Remove Government Remove Insurance Remove Retail Remove Security
article thumbnail

“An act of war”: Zurich American refuses to pay out on cyber insurance policy following NotPetya attack

IT Governance

US food giant Mondelez is suing insurance company Zurich American for denying a $100 million (£76 million) claim filed after the NotPetya attack. The UK government and the CIA blame the attack on Russian state-sponsored hackers, claiming it was the latest act in an ongoing feud between Russia and Ukraine. In that regard, it was a job well done, with one report estimating that insurers could expect to pay out more than $80 billion (£61 billion) as a result of the attack.

article thumbnail

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. Third-party governance. IT governance and security. Privacy governance and management.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

11 cyber security predictions for 2020

IT Governance

Almost everyone wants to know what the future has in store – particularly when it comes to cyber security. With that in mind, Geraint Williams, IT Governance’s chief information security officer, discusses his cyber security predictions in the upcoming year.

article thumbnail

Is Your Customer Experience Future-Ready?

Reltio

How do you ensure security and privacy while personalizing the customer experience? Do you have fail-safe processes to guarantee security of customer data? A enterprise-wide Customer 360 solution makes it easier for organizations to comply with regulations, by creating a single source of customer information blending profile, interaction, and transaction data from all sources, complete with data governance and trace-ability to meet all compliance needs. Ankur Gupta, Sr.

article thumbnail

Regulatory Update: NAIC Summer 2022 National Meeting

Data Matters

The National Association of Insurance Commissioners (NAIC) held its Summer 2022 National Meeting (Summer Meeting) August 9–13, 2022. 43R — Loan-Backed and Structured Securities (SSAP No. 26R) while Schedule D-2, Section 2 would detail asset-backed securities (within scope of SSAP No.

Paper 78
article thumbnail

Morrisons heads to the Supreme Court over data breach

IT Governance

The information comprised names, addresses, gender, dates of birth, phone numbers, National Insurance numbers, bank details and salaries. Morrisons argued that it wasn’t responsible for Skelton’s actions and that it had taken all the necessary precautions to secure employees’ data. However, as the US food giant Mondelez learned earlier this month , cyber security insurance has its own pitfalls. Keep up to date with the latest security news with our weekly newsletter.

IT 52
article thumbnail

Catches of the Month: Phishing Scams for November 2022

IT Governance

This month, we look at an unintended cyber security problem arising from Twitter’s plan to charge people for verification status. Elsewhere, we assess data breaches at a cancer research facility and the US retailer Bed Bath & Beyond.

IT 79
article thumbnail

List of Data Breaches and Cyber Attacks in June 2022 – 34.9 Million Records Breached

IT Governance

We identified 80 security incidents during the month, resulting in 34,908,053 compromised records. Meanwhile, be sure to subscribe to our Weekly Round-up to receive the latest cyber security news and advice delivered straight to your inbox.

article thumbnail

Morrisons loses data leak appeal

IT Governance

The data included bank account details, salary information, dates of birth, National Insurance numbers, addresses and phone numbers. A more secure option is system-to-system data transfer. The post Morrisons loses data leak appeal appeared first on IT Governance Blog. Cyber Security Data Protection IT Best Practice Retail data breach data misuse

article thumbnail

#ModernDataMasters: Lewis Ownes, CEO Agile Solutions

Reltio

But it did give me the advantage of seeing how the data was being fed into the machines for personalisation and the use of algorithms for security even back then. “At If you ask people about data management and all they talk about is governance then you know they are only being driven by regulation or a concern. A truly mature company embraces governance and innovation and they are designed in together, not bolted on and only way you can do that is via data strategy.

article thumbnail

IRS Will Soon Require Selfies for Online Access

Krebs on Security

was originally launched in 2010 with the goal of helping e-commerce sites validate the identities of customers who might be eligible for discounts at various retail establishments, such as veterans, teachers, students, nurses and first responders. government websites.

Access 285
article thumbnail

List of Data Breaches and Cyber Attacks in August 2022 – 97 Million Records Breached

IT Governance

In a month that saw the former US president accused of misappropriating classified government documents, there were also a spate of malicious insiders compromising their employer’s systems. announces security breach (unknown) The Country Club at Woodfield, Inc.

article thumbnail

IRS To Ditch Biometric Requirement for Online Access

Krebs on Security

government online. It was clear most readers had no idea these new and more invasive requirements were being put in place at the IRS and other federal agencies (the Social Security Administration also is steering new signups to ID.me).

