's declaration of the incident as an unprecedented threat underlined the urgency for enhanced cybersecurity measures.

Cybersecurity

Cybersecurity Paper Ransomware Government

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

Like an incident response plan, MFA has become a critical element of cybersecurity programs. An incident response and continuity of operations plan are increasingly common features in a credible cybersecurity program. The post U.S.

Cybersecurity

Cybersecurity Financial Services Authentication Government

South Carolina Becomes the First State to Enact the National Association of Insurance Commissioners (NAIC) Insurance Data Security Model Law

Data Matters

JULY 30, 2018

In October 2017, the National Association of Insurance Commissioners (NAIC) adopted an Insurance Data Security Model Law. On May 3, 2018, South Carolina became the first state to enact this Model Law, in the form of the South Carolina Insurance Data Security Act (H.B. See CT Gen Stat § 38a-999b (2015) ; 23 NYCRR 500.

Insurance

Insurance Security Cybersecurity Data breaches

Kentucky and Maryland Recently Joined Other States in Adopting NAIC Model Data Security Law.

Data Matters

JUNE 23, 2022

Kentucky and Maryland recently continued the trend of state insurance departments adopting some version of the National Association of Insurance Commissioners’ (“NAIC”) Insurance Data Security Model Law. appeared first on Data Matters Privacy Blog.

Insurance

Insurance Security Cybersecurity Information Security

Contracting for Cybersecurity Risks: Mitigating Weak Links

Data Protection Report

NOVEMBER 9, 2022

Below we list key considerations to keep in mind when onboarding vendors in order to mitigate against vendor cybersecurity incidents that could impact an organization’s operations, revenue, legal risks and reputation in the marketplace. Costs incurred in responding to a cybersecurity incident can be astronomical. Concluding Remarks.

Risk

Risk Cybersecurity Insurance Data breaches

Web3 Cybersecurity: Are Things Getting Out of Control?

eSecurity Planet

OCTOBER 14, 2022

In a BNB Chain blog post in early October, the authors announced that about two million BNB crypto tokens were stolen. Also read: The State of Blockchain Applications in Cybersecurity. So yes, Web3 has become a fierce battleground for cybersecurity. It was over a whopping $560 million. At the time, the BNB Chain had $5.45

Cybersecurity

Cybersecurity Blockchain Insurance Security

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

Data Matters

MARCH 28, 2022

Department of Health and Human Service’s Office for Civil Rights (“OCR”) issued industry guidance for Health Insurance Portability and Accountability Act (“HIPAA”) regulated entities to take preventative steps to protect against some of the more common, and often successful, cyber-attack techniques. On March 17, 2022, the U.S.

Cybersecurity

Cybersecurity Privacy Insurance Risk

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

The Last Watchdog

OCTOBER 5, 2023

Editor’s note: I recently had the chance to participate in a discussion about the overall state of privacy and cybersecurity with Erin Kapczynski, OneRep’s senior vice president of B2B marketing. Here is Erin’s Q&A column, which originally went live on OneRep’s well-done blog.) Erin: So, let’s get started.

Cybersecurity

Cybersecurity Privacy Cloud IoT

WEBINAR – COVID-19 – European and U.S. Cybersecurity Issues: Preventing and Responding to Cyber Incidents

Data Matters

MARCH 26, 2020

cybersecurity and cyber risk insurance issues. The COVID-19 global pandemic presents unique legal and practical challenges for companies across all industries, including with respect to cybersecurity risks and protections. Vishnu Shankar – Senior Associate, Privacy and Cybersecurity, Sidley Austin LLP, London.

Cybersecurity

Cybersecurity Insurance Risk Privacy

Public Company CISOs Beware: The SEC Is No Longer Playing Nice

Daymark

DECEMBER 5, 2023

On October 30, 2023, the US Securities and Exchange Commission (SEC) announced fraud charges against SolarWinds and its former chief information security officer (CISO), alleging that “ SolarWinds’ public statements about its cybersecurity practices and risks were at odds with its internal assessments.”

Insurance

Insurance Cybersecurity Risk Information Security

U.S. Treasury Expresses National Perspective In Response to NAIC Insurance Data Security Model Law

Data Matters

DECEMBER 7, 2017

Department of Treasury released a 176-page Report examining the current regulatory framework for asset management and insurance industries. The Model Law attempts to set a baseline for cybersecurity, although it depends on legislative action on the state level. 3, 2017), and makes recommendations to ensure alignment. Report at 117.

Insurance

Insurance Data breaches Security Cybersecurity

DORA: 1 year to go! Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds

Thales Cloud Protection & Licensing

JANUARY 16, 2024

Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds madhav Wed, 01/17/2024 - 05:46 The Digital Operational Resilience Act (DORA) will apply to the EU financial sector from 17 January 2025. DORA: 1 year to go! What is the scope of DORA?

Financial Services

Financial Services Cloud Cybersecurity Encryption

German IT provider Bitmarck hit by cyberattack

Security Affairs

MAY 1, 2023

Bitmarck, one of the largest IT service providers for social insurance carriers in Germany, announced yesterday that it has suffered a cyber attack. The incident impacted statutory health insurance companies that have their IT operated by BITMARCK. The company immediately reported the incident to the responsible authorities.

