Meet Your New Cybersecurity Auditor: Your Insurer
Dark Reading
NOVEMBER 6, 2023
As cyber insurance gets more expensive and competitive, security decision-makers have actionable opportunities to strengthen their cyber defenses.
This site uses cookies to improve your experience. By viewing our content, you are accepting the use of cookies. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country we will assume you are from the United States. View our privacy policy and terms of use.
Dark Reading
NOVEMBER 6, 2023
As cyber insurance gets more expensive and competitive, security decision-makers have actionable opportunities to strengthen their cyber defenses.
Hunton Privacy
MAY 4, 2022
In April 2022, two states enacted insurance data security legislation based on the National Association of Insurance Commissioners (“NAIC”) Insurance Data Security Model Law (MDL-668).
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Hunton Privacy
JUNE 9, 2022
515 , making Vermont the twenty-first state to enact legislation based on the National Association of Insurance Commissioners Insurance Data Security Model Law (“MDL-668”). Information Security Program Requirements. Cybersecurity Event Investigation and Notification Requirements.
The Last Watchdog
JULY 27, 2023
New York, NY, July 27, 2023 – QBE North America today announced the launch of a cyber insurance program with new MGA, Converge, acting as program administrator. The program will be broken down into two separate distribution structures, each with a distinct revenue focus and cyber security data access formation.
Thales Cloud Protection & Licensing
JULY 4, 2022
How Cybersecurity Insurance Can Work To Help An Organization. In the last 20+ years, cybersecurity insurance has added risk transference to the available palette of palliative choices. I recently spoke with Neira Jones and Danna Bethlehem about how cybersecurity insurance can work to help an organization.
Data Breach Today
SEPTEMBER 18, 2023
Money Will Address Enhanced OT Security Rules From Regulators, Insurance Providers Dragos completed a Series D extension to help organizations address enhanced OT security requirements from regulators and cyber insurance providers.
Data Breach Today
MARCH 17, 2023
Also: Blackbaud Fined; DOJ Reproaches Federal Contractor for Lax Security In the latest weekly update, ISMG editors discuss how the Silicon Valley Bank crash will affect innovation in the cybersecurity space, why the SEC fined cloud provider Blackbaud $3 million for its "erroneous" breach details, and why the feds fined a web hosting firm in a kids' (..)
Schneier on Security
SEPTEMBER 10, 2019
Good paper on cybersecurity insurance: both the history and the promise for the future. From the conclusion: Policy makers have long held high hopes for cyber insurance as a tool for improving security. Cyber insurance appears to be a weak form of governance at present.
Data Matters
FEBRUARY 2, 2021
The National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law has been adopted in at least 11 states, with several others (including New York) having implemented either older or similar laws or administrative guidance. See State Legislative Brief, NAIC, June 2020.
eSecurity Planet
APRIL 22, 2022
That’s where cyber insurance may be able to help. If your company has not already experienced a significant cybersecurity event, it is probably only a matter of time before it does. But there’s a catch: Insurers are going to carefully assess your cybersecurity controls before writing any policy, and there are limits to coverage.
Data Protection Report
MARCH 21, 2023
The French Information and Digital Security Experts Club ( CESIN ) has estimated that 54% of French companies were subject to cyberattacks in 2021, [1] while France Assureurs has put cyberattack risks on top of all other risks for the sixth year in a row. [2] 12-10-1 into the French Insurance code. However, in the end, Article L.12-10-1
Data Matters
OCTOBER 20, 2022
Treasury Department is seeking public comment on the need and scope for a potential federal insurance response to catastrophic cyber incidents, akin to the one put in place for terrorism insurance after the attacks of September 11, 2001. The request, published by the Federal Insurance Office (FIO) in the U.S. Background.
Security Affairs
APRIL 23, 2023
Non-profit health insurer Point32Health suffered a ransomware attack and has taken systems offline in response to the incident. Non-profit health insurer Point32Health has taken systems offline in response to a ransomware attack that took place on April 17. ” reads the statement published by the insurer.
Schneier on Security
JULY 1, 2021
Here’s one more contribution to that issue: a research paper that the insurance industry is hurting more than it’s helping. Although it is a societal problem, cyber insurers have received considerable criticism for facilitating ransom payments to cybercriminals. Often, that’s paying the ransom. News article.
