2018, Government, Insurance and IT - Information Management Today

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

eSecurity Planet

MAY 27, 2021

The explosion of ransomware and similar cyber incidents along with rising associated costs is convincing a growing number of insurance companies to raise the premiums on their cyber insurance policies or reduce coverage, moves that could further squeeze organizations under siege from hackers. Insurers Assessing Risks.

Insurance

Insurance Ransomware Risk Data science

Experts: Breach at IT Outsourcing Giant Wipro

Krebs on Security

APRIL 15, 2019

In March 2018, Wipro said it passed the $8 billion mark in annual IT services revenue. In September 2018, the Nebraska Department of Health and Human Services issued a cease-and-desist letter to Wipro, ordering it to stop work on the upgrade to the state’s Medicaid enrollment system, and to vacate its state offices.

IT

IT Insurance Communications Phishing

New York Regulators Call on Insurers to Strengthen the Cyber Underwriting Process

Hunton Privacy

FEBRUARY 25, 2021

As reported on the Hunton Insurance Recovery blog , on February 4, 2021, the New York Department of Financial Services (“NYDFS”), which regulates the business of insurance in New York, has issued guidelines, in the Insurance Circular Letter No. sought coverage for expenses under its property insurance policy.

Insurance

Insurance Cybersecurity Risk Education

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Data Matters

FEBRUARY 10, 2021

2 announcing a Cyber Insurance Risk Framework (the Framework) that describes industry best practices for New York-regulated property/casualty insurers. According to NYDFS, the incorporation of these practices should be proportionate to each insurer’s size, resources, geographic distribution, and other factors. The Framework.

Insurance

Insurance Financial Services Cybersecurity Risk

MY TAKE: Poorly protected local government networks cast shadow on midterm elections

The Last Watchdog

SEPTEMBER 14, 2018

In March 2018, the city of Atlanta fell victim to a ransomware attack that shut down its computer network. It’s easy to think of it as a problem the federal government must address or something that enterprises deal with, but cybersecurity has to be addressed closer to home, as well. City agencies were unable to collect payment.

Government

Government Digital transformation Mining Insurance

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Data Matters

JANUARY 14, 2019

On December 19, 2018, Ohio adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. The Act is designed to “establish standards for data security and for the investigation and notification to the Superintendent of Insurance of a cybersecurity event.”.

Insurance

Insurance Security Cybersecurity Data breaches

Regulatory Update: NAIC Fall 2018 National Meeting

Data Matters

DECEMBER 11, 2018

The National Association of Insurance Commissioners (NAIC) held its Fall 2018 National Meeting (Fall Meeting) in San Francisco, California, from November 15 to 18, 2018. NAIC Continues its Evaluation of Insurers’ Use of Big Data. This post summarizes the highlights from this meeting. groups with non-U.S.

Insurance

Insurance Paper Risk Big data

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. 13, 2018 and Mar. 28, 2018, a claim Citrix initially denied but later acknowledged.

Passwords

Passwords Access Insurance Government

Regulatory Update: NAIC Summer 2018 National Meeting

Data Matters

AUGUST 24, 2018

The National Association of Insurance Commissioners (NAIC) held its Summer 2018 National Meeting in Boston, Massachusetts, from August 4 to 7, 2018. NAIC Continues its Evaluation of Insurers’ Use of Big Data . The NAIC is also considering insurers’ use of big data in underwriting life insurance products.

Insurance

Insurance Big data e-Delivery Risk

RaidForums Gets Raided, Alleged Admin Arrested

Krebs on Security

APRIL 12, 2022

The government alleges Coelho and his forum administrator identity “ Omnipotent ” profited from the illicit activity on the platform by charging “escalating prices for membership tiers that offered greater access and features, including a top-tier ‘God’ membership status.”

Sales

Sales Data breaches Government Access

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

The SEC says First American derives nearly 92 percent of its revenue from its title insurance segment, earning $7.1 Title insurance protects homebuyers from the prospect of someone contesting their legitimacy as the new homeowner. Title insurance is not mandated by law, but most lenders require it as part of any mortgage transaction.

