Data Matters

JANUARY 14, 2019

On December 19, 2018, Ohio adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. The Act is designed to “establish standards for data security and for the investigation and notification to the Superintendent of Insurance of a cybersecurity event.”.

Insurance 68

Insurance Security Cybersecurity Data breaches 68

Data Matters

FEBRUARY 11, 2019

On December 28, 2018, Michigan adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law in the form of Michigan H.B. The Act defines licensees as persons authorized, registered, or licensed under Michigan insurance laws or required to be so. 6491 (Act). MCL § 500.550.

Insurance 68

Insurance Security Cybersecurity FOIA 68

Data Matters

FEBRUARY 10, 2021

2 announcing a Cyber Insurance Risk Framework (the Framework) that describes industry best practices for New York-regulated property/casualty insurers. According to NYDFS, the incorporation of these practices should be proportionate to each insurer’s size, resources, geographic distribution, and other factors. The Framework.

Insurance 79

Insurance Financial Services Cybersecurity Risk 79

Data Matters

JULY 30, 2018

In October 2017, the National Association of Insurance Commissioners (NAIC) adopted an Insurance Data Security Model Law. On May 3, 2018, South Carolina became the first state to enact this Model Law, in the form of the South Carolina Insurance Data Security Act (H.B.

Insurance 60

Insurance Security Cybersecurity Data breaches 60

IT Governance

DECEMBER 14, 2021

You’ll receive a pool of experts who can help address network infrastructure, information security, Cloud computing and anything else that’s relevant to your organisation. You’ll receive cyber insurance cover ?. Many cyber-security-as-a-service offerings include cyber insurance as part of the package.

Security 131

Security Insurance Data breaches Information Security 131

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

The Last Watchdog

MARCH 13, 2023

So how will this affect chief information security officers (CISOs) and security programs? Given the perennial skills and staffing shortage in security, it’s unlikely that CISOs will be asked to make deep budget or staffing cuts, yet they may not come out of this period unscathed.

Security 203

Security Insurance Cybersecurity Customer Experience 203

Hunton Privacy

SEPTEMBER 21, 2023

The publication offers general guidance on issues including what entities the specific laws and regulations cover, the measures covered entities can adopt to maintain the privacy and security of consumers’ health information, and the steps entities must take in the event of a data breach.

Privacy 74

Privacy Data Privacy Security Insurance 74

Hunton Privacy

JANUARY 26, 2018

On January 25, 2018, the Standardization Administration of China published the full text of the Information Security Technology – Personal Information Security Specification (the “Specification”). The Specification divides personal information into two categories: personal information and sensitive personal information.

Information Security 48

Information Security Security Privacy Personal data 48

Hunton Privacy

OCTOBER 14, 2014

The incident raises some issues for cyber insurance. That the incident occurred over several months suggests that trigger dates for cyber insurance be examined. Policies limiting their coverage to events occurring during the contractual period (or to a short prior period) can be unduly restrictive.

Insurance 40

Insurance Cybersecurity Manufacturing Information Security 40

The Last Watchdog

OCTOBER 29, 2018

The headlines immediately attempted to lay the blame, in large part, on the fact that Equifax’s chief information security officer was a music major and did not have a background in technology. Yet, there are quantifiable benefits for establishing a reasonable data privacy and security program. Insurability.

Security 164

Security Data Privacy Privacy Data breaches 164

IT Governance

OCTOBER 11, 2022

One of the most common mistakes that organisations make when addressing cyber security is that they consider it a one-off event. This process should be embedded within your overall cyber security measures in what experts refer to as cyber defence in depth. Why Cyber Insurance is Essential in 2022.

Risk 124

Risk GDPR Information Security Personal data 124

Security Affairs

JUNE 12, 2023

. “On February 2, 2023, ITx discovered that its secure file transfer protocol provider, Fortra, was subject to a data privacy event that potentially impacted ITx’s clients’ patient information (“Fortra Event”). ITx promptly launched an investigation to determine the nature and scope of the Fortra Event.

