Data Matters

JULY 30, 2018

In October 2017, the National Association of Insurance Commissioners (NAIC) adopted an Insurance Data Security Model Law. On May 3, 2018, South Carolina became the first state to enact this Model Law, in the form of the South Carolina Insurance Data Security Act (H.B.

Insurance 60

Insurance Security Cybersecurity Data breaches 60

Data Matters

SEPTEMBER 3, 2020

The National Association of Insurance Commissioners (NAIC) held its Summer 2020 National Meeting (Summer Meeting) from July 27 to August 14, 2020. NAIC Considers Comments to the Group Capital Calculation Template and Instructions and Related Revisions to the Insurance Holding Company Act . GCC Template and Instructions.

Insurance 68

Insurance Paper Artificial Intelligence Big data 68

Krebs on Security

JANUARY 29, 2021

The unprecedented volume of unemployment insurance fraud witnessed in 2020 hasn’t abated, although news coverage of the issue has largely been pushed off the front pages by other events. Another 17 percent of claims — nearly $20 billion more – are suspected fraud. In a notice posted Jan. 28 , the U.S.

Insurance 306

Insurance Personal data Authentication IT 306

Hunton Privacy

JULY 1, 2022

(“Carnival”), the world’s largest cruise-ship operator, for violations of the Cybersecurity Regulation (23 NYCRR Part 500) in connection with four cybersecurity events between 2019 and 2021, including two ransomware events. . NYDFS also found that Carnival had failed to implement basic protocols to prevent data breaches.

Cybersecurity 115

Cybersecurity Insurance Phishing Financial Services 115

Hunton Privacy

FEBRUARY 25, 2021

As reported on the Hunton Insurance Recovery blog , on February 4, 2021, the New York Department of Financial Services (“NYDFS”), which regulates the business of insurance in New York, has issued guidelines, in the Insurance Circular Letter No.

Insurance 70

Insurance Cybersecurity Risk Education 70

The Last Watchdog

OCTOBER 29, 2018

The headlines immediately attempted to lay the blame, in large part, on the fact that Equifax’s chief information security officer was a music major and did not have a background in technology. The technologies existing in 2018 will undoubtedly differ from those that exist in 2020. Even the best security program is not bulletproof.

Security 164

Security Data Privacy Privacy Data breaches 164

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

Data Matters

SEPTEMBER 20, 2021

The National Association of Insurance Commissioners (NAIC) held its Summer 2021 National Meeting (Summer Meeting) August 14-17, 2021. Highlights include, among others, adoption of revised risk-based capital bond factors for life insurers, amendments to SSAP No. NAIC Adopts Revised Risk-Based Capital Bond Factors for Life Insurers.

Insurance 88

Insurance e-Delivery Paper Sales 88

eSecurity Planet

OCTOBER 18, 2021

The legal complaint [PDF] notes that on July 9, 2019, the day it was hit by a ransomware attack, Springhill Memorial Hospital contended that the event had “not affected patient care.” ” Nicko died nine months later, on April 16, 2020. .” ” Nicko died nine months later, on April 16, 2020.

Ransomware 104

Ransomware Insurance Digital transformation Cybersecurity 104

Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. NSC), relating to violations of three different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2020. NYDFS Cybersecurity Regulation.

Cybersecurity 94

Cybersecurity Financial Services Phishing Compliance 94

Hunton Privacy

FEBRUARY 22, 2021

The NYDFS learned of the threat after receiving reports from auto insurers that cybercriminals were targeting their premium quote sites to steal driver’s license numbers. As we previously reported , NYDFS issued guidance regarding cybersecurity during the pandemic in April 2020.

Financial Services 86

Financial Services Insurance Cybersecurity Analytics 86

HL Chronicle of Data Protection

FEBRUARY 25, 2020

Companies should take note of two imminent developments in New York in the area of cybersecurity regulation: enforcement of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (Regulation) and the effective date of the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act or Act).

Cybersecurity 104

Cybersecurity Financial Services Data breaches Insurance 104

Security Affairs

NOVEMBER 29, 2020

“The secure remediation plan launched on 26 October is nearly complete. The Group’s insurance coverage for cyber risks totals €30 million.” The IT services provider said that sales activity for the fourth quarter should not be significantly affected by this event. ” states the company. Pierluigi Paganini.

