2018, Government and Insurance - Information Management Today

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

eSecurity Planet

MAY 27, 2021

The explosion of ransomware and similar cyber incidents along with rising associated costs is convincing a growing number of insurance companies to raise the premiums on their cyber insurance policies or reduce coverage, moves that could further squeeze organizations under siege from hackers. Insurers Assessing Risks.

Insurance

Insurance Ransomware Risk Data science

New York Regulators Call on Insurers to Strengthen the Cyber Underwriting Process

Hunton Privacy

FEBRUARY 25, 2021

As reported on the Hunton Insurance Recovery blog , on February 4, 2021, the New York Department of Financial Services (“NYDFS”), which regulates the business of insurance in New York, has issued guidelines, in the Insurance Circular Letter No. sought coverage for expenses under its property insurance policy.

Insurance

Insurance Cybersecurity Risk Education

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Data Matters

FEBRUARY 10, 2021

2 announcing a Cyber Insurance Risk Framework (the Framework) that describes industry best practices for New York-regulated property/casualty insurers. According to NYDFS, the incorporation of these practices should be proportionate to each insurer’s size, resources, geographic distribution, and other factors. The Framework.

Insurance

Insurance Financial Services Cybersecurity Risk

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Data Matters

JANUARY 14, 2019

On December 19, 2018, Ohio adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. The Act is designed to “establish standards for data security and for the investigation and notification to the Superintendent of Insurance of a cybersecurity event.”.

Insurance

Insurance Security Cybersecurity Data breaches

Regulatory Update: NAIC Fall 2018 National Meeting

Data Matters

DECEMBER 11, 2018

The National Association of Insurance Commissioners (NAIC) held its Fall 2018 National Meeting (Fall Meeting) in San Francisco, California, from November 15 to 18, 2018. NAIC Continues its Evaluation of Insurers’ Use of Big Data. systemic risk of insurers with other parts of the financial system, notably the banking.

Insurance

Insurance Paper Risk Big data

Regulatory Update: NAIC Summer 2018 National Meeting

Data Matters

AUGUST 24, 2018

The National Association of Insurance Commissioners (NAIC) held its Summer 2018 National Meeting in Boston, Massachusetts, from August 4 to 7, 2018. NAIC Continues its Evaluation of Insurers’ Use of Big Data . The NAIC is also considering insurers’ use of big data in underwriting life insurance products.

Insurance

Insurance Big data e-Delivery Risk

MY TAKE: Poorly protected local government networks cast shadow on midterm elections

The Last Watchdog

SEPTEMBER 14, 2018

In March 2018, the city of Atlanta fell victim to a ransomware attack that shut down its computer network. It’s easy to think of it as a problem the federal government must address or something that enterprises deal with, but cybersecurity has to be addressed closer to home, as well. City agencies were unable to collect payment.

Government

Government Digital transformation Mining Insurance

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. 13, 2018 and Mar. 28, 2018, a claim Citrix initially denied but later acknowledged.

Passwords

Passwords Access Insurance Government

RaidForums Gets Raided, Alleged Admin Arrested

Krebs on Security

APRIL 12, 2022

The government alleges Coelho and his forum administrator identity “ Omnipotent ” profited from the illicit activity on the platform by charging “escalating prices for membership tiers that offered greater access and features, including a top-tier ‘God’ membership status.” Coelho landed on the radar of U.S.

Sales

Sales Data breaches Government Access

Experts: Breach at IT Outsourcing Giant Wipro

Krebs on Security

APRIL 15, 2019

In March 2018, Wipro said it passed the $8 billion mark in annual IT services revenue. In September 2018, the Nebraska Department of Health and Human Services issued a cease-and-desist letter to Wipro, ordering it to stop work on the upgrade to the state’s Medicaid enrollment system, and to vacate its state offices.

IT

IT Insurance Communications Phishing

Ransomware Bites Dental Data Backup Firm

Krebs on Security

AUGUST 29, 2019

-based PerCSoft is a cloud management provider for Digital Dental Record (DDR), which operates an online data backup service called DDS Safe that archives medical records, charts, insurance documents and other personal information for various dental offices across the United States. ” Read the full ProPublica piece here. .