Data breaches 87

Data breaches Ransomware Insurance Data Privacy 87

Security Affairs

FEBRUARY 12, 2024

This includes substantial costs for insurers, reaching an estimated $542 million annually, to repair or replace stolen vehicles. We’re not aware of any events like this and frankly speaking not sure what was the reason for this discussion to begin with.” ” reads a message published by the company on X.

Sales 101

Sales Government Insurance IT 101

Data Protection Report

NOVEMBER 9, 2022

Defining Information Security Practices. As a first line of defence, the best way to mitigate against vendor breaches is to make sure the vendor is contractually required to maintain strong information security practices and policies that are in line with legal and industry-specific standards. Data breach notification.

Risk 117

Risk Cybersecurity Insurance Data breaches 117

Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. The regulation requires that a licensee report a cybersecurity event to NYDFS within 72 hours of its determination of the event. NYDFS Cybersecurity Regulation.

Cybersecurity 94

Cybersecurity Financial Services Phishing Compliance 94

Hunton Privacy

SEPTEMBER 11, 2014

Hunton & Williams Insurance Litigation & Counseling partner Lon Berk reports: An Israeli security firm recently uncovered a hacking operation that had been active for more than a decade. However, the policies also restrict coverage to events occurring on or after a “retroactive date.”

Insurance 40

Insurance Data breaches Cybersecurity Government 40

Security Affairs

JULY 5, 2021

million customers in Montgomery and Prince George’s counties and at no time was the quality or reliability of our drinking water in jeopardy,” WSSC Water Police and Homeland Security Director David McDonough said in a statement. The post US water company WSSC Water hit by a ransomware attack appeared first on Security Affairs.

Ransomware 119

Ransomware Insurance Encryption Access 119

eSecurity Planet

DECEMBER 9, 2021

An incident is an event that affects our scope of responsibility, and a response is how we deal with the incident. For IT managers, the scope might expand to encompass physical IT systems and events such as a flooded data center, a lost executive laptop, or squirrels chewing on network cables. Be in-line with insurance policies.

Insurance 125

Insurance Ransomware Data breaches Cloud 125

HL Chronicle of Data Protection

FEBRUARY 25, 2020

It applies to any “Covered Entity,” which is defined broadly to include “any Person operating under or required to operate under a license, registration, charter, certificate, permit, accreditation or similar authorization under the Banking Law, the Insurance Law or the Financial Services Law.”

Cybersecurity 104

Cybersecurity Financial Services Data breaches Insurance 104

IT Governance

SEPTEMBER 13, 2022

It’s the international standard for an ISMS (information security management system), which takes a risk-based approach to information security that encompasses people, processes and technology. That’s why organisations must adopt a layer of security that addresses what will happen in the event of a disruptive incident.

Risk 110

Risk Security Data breaches Phishing 110

Data Matters

FEBRUARY 6, 2019

The stolen information allegedly included names and identifying information, hashed passwords, security questions and answers, family information, Social Security numbers, lab results, health insurance information, doctor’s names, and medical conditions, among other things.

Data breaches 83

Data breaches Computer and Electronics Security Insurance 83

DLA Piper Privacy Matters

FEBRUARY 28, 2022

The following considerations should help to harden your organisation’s posture and reduce the impact of a cyber event: Review and share your Incident Response Plan, Crisis Management Plan and Business Continuity and DR plans with key team members and make sure they address all current threats. Check your cyber insurance policy.

Passwords 98

Passwords Phishing Risk Access 98

Data Matters

MARCH 12, 2019

The Safeguards Rule specifies that financial institutions subject to the FTC’s jurisdiction must develop, implement, and maintain a comprehensive information security program for handling customer data. Aligning the Safeguards Rule with State Regimes.

Privacy 68

Privacy IT Information Security Insurance 68

Security Affairs

NOVEMBER 30, 2020

“Sources said the county is in the process of paying the $500,000 ransom as it’s insured for such attacks.” We commenced an immediate investigation that included taking certain systems offline and working with computer forensic specialists to determine the nature and scope of the event.