Ransomware 99

Ransomware Insurance Sales Cybersecurity 99

Security Affairs

APRIL 8, 2021

It’s impossible to determine if the two events are connected to the breach. January 2020, the cardshop’s records were leaked on an underground forum. The comparison with the database leaked in January 2020 revealed that the number of Swarmshop users has grown by more than 2.5x ever since. Pierluigi Paganini.

Passwords 107

Passwords Insurance Personal data Sales 107

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

Hunton Privacy

APRIL 1, 2020

Join us on April 7, 2020, for an in-depth webinar on Managing Critical Infrastructure Workforce During the COVID-19 Pandemic. Our featured group of speakers will discuss the legal, medical and practical issues that critical infrastructure companies are facing during the current COVID-19 pandemic. Register for this program now.

Insurance 71

Insurance Privacy Security 71

Data Protection Report

OCTOBER 24, 2022

On October 18, 2022, the New York Department of Financial Services announced a settlement with EyeMed, a licensed life, accident, and health insurer, with respect to a security incident that occurred in 2020. The settlement requires EyeMed to pay $4.5 million, among other things. Background. million.

Cybersecurity 52

Cybersecurity Personal data Risk Financial Services 52

Thales Cloud Protection & Licensing

APRIL 11, 2023

Funny enough, many a CIO would already have been preaching this pre-2020. For inward-facing executives, it was a huge operational and security nightmare to suddenly shift to a remote form of working and adoption of cloud-based solutions to mitigate the imperfections of relying on company servers.

B2C 87

B2C B2B Retail Insurance 87

Adam Levin

JUNE 30, 2020

We’re not even halfway through 2020, and already it’s been a record-breaking year for ransomware attacks. In the same survey, 35 percent thought CEOs should be fined for a cyber failure, and 30 percent wanted to see a CEO lose his or her right to run any company following a serious cyber event. What can CEOs do?

Ransomware 74

Ransomware Insurance Cybersecurity Manufacturing 74

Krebs on Security

JULY 27, 2020

For 2020, the company estimates an overall 258 percent spike in the crime. based cyber intelligence firm Hold Security has been monitoring the communications between and among a businesses ID theft gang apparently operating in Georgia and Florida but targeting businesses throughout the United States. ” PHANTOM OFFICES. .

Energy and Utilities 359

Energy and Utilities Computer and Electronics Insurance Risk 359

eSecurity Planet

FEBRUARY 16, 2021

The internet is fraught with peril these days, but nothing strikes more fear into users and IT security pros than the threat of ransomware. Raising awareness about ransomware is a baseline security measure. As training sessions have little influence over staff for every potential attack, it makes added security more imperative.

Ransomware 97

Ransomware Encryption Insurance Cloud 97

erwin

APRIL 11, 2019

Some suggest the California Consumer Privacy Act (CCPA), which takes effect January 1, 2020, sets a precedent other states will follow by empowering consumers to set limits on how companies can use their personal information. Compliance is an on-going requirement, so efforts to become compliant should not be treated as static events.

GDPR 100

GDPR e-Discovery Compliance Metadata 100

IT Governance

SEPTEMBER 1, 2022

Meanwhile, the bastion of password security, LastPass, announced that its systems had been breached – although the organisation is confident that customers’ details remain secure. In total, we identified 112 publicly disclosed security incidents in August, resulting in 97,456,345 compromised records.

Data breaches 116

Data breaches Ransomware Energy and Utilities Phishing 116

eSecurity Planet

SEPTEMBER 14, 2022

billion in reported losses, up from 2020’s 791,790 complaints and $4.2 Finance and insurance finished a close second at 22.4%. Finance and insurance companies were particularly vulnerable to the sort of phishing scams we’re talking about. In 2020 alone, 79 ransomware attacks were conducted against government entities in the U.S.,

Energy and Utilities 120

Energy and Utilities Phishing Blockchain Cybersecurity 120

Thales Cloud Protection & Licensing

JULY 21, 2022

Security breaches in this sector can be incredibly disruptive to society and are attracting considerable attention from governments and regulatory bodies around the world. When tackling these security challenges, the human element is the most important factor. The effects of cyberattacks on critical infrastructure can be catastrophic.

Energy and Utilities 71

Energy and Utilities Ransomware IoT Risk 71

HL Chronicle of Data Protection

MARCH 16, 2020

On Tuesday, 3 March 2020, we welcomed our financial services clients in London to a lively panel event, which covered the multitude of issues which arise in a cybersecurity incident. Peter Marta. Arwen Handley. Philip Parish. Nicola Fulford.

