Data Matters

SEPTEMBER 7, 2022

The National Association of Insurance Commissioners (NAIC) held its Summer 2022 National Meeting (Summer Meeting) August 9–13, 2022. This post summarizes the highlights from this meeting in addition to interim meetings held in lieu of taking place during the Summer Meeting. 26R — Bonds (SSAP No.

Insurance 78

Insurance Paper Privacy Risk 78

Krebs on Security

JUNE 15, 2023

The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances. Barracuda was alerted to the exploitation of a zero-day in its products in mid-May, and two days later the company pushed a security update to address the flaw in all affected devices.

Risk 221

Risk Ransomware Cybersecurity Access 221

Hunton Privacy

JUNE 13, 2023

On June 6, 2023, the Federal Deposit Insurance Corporation (“FDIC”), the Board of Governors of the Federal Reserve System (“FRB”) and the Office of the Comptroller of the Currency (“OCC”) issued their final Interagency Guidance on Third-Party Relationships (“Guidance”).

Risk 64

Risk Insurance Compliance Information Security 64

ForAllSecure

MAY 19, 2023

As software development teams move towards a DevOps culture, security is becoming an increasingly important aspect of the development process. DevSecOps is a practice that integrates security into the DevOps workflow. According to GitLab’s 2022 Global DevSecOps Survey , there isn’t enough clarity around who owns security.

Compliance 52

Compliance Libraries Risk Security 52

KnowBe4

FEBRUARY 14, 2023

CyberheistNews Vol 13 #07 | February 14th, 2023 [Scam of the Week] The Turkey-Syria Earthquake Just when you think they cannot sink any lower, criminal internet scum is now exploiting the recent earthquake in Turkey and Syria. I talk often about the back-and-forth that exists between cybercriminal groups and security vendors.

Phishing 83

Phishing Security awareness Compliance Risk 83

KnowBe4

JUNE 20, 2023

CyberheistNews Vol 13 #25 | June 20th, 2023 [Fingerprints All Over] Stolen Credentials Are the No. As an example, in Basic Web Application Attacks, the use of stolen credentials was involved in 86% of attacks. A specific example of their actions involved using a fake job offer to trick a startup into losing over $600 million.

Data breaches 75

Data breaches Phishing Security awareness Ransomware 75

KnowBe4

MAY 31, 2023

CyberheistNews Vol 13 #22 | May 31st, 2023 [Eye on Fraud] A Closer Look at the Massive 72% Spike in Financial Phishing Attacks With attackers knowing financial fraud-based phishing attacks are best suited for the one industry where the money is, this massive spike in attacks should both surprise you and not surprise you at all.

Phishing 78

Phishing File names Security awareness Risk 78