Cybersecurity Insurance Not Paying for NotPetya Losses

Schneier on Security

This will complicate things: To complicate matters, having cyber insurance might not cover everyone's losses. Zurich American Insurance Company refused to pay out a $100 million claim from Mondelez, saying that since the U.S.

Pentagon’s Warning on DNA Testing is Applicable to all Consumers

ARMA International

On December 23, Yahoo News [1] reported on a Department of Defense memo [2] warning military personnel that using direct-to-consumer (DTC) DNA testing could pose “personal and operational risks.” As quoted in the Military Times article [3] , citing security risks, Cmdr. Military Times.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Episode 155: Disinformation is a Cyber Weapon and APTs warm to Mobile Malware

The Security Ledger

» Related Stories Israeli Group Exploited WhatsApp to Spy on Users Episode 158: How NotPetya has Insurers grappling with Systemic Cyber Risk Episode 149: How Real is the Huawei Risk?

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. This could be in high security areas, relating to the government or military, or you might be in different countries, where secure Internet connections are not available. DataLocker actually got traction, early on, selling to the military.

List of data breaches and cyber attack in March 2019 – 2.1 billion records leaked

IT Governance

There’s a new compiler at the helm of our monthly list of data breaches, following the departure of IT Governance stalwart Lewis Morgan, who leaves me with some mighty big shoes to fill. Chinese hackers target universities in pursuit of maritime military secrets (unknown).

Credit Freezes are Free: Let the Ice Age Begin

Krebs on Security

In addition, the law requires the big three bureaus to offer free electronic credit monitoring services to all active duty military personnel. It is now free in every U.S.

£60 million in recovery costs for Norsk Hydro after refusing ransom demand

IT Governance

The ransomware was accompanied by a note: “Your files are encrypted with the strongest military algorithms. Cyber security experts and governments urge victims to never pay the ransom. You can certainly understand the desire for a short-term fix when, say, a local government’s systems are frozen and essential services are brought to a halt. Another way to lessen the burden of recovering from a ransomware attack is to purchase cyber insurance.

In a Few Days, Credit Freezes Will Be Fee-Free

Krebs on Security

There are dozens of private companies that specialize in providing consumer credit reports and scores to specific industries, including real estate brokers, landlords, insurers, debt buyers, employers, banks, casinos and retail stores.

Have We Become Apathetic About Breaches?

Thales eSecurity

Affecting big companies and small in virtually every vertical and hitting government institutions at the local, state and federal level, sensitive data is routinely exfiltrated, stolen and leveraged with shocking regularity. Another day, another breach.

IoT 98

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

According to Group-IB’s experts, the most frustrating trend of 2019 was the use of cyberweapons in military operations. As for 2019, it has become the year of covert military operations in cyberspace. The threat actor mainly targets insurance, consulting, and construction companies.

Colorado Amends Data Breach Notification Law and Enacts Data Security Requirements

Hunton Privacy

Key data security and disposal provisions of the Bill include: Definition of Personal Identifying Information: The Bill defines personal identifying information as “a social security number; a personal identification number; a password; a pass code; an official state or government-issued driver’s license or identification card number; a government passport number; biometric data…; an employer, student, or military identification number; or a financial transaction device.”.

2019 eDiscovery Case Law Year in Review, Part 3

eDiscovery Daily

DiGiusti granted the “Children” defendants’ Motion to Compel against non-party City of Oklahoma City Police Department (“OCPD”) to comply with the Children’s subpoena of records related to the murder of their father in a civil case with the insurance company.

Washington, D.C. Amends Data Breach Notification Law, Adds Data Security Requirements

Hunton Privacy

The Bill partially exempts entities subject to the Gramm-Leach-Bliley (“GLB”) Act or Health Insurance Portability and Accountability Act (“HIPAA”) from the notification requirements, but requires an entity subject to those laws’ breach notification requirements to also notify the D.C.

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Data Matters

Increasingly, thought leaders, professional organizations, and government agencies are beginning to provide answers. Instead of attempting either of these Sisyphean tasks, this article seeks to demonstrate the utility of the enterprise-level, targeted approach at the governance stages, and in the implementation of certain technology tools during the stages of the data lifecycle, as appropriate. Creating an enterprise-wide governance structure.