Ransomware

Ransomware Insurance Encryption Cloud

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

The SEC says First American derives nearly 92 percent of its revenue from its title insurance segment, earning $7.1 Title insurance protects homebuyers from the prospect of someone contesting their legitimacy as the new homeowner. Title insurance is not mandated by law, but most lenders require it as part of any mortgage transaction.

Insurance

Insurance Risk Financial Services Mining

Privacy and Cybersecurity Top 10 for 2018

Data Matters

JANUARY 2, 2018

We expect each of these trends to continue in 2018. As we begin this New Year, here is list of the top 10 privacy and cybersecurity issues for 2018: EU GDPR. The May 25, 2018 effective date for the EU’s General Data Protection Regulation (GDPR) will no doubt be a central focus of 2018. Data breach litigation risks.

Cybersecurity

Cybersecurity Privacy Data breaches GDPR

List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked

IT Governance

OCTOBER 30, 2018

Social insurance numbers. The post List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked appeared first on IT Governance Blog. The crook gained control of FSIN’s internal files and email system and stole data including: Information on residential school survivors. Youth athletes and coaches.

Data breaches

Data breaches Computer and Electronics Passwords Insurance

List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked

IT Governance

OCTOBER 30, 2018

Social insurance numbers. The post List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked appeared first on IT Governance Blog. The crook gained control of FSIN’s internal files and email system and stole data including: Information on residential school survivors. Youth athletes and coaches.

Data breaches

Data breaches Computer and Electronics Passwords Insurance

Dark Overlord hacking crew publishes first batch of confidential 9/11 files

Security Affairs

JANUARY 6, 2019

The Dark Overlord hacking group claims to have stolen a huge trove of documents from the British insurance company Hiscox, Hackers stole “hundreds of thousands of documents,” including tens of thousands files related to the 9/11 terrorist attacks. “ There’s five layers to go. Layer 1, 2, 3, 4, and fine finally Layer 5.

Insurance

Insurance Data breaches Sales Government

NYDFS Cybersecurity Regulation: Additional Cybersecurity Program Safeguards Due September 4, 2018

Data Matters

AUGUST 27, 2018

Companies subject to New York’s Cybersecurity Regulation are acting quickly to finalize their compliance obligations as the fifth “due date,” September 4, 2018, quickly approaches. The post NYDFS Cybersecurity Regulation: Additional Cybersecurity Program Safeguards Due September 4, 2018 appeared first on Data Matters Privacy Blog.

Cybersecurity

Cybersecurity Compliance Encryption Risk

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

The advisory was promptly endorsed by the National Cyber Security Centre, a division of Government Communications Headquarters (“GCHQ”), a UK intelligence agency. government, especially in light of ongoing tensions between the U.S. First , all of the reports specifically focus on the threat of Russian state-sponsored cyberattacks.

Cybersecurity

Cybersecurity Financial Services Authentication Government

Digital Customer Experience is becoming the deciding battlefield on the insurance landscape

CGI

FEBRUARY 28, 2018

Digital Customer Experience is becoming the deciding battlefield on the insurance landscape. Wed, 02/28/2018 - 10:36. Digital Customer Experience in many ways is becoming the deciding battlefield on the insurance landscape as to who will win through. p.butler@cgi.com. Although respective remits often tend to be company specific.

Customer Experience

Customer Experience Insurance Artificial Intelligence Retail

Zurich refuses to pay Mondelez for NotPetya damages because it’s ‘an act of war’

Security Affairs

JANUARY 14, 2019

Zurich American Insurance Company is refusing to refund its client because consider the attack as “an act of war” that is not covered by its policy. According to the cyber security community, NotPetya is a cyber weapon develped by Russia to hit the Ukrainian government. SecurityAffairs – Mondelez, cyber insurance).

Insurance

Insurance Ransomware Sales Government

Data privacy examples

IBM Big Data Hub

APRIL 24, 2024

The General Data Protection Regulation (GDRP) The GDPR is a European Union privacy regulation that governs how organizations in and outside of Europe handle the personal data of EU residents. The UK Data Protection Act 2018 The Data Protection Act 2018 is, essentially, the UK’s version of the GDPR.