IT

IT Insurance Data breaches Education

Adventures in cyber litigation: Frozen crypto-assets and the role of cyber insurance

Data Protection Report

FEBRUARY 27, 2020

A few weeks ago, we blogged about the decision of the English High court in AA v. Given the level of interest in the case, we have prepared a deeper-dive into the facts and the implications of the decision, with a focus on the important role played in the case by cyber insurance. Persons Unknown & Ors. This is set out below.

Insurance

Insurance Risk Data breaches Personal data

Insurers’ role will be critical in improving cybersecurity standards

CGI

AUGUST 31, 2016

Insurers’ role will be critical in improving cybersecurity standards. Cyber insurance can be obtained to cover such costs as crisis management, media management, incident management, technical remediation, legal fees, call management, data subject notification, breach investigation and many other losses resulting from a cyber-attack.

Insurance

Insurance Cybersecurity Risk Marketing

Digital Health Industry Take Note: New HIPAA Comment Opportunity and Guidance Addresses Growing Risk of Cybersecurity Attacks

Data Matters

MAY 6, 2022

Digital health companies should take note of new data privacy and security developments under the Health Insurance Portability and Accountability Act (HIPAA) that can affect product planning and customer negotiations. Cybersecurity Industry Newsletter. Comments must be submitted by June 6, 2022.

Risk

Risk Cybersecurity Insurance Authentication

GUEST ESSAY: Could CISOs be on the verge of disproving the ‘security-as-a-cost-center’ fallacy?

The Last Watchdog

MARCH 13, 2023

CISOs should not allow their board or executive team to continue believing that cybersecurity exists solely as a cost center. Ultimately, cybersecurity can become a profit center when customers, insurers, and regulators require it. Demonstrate secure practices to customers.

Security

Security Insurance Cybersecurity Customer Experience

DOL Puts Plan Sponsors and Other Fiduciaries on Notice: ERISA Requires Appropriate Precautions to Mitigate Cybersecurity Threats

Data Matters

APRIL 20, 2021

There just may be a new cybersecurity regulator in town. Department of Labor (DOL) published its first cybersecurity guidance last week ( Cybersecurity Guidance ). The Cybersecurity Guidance is set forth in three parts: Tips for Hiring a Service Provider , directed toward plan sponsors and fiduciaries.

Cybersecurity

Cybersecurity Insurance Risk Compliance

SEC Chair: Sweeping New Cybersecurity Rules Are Coming Soon

Data Matters

FEBRUARY 10, 2022

Securities and Exchange Commission (SEC), announced that he has asked SEC staff to provide sweeping rulemaking recommendations to modernize and expand the agency’s rules relating to cybersecurity. These SEC rules could broadly affect cybersecurity requirements across the U.S. Public Companies and Service Providers.

Cybersecurity

Cybersecurity Marketing Risk Compliance

HHS Releases Cybersecurity Guidance for Healthcare Organizations

Data Matters

JANUARY 8, 2019

Department of Health and Human Services (HHS) released a four-volume cybersecurity guidance document for healthcare organizations. The publication, “ Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients ” (HICP), is the result of a government and industry collaboration mandated by the Cybersecurity Act of 2015.

Cybersecurity

Cybersecurity Insurance Phishing Government

SEC Continues Focus on Cybersecurity Disclosure Failures, Announces Settled Charges Against Pearson plc

Data Matters

AUGUST 30, 2021

2 The SEC’s Pearson Order follows its June 2021 announcement that it had settled charges against First American Title Insurance Company (First American) for cybersecurity disclosure control failures. See also Sidley Austin LLP, SEC Issues New Guidance on Cybersecurity Disclosure Requirements, Sidley Austin LLP (Mar. 16, 2021).

Cybersecurity

Cybersecurity Risk Data Privacy Passwords

Hunton Insurance Head Comments on Hotel Data Breach Coverage Dispute

Hunton Privacy

OCTOBER 10, 2018

As reported on the Insurance Recovery Blog , Hunton Andrews Kurth insurance practice head Walter Andrews recently commented to the Global Data Review regarding the infirmities underlying an Orlando, Florida federal district court’s ruling that an insurer does not have to defend its insured for damage caused by a third-party data breach.

Insurance

Insurance Data breaches IT Cybersecurity

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Data Matters

JUNE 24, 2021

On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information. This resolution highlights the SEC’s continued focus on cybersecurity.

Cybersecurity

Cybersecurity Financial Services Risk Compliance

GUEST ESSAY: Scammers leverage social media, clever con games to carry out digital exploitation

The Last Watchdog

MARCH 20, 2023

Cybersecurity specialists here at Digital Forensics have built up a store of knowledge tracking criminal patterns while deploying countermeasures on behalf of our clients. Exploitation drivers From the case of Hegestratos committing insurance fraud by sinking a ship in 300 B.C.,

Cybersecurity

Cybersecurity Education Insurance Data breaches

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

CyberheistNews Vol 13 #18 [Eye on AI] Does ChatGPT Have Cybersecurity Tells?