Access 181
article thumbnail

List of data breaches and cyber attacks in May 2022 – 49.8 million records breached

IT Governance

We identified 77 security incidents during the month, resulting in 49,782,129 compromised records. Meanwhile, be sure to subscribe to our Weekly Round-up to receive the latest cyber security news and advice delivered straight to your inbox.

article thumbnail

#ModernDataMasters: Steve Whiting, Chief Operations Officer

Reltio

I worked in several Telcos and latterly in the City for an international insurance company. Ethical data management means you need data governance and data security by design – these initiatives are hard to retrofit. In the past organisations often mobilized for large MDM programmes and had to retrospectively drive the governance throughout – now we are seeing that data governance is often leading – it has become a non-negotiable.”. Kate Tickner, Reltio.

MDM 40
article thumbnail

Catches of the Month: Phishing Scams for July 2022

IT Governance

The organisation’s head of security, Cory Hardman, said that the breach occurred when an employee at a third-party email delivery vendor downloaded the details of OpenSea users and newsletter subscribers.

article thumbnail

List of data breaches and cyber attacks in May 2021 – 116 million records breached

IT Governance

If you find yourself facing a cyber security disaster, IT Governance is here to help. The post List of data breaches and cyber attacks in May 2021 – 116 million records breached appeared first on IT Governance UK Blog.

article thumbnail

List of data breaches and cyber attacks in June 2021 – 9.8 million records breached

IT Governance

We found a comparatively low 9,780,931 breached records from publicly disclosed security incidents in June 2021. June’s figures bring the annual running total of security incidents to 729 and the total number of breached records to 3,947,030,094.

article thumbnail

Regulatory Update: NAIC Summer 2020 National Meeting

Data Matters

The National Association of Insurance Commissioners (NAIC) held its Summer 2020 National Meeting (Summer Meeting) from July 27 to August 14, 2020. The Annuity Suitability Working Group (ASWG) led the NAIC’s multi-year efforts to develop revisions to the Suitability in Annuity Transactions Model Regulation (SAT) to incorporate a requirement for producers to act in the “best interest” of a retail customer when making a recommendation of an annuity.

Paper 65
article thumbnail

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

Until recently, I was fairly active on Twitter , regularly tweeting to more than 350,000 followers about important security news and stories here. The records also reveal how Conti dealt with its own internal breaches and attacks from private security firms and foreign governments.

Security 190
article thumbnail

Confessions of an ID Theft Kingpin, Part II

Krebs on Security

Ngo’s cooperation with the government ultimately led to 20 arrests, with a dozen of those defendants lured into the open by O’Neill and other Secret Service agents posing as Ngo. Yesterday’s piece told the tale of Hieu Minh Ngo , a hacker the U.S.

Security 254
article thumbnail

NEW TECH: Cequence Security deploys defense against botnets’ assault on business logic

The Last Watchdog

Pick any company in any vertical – financial services, government, defense, manufacturing, insurance, healthcare, retailing, travel and hospitality – and you’ll find employees, partners, third-party suppliers and customers all demanding remote access to an expanding menu of apps — using their smartphones and laptops. It becomes difficult to build security into the application when you are doing that frequent of a change and you end up more exposed to risk.

article thumbnail

Regulatory Update: NAIC Fall 2019 National Meeting

Data Matters

The National Association of Insurance Commissioners (the NAIC) held its Fall 2019 National Meeting (Fall Meeting) in Austin, Texas, from December 7 to 10, 2019. The draft revisions include a requirement for producers to act in the “best interest” of a retail customer when making a recommendation of an annuity. Term and Universal Life Insurance Reserve Financing Model Regulation and 2016 Revisions to the CFR Model Laws. Big Data Insurance Policy

article thumbnail

Regulatory Update: NAIC Fall 2019 National Meeting

Data Matters

The National Association of Insurance Commissioners (the NAIC) held its Fall 2019 National Meeting (Fall Meeting) in Austin, Texas, from December 7 to 10, 2019. The draft revisions include a requirement for producers to act in the “best interest” of a retail customer when making a recommendation of an annuity. Term and Universal Life Insurance Reserve Financing Model Regulation and 2016 Revisions to the CFR Model Laws. Big Data Insurance Policy

article thumbnail

List of Data Breaches and Cyber Attacks in March 2021 – 21 Million Records Breached

IT Governance

The post List of data breaches and cyber attacks in March 2021 – 21 million records breached appeared first on IT Governance UK Blog.

article thumbnail

Regulatory Update: NAIC Summer 2019 National Meeting

Data Matters

The National Association of Insurance Commissioners (NAIC) held its Summer 2019 National Meeting (Summer Meeting) in New York City from August 3 to 6, 2019. Securities and Exchange Commission on June 5, 2019, broker-dealers and associated persons are required to act in the best interest of a retail customer when recommending a securities transaction or investment strategy involving securities to a retail customer.

