Article, Events and Insurance - Information Management Today

Cyber-insurance – 72 hours for the insured party to file a criminal complaint: GDPR’s false friend

Data Protection Report

MARCH 21, 2023

2] In this context, the Directorate General of the French Treasury has put forward a plan of action with a view to clarifying the cyber-insurance legal framework, better gauging cyber-risks, and enhancing companies’ awareness as regards cyber-risks. 12-10-1 into the French Insurance code. However, in the end, Article L.12-10-1

Insurance

Insurance Data breaches Personal data GDPR

CJEU Rules on Processing of Sensitive Data and Compensation Under the GDPR

Hunton Privacy

JANUARY 5, 2024

Background The case related to the processing of an incapacitated employee’s personal data, including health data, by the medical service provider (“MDK”) of a health insurance fund in Germany. Under applicable law, the MDK draws up reports on the capacity of individuals insured by the health insurance fund to work.

GDPR

GDPR Personal data Insurance Access

Cybersecurity Insurance

Schneier on Security

APRIL 12, 2018

Good article about how difficult it is to insure an organization against Internet attacks, and how expensive the insurance is. In my new book -- out in September -- I write: There are challenges to creating these new insurance products. There are two basic models for insurance. BoingBoing article.

Insurance

Insurance Cybersecurity Data breaches Retail

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Hunton Privacy and Insurance Leaders Address Prevention and Insurability of Cyber Attacks

Hunton Privacy

NOVEMBER 27, 2017

On November 3, 2017, Securityroundtable.org published an article highlighting the vulnerabilities businesses face in a world of e-commerce and interconnectivity, and spotlighted a crisis-planning panel hosted by Hunton & Williams held on November 1. Sponsors for the event included Stroz Friedberg, Pal Alto Networks and Egon Zehnder.

Insurance

Insurance Privacy Cybersecurity Risk

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance

Insurance Cybersecurity Data breaches Financial Services

What Is Integrated Risk Management? Definition & Implementation

eSecurity Planet

APRIL 29, 2024

To explain IRM, in the article I outline its key components, benefits, how IRM differs from other risk models, and IRM frameworks. For example, the Health Insurance Portability and Accountability Act (HIPAA) regulates personal health information and imposes fines for data breach or data inaccessibility.

Risk

Risk Compliance Communications Insurance

Exploring Cyber Insurance: What Companies Need to Know Now

Hunton Privacy

JUNE 16, 2014

As companies seek out ways to prevent these events and recoup losses associated with a data breach, cyber insurance is increasingly discussed as an effective method of recovery. In a recent article published in the Daily Journal , Hunton & Williams’ Insurance Coverage Counseling and Litigation attorney William T.

Insurance

Insurance Data breaches Risk Cybersecurity

Insurers’ digital focus is looking through the wrong ‘lens’

CGI

FEBRUARY 28, 2017

Insurers’ digital focus is looking through the wrong ‘lens’. Read any article on digital insurance and it seems to me that it is all about the insurers! harini.kottees…. Tue, 02/28/2017 - 03:52.

Insurance

Insurance Big data IoT Manufacturing

Increased Focus on Cyber Insurance Post-Target Breach

Hunton Privacy

JANUARY 31, 2014

Recent media attention focused on the security breach that affected millions of Target customers has increased interest in cyber insurance to cover the financial losses associated with these types of events.

Insurance

Insurance Marketing Risk Security

Anti-Ransomware Company Exagrid Pays $2.6 Million Ransom

Adam Levin

JUNE 4, 2021

Upon publication of this article, the Exagrid website still touted seven industry awards for work in the area of ransomware recovery solution, but this attack will harm its reputation, proving once again that no one is immune from the scourge of a well-targeted attack. The post Anti-Ransomware Company Exagrid Pays $2.6

Ransomware

Ransomware Insurance Education Risk

Highlights from Capture Conference 2022

Info Source

OCTOBER 21, 2022

Usually when I attend a conference, I produce a recap of the event, but this time I’ve chosen not to. The event is intended to be intimate. I’ve also included the conversation I had with Todd Albers in full (you can find it at the end of this article), which we only managed to schedule a week before the event.