Insurance

Insurance Risk Financial Services Mining

Ransomware Bites Dental Data Backup Firm

Krebs on Security

AUGUST 29, 2019

-based PerCSoft is a cloud management provider for Digital Dental Record (DDR), which operates an online data backup service called DDS Safe that archives medical records, charts, insurance documents and other personal information for various dental offices across the United States. ” Read the full ProPublica piece here. .

Ransomware

Ransomware Insurance Encryption Cloud

Privacy and Cybersecurity Top 10 for 2018

Data Matters

JANUARY 2, 2018

We expect each of these trends to continue in 2018. As we begin this New Year, here is list of the top 10 privacy and cybersecurity issues for 2018: EU GDPR. The May 25, 2018 effective date for the EU’s General Data Protection Regulation (GDPR) will no doubt be a central focus of 2018. Data breach litigation risks.

Cybersecurity

Cybersecurity Privacy Data breaches GDPR

List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked

IT Governance

OCTOBER 30, 2018

Social insurance numbers. The post List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked appeared first on IT Governance Blog. Henderson ISD, a school district in Texas, recently lost more than $600,000 in a BEC attack. the organisation overseeing the building of a stadium.

Data breaches

Data breaches Computer and Electronics Passwords Insurance

List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked

IT Governance

OCTOBER 30, 2018

Social insurance numbers. The post List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked appeared first on IT Governance Blog. Henderson ISD, a school district in Texas, recently lost more than $600,000 in a BEC attack. the organisation overseeing the building of a stadium.

Data breaches

Data breaches Computer and Electronics Passwords Insurance

ICAWOOD Chooses Everteam’s “Fidji” Cloud-based Document Management System for its Real Estate Assets

Everteam

JULY 22, 2020

Data Management , Governing , Information Governance. Paris, July 23, 2020 – Everteam, a leading provider of Enterprise Content Management and Information Governance software, announces that it has been selected by ICAWOOD for its “Sanctuary EDM” project in the Cloud, integrating the Fiji document classification plan.

Cloud

Cloud Information governance IT Artificial Intelligence

Data privacy examples

IBM Big Data Hub

APRIL 24, 2024

The General Data Protection Regulation (GDRP) The GDPR is a European Union privacy regulation that governs how organizations in and outside of Europe handle the personal data of EU residents. An online retailer always gets users’ explicit consent before sharing customer data with its partners.

Data Privacy

Data Privacy Privacy GDPR Personal data

The Week in Cyber Security and Data Privacy: 30 October – 5 November 2023

IT Governance

NOVEMBER 6, 2023

When MOVEit was hacked by the Russian Cl0p ransomware gang in May, email addresses and links to government employee surveys were compromised. Compromised information included patients’ names, dates of birth, postal addresses, Social Security numbers, diagnosis and treatment information, and health insurance information.

Data Privacy

Data Privacy Privacy Libraries Security

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

The advisory was promptly endorsed by the National Cyber Security Centre, a division of Government Communications Headquarters (“GCHQ”), a UK intelligence agency. government, especially in light of ongoing tensions between the U.S. First , all of the reports specifically focus on the threat of Russian state-sponsored cyberattacks.

Cybersecurity

Cybersecurity Financial Services Authentication Government

Dark Overlord hacking crew publishes first batch of confidential 9/11 files

Security Affairs

JANUARY 6, 2019

The Dark Overlord hacking group claims to have stolen a huge trove of documents from the British insurance company Hiscox, Hackers stole “hundreds of thousands of documents,” including tens of thousands files related to the 9/11 terrorist attacks. “What’s the takeaway? “ There’s five layers to go.

Insurance

Insurance Data breaches Sales Government

NYDFS Cybersecurity Regulation: Additional Cybersecurity Program Safeguards Due September 4, 2018

Data Matters

AUGUST 27, 2018

Companies subject to New York’s Cybersecurity Regulation are acting quickly to finalize their compliance obligations as the fifth “due date,” September 4, 2018, quickly approaches. For more background on the regulation, see our report, “NYDFS issues final cybersecurity regulations, setting new industry standard for cybersecurity controls.”.

