U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs

Krebs on Security

A well-organized Nigerian crime ring is exploiting the COVID-19 crisis by committing large-scale fraud against multiple state unemployment insurance programs, with potential losses in the hundreds of millions of dollars, according to a new alert issued by the U.S.

On Cybersecurity Insurance

Schneier on Security

Good paper on cybersecurity insurance: both the history and the promise for the future. From the conclusion: Policy makers have long held high hopes for cyber insurance as a tool for improving security. Cyber insurance appears to be a weak form of governance at present.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Ransomware and the Role of Cyber Insurance via Teach Privacy

IG Guru

Professor Daneil Solove interviews Kimberly Horn about Cyber Insurance and Ransomeware here. The post Ransomware and the Role of Cyber Insurance via Teach Privacy appeared first on IG GURU.

17 Cybersecurity Products the Cyber Insurance Industry Says Are Worthwhile via Claims Journal

IG Guru

Insurance broker Marsh has unveiled the inaugural class of cybersecurity products and services receiving a Cyber Catalyst designation that is part of an evaluation program its backers hope will bring greater clarity in the crowded cybersecurity marketplace.

Data Governance Tools: What Are They? Are They Optional?

erwin

Data governance tools used to occupy a niche in an organization’s tech stack, but those days are gone. The rise of data-driven business and the complexities that come with it ushered in a soft mandate for data governance and data governance tools. Data Governance 1.0

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Data Matters

On December 19, 2018, Ohio adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. By doing so, Ohio joins South Carolina as the second state to have adopted the Model Law and the fourth state – along with Connecticut and New York – to have enacted cybersecurity regulations for insurance companies. This means all insurers, agencies, and brokers doing business in Ohio are covered.

Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats

The Security Ledger

In this episode of the podcast (#117), we go deep on one of the hottest sectors around: cyber insurance. In this episode of the podcast (#117), we go deep on one of the hottest sectors around: cyber insurance. The insurance was dirt cheap. Are insurers ready?

China: Navigating China: Episode 10: Stricter data localisation and security rules for financial and insurance data in China

DLA Piper Privacy Matters

The People’s Bank of China has released new guidelines on collection and processing of personal financial information (“PFI Guidelines”), which provide much-needed clarity on how personal financial information in China should be processed, secured and transferred. Carolyn Bigg, Hong Kong.

SilverTerrier gang uses COVID-19 lures in BEC attacks against healthcare, government organizations

Security Affairs

Nigerian cyber gang SilverTerrier, specialized in BEC attacks, used COVID-19 lures in recent attacks on healthcare and government organizations. Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS [link].

Cyberattack shuts down La Porte County government systems

Security Affairs

Government computer systems at La Porte County, Indiana, were shut down after a cyber attack hit them on July 6. On July 6, a cyber attack brought down government computer systems atLa Porte County, Indiana.

How the U.S. Govt. Shutdown Harms Security

Krebs on Security

federal government shutdown is having a tangible, negative impact on cybercrime investigations, according to interviews with federal law enforcement investigators and a report issued this week by a group representing the interests of FBI agents. The ongoing partial U.S.

Data Governance Tools: What Are They? Are They Optional?

erwin

Data governance tools used to occupy a niche in an organization’s tech stack, but those days are gone. The rise of data-driven business and the complexities that come with it ushered in a soft mandate for data governance and data governance tools. Data Governance 1.0

Governance, Technology, and Capitalism.

John Battelle's Searchblog

Our lives are now driven in large part by data, code, and processing, and by the governance of algorithms. Synonymous with progress, asking not for permission, fearless of breaking things – in particular stupid, worthy-of-being-broken things like government, sclerotic corporations, and fetid social norms – the technology industry reveled for decades as a kind of benighted warrior for societal good. Do they think that means there’s no governance ?

Our Data Governance Is Broken. Let’s Reinvent It.

John Battelle's Searchblog

My current work is split between two projects: One has to do with data governance, the other political media. And second… Governance. Government – well for sure, I’d wager that’s increased given who’s been running the country these past two years. But Governance?

