Cybersecurity, Exercises and Insurance - Information Management Today

Cybersecurity Rules for Insurance Companies to Take Effect in South Carolina

Hunton Privacy

JANUARY 2, 2019

New cybersecurity rules for insurance companies licensed in South Carolina are set to take effect in part on January 1, 2019. The new law is the first in the United States to be enacted based on the data security model law drafted by the National Association of Insurance Commissioners.

Insurance

Insurance Cybersecurity Data breaches Encryption

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

Like an incident response plan, MFA has become a critical element of cybersecurity programs. Create, Maintain, and Exercise a Cyber Incident Response, Resilience, and Continuity of Operations Plan. An incident response and continuity of operations plan are increasingly common features in a credible cybersecurity program.

Cybersecurity

Cybersecurity Financial Services Authentication Government

Don’t Wanna Pay Ransom Gangs? Test Your Backups.

Krebs on Security

JULY 19, 2021

Experts say the biggest reason ransomware targets and/or their insurance providers still pay when they already have reliable backups is that nobody at the victim organization bothered to test in advance how long this data restoration process might take. That’s why tabletop exercises are incredibly important.

Ransomware

Ransomware Encryption Insurance Cybersecurity

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan.

Insurance

Insurance Cybersecurity Data breaches Financial Services

NSL Podcast Series: Part 3 Betting on a Breach – How to Prepare for the Inevitable

Hunton Privacy

FEBRUARY 25, 2020

In the final part of our Never Stop Learning podcast series, Lisa Sotto , partner and chair of Hunton Andrews Kurth’s Privacy and Cybersecurity practice, and Eric Friedberg, Co-President of Stroz Friedberg, LLC, and Aon’s Cyber Solutions Group, discuss practical solutions in preparing for a cyber incident. Listen to Part 3 of the podcast.

Insurance

Insurance Data breaches Cybersecurity Privacy

(Discussion Recap) A Perfect Storm? Panel Discussion on Handling a Cybersecurity Incident

HL Chronicle of Data Protection

MARCH 16, 2020

On Tuesday, 3 March 2020, we welcomed our financial services clients in London to a lively panel event, which covered the multitude of issues which arise in a cybersecurity incident. The incident response plan should be tested in tabletop exercises involving the individuals and teams who would be involved in a real-world incident.

Cybersecurity

Cybersecurity Financial Services Risk Insurance

More Than 90% of IT Decision Makers Struggle to Evaluate Security Products

eSecurity Planet

OCTOBER 18, 2022

The vast majority of cybersecurity decision makers – 91 percent, in fact – find it difficult to select security products due to unclear marketing, according to the results of a survey of 800 cybersecurity and IT decision makers released today by email security company Egress. Defense-in-depth or Vendor Sprawl?

IT

IT Security Cybersecurity Marketing

Telehealth Hazard? HHS Loosens HIPAA Standards for Telemedicine

Adam Levin

MARCH 18, 2020

While the transition to remote appointments may help flatten the curve of Covid-19 cases and provide much-needed relief to medical professionals, it does create a new set of cybersecurity concerns, especially regarding compliance with the Health Insurance Portability and Accountability Act (HIPAA ).

Communications

Communications Insurance Compliance Cybersecurity

Utah Becomes Fourth U.S. State to Enact Consumer Privacy Law

Hunton Privacy

MARCH 24, 2022

Similar to the CPA and VCDPA, the UCPA contains exemptions for covered entities, business associates and protected health information subject to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), and financial institutions or personal data subject to the Gramm-Leach-Bliley Act (“GLB”). In line with existing U.S.

Privacy

Privacy Personal data Sales B2B

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

Data Matters

FEBRUARY 6, 2019

The stolen information allegedly included names and identifying information, hashed passwords, security questions and answers, family information, Social Security numbers, lab results, health insurance information, doctor’s names, and medical conditions, among other things. million individuals from the Company’s systems.

Data breaches

Data breaches Computer and Electronics Security Insurance

How to Develop an Incident Response Plan

eSecurity Planet

DECEMBER 9, 2021

For cybersecurity personnel, our scope of responsibility may be limited to cyberattacks on IT systems, such as ransomware attacks, phishing attacks, and DDoS attacks. Be in-line with insurance policies. Be in-line with insurance policies. Let’s start by defining the scope. What is an incident, what is a response? Test your plan.