Digital transformation

Digital transformation Insurance Marketing Cloud

How to Manage Your Cyber Risks

IT Governance

OCTOBER 11, 2022

One of the most common mistakes that organisations make when addressing cyber security is that they consider it a one-off event. Why Cyber Insurance is Essential in 2022. Many of their requirements overlap, particularly in relation to Article 32 of the Regulation.

Risk

Risk GDPR Information Security Personal data

GUEST ESSAY: A guide to implementing best security practices — before the inevitable breach

The Last Watchdog

OCTOBER 29, 2018

the Health Insurance Portability and Accountability Act (HIPAA)), the answer is generally that a company should implement a “reasonable data privacy and security program” under all circumstances. Insurability. Editor’s note: This article also appears on michaelbest.com.

Security

Security Data Privacy Privacy Data breaches

On Cyber Warranties

Schneier on Security

MARCH 26, 2020

Interesting article discussing cyber-warranties, and whether they are an effective way to transfer risk (as envisioned by Ackerlof's "market for lemons") or a marketing trick. Ambiguous definitions of the buyer's obligations and excluded events create uncertainty over what is covered.

Marketing

Marketing Insurance Risk IT

2022 Retrospective

Everteam

DECEMBER 27, 2022

1 event organized by our partner Viveris. 4 Articles . ● Retrospective 2022. ● Summary of Everteam Documation 2022 conferences. ● Job interview: Alexandre and Corentin, PhD students at the Lab. ● Everteam : from EDM to Information Governance (part 1). ● Everteam : from EDM to Information Governance (part 2). . .

Records Management

Records Management Information governance Archiving Government

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

For example, under GDPR data subjects and/or regulators may now pursue direct remedies against data processors in the event of infringement of obligations, whereas such remedies did not exist under the prior data privacy regulation.

GDPR

GDPR Compliance Privacy Data Privacy

MY TAKE: Poorly protected local government networks cast shadow on midterm elections

The Last Watchdog

SEPTEMBER 14, 2018

EventTracker has a bird’s eye view; its unified security information and event management (SIEM) platform includes – behavior analytics, threat detection and response, honeynet deception, intrusion detection and vulnerability assessment – all of which are coupled with their SOC for a co-managed solution. Election threat.

Government

Government Digital transformation Mining Insurance

Stretching the boundaries through artificial intelligence: the European proposal for a dedicated regulation. The protection of personal data.

Privacy and Cybersecurity Law

SEPTEMBER 15, 2021

The compliance verification immediately brings to mind the impact assessment pursuant to Article 35 of the GDPR. Artificial intelligence not only crosses over into data protection law, but also extends to other areas of law, such as intellectual property, competition, consumer protection, and insurance, to name but a few.

Artificial Intelligence

Artificial Intelligence Personal data GDPR Compliance

2018 Global Data Regulations & Compliance Heat Up – Are you Ready?

Thales Cloud Protection & Licensing

MARCH 6, 2018

Using encryption solutions like the solutions Thales provides, companies can encrypt their data, rendering the data unintelligible in the event of a breach. This is the case with GDPR Article 34. In the United States alone, companies across different industries have been following regulations to comply with privacy laws.

Compliance

Compliance GDPR Encryption Data Privacy

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

The purpose of this article is to remove the fear and intimidation of domestic and global data protection laws and show how these laws and requirements are consistent with the existing objectives of your records retention schedule and information governance policy. 13.709, Article 19 (Brazil, August 14). 2016/679, Art. 2 DLA Piper.

Personal data

Personal data GDPR Privacy Records Management

UK FCA Consults on Changes to Strong Consumer Authentication, Dedicated Interfaces, and Guidance on Payment Services

Data Matters

FEBRUARY 25, 2021

The FCA has provided new guidance for PIs and EMIs using the “insurance or comparable guarantee” method of safeguarding. This includes a requirement that the insurance policy or comparable guarantee must pay out for the full amount of any claim regardless of how the relevant insolvency event occurs (including if the firm is at fault).

Authentication

Authentication Paper Risk Insurance

Institutional Investor’s Introduction to Blockchain and Digital Asset Investing

Data Matters

NOVEMBER 2, 2021

Article I: Digital Asset Overview and Methods to Gain Exposure to Digital Assets . This article aims to serve as an introductory guide to digital asset investing for institutional investors by describing at a high level the available service offerings and potential avenues for investment managers to gain exposure to the digital assets space.