The Last Watchdog
JANUARY 20, 2020
To help mitigate the risk of financial losses, more companies are turning to cyber insurance. Related: Bots attack business logic Cyber insurance, like other forms of business insurance, is a way for companies to transfer some of numerous potential liability hits associated specifically with IT infrastructure and IT activities.
Thales Cloud Protection & Licensing
MAY 10, 2022
Checklist for Getting Cyber Insurance Coverage. The necessity for cyber-insurance coverage. And while organizations are taking steps to protect against cyber attacks, cybersecurity controls are not impenetrable. Cyber risk insurance covers the costs of recovering from a security breach, a virus, or a cyber-attack.
Security Affairs
APRIL 22, 2022
When security fails, cyber insurance can become crucial for ensuring continuity. Our reliance on digital technology and the inherited risk is a key driving factor for buying cyber risk insurance. If the technology were to become unavailable, the resulting business impact could be mitigated with cyber insurance.
eSecurity Planet
MAY 27, 2021
The explosion of ransomware and similar cyber incidents along with rising associated costs is convincing a growing number of insurance companies to raise the premiums on their cyber insurance policies or reduce coverage, moves that could further squeeze organizations under siege from hackers. Insurers Assessing Risks.
Daymark
AUGUST 15, 2023
A CISO Primer on Navigating Cyber Insurance After 10+ years of working with clients to negotiate and place cyber insurance, I’ve noticed that one of the most frequent challenges has always been getting the underwriters and my client’s information security stakeholder (like a CISO or CIO) to understand each other.
Dark Reading
SEPTEMBER 21, 2022
After one company suffered a breach that could have been headed off by the MFA it claimed to have, insurers are looking to confirm claimed cybersecurity measures.
Krebs on Security
JULY 21, 2023
But one aspect of that vaunted list that hasn’t shifted much since is that very few of these companies list any security professionals within their top executive ranks. But organizations that do not offer this coverage to their security leaders are unlikely to list those positions in their highest ranks, Schreider said.
Hunton Privacy
AUGUST 6, 2019
On August 2, 2019, New Hampshire Governor Chris Sununu signed into law SB 194 (the “Bill”), which requires insurers licensed in the state (“licensees”) to put in place data security programs and report cybersecurity events. Key provisions of the Bill include: Information Security Program. Incident Response Plan.
Data Matters
JANUARY 14, 2019
On December 19, 2018, Ohio adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. The Act is designed to “establish standards for data security and for the investigation and notification to the Superintendent of Insurance of a cybersecurity event.”.
Hunton Privacy
FEBRUARY 21, 2024
Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) and the National Institute of Standards and Technology (“NIST”) published a final version of Special Publication 800-66 Revision 2, “Implementing the Health Insurance Portability and Accountability Act (“HIPAA”) Security Rule: A Cybersecurity Resource Guide.”
Hunton Privacy
JULY 1, 2022
(“Carnival”), the world’s largest cruise-ship operator, for violations of the Cybersecurity Regulation (23 NYCRR Part 500) in connection with four cybersecurity events between 2019 and 2021, including two ransomware events. . NYDFS also found that Carnival had failed to implement basic protocols to prevent data breaches.
Data Matters
FEBRUARY 11, 2019
On December 28, 2018, Michigan adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law in the form of Michigan H.B. The Act defines licensees as persons authorized, registered, or licensed under Michigan insurance laws or required to be so. 6491 (Act). MCL § 500.550.
The Last Watchdog
MARCH 13, 2023
So how will this affect chief information security officers (CISOs) and security programs? Given the perennial skills and staffing shortage in security, it’s unlikely that CISOs will be asked to make deep budget or staffing cuts, yet they may not come out of this period unscathed. Demonstrate secure practices to customers.
Schneier on Security
FEBRUARY 28, 2022
Tarah Wheeler and Josephine Wolff analyze a recent court decision that the NotPetya attacks are not considered an act of war under the wording of Merck’s insurance policy, and that the insurers must pay the $1B+ claim. Wheeler and Wolff argue that the judge “did the right thing for the wrong reasons.”
