Changing Data Quantification in Security Insurance

Data Breach Today

Lynn Peachey, the director of business development at Arete Incident Response, says that insurance companies have made "a pretty quick turnaround in terms of trying to respond to the ransomware epidemic."

Insurer Chubb Investigating 'Security Incident'

Data Breach Today

Maze Gang Claims Insurer Is a Victim, Emsisoft Reports Switzerland-based global insurance firm Chubb acknowledges that it's investigating a "security incident."


Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Insurance Coverage for NotPetya Losses

Schneier on Security

Tarah Wheeler and Josephine Wolff analyze a recent court decision that the NotPetya attacks are not considered an act of war under the wording of Merck’s insurance policy, and that the insurers must pay the $1B+ claim.

Top 8 Cyber Insurance Companies for 2022

eSecurity Planet

That’s where cyber insurance may be able to help. But there’s a catch: Insurers are going to carefully assess your cybersecurity controls before writing any policy, and there are limits to coverage. Cyber Insurance is Booming. Selecting a Cyber Insurer.

Two States Enact Insurance Data Security Laws

Hunton Privacy

In April 2022, two states enacted insurance data security legislation based on the National Association of Insurance Commissioners (“NAIC”) Insurance Data Security Model Law (MDL-668). Cyber Insurance Cybersecurity Information Security U.S.

Insurance and Ransomware

Schneier on Security

Here’s one more contribution to that issue: a research paper that the insurance industry is hurting more than it’s helping. Although it is a societal problem, cyber insurers have received considerable criticism for facilitating ransom payments to cybercriminals.

Report: Health Insurance Exchange Suffered Dozens of Breaches

Data Breach Today

Insurer Races to Fix Security Flaws After Whistleblower Alert

Data Breach Today

Why do some companies lag on addressing security issues

Get security right on the road to technology modernization in insurance


With the top 10 insurers worldwide currently still relying on mainframes, legacy systems continue to be the heartbeat of insurance processing. Increasingly, insurers are looking to modernize existing infrastructure, move to cloud, or both, to support business transformation initiatives.

Why Cyber Insurance is Essential in 2022

IT Governance

Organisations must always look for cost-effective ways to address the cyber security risks they face. One of the most common ways to mitigate the risk of a cyber security incident is cyber insurance. Despite the benefits of cyber insurance, it is surprisingly undervalued.

U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs

Krebs on Security

A well-organized Nigerian crime ring is exploiting the COVID-19 crisis by committing large-scale fraud against multiple state unemployment insurance programs, with potential losses in the hundreds of millions of dollars, according to a new alert issued by the U.S.

Cyber Insurance and the Changing Global Risk Environment

Security Affairs

When security fails, cyber insurance can become crucial for ensuring continuity. Our reliance on digital technology and the inherited risk is a key driving factor for buying cyber risk insurance. When security fails, cyber insurance can become crucial for ensuring continuity.

Vermont Enacts Insurance Data Security Law

Hunton Privacy

On May 27, 2022, Vermont Governor Phil Scott signed H.515 , making Vermont the twenty-first state to enact legislation based on the National Association of Insurance Commissioners Insurance Data Security Model Law (“MDL-668”). Information Security Program Requirements.

Resilience CEO on White House Meeting, Cyber Insurance

Data Breach Today

Vishaal Hariprasad Also Address How Ransomware Is Changing Security On Aug. 25, President Joe Biden invited about 25 technology, insurance, finance and education executives to the White House to discuss pressing cybersecurity issues such as supply chain and critical infrastructure.

Merck Wins Insurance Lawsuit re NotPetya Attack

Schneier on Security

The insurance company Ace American has to pay for the losses: On 6th December 2021, the New Jersey Superior Court granted partial summary judgment (attached) in favour of Merck and International Indemnity, declaring that the War or Hostile Acts exclusion was inapplicable to the dispute.

On Cybersecurity Insurance

Schneier on Security

Good paper on cybersecurity insurance: both the history and the promise for the future. From the conclusion: Policy makers have long held high hopes for cyber insurance as a tool for improving security. Cyber insurance appears to be a weak form of governance at present. However, the cost of external response services is covered, which suggests insurers believe ex-post responses to be more effective than ex-ante mitigation.

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

eSecurity Planet

The explosion of ransomware and similar cyber incidents along with rising associated costs is convincing a growing number of insurance companies to raise the premiums on their cyber insurance policies or reduce coverage, moves that could further squeeze organizations under siege from hackers.

What We Mean When We Talk About Cyber Insurance

Dark Reading

Cyber insurance is more than a policy for paying off ransomware gangs. It's designed to be something you transfer risk to when security controls fail

Cyber Insurance and War Exclusions

Dark Reading

Here's what a cybersecurity lawyer thinks security pros need to know in light of Russia's invasion of Ukraine

Insurer AXA to Stop Paying for Ransomware Crime Payments in France via Insurance Journal

IG Guru

The post Insurer AXA to Stop Paying for Ransomware Crime Payments in France via Insurance Journal appeared first on IG GURU. “The word to get out today is that, regarding ransomware, we don’t pay and we won’t pay,” cybercrime prosecutor Johanna Brousse said at the hearing. Only the U.S.

Insurer: Breach Undetected for Nine Years

Data Breach Today

Dominion National Says Recently Discovered Incident Dates Back to 2010 A dental and vision insurer's revelation that it recently discovered a 9-year-old data security incident offers an extreme example of the difficulty some organizations have in detecting data breaches

Do Ransomware Attackers Single Out Cyber Insurance Holders?