Insurance

Insurance Ransomware Data breaches Cloud

Cybersecurity: Managing Risks With Third Party Companies

Cyber Info Veritas

JULY 19, 2018

This is according to a recent survey conducted by Soha Systems, and according to one of the speeches delivered by the Superintendent of the New York State Department of Financial Services, Mr. Benjamin Lawsky, “ A company’s cybersecurity is only as strong as the cybersecurity of its third-party vendors ”.

Risk

Risk Cybersecurity Compliance Data breaches

Regulatory Update: NAIC Fall 2018 National Meeting

Data Matters

DECEMBER 11, 2018

The National Association of Insurance Commissioners (NAIC) held its Fall 2018 National Meeting (Fall Meeting) in San Francisco, California, from November 15 to 18, 2018. NAIC Continues its Evaluation of Insurers’ Use of Big Data. systemic risk of insurers with other parts of the financial system, notably the banking.

Insurance

Insurance Paper Risk Big data

FBI: Millions in Losses resulted from attacks against Healthcare payment processors

Security Affairs

SEPTEMBER 15, 2022

Advise all employees to exercise caution while revealing sensitive information such as login credentials through phone or web communications. Update or draft an incident response plan, in accordance with Health Insurance Portability and Accountability Act (HIPAA) privacy and security rules. Pierluigi Paganini.

Passwords

Passwords Phishing Authentication Communications

2018 Global Data Regulations & Compliance Heat Up – Are you Ready?

Thales Cloud Protection & Licensing

MARCH 6, 2018

At the state level, New York’s Cybersecurity Regulation came into effect on February 15, which requires that financial institutions report on their activity and take specific steps to protect the privacy of their customer data. And this isn’t just happening in New York.

Compliance

Compliance GDPR Encryption Data Privacy

EUROPE: New privacy rules for connected vehicles in Europe?

DLA Piper Privacy Matters

MAY 5, 2020

This would cause the risk that there are insufficient functionalities or options offered to exercise the control necessary for affected individuals to avail themselves of their data protection and privacy rights. Personal data may be processed for a wide variety of purposes such as driver safety, insurance and efficient transportation.

Privacy

Privacy Personal data GDPR Insurance

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

This page will enable consumers to exercise the right to opt-out of the sale of their personal information. Businesses will be prohibited from discriminating against any consumer for exercising their rights under the new law. Data Segregation And Cybersecurity Are Key. Anti-Discrimination Provisions.

Privacy

Privacy Sales Compliance Cybersecurity

News Alert: Guardz uncovers new macOS malware – Hidden Virtual Network Computing (hVNC)

The Last Watchdog

AUGUST 1, 2023

1, 2023 – Guardz , the cybersecurity company securing and insuring SMEs, today disclosed the existence of a Hidden Virtual Network Computing (hVNC) malware targeting macOS devices. SMEs, who once considered macOS as the safer option, should exercise caution and prepare themselves for the impacts of this changing threat landscape.

Insurance

Insurance Cybersecurity Risk Education

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

This page will enable consumers to exercise the right to opt-out of the sale of their personal information. Businesses will be prohibited from discriminating against any consumer for exercising their rights under the new law. Data Segregation And Cybersecurity Are Key. Anti-Discrimination Provisions.

Privacy

Privacy Sales Education Compliance

CyberheistNews Vol 13 #17 [Head Start] Effective Methods How To Teach Social Engineering to an AI

KnowBe4

APRIL 25, 2023

link] [Head Scratcher] More Companies With Cyber Insurance Are Hit by Ransomware Than Those Without? In an interesting twist, new data hints that organizations with cyber insurance may be relying on it too much, instead of shoring up security to ensure attacks never succeed. Date/Time: Wednesday, May 3, @ 2:00 PM (ET) Save My Spot!

Insurance

Insurance Security awareness Phishing Ransomware

ICYMI – Late December in privacy and cybersecurity

Data Protection Report

JANUARY 30, 2023

the country in which Processing occurs e. the identity of Affiliates, Processors, or Third-Parties Personal Data is shared with f. methods by which Consumers can exercise their Data Rights request; or g. Processing purposes.