Cybersecurity

Cybersecurity Compliance Encryption Risk

Zurich refuses to pay Mondelez for NotPetya damages because it’s ‘an act of war’

Security Affairs

JANUARY 14, 2019

Zurich American Insurance Company is refusing to refund its client because consider the attack as “an act of war” that is not covered by its policy. According to the cyber security community, NotPetya is a cyber weapon develped by Russia to hit the Ukrainian government.

Insurance

Insurance Ransomware Sales Government

Government survey reveals GDPR awareness is falling short

IT Governance

FEBRUARY 8, 2018

The Cyber Security Breaches Survey 2018 from the Department for Digital, Culture, Media and Sport (DCMS) has revealed that only 38% of businesses and 44% of charities have heard of the General Data Protection Regulation (GDPR). This is a worrisome finding, as it is only a matter of months until the new Regulation is enforced. Key findings.

GDPR

GDPR Government Education Compliance

Digital Customer Experience is becoming the deciding battlefield on the insurance landscape

CGI

FEBRUARY 28, 2018

Digital Customer Experience is becoming the deciding battlefield on the insurance landscape. Wed, 02/28/2018 - 10:36. Digital Customer Experience in many ways is becoming the deciding battlefield on the insurance landscape as to who will win through. p.butler@cgi.com. Although respective remits often tend to be company specific.

Customer Experience

Customer Experience Insurance Artificial Intelligence Retail

GUEST ESSAY: Why the next round of cyber attacks could put many SMBs out of business

The Last Watchdog

AUGUST 12, 2019

In the last year, the news media has been full of stories about vicious cyber breaches on municipal governments. From Atlanta to Baltimore to school districts in Louisiana, cyber criminals have launched a wave of ransomware attacks on governments across the country. It is not of a matter of “if” but “when.”

Cybersecurity

Cybersecurity Risk Insurance Government

UK businesses are reporting fewer data breaches, but is this as positive as it sounds?

IT Governance

MAY 2, 2019

A third of businesses and a fifth of charities were hit by a cyber attack or data breach in the past year, the UK government’s Cyber Security Breaches Survey 2019 has found. More medium-sized (31% vs 19%) and large businesses (35% vs 24%) have invested in cyber insurance.

Data breaches

Data breaches GDPR IT Compliance

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. See the Top Governance, Risk and Compliance (GRC) Tools. Regulatory compliance and data privacy issues have long been an IT security nightmare. Healthcare Data Privacy Laws.

Data Privacy

Data Privacy Compliance Privacy Security

E-Verify’s “SSN Lock” is Nothing of the Sort

Krebs on Security

JULY 4, 2020

One of the most-read advice columns on this site is a 2018 piece called “ Plant Your Flag, Mark Your Territory ,” which tried to impress upon readers the importance of creating accounts at websites like those at the Social Security Administration , the IRS and others before crooks do it for you. So I chose to unlock it.

Passwords

Passwords Authentication Insurance Mining

SEC Continues Focus on Cybersecurity Disclosure Failures, Announces Settled Charges Against Pearson plc

Data Matters

AUGUST 30, 2021

2 The SEC’s Pearson Order follows its June 2021 announcement that it had settled charges against First American Title Insurance Company (First American) for cybersecurity disclosure control failures. Through its announcement of settled charges against Pearson plc (Pearson) on August 16, 2021, the U.S.

Cybersecurity

Cybersecurity Risk Data Privacy Passwords

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Data Matters

JUNE 24, 2021

On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information. 26, 2018). SEC Statement and Guidance on Public Company Cybersecurity Disclosures.

Cybersecurity

Cybersecurity Financial Services Risk Compliance

How are the EU member states progressing in their implementation of the NIS Directive?

IT Governance

APRIL 10, 2019

Implementation status : Transposed, as the Cyber Security Act (94/2018). Implementation status : Transposed, as The Security of Network and Information Systems Law of 2018. 440/2018) , along with Executive Order (no. 458/2018) and Executive Order (no. 360 of 2018. 46/ 2018 of August 13. Czech Republic.