Data Breach Today

Security Experts Express Skepticism That Criminals Would Bother Do criminal organizations prefer to target organizations that hold cyber insurance policies? A ProPublica report suggests that because cyber insurance policyholders are more likely to pay ransoms, they're a more frequent target. But some cybersecurity experts have expressed skepticism

NAIC Insurance Data Security Law Annual Certifications: Is Yours Due By February 15?

Data Matters

Most cybersecurity professionals are aware of the New York Department of Financial Service’s requirement imposed on DFS-licensed entities to certify their cybersecurity program’s compliance on an annual basis (by April 15th of each year), but less well known is that numerous other states impose similar requirements on regulated insurance entities and that deadline for many states is coming up on February 15, 2021.

Insurance firm CNA discloses data breach after March ransomware attack

Security Affairs

Insurance giant CNA notifies customers of a data breach after the Phoenix CryptoLocker ransomware attack suffered in March. US insurance giant CNA is notifying customers of a data breach after the ransomware attack that it suffered in March.

Crooks stole driver’s license numbers from Geico auto insurer

Security Affairs

Car insurance provider Geico has suffered a data breach, attackers have stolen the driver’s licenses for policyholders for several weeks. Geico, the second-largest auto insurer in the U.S., If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

GUEST ESSAY: Skeptical about buying life insurance online? Here’s how to do it — securely

The Last Watchdog

Purchasing life insurance once meant going to an insurer’s office or booking an appointment with an insurance agent. Today’s generation is used to getting everything done fast and easy, so life insurance providers had to get with the times and cover all customers’ needs and requirements. Now everyone has the possibility to purchase life insurance from the comfort of their home by simply going online and looking for the policies that will fit their needs.

Checklist for Getting Cyber Insurance Coverage

Thales Cloud Protection & Licensing

Checklist for Getting Cyber Insurance Coverage. The necessity for cyber-insurance coverage. With cyber attacks amounting to a question of when and not if, cyber insurance becomes crucial for ensuring business continuity and mitigating the business impact of attacks – should they occur.

Cloud 72

WSJ: "Cyber Insurance Went Up A Whopping 92% In 2021"


Security Awareness TrainingWhoa Nellie, that's getting to be real money here. This is the kind of thing that starts cutting into your whole IT budget.

Cybersecurity Insurance

Schneier on Security

Good article about how difficult it is to insure an organization against Internet attacks, and how expensive the insurance is. Typically in insurance we use the past as prediction for the future, and in cyber that's very difficult to do because no two incidents are alike," said Lori Bailey, global head of cyberrisk for the Zurich Insurance Group. In my new book -- out in September -- I write: There are challenges to creating these new insurance products.

Major Israeli Insurance Company Hacked

Adam Levin

The personal information of thousands of Israeli citizens has been compromised as the result of a cyberattack on Shirbit, a leading insurance company. . The post Major Israeli Insurance Company Hacked appeared first on Adam Levin.

SMBs and Cyber Insurance – Third Certainty #27

Adam Levin

With the average cost of a data breach exceeding three million dollars, cyber insurance has become a necessity for SMBs. The post SMBs and Cyber Insurance – Third Certainty #27 appeared first on Adam Levin.

Judge Rules Insurer Must Pay for Ransomware Damage

Data Breach Today

Coverage Required Because Attack Caused 'Physical Loss or Damage' A federal judge has ruled that an insurer providing a "business owner's insurance policy" to a company that sustained a ransomware attack and was forced to replace most of its IT infrastructure must pay for the damages the security incident caused.

“Failure to Authenticate” Wire Transaction at the Heart of a Cyber Insurance Appeal Case


Lawsuits over denied cyber insurance claims provide insight into what you should and shouldn’t expect from your policy – and that actions by your own users may make the difference. Security Awareness Training

Cyber insurance: A guide for businesses

IT Governance

Cyber threats are so numerous that it’s impossible to prevent security incidents altogether. That’s why they organisations increasingly relying on cyber insurance policies to cover the costs when data breaches and cyber attacks occur. But just how helpful is cyber insurance?

Cybersecurity Insurance Not Paying for NotPetya Losses

Schneier on Security

This will complicate things: To complicate matters, having cyber insurance might not cover everyone's losses. Zurich American Insurance Company refused to pay out a $100 million claim from Mondelez, saying that since the U.S. I get that $100 million is real money, but the insurance industry needs to figure out how to properly insure commercial networks against this sort of thing. cybersecurity hacking insurance malware ransomware russia war

The Good, the Bad, and the Necessary State of Cyber Insurance


New data from security vendor Sophos shows that while the presence of cyber insurance coverage has increased, it’s the experiencing of attacks that’s driving the need.

Arthur J. Gallagher (AJG) insurance giant discloses ransomware attack

Security Affairs

Gallagher (AJG) insurance giant disclosed a ransomware attack, the security breach took place on Saturday. Gallagher (AJG) global insurance brokerage firm confirmed that it was his with a ransomware attack on Saturday, September 26. US-based Arthur J.

How Cybersecurity Insurance Can Work To Help An Organization

Thales Cloud Protection & Licensing

How Cybersecurity Insurance Can Work To Help An Organization. In the last 20+ years, cybersecurity insurance has added risk transference to the available palette of palliative choices. The function of cybersecurity insurance. What does cybersecurity insurance cover?

Cloud 68

Apple, Cisco Strike Partnerships for Cyber Insurance

Data Breach Today

Policies Offer Incentives for Good Information Security Practices Apple and Cisco say they've partnered with insurers Aon and Allianz to offer cyber insurance policies for organizations that meet best security practices and use products from the technology companies. The partnership follows increasing interest in cyber insurance as a hedge against hacking risks

First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

Krebs on Security

The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. The digitized records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images — were available without authentication to anyone with a Web browser. based First American is a leading provider of title insurance and settlement services to the real estate and mortgage industries.