Hunton Privacy
JANUARY 2, 2019
New cybersecurity rules for insurance companies licensed in South Carolina are set to take effect in part on January 1, 2019. The new law is the first in the United States to be enacted based on the data security model law drafted by the National Association of Insurance Commissioners.
IBM Big Data Hub
DECEMBER 4, 2023
IBM can help insurance companies insert generative AI into their business processes IBM is one of a few companies globally that can bring together the range of capabilities needed to completely transform the way insurance is marketed, sold, underwritten, serviced and paid for.
The Last Watchdog
APRIL 30, 2019
If your company is participating in the global supply chain, either as a first-party purchaser of goods and services from other organizations, or as a third-party supplier, sooner or later you’ll encounter the NIST Cybersecurity Framework. That could be for insurance purposes. “As Wrenn said. “So
Data Matters
JUNE 23, 2022
Kentucky and Maryland recently continued the trend of state insurance departments adopting some version of the National Association of Insurance Commissioners’ (“NAIC”) Insurance Data Security Model Law. The post Kentucky and Maryland Recently Joined Other States in Adopting NAIC Model Data Security Law.
Security Affairs
JULY 9, 2021
Insurance giant CNA notifies customers of a data breach after the Phoenix CryptoLocker ransomware attack suffered in March. US insurance giant CNA is notifying customers of a data breach after the ransomware attack that it suffered in March. Bloomberg was informed about the payment by two people familiar with the attack.
Hunton Privacy
NOVEMBER 8, 2023
On November 1, 2023, New York Governor Hochul announced that the New York State Department of Financial Services (“NYDFS”) amended its Cybersecurity Regulation applicable to covered financial institutions. The amended Cybersecurity Regulation will take effect in phases.
Security Affairs
SEPTEMBER 29, 2020
Gallagher (AJG) insurance giant disclosed a ransomware attack, the security breach took place on Saturday. Gallagher (AJG) global insurance brokerage firm confirmed that it was his with a ransomware attack on Saturday, September 26. US-based Arthur J. US-based Arthur J. ” continues the form. Pierluigi Paganini.
Security Affairs
JANUARY 7, 2024
Every week the best security articles from Security Affairs are free for you in your email box. Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4 A new round of the weekly SecurityAffairs newsletter arrived!
Data Matters
FEBRUARY 10, 2021
2 announcing a Cyber Insurance Risk Framework (the Framework) that describes industry best practices for New York-regulated property/casualty insurers. According to NYDFS, the incorporation of these practices should be proportionate to each insurer’s size, resources, geographic distribution, and other factors. The Framework.
KnowBe4
MAY 15, 2023
A new report highlights the direct connection between how strong your organization’s security stance is and how easy it is to obtain cyber insurance.
DLA Piper Privacy Matters
MARCH 27, 2023
LOPMI introduces amendments to the insurability of losses and damages paid in response to cyber-attacks, including in relation to ransom payments – requiring that the payment of insurance compensation be conditional on the filing of a complaint, within a 72 hour time frame, to competent authorities.
Schneier on Security
MARCH 8, 2019
This will complicate things: To complicate matters, having cyber insurance might not cover everyone's losses. Zurich American Insurance Company refused to pay out a $100 million claim from Mondelez, saying that since the U.S.
eSecurity Planet
FEBRUARY 11, 2022
The simplest example may be insurance. Life, health, auto, and other insurance are all designed to help a person protect against losses. This article looks at cybersecurity risk management, how to establish a risk management system, and best practices for building resilience. What is Cybersecurity Risk Management?
Security Affairs
MARCH 17, 2024
Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.
Data Matters
JULY 30, 2018
In October 2017, the National Association of Insurance Commissioners (NAIC) adopted an Insurance Data Security Model Law. On May 3, 2018, South Carolina became the first state to enact this Model Law, in the form of the South Carolina Insurance Data Security Act (H.B.
Schneier on Security
JUNE 7, 2023
New paper: “ Lessons Lost: Incident Response in the Age of Cyber Insurance and Breach Attorneys “: Abstract: Incident Response (IR) allows victim firms to detect, contain, and recover from security incidents. It should also help the wider community avoid similar attacks in the future.
Expert insights. Personalized for you.
We have resent the email to
Are you sure you want to cancel your subscriptions?
Let's personalize your content