Cybersecurity 59

Cybersecurity Financial Services Risk Insurance 59

Data Matters

FEBRUARY 10, 2022

On Monday, January 24, 2022, in a speech at the Northwestern University Pritzker School of Law annual Securities Regulation Institute conference, Gary Gensler, Chair of the U.S. He also signaled the SEC’s continued focus on enforcement and cooperation with other law enforcement agencies.

Cybersecurity 88

Cybersecurity Marketing Risk Compliance 88

Data Matters

FEBRUARY 25, 2021

This follows the FCA’s announcement in its 2020-21 business plan that payment services were one of its main supervisory priorities 1 and its temporary guidance of July 9, 2020, on prudential risk management and safeguarding in light of the COVID-19 pandemic ( Temporary COVID Guidance ). its Perimeter Guidance Manual (PERG).

Authentication 68

Authentication Paper Risk Insurance 68

Data Protection Report

JANUARY 7, 2019

Entities covered by the Regulation, which includes not only banks and insurers, but also other financial service institutions and licensees regulated by the DFS that utilize third-party service providers, will be required to implement third-party risk management programs by March 1. Third-party service provider risk management program.

Cybersecurity 40

Cybersecurity Compliance Financial Services Risk 40

Security Affairs

FEBRUARY 8, 2024

26 key cyber security stats for 2024 that every user should know, from rising cyber crime rates to the impact of AI technolog y. Cyber Insurance: US cyber insurance premiums soared by 50% in 2022, reaching $7.2 million unfilled cyber security jobs, showing a big need for skilled professionals. million per breach.

Security 123

Security Phishing IoT Ransomware 123

eSecurity Planet

MAY 5, 2021

These services are managed by outsourced teams of experts to help remove some of the need for dedicated onsite security staff and to decrease the amount of day-to-day work for their clients. The company currently secures $5.7 Every client receives a dedicated security advisor to streamline questions and support. Secureworks.

Cloud 57

Cloud Compliance Artificial Intelligence Analytics 57

eSecurity Planet

SEPTEMBER 10, 2021

As ransomware threats loom, we look at where backups fall short, and what to keep in mind to optimize network and data security. In the event of a ransomware attack, an organization could lose access to part or all of its network data and systems, blocking further work. Why Are Backups Critical? Extended Downtime Can Be Deadly.

Ransomware 120

Ransomware Encryption Cybersecurity Access 120

Adam Levin

MARCH 16, 2020

That is exponentially more expensive than other cyber events. But don’t let the 79% recovery rate lull you into a false sense of security. Department of Homeland Security, the U.S. Despite these efforts, losses from BEC scams are expected to continue to rise in 2020. It’s Time to Do Something.

Phishing 52

Phishing Insurance Data breaches Personal data 52

Data Matters

DECEMBER 23, 2020

On December 15, 2020, the U.S. Federal Deposit Insurance Corporation (FDIC) approved and the federal banking agencies jointly announced on December 18 a notice of proposed rulemaking, Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers (NPR).

Security 68

Security Cybersecurity Insurance Communications 68

Data Matters

MAY 9, 2019

The National Association of Insurance Commissioners (NAIC) held its Spring 2019 National Meeting (Spring Meeting) in Orlando, Florida, from April 6 to 9, 2019. ceding insurer could be eligible for the same reduced collateral requirements that would apply to qualifying EU reinsurers under the revised CFR Model Laws.

Insurance 68

Insurance Blockchain Big data Risk 68

Krebs on Security

DECEMBER 13, 2021

On 10 May 2021, security auditors first identified evidence of the attacker compromising systems within Hospital C and Hospital L. On May 13, the HSE’s antivirus security provider emailed the HSE’s security operations team, highlighting unhandled threat events dating back to May 7 on at least 16 systems.

Ransomware 274

Ransomware Cybersecurity Phishing Security 274

Data Matters

JUNE 29, 2018

1, 2020, unless changed in the interim. The potential negative effects on innovation and widespread business practices are likely to prompt considerable interest in making necessary corrections and other amendments to the law before it takes effect in 2020 as well as in possible preemptive federal legislation. biometric information.

GDPR 79

GDPR Privacy Sales Data breaches 79