On Cybersecurity Insurance

Schneier on Security

Good paper on cybersecurity insurance: both the history and the promise for the future. From the conclusion: Policy makers have long held high hopes for cyber insurance as a tool for improving security. Cyber insurance appears to be a weak form of governance at present.

Cybersecurity Insurance Not Paying for NotPetya Losses

Schneier on Security

This will complicate things: To complicate matters, having cyber insurance might not cover everyone's losses. Zurich American Insurance Company refused to pay out a $100 million claim from Mondelez, saying that since the U.S.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Data Governance Tools: What Are They? Are They Optional?

erwin

Data governance tools used to occupy a niche in an organization’s tech stack, but those days are gone. The rise of data-driven business and the complexities that come with it ushered in a soft mandate for data governance and data governance tools. Data Governance 1.0

17 Cybersecurity Products the Cyber Insurance Industry Says Are Worthwhile via Claims Journal

IG Guru

Insurance broker Marsh has unveiled the inaugural class of cybersecurity products and services receiving a Cyber Catalyst designation that is part of an evaluation program its backers hope will bring greater clarity in the crowded cybersecurity marketplace.

How to make sure your cyber insurance policy pays out

IT Governance

Cyber insurance is big business these days. Find out how a ransomware victim used cyber insurance to guide its response effort >> A cyber insurance policy doesn’t necessarily guarantee that you will receive aid following a data breach.

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Data Matters

On December 19, 2018, Ohio adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. By doing so, Ohio joins South Carolina as the second state to have adopted the Model Law and the fourth state – along with Connecticut and New York – to have enacted cybersecurity regulations for insurance companies. This means all insurers, agencies, and brokers doing business in Ohio are covered.

Using Information Governance to Manage the Commingling of Minors’ Claim Files

InfoGoTo

As these and other statutes evolve and legal holds are lifted, insurers need to be prepared to address their legacy records. For P&C insurers, the handling of retention and disposition of minor claims files have historically been challenging due to poor information governance (IG) practices. Insurers’ real-world experiences. One insurer stated that, “digital files and paper files are indexed the same. What insurance companies can do.

Digital Preservation -- High Stakes for Finance and Insurance Companies

AIIM

In a recent AIIM survey, 85% of finance and insurance executives said that digital preservation was “important” or “very important” to their organizations – even higher than the 77% reported in other industries. Despite this declared importance – 62% say that “Archiving and long-term digital preservation is a key part of our enterprise information governance and management strategy” -- the reality in most financial organizations is very different.

Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats

The Security Ledger

In this episode of the podcast (#117), we go deep on one of the hottest sectors around: cyber insurance. In this episode of the podcast (#117), we go deep on one of the hottest sectors around: cyber insurance. The insurance was dirt cheap. Are insurers ready?

Cyberattack shuts down La Porte County government systems

Security Affairs

Government computer systems at La Porte County, Indiana, were shut down after a cyber attack hit them on July 6. On July 6, a cyber attack brought down government computer systems atLa Porte County, Indiana.

Governance, Technology, and Capitalism.

John Battelle's Searchblog

Our lives are now driven in large part by data, code, and processing, and by the governance of algorithms. Synonymous with progress, asking not for permission, fearless of breaking things – in particular stupid, worthy-of-being-broken things like government, sclerotic corporations, and fetid social norms – the technology industry reveled for decades as a kind of benighted warrior for societal good. Do they think that means there’s no governance ?

Governance in Healthcare: Recognizing a Strategic Imperative

Perficient Data & Analytics

The subject of governance often comes up whenever leadership is asked about some of the more critical capabilities that an organization must possess. However, this does not mean that the governance program’s work is done and that there is clear sailing ahead.

Our Data Governance Is Broken. Let’s Reinvent It.

John Battelle's Searchblog

My current work is split between two projects: One has to do with data governance, the other political media. And second… Governance. Government – well for sure, I’d wager that’s increased given who’s been running the country these past two years. But Governance?

Why ‘dirty data’ can derail health insurers' analytics

Information Management Resources

Payer Edition Payers Healthcare analytics Data governance Value-based careJordan Bazinsky of Cotiviti says the need to inherently trust information is essential to gain trustworthy insights.

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

The Last Watchdog

based supplier of identity access management (IAM) systems, which recently announced a partnership with Omada, a Copenhagen-based provider of identity governance administration (IGA) solutions. These vendors drilled down on “governance and attestation,” coming up with advanced ways to enable companies to monitor and report cyber risk profiles to government and industry auditors. Governance and attestation quickly became a very big deal.

Access 141

From the CTO: From Information Governance to Information Asset Management

Everteam

The first “InfoGov” wave we are starting to see is a way to show people augmented information about an information or data asset, based on how it is governed in terms of cost, risk, quality, security or value within your company. Information Governance infonomics information asset management

South Carolina’s Insurance Cybersecurity Law Takes Effect in 2019

Adam Levin

South Carolina became the first state to pass a law requiring all insurance entities to create and maintain a cybersecurity and data breach response program. . Among the law’s provisions is a requirement to notify the state government within 72 hours in the event of a breach or cybersecurity event affecting 250 or more people, the protection of policyholder’s personally identifiable information, and an annual statement detailing their breach response plan. .

Cyber Insurance: Addressing Your Risks and Liabilities

Hunton Privacy

After a number of high-profile data breaches, corporate cybersecurity is facing increased scrutiny and attention from consumers, the government and the public. In a webinar, entitled Cyber Insurance: Addressing Your Risks and Liabilities , hosted by Hunton & Williams LLP and CT , Hunton & Williams partners Lon A. Cyber Insurance Cybersecurity Multimedia Resources Security Breach Consumer Protection Lisa Sotto

Why Cybersecurity Pros Should Care About Governance

Getting Information Done

Cybersecurity professionals need to understand the information risks their organization faces and how to leverage information governance, along with technology, to get the biggest bang for their buck. As a result, companies are turning to cyber insurance.