Blockchain

Blockchain Marketing Access Risk

EUROPE: Latest WP29 Guidelines on Data Breach Notifications and Profiling

DLA Piper Privacy Matters

OCTOBER 20, 2017

On 18 October 2017, WP29 published proposed Guidelines on two key aspects of the GDPR – namely: Personal Data Breach Notification (Articles 33/34); and. Profiling and Automated Decision Making (Article 22). Solely automated decisions which produce a significant effect on data subjects (Article 22).

Data breaches

Data breaches Personal data Encryption GDPR

Written IT Security Policies: Why You Need Them & How to Create Them

eSecurity Planet

MARCH 18, 2022

In this article, we’ll briefly touch on what policies are; tips for writing them; and the advantages policies provide for compliance, transitions, and IT team liability. Still, an approved IT policy provides some insurance against the IT team becoming the scapegoat. There is, however, a next step: Documenting policies. Start Writing.

IT

IT Compliance Security Access

UAE: Federal level data protection law enacted

DLA Piper Privacy Matters

DECEMBER 3, 2021

This article examines some of its key features. This gives businesses approximately 10 months from the date of this article in which to arrange their compliance. Data controllers must notify the regulator and data subjects in the event of a data breach “which would prejudice the privacy, confidentiality and security of his/her Data”.

Personal data

Personal data Data breaches GDPR Compliance

In Today’s Privacy Environment, That’s the Way the (Website) Cookie Crumbles: Data Privacy Trends

eDiscovery Daily

FEBRUARY 11, 2019

The companies audited were from industries ranging from online retail to sports to banking & insurance to media, even automotive & electronics and home and residential. As the article notes, it may be that none of the websites integrated a cookie-blocking function prior to ‘consent events’ being logged.

Privacy

Privacy Data Privacy GDPR Compliance

UK: The rise of privacy group action risk

DLA Piper Privacy Matters

DECEMBER 7, 2017

Article 82 of the GDPR provides a legislative basis for the right to compensation for both “material” and “non-material” damage caused by infringement of the GDPR. ”, discussed further below. Various Claimants v Wm Morrisons Supermarket PLC [2017] 3113.

Risk

Risk Privacy GDPR Data breaches

UK: Liability Limits for GDPR in commercial contracts – the law and recent trends

DLA Piper Privacy Matters

FEBRUARY 7, 2019

Looking at each in turn: Under GDPR, a series of obligations are automatically placed on the Controller, including the general principles relating to processing (such as to do so lawfully, fairly and in a transparent manner) under Article 5 and the conditions for obtaining consent under Article 7.

GDPR

GDPR Risk Data breaches Personal data

CCPA In-Depth Series: Draft Attorney General Regulations on Verification, Children’s Privacy and Non-Discrimination

Data Matters

OCTOBER 24, 2019

Verification of Requests (Article 4). Special Rules Regarding Minors (Article 5). Non-discrimination (Article 6). In the unlikely event regulations are able to be filed by February 29th, they will be effective on April 1st. Today we look at verification, children’s privacy and the non-discrimination provisions.

Privacy

Privacy Sales Authentication Passwords

7 Essential DevSecOps Best Practices Every Development Team Should Implement

ForAllSecure

MAY 19, 2023

Monitoring security involves tracking an application's performance, behavior, and security events to detect and respond to any security incidents. For example, the Health Insurance Portability and Accountability Act (HIPAA) sets standards for how healthcare data should be accessed and stored.

Compliance

Compliance Libraries Risk Security

FRANCE: THE CNIL PUBLISHES ITS DATA PRIVACY IMPACT ASSESSMENT (DPIA) GUIDELINES AND A LIST OF PROCESSING OPERATIONS SUBJECT TO A DPIA

DLA Piper Privacy Matters

NOVEMBER 19, 2018

the processing is listed in the CNIL’s list of categories of processing operations for which no DPIA is required in accordance with Article 35 (5) of the GDPR and after the opinion of the European Data Protection Board (the EDPB) has been received (in that respect, such list has not been established by the CNIL yet.