Privacy

Privacy Cybersecurity Personal data Insurance

Nevada, New York and other states follow California’s CCPA

Data Protection Report

JUNE 6, 2019

Exempts from deletion personal information needed to complete insurance transactions. 5/29 – referred to Senate Committee on Judiciary and Senate committee on Insurance. Redefines “personal information” to exclude information from government records. 5/22 – referred to Senate Committee on Judiciary. Our other CCPA articles.

Sales

Sales Privacy Insurance Manufacturing

US: In Washington State’s landmark facial recognition law, public sector practices come under scrutiny and regulation

DLA Piper Privacy Matters

APRIL 23, 2020

These are defined as “decisions that result in the provision or denial of financial and lending services, housing, insurance, education enrollment, criminal justice, employment opportunities, health care services, or access to basic necessities such as food and water, or that impact civil rights of individuals.”

Privacy

Privacy Government Insurance IT

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

These data subject rights are not new as similar rights were already in place before the GDPR in Europe (and most frequently exercised in the UK), but for organizations that are based outside the EU, this procedure may have been put in place for the first time and never put to test before. Will GDPR become a global standard?

GDPR

GDPR Personal data Compliance Data breaches

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Disaster recovery : Implements redundancy and data backups to improve resilience from inevitable device failures, cybersecurity attacks, or natural disasters. Cybersecurity training : Educates employees regarding basic best practices to recognize attacks, avoid scams, and protect against breaches or data loss.

Security

Security Cloud Cybersecurity Risk

303% ROI: The Total Economic Impact™ of IBM Security Randori

IBM Big Data Hub

JULY 10, 2023

The interviewed security leaders shared that by deploying the Randori platform, their organizations were able to detect shadow IT assets, rapidly respond to vulnerabilities like Log4j and redirect time previously spent triaging exposures to more proactive security exercises.

Security

Security Insurance Risk IT

The Week in Cyber Security and Data Privacy: 29 January – 4 February 2024

IT Governance

FEBRUARY 6, 2024

Enforcement Uber fined €10 million for GDPR breaches The Dutch data protection authority, Autoriteit Persoonsgegevens, has fined Uber €10 million for failing to be transparent about its data retention practices and making it difficult for drivers to exercise their data privacy rights.

Data Privacy

Data Privacy Privacy Insurance Security

CyberheistNews Vol 13 #15 [The New Face of Fraud] FTC Sheds Light on AI-Enhanced Family Emergency Scams

KnowBe4

APRIL 11, 2023

This puts the onus on cybersecurity solutions and the users themselves, as the only additional means to keep the org secure. We see phishing and ransomware as our most significant cybersecurity threats, and your platform goes further than a box-ticking exercise to satisfy our Board. Chief Information Officer "Hi Stu!

Passwords

Passwords Phishing Ransomware Security awareness

The Orion blockchain database: Empowering multi-party data governance

IBM Big Data Hub

AUGUST 7, 2023

Furthermore, Orion can be used for maintaining the authenticity and integrity of evidence collected through insurance claims processes. Its broad key-level read/write access control and multi-signature capabilities allow organizations to exercise fine-grained control over data governance and ensure trust in multi-party interactions.

Blockchain

Blockchain Government Authentication Manufacturing

The Road to Zero Trust

Thales Cloud Protection & Licensing

APRIL 21, 2021

Remote work is a good thing for the future of business and the way that we work, but it requires meticulous management of access to organizational resources in order to control the cybersecurity risk that comes along with it. In theory, "trusting nothing and verifying everything" should provide a simple solution for cybersecurity.

Risk

Risk Cloud Digital transformation Encryption

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

Withdrawal from the EU means that we stand to lose the institutional platform from which we have exercised that influence. It would no doubt be totally unfair to suggest any smoke-and-mirrors exercise to confuse the fact of the centrality of EU law now and in the future. It seems odd to have more clarity post Brexit than pre-Brexit.