South Carolina’s Insurance Cybersecurity Law Takes Effect in 2019

Adam Levin

South Carolina became the first state to pass a law requiring all insurance entities to create and maintain a cybersecurity and data breach response program. . Among the law’s provisions is a requirement to notify the state government within 72 hours in the event of a breach or cybersecurity event affecting 250 or more people, the protection of policyholder’s personally identifiable information, and an annual statement detailing their breach response plan. .

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

The Last Watchdog

Related: Applying ‘zero trust’ to managed security services. based supplier of identity access management (IAM) systems, which recently announced a partnership with Omada, a Copenhagen-based provider of identity governance administration (IGA) solutions. Fortunately, the identity management space has attracted and inspired some of the best and brightest tech security innovators and entrepreneurs. Governance and attestation quickly became a very big deal.

Access 145

Cyber Insurance: Addressing Your Risks and Liabilities

Hunton Privacy

After a number of high-profile data breaches, corporate cybersecurity is facing increased scrutiny and attention from consumers, the government and the public. In a webinar, entitled Cyber Insurance: Addressing Your Risks and Liabilities , hosted by Hunton & Williams LLP and CT , Hunton & Williams partners Lon A. Cyber Insurance Cybersecurity Multimedia Resources Security Breach Consumer Protection Lisa Sotto

MY TAKE: Poorly protected local government networks cast shadow on midterm elections

The Last Watchdog

It’s easy to think of it as a problem the federal government must address or something that enterprises deal with, but cybersecurity has to be addressed closer to home, as well. His company supplies a co-managed SIEM service to mid-sized and large enterprises, including local government agencies. Security of local and state government agencies takes on a higher level of urgency as we get closer to the midterm elections. Who will cover the cost of securing an election?

Why Cybersecurity Pros Should Care About Governance

Getting Information Done

Poor security awareness continues to be the greatest inhibitor to defending against cyber threats, followed closely by the massive volumes of data for IT security teams to analyze/protect. billion on security technology in 2016—and still, experience data breaches.

From the CTO: From Information Governance to Information Asset Management

Everteam

The first “InfoGov” wave we are starting to see is a way to show people augmented information about an information or data asset, based on how it is governed in terms of cost, risk, quality, security or value within your company.

Health Net Cited for Refusing a Security Audit

Data Breach Today

Why Do Some Companies Reject Security Scrutiny? A government watchdog agency alleges that insurer Health Net of California has refused to cooperate in a security audit called for under a federal contract.

Leveraging Blockchain Integration to Meet Information Governance Challenges

InfoGoTo

Add insurance providers with their own systems, along with the recent regulatory requirement mandating electronic health records, and there is a critical need for a solution.

“An act of war”: Zurich American refuses to pay out on cyber insurance policy following NotPetya attack

IT Governance

US food giant Mondelez is suing insurance company Zurich American for denying a $100 million (£76 million) claim filed after the NotPetya attack. The UK government and the CIA blame the attack on Russian state-sponsored hackers, claiming it was the latest act in an ongoing feud between Russia and Ukraine. In that regard, it was a job well done, with one report estimating that insurers could expect to pay out more than $80 billion (£61 billion) as a result of the attack.

Zurich refuses to pay Mondelez for NotPetya damages because it’s ‘an act of war’

Security Affairs

Zurich American Insurance Company is refusing to refund its client because consider the attack as “an act of war” that is not covered by its policy. According to the cyber security community, NotPetya is a cyber weapon develped by Russia to hit the Ukrainian government.

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

IG Guru

Now the financial institution is suing its insurance provider for refusing to fully cover the losses. Hackers used phishing emails to break into a Virginia bank in two separate cyber intrusions over an eight-month period, making off with more than $2.4 million total.

How to Save on Cyber Insurance and Be Harder to Hack

Adam Levin

Cyber insurance is still evolving, and as such you can still get good deals even if your cybersecurity is not completely up to snuff. Each has reported—or worse have been discovered to have—extremely sensitive customer data stored on cloud servers that were not properly secured.