Data Privacy

Data Privacy IT GDPR Privacy

Sorting Through the Whirlwind of News on the Proposed Equifax Settlement and Capital One Breach

ARMA International

AUGUST 2, 2019

In the time this article was being written, the FTC updated its site to explain that the high interest in the alternative payment would lead to consumers getting less than the $125. The details of the event are evolving, but Capital One issued a statement of its understanding so far. View the PDF version of this article.

Cloud

Cloud Data breaches Encryption Access

Saudi Arabia’s New Data Protection Law – What you need to know

DLA Piper Privacy Matters

OCTOBER 7, 2021

In this article our dedicated data protection team takes a look at the major features of this new law. Please contact the authors if you would like to discuss any aspect of this article. Key issues The PDPL was published in the Saudi Arabian Official Gazette on 24 September 2021. Credit data access.

Personal data

Personal data Compliance Computer and Electronics IoT

eDiscovery and the GDPR: Ready or Not, Here it Comes: eDiscovery Best Practices

eDiscovery Daily

DECEMBER 3, 2017

And Article 8 of the ECHR provides a right to respect for one’s “private and family life, his home and his correspondence,” subject to certain restrictions. The European Court of Human Rights has given this article a very broad interpretation in its jurisprudence. Discuss steps to take to insure compliance with the GDPR.

GDPR

GDPR IT Personal data Privacy

CyberheistNews Vol 13 #17 [Head Start] Effective Methods How To Teach Social Engineering to an AI

KnowBe4

APRIL 25, 2023

They planned a party, coordinated the event, and attended the party within the sim. This article prompted me to buy the new black XL T-shirt you see in the blog. link] [Head Scratcher] More Companies With Cyber Insurance Are Hit by Ransomware Than Those Without? A summary of it can be found on the Cornell University website.

Insurance

Insurance Security awareness Phishing Ransomware

Preparing for Ransomware: Are Backups Enough?

eSecurity Planet

SEPTEMBER 10, 2021

Though this article looks at the shortcomings of relying on backups, the truth remains that backups are one of the best defensive solutions against ransomware if done right. In the event of a ransomware attack, an organization could lose access to part or all of its network data and systems, blocking further work.

Ransomware

Ransomware Encryption Cybersecurity Access

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Notice

Data Matters

OCTOBER 22, 2019

In the unlikely event regulations are able to be filed by February 29th, they will be effective on April 1st. Today we look at consumer notice. Require businesses that provide financial incentives for different types of products or services based on the value of consumers information (e.g.,

Privacy

Privacy Sales Paper Compliance

Getting ready for artificial general intelligence with examples

IBM Big Data Hub

APRIL 18, 2024

Image (55%): Gen AI can simulate how a product might look in a customer’s home or reconstruct an accident scene to assess insurance claims and liability. It analyzes historical data and news articles, confirming a possible market correction. Audio (56%) : Gen AI call centers with realistic audio assist customers and employees.

Artificial Intelligence

Artificial Intelligence Marketing e-Delivery Manufacturing

CyberheistNews Vol 13 #07 [Scam of the Week] The Turkey-Syria Earthquake

KnowBe4

FEBRUARY 14, 2023

For KnowBe4 customers, we have a few templates with this topic in the Current Events. Based on alerts generated by your existing security stack products , SecurityCoach analyzes and identifies detected threat events to send your users a contextual, real-time SecurityTip at the moment risky behavior occurs. businesses.

Phishing

Phishing Security awareness Compliance Risk

FRANCE: CNIL adopts new single authorization on fraud prevention systems

DLA Piper Privacy Matters

SEPTEMBER 29, 2017

The AU-054 covers entities from the banking or financial sector which are under the control of the French Autorité de Contrôle Prudentiel et de Résolution in accordance with Article L.511-20-III 511-20-III of the French Code Monétaire et Financier and related regulations. Parent companies of financing companies.

Personal data

Personal data Financial Services Risk Insurance

Have board directors any liability for a cyberattack against their company?

Security Affairs

NOVEMBER 14, 2022

This article aims to provide recommendations to directors of listed and unlisted companies on actions to take in advance, during, and after a cyberattack. they rely on an incident response plan that has not been tested and, therefore, may not properly function in the event of an attack. there could be reputational damage.