GDPR

GDPR Personal data Government IT

Mic Drop: California AG releases long-awaited CCPA Rulemaking

Data Protection Report

OCTOBER 11, 2019

As long as individuals who have exercised a right under the CCPA are not treated differently, offering discounts to consumers who sign up for their mailing lists is not discriminatory. The rules are not final.

Sales

Sales Retail Privacy Access

The Hacker Mind Podcast: Tales From A Ransomware Negotiator

ForAllSecure

MAY 30, 2023

VAMOSI: Does Mark typically work with insurance? LANCE : we work closely with insurance. A lot of people with administrative backgrounds, from network administrators to you know IT resources that had been made the transition into more of a cybersecurity focus. By no means. Does that mean that there was no ransomware occurring?

Ransomware

Ransomware Encryption Authentication Communications

Ransomware Is the No. 1 Cyber Threat This Year. Here’s What You Can Do

Adam Levin

MARCH 2, 2020

Cybersecurity experts are aligned on this point: Ransomware is a serious issue. Part of this can be blamed on the lack of cybersecurity skills available in the workforce. The types of threats are ever changing, adding to the challenge cybersecurity professionals face. We can’t hide from the threat.

Ransomware

Ransomware Encryption Insurance Cybersecurity

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

Data Matters

MARCH 4, 2021

These are (i) government entities; (ii) entities subject to the Gramm-Leach-Bliley Act; (iii) entities subject to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and Health Information Technology for Economic and Clinical Health Act; (iv) nonprofits; and (v) institutions of higher education. Controllers must.

Personal data

Personal data GDPR Sales Privacy

A new era for customer data – could security be ‘the new green’ for businesses?

Thales Cloud Protection & Licensing

OCTOBER 10, 2018

Think TV licenses and car insurance, for example. Cybersecurity and personal data security has now become so important it’s gone from something consumers simply know about, to something consumers actually care about. However, the narrative is set to change. A personal interest.

GDPR

GDPR Security Marketing Data breaches

Cybersecurity Rules for Insurance Companies to Take Effect in South Carolina

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Webinars

Trending Sources

Don’t Wanna Pay Ransom Gangs? Test Your Backups.

Webinars

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

NSL Podcast Series: Part 3 Betting on a Breach – How to Prepare for the Inevitable

(Discussion Recap) A Perfect Storm? Panel Discussion on Handling a Cybersecurity Incident

More Than 90% of IT Decision Makers Struggle to Evaluate Security Products

Telehealth Hazard? HHS Loosens HIPAA Standards for Telemedicine

Utah Becomes Fourth U.S. State to Enact Consumer Privacy Law

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

How to Develop an Incident Response Plan

Cybersecurity: Managing Risks With Third Party Companies

Regulatory Update: NAIC Fall 2018 National Meeting

FBI: Millions in Losses resulted from attacks against Healthcare payment processors

2018 Global Data Regulations & Compliance Heat Up – Are you Ready?

EUROPE: New privacy rules for connected vehicles in Europe?

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

News Alert: Guardz uncovers new macOS malware – Hidden Virtual Network Computing (hVNC)

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

CyberheistNews Vol 13 #17 [Head Start] Effective Methods How To Teach Social Engineering to an AI

ICYMI – Late December in privacy and cybersecurity

Nevada, New York and other states follow California’s CCPA

US: In Washington State’s landmark facial recognition law, public sector practices come under scrutiny and regulation

GDPR is upon us: are you ready for what comes next?

Network Security Architecture: Best Practices & Tools

303% ROI: The Total Economic Impact™ of IBM Security Randori

The Week in Cyber Security and Data Privacy: 29 January – 4 February 2024

CyberheistNews Vol 13 #15 [The New Face of Fraud] FTC Sheds Light on AI-Enhanced Family Emergency Scams

The Orion blockchain database: Empowering multi-party data governance

The Road to Zero Trust

The debate on the Data Protection Bill in the House of Lords

Mic Drop: California AG releases long-awaited CCPA Rulemaking

The Hacker Mind Podcast: Tales From A Ransomware Negotiator

Ransomware Is the No. 1 Cyber Threat This Year. Here’s What You Can Do

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

A new era for customer data – could security be ‘the new green’ for businesses?

Stay Connected