Paper 65
article thumbnail

List of data breaches and cyber attacks in December 2020 – 148 million records breached

IT Governance

We logged 134 security incidents in December, which accounted for 148,354,955 breached records. The post List of data breaches and cyber attacks in December 2020 – 148 million records breached appeared first on IT Governance UK Blog.

article thumbnail

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

The Iranian hacker group has been attacking corporate VPNs over the past months, they have been hacking VPN servers to plant backdoors in companies around the world targeting Pulse Secure , Fortinet , Palo Alto Networks , and Citrix VPNs.

Access 87
article thumbnail

Key Ring digital wallet exposes data of 14 Million users in data leak

Security Affairs

The images include scans of government-issued IDs, retail club membership and loyalty cards, NRA membership cards, gift cards, credit cards with all details exposed (including CVV), medical insurance cards, medical marijuana ID cards, and more.

Retail 86
article thumbnail

Redcar and Cleveland Borough Council still offline after suffering cyber attack

IT Governance

Meanwhile, the National Crime Agency said it was supporting the council, and a team of experts from the National Cyber Security Centre has been on-site since 9 February. Unlike an attack on retailers, for example, victims have no alternative when systems are down.

article thumbnail

In a Few Days, Credit Freezes Will Be Fee-Free

Krebs on Security

A credit freeze — also known as a “security freeze” — restricts access to your credit file, making it far more difficult for identity thieves to open new accounts in your name. Currently, many states allow the big three bureaus — Equifax , Experian and TransUnion — to charge a fee for placing or lifting a security freeze. Access to some of these credit lookup services is supposed to be secured behind a login page, but often isn’t.

Military 180
article thumbnail

List of data breaches and cyber attacks in October 2019 – 421 million records breached

IT Governance

In a month where security experts across Europe were boosting awareness of cyber security , organisations had mixed results in their own data protection practices. IN-based Goshen Health leans that 2018 data security incident did need to be reported (9,160). A DDoS gang is extorting business posing as Russian government hackers (unknown). Victoria government insists patient data is safe after ransomware attack (unknown).

article thumbnail

Catches of the month: Phishing scams for May 2020

IT Governance

Coronavirus continues to dominate the cyber security landscape (and pretty much every other part of our lives), with cyber criminals cashing in on the disruption. Why would the government take money away from the NHS and give it to citizens?

article thumbnail

Weekly podcast: Password managers, unpatched vulnerabilities, formjacking and Wendy’s

IT Governance

This week, we discuss a security flaw affecting 1Password, Dashlane, KeePass and LastPass; the prevalence of historic vulnerabilities in corporate IT systems; the increase in formjacking attacks; and Wendy’s $50 million data breach settlement. Hello, and welcome to the IT Governance podcast for Thursday, 21 February 2019. The researchers explain that: “All password managers [they] examined sufficiently secured user secrets while in a ‘not running’ state.

article thumbnail

TA505 group updates tactics and expands the list of targets

Security Affairs

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. The group is also known for some evasive techniques they put in place over time to avoid the security controls and penetrate corporate perimeters with several kinds of malware, for instance abusing the so-called LOLBins (Living Off The Land Binaries), legit programs regularly used by victim , or also the abuse of valid cryptographically signed payloads.

article thumbnail

Top GRC Tools & Software for 2021

eSecurity Planet

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. Third-party governance. IT governance and security. Privacy governance and management.

Retail 57
article thumbnail

62% of organisations unaware of the GDPR

IT Governance

There is an alarming lack of awareness across all industries about the EU General Data Protection Regulation (GDPR) , according to a government survey. Among those that have started to prepare: 36% of businesses and charities have changed their cyber security practices; 21% of businesses and 10% of charities have invested in additional staff training; and. However, the least prepared sector is retail and wholesale, with only 13% of organisations having started.

article thumbnail

Finance sector must simplify staff awareness training

IT Governance

Financial services firms must do more to educate employees about cyber security, according to the FCA (Financial Conduct Authority). The findings are the result of a discussion between 175 organisation, aiming to address security concerns in the fund and investment management, insurance, retail banking, and retail investment and lending sectors. This doesn’t mean you can’t have a cyber security champion, though. How Cyber Security as a Service helps.

article thumbnail

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

The threat actor mainly targets insurance, consulting, and construction companies. Many telecom operators are Managed Service Providers and provide security services to government and commercial organizations.

article thumbnail

Cybersecurity in the boardroom: 7 steps to improve cyber governance

CGI

Cybersecurity in the boardroom: 7 steps to improve cyber governance. High-profile incidents coupled with increasing government focus are raising awareness of the extent and potential impact of cybersecurity breaches. This flagship research surveyed 150 C-level and boardroom business leaders from the UK’s largest companies (1,000+ employees) across the commercial sectors of retail, banking, insurance, utilities and telco.

Retail 40