Computer and Electronics 103

Computer and Electronics Ransomware Insurance Encryption 103

IT Governance

JUNE 15, 2022

Meanwhile, ISO 27001 is the international standard that describes best practices for information security management. It’s why organisations should regularly back up their sensitive information and store it on an external server. The service also comes with cyber insurance coverage of up to £500,000.

Risk 144

Risk Security Passwords Phishing 144

IT Governance

MAY 1, 2018

CIR management can help your organisation mitigate the risk of information security incidents and minimise losses. Incident response planning is mandated as part of all major cyber security regimes. What does cyber incident response (CIR) management do? Benefits of CIR management. Reducing incident impact and response times.

Risk 75

Risk Information Security IoT Insurance 75

Security Affairs

NOVEMBER 29, 2020

The Group’s insurance coverage for cyber risks totals €30 million.” The IT services provider said that sales activity for the fourth quarter should not be significantly affected by this event. ” the company added. Sopra Steria expects to see negative organic revenue growth of between 4.5%

Ransomware 98

Ransomware Insurance Sales Cybersecurity 98

Data Matters

DECEMBER 10, 2019

Regulators worldwide, including the Securities and Futures Commission of Hong Kong, have issued guidelines for reducing and mitigating hacking risks. Decisions must be made swiftly and effectively in the event of a system breach to optimize the prospect for recovery and to mitigate losses. Fund Managers Face Heightened Cyber Risks.

Data breaches 60

Data breaches Insurance Authentication Risk 60

Data Matters

DECEMBER 10, 2019

Regulators worldwide, including the Securities and Futures Commission of Hong Kong, have issued guidelines for reducing and mitigating hacking risks. Decisions must be made swiftly and effectively in the event of a system breach to optimize the prospect for recovery and to mitigate losses. Fund Managers Face Heightened Cyber Risks.

Data breaches 60

Data breaches Insurance Authentication Risk 60

IT Governance

JULY 11, 2019

You can avoid this by teaching staff about ransomware and establishing a line of communication in the event of security incidents. This might seem futile – the police will almost certainly be unable to recover your data, let alone catch the crooks – but evidence of the attack is necessary for filing a cyber insurance claim.

Ransomware 99

Ransomware Insurance Encryption Paper 99

Hunton Privacy

MAY 16, 2017

And in some cases, a business’ inability to maintain its day-to-day operations during a ransomware attack could deny people critical access to services like health care in the event of an emergency.” In the event that ransomware results in a breach of covered information, litigation is another potential risk. Litigation.

Ransomware 61

Ransomware Insurance Access Information Security 61

Data Matters

FEBRUARY 7, 2018

By August 28, 2017, Covered Entities were required to have a cybersecurity program in place, as well as a board (or senior officer) approved written cybersecurity policy and Chief Information Security Officer to help protect data and systems. They also became obligated to report cybersecurity events to the NYDFS. .

Compliance 60

Compliance Cybersecurity Information Security Privacy 60

IT Governance

MAY 3, 2019

There are two ways you can do this: by outsourcing the security efforts to another organisation or by purchasing cyber insurance to ensure you have the funds to respond appropriately in the event of a disaster. Organisation of information security : the assignment of responsibilities for specific tasks.

Risk 72

Risk Information Security Communications Insurance 72

Security Affairs

APRIL 8, 2021

While the source of the breach remains unclear, the exposed records show that two card shop users attempted to inject a malicious script searching for website vulnerabilities in the contact information field. It’s impossible to determine if the two events are connected to the breach. ever since.

Passwords 107

Passwords Insurance Personal data Sales 107

Hunton Privacy

MARCH 15, 2013

On March 5, 2013, the German Federal Ministry of the Interior published proposed amendments (in German) to the German Federal Office for Information Security Law.

Cybersecurity 40

Cybersecurity Information Security Insurance Privacy 40

Data Protection Report

OCTOBER 24, 2022

On October 18, 2022, the New York Department of Financial Services announced a settlement with EyeMed, a licensed life, accident, and health insurer, with respect to a security incident that occurred in 2020. Proper disposal processes minimize the amount of NPI accessible to an unauthorized third party during a Cyber Event.”

Cybersecurity 52

Cybersecurity Personal data Risk Financial Services 52