Data Privacy

Data Privacy Privacy GDPR Personal data

Government survey reveals GDPR awareness is falling short

IT Governance

FEBRUARY 8, 2018

The Cyber Security Breaches Survey 2018 from the Department for Digital, Culture, Media and Sport (DCMS) has revealed that only 38% of businesses and 44% of charities have heard of the General Data Protection Regulation (GDPR). This is a worrisome finding, as it is only a matter of months until the new Regulation is enforced. Key findings.

GDPR

GDPR Government Education Compliance

[Podcast] Behind the Scenes at AIIM's Leadership Council Summit

AIIM

SEPTEMBER 19, 2018

In June of 2018, summit meetings were held in in Baltimore and London to discuss Surviving Digital Disruption: Finding Opportunity in the Drive for Platform Dominance. Rafael is the Head of Information Governance at Farmer's Insurance and spoke at the summit. Claudio is the CTO at iCapt, Inc. and a new member of the LC.

Insurance

Insurance Libraries Information governance Government

Elasticsearch Server Exposes Trove of Patient Data

Adam Levin

MARCH 19, 2019

Meditlab, an electronic medical record company, left a server for electronic faxes completely unprotected since bringing it online in March 2018. The patient data was on a server running Elasticsearch, a search engine commonly configured for internal use at companies and government organizations. million Dow Jones & Co.

Insurance

Insurance Government Cybersecurity Access

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Data Matters

JUNE 24, 2021

On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information. This resolution highlights the SEC’s continued focus on cybersecurity. 20, 2017).

Cybersecurity

Cybersecurity Financial Services Risk Compliance

The Week in Cyber Security and Data Privacy: 30 October – 5 November 2023

IT Governance

NOVEMBER 6, 2023

When MOVEit was hacked by the Russian Cl0p ransomware gang in May, email addresses and links to government employee surveys were compromised. Compromised information included patients’ names, dates of birth, postal addresses, Social Security numbers, diagnosis and treatment information, and health insurance information.

Data Privacy

Data Privacy Privacy Libraries Security

To get the most from blockchain in government, a sharing mindset is needed

CGI

MAY 13, 2018

To get the most from blockchain in government, a sharing mindset is needed. Mon, 05/14/2018 - 00:45. federal government. Released in April, the playbook helps government organizations envision how blockchain technology can solve a myriad of government challenges. Importance of governance. It is shared.

Blockchain

Blockchain Government Computer and Electronics Mining

GUEST ESSAY: Why the next round of cyber attacks could put many SMBs out of business

The Last Watchdog

AUGUST 12, 2019

In the last year, the news media has been full of stories about vicious cyber breaches on municipal governments. From Atlanta to Baltimore to school districts in Louisiana, cyber criminals have launched a wave of ransomware attacks on governments across the country.

Cybersecurity

Cybersecurity Risk Insurance Government

How are the EU member states progressing in their implementation of the NIS Directive?

IT Governance

APRIL 10, 2019

Implementation status : Transposed, as the Cyber Security Act (94/2018). Implementation status : Transposed, as The Security of Network and Information Systems Law of 2018. 440/2018) , along with Executive Order (no. 458/2018) and Executive Order (no. 360 of 2018. 46/ 2018 of August 13. Czech Republic.

Compliance

Compliance Information Security Government Insurance

SEC Continues Focus on Cybersecurity Disclosure Failures, Announces Settled Charges Against Pearson plc

Data Matters

AUGUST 30, 2021

2 The SEC’s Pearson Order follows its June 2021 announcement that it had settled charges against First American Title Insurance Company (First American) for cybersecurity disclosure control failures. 2, 2018); Sidley Austin LLP, SEC Issues New Guidance on Cybersecurity Disclosure Requirements, Sidley Austin LLP (Mar. 16, 2021).