Compliance

Compliance Information Security Government Insurance

Cyber resilience in the Scottish public sector: meeting the Cyber Essentials certification deadline

IT Governance

OCTOBER 3, 2018

The Scottish government therefore launched Safe, secure and prosperous: a cyber resilience strategy for Scotland in 2015 to help develop a culture of cyber resilience across the country. As part of this initiative, the government launched the Public Sector Action Plan in November 2017. Cyber Essentials certification.

Government

Government Compliance Risk Insurance

To get the most from blockchain in government, a sharing mindset is needed

CGI

MAY 13, 2018

To get the most from blockchain in government, a sharing mindset is needed. Mon, 05/14/2018 - 00:45. federal government. Released in April, the playbook helps government organizations envision how blockchain technology can solve a myriad of government challenges. Importance of governance. It is shared.

Blockchain

Blockchain Government Computer and Electronics Mining

Elasticsearch Server Exposes Trove of Patient Data

Adam Levin

MARCH 19, 2019

Meditlab, an electronic medical record company, left a server for electronic faxes completely unprotected since bringing it online in March 2018. The patient data was on a server running Elasticsearch, a search engine commonly configured for internal use at companies and government organizations. million Dow Jones & Co.

Insurance

Insurance Government Cybersecurity Access

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

According to the experts, the threat actors are merely trying to monetize their efforts selling information that have no intelligence value for the Iranian Government. Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Pierluigi Paganini.

Access

Access Financial Services Retail Insurance

The Riviera Beach City pays $600,000 in ransom

Security Affairs

JUNE 20, 2019

On Monday, city officials participating to a rapid meeting unanimously voted to use the city’s insurance to pay a ransom of 65 bitcoins (~$603,000). “The payment is being covered by insurance.” ” reported the Associated Press. ” continues the AP. million to hackers — about $2,400 per attack.

Insurance

Insurance Ransomware Encryption Government

Data Innovator Spotlight - Interview with Charles Joseph, DataZed

Reltio

JUNE 12, 2020

Title: Founder & Data Governance Consultant. 1 sentence company description: DataZed is a consultancy that works with organizations to improve their data quality, data governance and data strategy. Summary: Charles specializes in data governance, data quality and data strategy for the insurance industry.

Insurance

Insurance Customer Experience B2B MDM

Patch your vulnerabilities now or risk punishment under the GDPR

IT Governance

JANUARY 19, 2018

In the wake of the Meltdown and Spectre flaws revealed on 3 January 2018, the Information Commissioner’s Office (ICO) has warned that existing vulnerabilities could lead to punishment when the EU General Data Protection Regulation (GDPR) is enforced. Secure configuration. Boundary firewalls and Internet gateways. Malware protection.

GDPR

GDPR Risk Insurance Government

List of data breaches and cyber attacks in May 2018 – 17,273,571 records leaked

IT Governance

MAY 29, 2018

Insurance startup leaks sensitive customer health data. Hacker Publicly Posts Data Stolen From Government-Linked Cyberespionage Group. I’m not, though. I’m entirely guileless. I count this month’s total number of breached records to be 17,273,571, which is actually quite low when compared with previous months.

Data breaches

Data breaches GDPR Ransomware Passwords

List of data breaches and cyber attacks in August 2020 – 36.6 million records breached

IT Governance

SEPTEMBER 1, 2020

But, by contrast, only 36,673,575 records were confirmed to have been leaked, which is the fewest we’ve recorded since May 2018. There were a massive 99 data breaches and cyber attacks in August, making it the third-biggest monthly total of the year by number of security incidents. Cyber attacks. Hitachi Chemical Co. Cyber attacks.

Data breaches

Data breaches Ransomware Insurance Manufacturing

How Cyber Essentials can help secure against malware

IT Governance

NOVEMBER 28, 2018

To highlight the importance and usefulness of the Cyber Essentials scheme, we’ve produced a series of blog posts summarising each of the five security controls that, according to the UK government, could prevent “around 80% of cyber attacks”. Reduce cyber insurance premiums. This blog covers malware. A long and varied list of threats.