KnowBe4

MAY 2, 2023

CyberheistNews Vol 13 #18 | May 2nd, 2023 [Eye on AI] Does ChatGPT Have Cybersecurity Tells? Blog post with links: [link] [Live Demo] Ridiculously Easy Security Awareness Training and Phishing Old-school awareness training does not hack it anymore. Blog post with links: [link] Re-Check Your Email Attack Surface Now. (We

Cybersecurity

Cybersecurity Phishing Security awareness Military

Could digital fax be a secret weapon for cybersecurity in financial services?

OpenText Information Management

APRIL 19, 2021

In fact, research shows that financial services firms are over 300 times more … The post Could digital fax be a secret weapon for cybersecurity in financial services? appeared first on OpenText Blogs. It’s estimated that the financial services sector could see as much as $6 trillion in cybercrime damages in 2021.

Financial Services

Financial Services Cybersecurity IT Insurance

NYDFS Cybersecurity Regulation: Additional Cybersecurity Program Safeguards Due September 4, 2018

Data Matters

AUGUST 27, 2018

Companies subject to New York’s Cybersecurity Regulation are acting quickly to finalize their compliance obligations as the fifth “due date,” September 4, 2018, quickly approaches. The NYDFS Cybersecurity Regulation (published at 23 NYCRR 500.01) sets forth the minimum requirements for NYDFS-regulated entities to address cybersecurity risks.

Cybersecurity

Cybersecurity Compliance Encryption Risk

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

Security Affairs

APRIL 30, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter ) The post Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Security

Security Ransomware Cybersecurity Authentication

Regulatory Update: NAIC Summer 2021 National Meeting

Data Matters

SEPTEMBER 20, 2021

The National Association of Insurance Commissioners (NAIC) held its Summer 2021 National Meeting (Summer Meeting) August 14-17, 2021. Highlights include, among others, adoption of revised risk-based capital bond factors for life insurers, amendments to SSAP No. NAIC Adopts Revised Risk-Based Capital Bond Factors for Life Insurers.

Insurance

Insurance e-Delivery Paper Sales

Health insurer Point32Health suffered a ransomware attack

U.S. Treasury Department Seeks Public Comment On Potential Federal Cyber Insurance Program

Webinars

Trending Sources

GUEST ESSAY: Cyber insurance 101 — for any business operating in today’s digital environment

Webinars

Demystifying Cyber Insurance

NAIC Insurance Data Security Law Annual Certifications: Is Yours Due By February 15?

Cyber Insurance and the Changing Global Risk Environment

NYDFS Updates Its Cybersecurity Regulation to Protect Against Growing Cyber Threats

Examples of IBM assisting insurance companies in implementing generative AI-based solutions

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

U.S. Treasury Department Seeks Public Comment On Potential Federal Cyber Insurance Program

Federal Bank Regulators Require Notifications For Material Cybersecurity Incidents

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

New York Regulators Call on Insurers to Strengthen the Cyber Underwriting Process

Michigan Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

The Change Healthcare Cyberattack: A Wake-Up Call for Healthcare Cybersecurity

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

South Carolina Becomes the First State to Enact the National Association of Insurance Commissioners (NAIC) Insurance Data Security Model Law

Kentucky and Maryland Recently Joined Other States in Adopting NAIC Model Data Security Law.

Contracting for Cybersecurity Risks: Mitigating Weak Links

Web3 Cybersecurity: Are Things Getting Out of Control?

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

WEBINAR – COVID-19 – European and U.S. Cybersecurity Issues: Preventing and Responding to Cyber Incidents

Public Company CISOs Beware: The SEC Is No Longer Playing Nice

U.S. Treasury Expresses National Perspective In Response to NAIC Insurance Data Security Model Law

DORA: 1 year to go! Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds

German IT provider Bitmarck hit by cyberattack

Adventures in cyber litigation: Frozen crypto-assets and the role of cyber insurance

Insurers’ role will be critical in improving cybersecurity standards

Digital Health Industry Take Note: New HIPAA Comment Opportunity and Guidance Addresses Growing Risk of Cybersecurity Attacks

GUEST ESSAY: Could CISOs be on the verge of disproving the ‘security-as-a-cost-center’ fallacy?

DOL Puts Plan Sponsors and Other Fiduciaries on Notice: ERISA Requires Appropriate Precautions to Mitigate Cybersecurity Threats

SEC Chair: Sweeping New Cybersecurity Rules Are Coming Soon

HHS Releases Cybersecurity Guidance for Healthcare Organizations

SEC Continues Focus on Cybersecurity Disclosure Failures, Announces Settled Charges Against Pearson plc

Hunton Insurance Head Comments on Hotel Data Breach Coverage Dispute

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

GUEST ESSAY: Scammers leverage social media, clever con games to carry out digital exploitation

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

CyberheistNews Vol 13 #18 [Eye on AI] Does ChatGPT Have Cybersecurity Tells?

Could digital fax be a secret weapon for cybersecurity in financial services?

NYDFS Cybersecurity Regulation: Additional Cybersecurity Program Safeguards Due September 4, 2018

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

Regulatory Update: NAIC Summer 2021 National Meeting

Stay Connected