Cybersecurity

Cybersecurity Risk Data Privacy Passwords

The 2018 CIGO Summit Announces Participating Speakers

IGI

MARCH 15, 2018

It’s time for the Fourth Annual Chief Information Governance Officer (CIGO) Summit on May 9th & 10th in Chicago at the beautiful DBR Skyview Conference Center. At the 2018 CIGO Summit, we will expand on our findings and experiences around the rapidly evolving world of information accounting. CLICK HERE TO REGISTER.

e-Discovery

e-Discovery Analytics Information governance Compliance

List of data breaches and cyber attacks in May 2018 – 17,273,571 records leaked

IT Governance

MAY 29, 2018

Insurance startup leaks sensitive customer health data. Hacker Publicly Posts Data Stolen From Government-Linked Cyberespionage Group. Jaguar Land Rover data leak reveals employee records, upcoming layoffs. Aultman data breach may have accessed patient information. Coca-Cola Suffers Breach at the Hands of Former Employee.

Data breaches

Data breaches GDPR Ransomware Passwords

Cyber resilience in the Scottish public sector: meeting the Cyber Essentials certification deadline

IT Governance

OCTOBER 3, 2018

The Scottish government therefore launched Safe, secure and prosperous: a cyber resilience strategy for Scotland in 2015 to help develop a culture of cyber resilience across the country. As part of this initiative, the government launched the Public Sector Action Plan in November 2017. Cyber Essentials certification.

Government

Government Compliance Risk Insurance

Data Innovator Spotlight - Interview with Charles Joseph, DataZed

Reltio

JUNE 12, 2020

Title: Founder & Data Governance Consultant. 1 sentence company description: DataZed is a consultancy that works with organizations to improve their data quality, data governance and data strategy. Summary: Charles specializes in data governance, data quality and data strategy for the insurance industry.

Insurance

Insurance Customer Experience B2B MDM

The Riviera Beach City pays $600,000 in ransom

Security Affairs

JUNE 20, 2019

On Monday, city officials participating to a rapid meeting unanimously voted to use the city’s insurance to pay a ransom of 65 bitcoins (~$603,000). “The payment is being covered by insurance.” ” continues the AP. million to hackers — about $2,400 per attack.

Insurance

Insurance Ransomware Encryption Government

E-Verify’s “SSN Lock” is Nothing of the Sort

Krebs on Security

JULY 4, 2020

One of the most-read advice columns on this site is a 2018 piece called “ Plant Your Flag, Mark Your Territory ,” which tried to impress upon readers the importance of creating accounts at websites like those at the Social Security Administration , the IRS and others before crooks do it for you.

Passwords

Passwords Authentication Insurance Mining

ICAWOOD Chooses Everteam’s “Fidji” Cloud-based Document Management System for its Real Estate Assets

Everteam

JULY 22, 2020

Data Management , Governing , Information Governance. At the end of April, Everteam published a press release on the integration of the document classification plan defined by the Fidji professional association into its information governance solutions, making it available to all customers in the real estate sector.

Cloud

Cloud Information governance IT Artificial Intelligence

Patch your vulnerabilities now or risk punishment under the GDPR

IT Governance

JANUARY 19, 2018

In the wake of the Meltdown and Spectre flaws revealed on 3 January 2018, the Information Commissioner’s Office (ICO) has warned that existing vulnerabilities could lead to punishment when the EU General Data Protection Regulation (GDPR) is enforced. These controls are: Patch management. Secure configuration. Malware protection.

GDPR

GDPR Risk Insurance Government

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

According to the experts, the threat actors are merely trying to monetize their efforts selling information that have no intelligence value for the Iranian Government. In late July 2020, Crowdstrike spotted a threat actor associated with PIONEER KITTEN that was attempting to sell access to compromised networks on an underground forum.

Access

Access Financial Services Retail Insurance

Good news for employers, finally – the UK Supreme Court hands down judgment in WM Morrison Supermarkets plc (Appellant) v Various Claimants (Respondents)

Data Protection Report

APRIL 2, 2020

In a judgment which will be warmly welcomed by employers (and their insurers) in the UK, the UK Supreme Court today overruled the Court of Appeal in holding that that Morrisons supermarkets is not vicariously liable for a data breach maliciously caused by a former employee.