MY TAKE: Poorly protected local government networks cast shadow on midterm elections

The Last Watchdog

It’s easy to think of it as a problem the federal government must address or something that enterprises deal with, but cybersecurity has to be addressed closer to home, as well. His company supplies a co-managed SIEM service to mid-sized and large enterprises, including local government agencies. Security of local and state government agencies takes on a higher level of urgency as we get closer to the midterm elections.

Insurers plan increased use of agile development

Information Management Resources

Hardware and software Information systems Data governance Enterprise information management Data and information management NovaricaBut carriers still struggle with hiring IT talent, according to new research from Novarica.

Four Use Cases Proving the Benefits of Metadata-Driven Automation

erwin

As such, traditional – and mostly manual – processes associated with data management and data governance have broken down. The banking, financial services and insurance industry typically deals with higher data velocity and tighter regulations than most.

Leveraging Blockchain Integration to Meet Information Governance Challenges

InfoGoTo

Add insurance providers with their own systems, along with the recent regulatory requirement mandating electronic health records, and there is a critical need for a solution.

Spigraph, Everteam & ImageFast Provide Critical Information Governance Solutions to European Market

Everteam

It is a complete solution for content discovery, migration, remediation, identification of PII, PHI and PCI data, and governance. Spigraph is also pleased to announce ImageFast as a reseller of the Everteam Information Governance products. Effective information governance is critical.

“An act of war”: Zurich American refuses to pay out on cyber insurance policy following NotPetya attack

IT Governance

US food giant Mondelez is suing insurance company Zurich American for denying a $100 million (£76 million) claim filed after the NotPetya attack. The UK government and the CIA blame the attack on Russian state-sponsored hackers, claiming it was the latest act in an ongoing feud between Russia and Ukraine. In that regard, it was a job well done, with one report estimating that insurers could expect to pay out more than $80 billion (£61 billion) as a result of the attack.

Cyberinsurance and Acts of War

Schneier on Security

Zurich Insurance has refused to pay Mondelez International's claim of $100 million in damages from NotPetya. Those turning to cyber insurance to manage their exposure presently face significant uncertainties about its promise. Yet no cyber insurance policies cover this entire spectrum.

Risk 104

Obamacare Sign-Up Channel Breach Affects 75K Consumers

Threatpost

A hack targeted the Direct Enrollment pathway, which allows insurance agents and brokers to help consumers sign up for Affordable Care Act coverage. Breach Government Hacks Privacy 75000 consumers 75K Consumers affordable care act data breach direct enrollment pathway hack healthcare.gov insurance broker Obamacare

GDPR’s First 150 Days Impact on the U.S.

Threatpost

Government Privacy Apple CEO Tim Cook GDPR General Data Protection Regulation Health Insurance Portability and Accountability Act HIPAA International Conference of Data Protection and Privacy Commissioners ConferenceWeighing the impact of GDPR and how the historic legislation has shaped privacy protection measures in the U.S., so far.

GDPR 87

Government survey reveals GDPR awareness is falling short

IT Governance

Of the businesses surveyed, those in the finance and insurance industries had the highest levels of awareness (79%), followed by information and communications (67%) and education (52%).

GDPR 68

Zurich refuses to pay Mondelez for NotPetya damages because it’s ‘an act of war’

Security Affairs

Zurich American Insurance Company is refusing to refund its client because consider the attack as “an act of war” that is not covered by its policy. According to the cyber security community, NotPetya is a cyber weapon develped by Russia to hit the Ukrainian government.

Rise in cyber attacks leads to cyber insurance business soaring

IT Governance

Increased interest in cyber insurance. With more than 800 million records being leaked in 2017 ( find out more in our Breaches and Hacks Blog Archive ), it’s not surprising that cyber insurance business has increased in recent months.

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

IG Guru

Now the financial institution is suing its insurance provider for refusing to fully cover the losses. Hackers used phishing emails to break into a Virginia bank in two separate cyber intrusions over an eight-month period, making off with more than $2.4 million total.

How insurers can comply with Massachussetts cybersecurity regulations

Information Management Resources

Carriers will need someone who owns data at an enterprise level to ensure effective governance. Cyber security Compliance Regtech

Keeping Up with New Data Protection Regulations

erwin

Due to these pre-existing regulations, organizations operating within these sectors, as well as insurance, had some of the GDPR compliance bases covered in advance. Fortunately, whenever the time comes, the first point of call will always be data governance, so organizations can prepare.

Discovery of 13-Year Hacking Scheme Highlights Questions About Cyber Insurance Coverage

Hunton Privacy

Hunton & Williams Insurance Litigation & Counseling partner Lon Berk reports: An Israeli security firm recently uncovered a hacking operation that had been active for more than a decade. Over that period, hackers breached government servers, banks and corporations in Germany, Switzerland and Austria by using over 800 phony front companies (which all had the same IP address) to deliver unique malware to victims’ systems.

The Tragedy of the Data Commons

John Battelle's Searchblog

But before you roll your eyes in anticipation of yet another Facebook rant, no, this post is not about Facebook, despite that company’s continued inability to govern itself. No, this post is about the business of health insurance. Before, and after?

Digital Customer Experience is becoming the deciding battlefield on the insurance landscape

CGI

Digital Customer Experience is becoming the deciding battlefield on the insurance landscape. Digital Customer Experience in many ways is becoming the deciding battlefield on the insurance landscape as to who will win through. Artificial Intelligence whilst in its nascent stages in insurance has made real inroads in other sectors (especially Retail) and is well embedded in the customer journey.