Secure Together: Britons scammed out of £3.5 million and essential services under attack

IT Governance

We take a look at some of those challenges in this latest round-up, which discusses the cyber security risks associated with the pandemic and the ways lockdown threatens our ability to work productively and safely. The post Secure Together: Britons scammed out of £3.5 Secure Together

How insurers can comply with Massachussetts cybersecurity regulations

Information Management Resources

Carriers will need someone who owns data at an enterprise level to ensure effective governance. Cyber security Compliance Regtech

Rise in cyber attacks leads to cyber insurance business soaring

IT Governance

Increased interest in cyber insurance. With more than 800 million records being leaked in 2017 ( find out more in our Breaches and Hacks Blog Archive ), it’s not surprising that cyber insurance business has increased in recent months.

Keeping Up with New Data Protection Regulations

erwin

Due to these pre-existing regulations, organizations operating within these sectors, as well as insurance, had some of the GDPR compliance bases covered in advance. Fortunately, whenever the time comes, the first point of call will always be data governance, so organizations can prepare.

Does Your Business Depend on Stronger Election Security?

Adam Levin

This midterm election , a steady flow of headlines and heated controversy focused not on political leanings or flipping seats (at least directly), but rather on the security and integrity of the voting process itself. Security as Ecosystem.

Government survey reveals GDPR awareness is falling short

IT Governance

The Cyber Security Breaches Survey 2018 from the Department for Digital, Culture, Media and Sport (DCMS) has revealed that only 38% of businesses and 44% of charities have heard of the General Data Protection Regulation (GDPR).

GDPR 61

11 cyber security predictions for 2020

IT Governance

Almost everyone wants to know what the future has in store – particularly when it comes to cyber security. With that in mind, Geraint Williams, IT Governance’s chief information security officer, discusses his cyber security predictions in the upcoming year.

IoT 83

How Cyber Essentials can help secure against malware

IT Governance

The Cyber Essentials scheme is a world-leading assurance mechanism for organisations of all sizes to help demonstrate that the most critical cyber security controls have been implemented. Secure your organisation with Cyber Essentials. Reduce cyber insurance premiums.

Discovery of 13-Year Hacking Scheme Highlights Questions About Cyber Insurance Coverage

Hunton Privacy

Hunton & Williams Insurance Litigation & Counseling partner Lon Berk reports: An Israeli security firm recently uncovered a hacking operation that had been active for more than a decade. Over that period, hackers breached government servers, banks and corporations in Germany, Switzerland and Austria by using over 800 phony front companies (which all had the same IP address) to deliver unique malware to victims’ systems.

Secure Shredding 101

InfoGoTo

Though identity theft is a constantly growing threat, about one-third of respondents to a 2014 Ponemon Institute survey did not have a policy for the secure destruction of paper documents. This checklist can help you organize your approach to secure shredding and document management. It’s wise to keep hard copies of anything related to federal or state matters, but these documents should be stored in a secure location.

MY TAKE: Coping with security risks, compliance issues spun up by ‘digital transformation’

The Last Watchdog

A core security challenge confronts just about every company today. While the benefits of DX are highly-touted , this shift has also spawned a whole new tier of unprecedented privacy and security challenges. On one hand, threat actors have already begun exploiting fresh attack vectors, borne of this rising complexity, and, on the other, government authorities and industry standards bodies are insisting on compliance with increasingly cumbersome data-handling security rules.

Riding the State Unemployment Fraud ‘Wave’

Krebs on Security

When a reliable method of scamming money out of people, companies or governments becomes widely known, underground forums and chat networks tend to light up with activity as more fraudsters pile on to claim their share.

Nonstandard auto insurtech reports data breach

Information Management Resources

Bridger Insurance says the incident, reported in Sept. 2018, involved some access of insurance application data. Data security Data management Data breaches Data governance Data storage

NEW TECH: Cequence Security deploys defense against botnets’ assault on business logic

The Last Watchdog

Pick any company in any vertical – financial services, government, defense, manufacturing, insurance, healthcare, retailing, travel and hospitality – and you’ll find employees, partners, third-party suppliers and customers all demanding remote access to an expanding menu of apps — using their smartphones and laptops. It becomes difficult to build security into the application when you are doing that frequent of a change and you end up more exposed to risk.