Security

Security Ransomware Government Insurance

When it rains, it pours

InfoGovNuggets

APRIL 28, 2018

. “Wells Fargo Faces 401(k) Probe,” The Wall Street Journal , April 27, 2018 A1. Certainly a bank accused of similar conduct with respect to accounts, credit cards, mortgage loans, and auto insurance wouldn’t do anything so dastardly.

IT

IT Insurance Compliance Government

Good news for employers, finally – the UK Supreme Court hands down judgment in WM Morrison Supermarkets plc (Appellant) v Various Claimants (Respondents)

Data Protection Report

APRIL 2, 2020

In a judgment which will be warmly welcomed by employers (and their insurers) in the UK, the UK Supreme Court today overruled the Court of Appeal in holding that that Morrisons supermarkets is not vicariously liable for a data breach maliciously caused by a former employee. The employee’s motive is therefore relevant in that analysis.

Data breaches

Data breaches Insurance Risk Marketing

Good news for employers, finally – the UK Supreme Court hands down judgment in WM Morrison Supermarkets plc (Appellant) v Various Claimants (Respondents)

Data Protection Report

APRIL 1, 2020

In a judgment which will be warmly welcomed by employers (and their insurers) in the UK, the UK Supreme Court today overruled the Court of Appeal in holding that that Morrisons supermarkets is not vicariously liable for a data breach maliciously caused by a former employee. The employee’s motive is therefore relevant in that analysis.

Data breaches

Data breaches Insurance Risk Marketing

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

Experts: Breach at IT Outsourcing Giant Wipro

Webinars

Trending Sources

New York Regulators Call on Insurers to Strengthen the Cyber Underwriting Process

Webinars

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

MY TAKE: Poorly protected local government networks cast shadow on midterm elections

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Regulatory Update: NAIC Fall 2018 National Meeting

Hackers Were Inside Citrix for Five Months

Regulatory Update: NAIC Summer 2018 National Meeting

RaidForums Gets Raided, Alleged Admin Arrested

First American Financial Pays Farcical $500K Fine

Ransomware Bites Dental Data Backup Firm

Privacy and Cybersecurity Top 10 for 2018

List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked

List of data breaches and cyber attacks in October 2018 – 44,701,278 records leaked

ICAWOOD Chooses Everteam’s “Fidji” Cloud-based Document Management System for its Real Estate Assets

Data privacy examples

The Week in Cyber Security and Data Privacy: 30 October – 5 November 2023

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Dark Overlord hacking crew publishes first batch of confidential 9/11 files

NYDFS Cybersecurity Regulation: Additional Cybersecurity Program Safeguards Due September 4, 2018

Zurich refuses to pay Mondelez for NotPetya damages because it’s ‘an act of war’

Government survey reveals GDPR awareness is falling short

Digital Customer Experience is becoming the deciding battlefield on the insurance landscape

GUEST ESSAY: Why the next round of cyber attacks could put many SMBs out of business

UK businesses are reporting fewer data breaches, but is this as positive as it sounds?

Security Compliance & Data Privacy Regulations

E-Verify’s “SSN Lock” is Nothing of the Sort

SEC Continues Focus on Cybersecurity Disclosure Failures, Announces Settled Charges Against Pearson plc

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

How are the EU member states progressing in their implementation of the NIS Directive?

Cyber resilience in the Scottish public sector: meeting the Cyber Essentials certification deadline

To get the most from blockchain in government, a sharing mindset is needed

Elasticsearch Server Exposes Trove of Patient Data

Iran-linked APT group Pioneer Kitten sells access to hacked networks

The Riviera Beach City pays $600,000 in ransom

Data Innovator Spotlight - Interview with Charles Joseph, DataZed

Patch your vulnerabilities now or risk punishment under the GDPR

List of data breaches and cyber attacks in May 2018 – 17,273,571 records leaked

List of data breaches and cyber attacks in August 2020 – 36.6 million records breached

How Cyber Essentials can help secure against malware

When it rains, it pours

Good news for employers, finally – the UK Supreme Court hands down judgment in WM Morrison Supermarkets plc (Appellant) v Various Claimants (Respondents)

Good news for employers, finally – the UK Supreme Court hands down judgment in WM Morrison Supermarkets plc (Appellant) v Various Claimants (Respondents)

Stay Connected