Data breaches

Data breaches Insurance Risk Marketing

Good news for employers, finally – the UK Supreme Court hands down judgment in WM Morrison Supermarkets plc (Appellant) v Various Claimants (Respondents)

Data Protection Report

APRIL 1, 2020

In a judgment which will be warmly welcomed by employers (and their insurers) in the UK, the UK Supreme Court today overruled the Court of Appeal in holding that that Morrisons supermarkets is not vicariously liable for a data breach maliciously caused by a former employee.

Data breaches

Data breaches Insurance Risk Marketing

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. See the Top Governance, Risk and Compliance (GRC) Tools. Regulatory compliance and data privacy issues have long been an IT security nightmare. Healthcare Data Privacy Laws.

Data Privacy

Data Privacy Compliance Privacy Security

How Cyber Essentials can help secure against malware

IT Governance

NOVEMBER 28, 2018

To highlight the importance and usefulness of the Cyber Essentials scheme, we’ve produced a series of blog posts summarising each of the five security controls that, according to the UK government, could prevent “around 80% of cyber attacks”. Reduce cyber insurance premiums. This blog covers malware. A long and varied list of threats.

Security

Security Ransomware Government Insurance

Alabama Hospital chain paid ransom to resume operations after ransomware attack

Security Affairs

OCTOBER 13, 2019

The hospital chain hasn’t revealed the amount it has paid to the crooks to decrypt the data, it seems that an insurance covered the cost. “As time goes by, and we determine the full impact of this, we will be very grateful we had cyber insurance in place.” ” continues the post.

Ransomware

Ransomware Insurance Paper Government

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

New York Regulators Call on Insurers to Strengthen the Cyber Underwriting Process

Webinars

Trending Sources

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Webinars

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Regulatory Update: NAIC Fall 2018 National Meeting

Regulatory Update: NAIC Summer 2018 National Meeting

MY TAKE: Poorly protected local government networks cast shadow on midterm elections

Hackers Were Inside Citrix for Five Months

RaidForums Gets Raided, Alleged Admin Arrested

Experts: Breach at IT Outsourcing Giant Wipro

Ransomware Bites Dental Data Backup Firm

First American Financial Pays Farcical $500K Fine

Privacy and Cybersecurity Top 10 for 2018

List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked

List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked

Dark Overlord hacking crew publishes first batch of confidential 9/11 files

NYDFS Cybersecurity Regulation: Additional Cybersecurity Program Safeguards Due September 4, 2018

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Digital Customer Experience is becoming the deciding battlefield on the insurance landscape

Zurich refuses to pay Mondelez for NotPetya damages because it’s ‘an act of war’

Data privacy examples

Government survey reveals GDPR awareness is falling short

[Podcast] Behind the Scenes at AIIM's Leadership Council Summit

Elasticsearch Server Exposes Trove of Patient Data

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

The Week in Cyber Security and Data Privacy: 30 October – 5 November 2023

To get the most from blockchain in government, a sharing mindset is needed

GUEST ESSAY: Why the next round of cyber attacks could put many SMBs out of business

How are the EU member states progressing in their implementation of the NIS Directive?

SEC Continues Focus on Cybersecurity Disclosure Failures, Announces Settled Charges Against Pearson plc

The 2018 CIGO Summit Announces Participating Speakers

List of data breaches and cyber attacks in May 2018 – 17,273,571 records leaked

Cyber resilience in the Scottish public sector: meeting the Cyber Essentials certification deadline

Data Innovator Spotlight - Interview with Charles Joseph, DataZed

The Riviera Beach City pays $600,000 in ransom

E-Verify’s “SSN Lock” is Nothing of the Sort

ICAWOOD Chooses Everteam’s “Fidji” Cloud-based Document Management System for its Real Estate Assets

Patch your vulnerabilities now or risk punishment under the GDPR

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Good news for employers, finally – the UK Supreme Court hands down judgment in WM Morrison Supermarkets plc (Appellant) v Various Claimants (Respondents)

Good news for employers, finally – the UK Supreme Court hands down judgment in WM Morrison Supermarkets plc (Appellant) v Various Claimants (Respondents)

Security Compliance & Data Privacy Regulations

How Cyber Essentials can help secure against malware

Alabama Hospital chain paid ransom to resume operations after ransomware attack

Stay Connected