Insurance

Insurance Risk Ransomware Encryption

What IG Professionals Should Know About the Internet of Bodies

ARMA International

FEBRUARY 21, 2020

There are serious questions of whether tech companies can effectively protect data, the users, and IoB “nodes” from malicious hacking, and whether insurance companies should be able to increase premiums or even deny health coverage based on information generated by IoB data. View the PDF version of this article. Spring 2018.

Computer and Electronics

Computer and Electronics Privacy Artificial Intelligence IoT

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

ARMA International

SEPTEMBER 27, 2021

The previous article –Part 2 of this 3-part series – discussed DT by imagining how the “art of the possible” can help define the end state of the DT journey. Latson 2014) Unfortunately, the events unfolded almost exactly like the scenario in Situation Number 21. Introduction. However, imagination is not enough to realize the end state.

Digital transformation

Digital transformation Risk IT Computer and Electronics

US: Surviving the service provider data breach

DLA Piper Privacy Matters

JULY 30, 2019

Catalog all legal obligations and potential liabilities under statute, regulation, contract and common law in the event of a cyber incident involving legally protected information held or accessible by service providers. Proof of adequate cyber insurance coverage.

Data breaches

Data breaches Cybersecurity Financial Services Risk

Cyber-insurance – 72 hours for the insured party to file a criminal complaint: GDPR’s false friend

CJEU Rules on Processing of Sensitive Data and Compensation Under the GDPR

Webinars

Trending Sources

Cybersecurity Insurance

Webinars

Hunton Privacy and Insurance Leaders Address Prevention and Insurability of Cyber Attacks

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

What Is Integrated Risk Management? Definition & Implementation

Exploring Cyber Insurance: What Companies Need to Know Now

Insurers’ digital focus is looking through the wrong ‘lens’

Increased Focus on Cyber Insurance Post-Target Breach

Anti-Ransomware Company Exagrid Pays $2.6 Million Ransom

Highlights from Capture Conference 2022

How to Manage Your Cyber Risks

GUEST ESSAY: A guide to implementing best security practices — before the inevitable breach

On Cyber Warranties

2022 Retrospective

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

MY TAKE: Poorly protected local government networks cast shadow on midterm elections

Stretching the boundaries through artificial intelligence: the European proposal for a dedicated regulation. The protection of personal data.

2018 Global Data Regulations & Compliance Heat Up – Are you Ready?

The Impact of Data Protection Laws on Your Records Retention Schedule

UK FCA Consults on Changes to Strong Consumer Authentication, Dedicated Interfaces, and Guidance on Payment Services

Institutional Investor’s Introduction to Blockchain and Digital Asset Investing

EUROPE: Latest WP29 Guidelines on Data Breach Notifications and Profiling

Written IT Security Policies: Why You Need Them & How to Create Them

UAE: Federal level data protection law enacted

In Today’s Privacy Environment, That’s the Way the (Website) Cookie Crumbles: Data Privacy Trends

UK: The rise of privacy group action risk

UK: Liability Limits for GDPR in commercial contracts – the law and recent trends

CCPA In-Depth Series: Draft Attorney General Regulations on Verification, Children’s Privacy and Non-Discrimination

7 Essential DevSecOps Best Practices Every Development Team Should Implement

FRANCE: THE CNIL PUBLISHES ITS DATA PRIVACY IMPACT ASSESSMENT (DPIA) GUIDELINES AND A LIST OF PROCESSING OPERATIONS SUBJECT TO A DPIA

Sorting Through the Whirlwind of News on the Proposed Equifax Settlement and Capital One Breach

Saudi Arabia’s New Data Protection Law – What you need to know

eDiscovery and the GDPR: Ready or Not, Here it Comes: eDiscovery Best Practices

CyberheistNews Vol 13 #17 [Head Start] Effective Methods How To Teach Social Engineering to an AI

Preparing for Ransomware: Are Backups Enough?

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Notice

Getting ready for artificial general intelligence with examples

CyberheistNews Vol 13 #07 [Scam of the Week] The Turkey-Syria Earthquake

FRANCE: CNIL adopts new single authorization on fraud prevention systems

Have board directors any liability for a cyberattack against their company?

What IG Professionals Should Know About the Internet of Bodies

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

US: Surviving the service provider data breach

Stay Connected