Insurer Chubb Investigating 'Security Incident'

Data Breach Today

Maze Gang Claims Insurer Is a Victim, Emsisoft Reports Switzerland-based global insurance firm Chubb acknowledges that it's investigating a "security incident."

Insurer Races to Fix Security Flaws After Whistleblower Alert

Data Breach Today

Why do some companies lag on addressing security issues

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

On Cybersecurity Insurance

Schneier on Security

Good paper on cybersecurity insurance: both the history and the promise for the future. From the conclusion: Policy makers have long held high hopes for cyber insurance as a tool for improving security. Cyber insurance appears to be a weak form of governance at present.

U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs

Krebs on Security

A well-organized Nigerian crime ring is exploiting the COVID-19 crisis by committing large-scale fraud against multiple state unemployment insurance programs, with potential losses in the hundreds of millions of dollars, according to a new alert issued by the U.S.

Insurer: Breach Undetected for Nine Years

Data Breach Today

Dominion National Says Recently Discovered Incident Dates Back to 2010 A dental and vision insurer's revelation that it recently discovered a 9-year-old data security incident offers an extreme example of the difficulty some organizations have in detecting data breaches

Judge Rules Insurer Must Pay for Ransomware Damage

Data Breach Today

Coverage Required Because Attack Caused 'Physical Loss or Damage' A federal judge has ruled that an insurer providing a "business owner's insurance policy" to a company that sustained a ransomware attack and was forced to replace most of its IT infrastructure must pay for the damages the security incident caused.

Apple, Cisco Strike Partnerships for Cyber Insurance

Data Breach Today

Policies Offer Incentives for Good Information Security Practices Apple and Cisco say they've partnered with insurers Aon and Allianz to offer cyber insurance policies for organizations that meet best security practices and use products from the technology companies.

Ransomware and the Role of Cyber Insurance via Teach Privacy

IG Guru

Professor Daneil Solove interviews Kimberly Horn about Cyber Insurance and Ransomeware here. The post Ransomware and the Role of Cyber Insurance via Teach Privacy appeared first on IG GURU.

5 Things to Know About Cyber Insurance

Dark Reading

More businesses are recognizing the need for cyber insurance as part of an overall security strategy. Here are some key points to consider when evaluating, purchasing, and relying on a policy

GUEST ESSAY: Cyber insurance 101 — for any business operating in today’s digital environment

The Last Watchdog

To help mitigate the risk of financial losses, more companies are turning to cyber insurance. Related: Bots attack business logic Cyber insurance, like other forms of business insurance, is a way for companies to transfer some of numerous potential liability hits associated specifically with IT infrastructure and IT activities. In other words, you are just about as likely to suffer from a security or data breach as you are to experience a hurricane or earthquake.

First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

Krebs on Security

The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. based First American is a leading provider of title insurance and settlement services to the real estate and mortgage industries.

Insurance Occurrence Assurance?

Andrew Hay

Though the breaches are concerning, the real story is that the financial institution suing its insurance provider for refusing to fully cover the losses. This, unfortunately, is the nature of insurance. News ciso cyber insurance cyber security insurance security security program

New Hampshire Governor Signs Insurance Data Security Law

Hunton Privacy

On August 2, 2019, New Hampshire Governor Chris Sununu signed into law SB 194 (the “Bill”), which requires insurers licensed in the state (“licensees”) to put in place data security programs and report cybersecurity events. Key provisions of the Bill include: Information Security Program. The information security program must “mitigate. The state insurance commissioner may take “necessary or appropriate” action to enforce the new law.

Boosting Secure Coding Practices

Data Breach Today

Carlos Pero of Zurich Insurance on Gaining Buy-In Carlos Pero, who heads cyber application security at Zurich Insurance, discusses how to get developers to buy in to secure coding practices

17 Cybersecurity Products the Cyber Insurance Industry Says Are Worthwhile via Claims Journal

IG Guru

Insurance broker Marsh has unveiled the inaugural class of cybersecurity products and services receiving a Cyber Catalyst designation that is part of an evaluation program its backers hope will bring greater clarity in the crowded cybersecurity marketplace.

American Insurance firm State Farm victim of credential stuffing attacks

Security Affairs

The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The insurance firm is notifying the impacted customers, but it did not disclose the number of affected users.

Security Ratings Answer Big Questions in Cyber Insurance

Dark Reading

More insurers are teaming up with security ratings firms to learn more about their clients, define policies, and determine coverage

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Data Matters

On December 19, 2018, Ohio adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. By doing so, Ohio joins South Carolina as the second state to have adopted the Model Law and the fourth state – along with Connecticut and New York – to have enacted cybersecurity regulations for insurance companies. This means all insurers, agencies, and brokers doing business in Ohio are covered.

Michigan Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Data Matters

On December 28, 2018, Michigan adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law in the form of Michigan H.B. By doing so, Michigan joins Ohio and South Carolina as the third state to adopt the Model Law and the fifth state – along with Connecticut and New York – to have enacted cybersecurity regulations focused on insurance companies.

Episode 158: How NotPetya has Insurers grappling with Systemic Cyber Risk

The Security Ledger

We talk to Bruce McDonnell of the East West Institute about how insurers are responding. We talk to Bruce McConnell of the East West Institute about how insurers are responding. Read Security Ledger coverage of NotPetya here.

Unemployment Insurance Fraud and Identity Theft: Up Close and Personal

Lenny Zeltser

To achieve this, the scammer: Obtains the victim’s personal information , including name, date of birth, social security number, address, and probably employment history. I wrote this article to help other victims of this unemployment insurance fraud and identity theft scam.

Vendor Security Risk Management: A Growing Concern

Data Breach Today

Eddie Chang, Travelers Insurance, cyber insurance, Quest Diagnostics, Optum360, breach, Labcorp, BioReference, AMCA, American Medical Collections Agency, vendor risk management, application security

Arron Banks, the insurers and my strange data trail

The Guardian Data Protection

Carole Cadwalladr just wanted to insure her car. In fact, I had no idea about either the question or the answer when I submitted a “subject access request” to Eldon Insurance Services in December last year. Data protection Data and computer security Brexit Cambridge Analytica Insurance industry Insurance Twitter InternetSix months later, she found a mass of personal details held by a firm she had never contacted that is run by Leave.EU’s

South Carolina Becomes the First State to Enact the National Association of Insurance Commissioners (NAIC) Insurance Data Security Model Law

Data Matters

In October 2017, the National Association of Insurance Commissioners (NAIC) adopted an Insurance Data Security Model Law. On May 3, 2018, South Carolina became the first state to enact this Model Law, in the form of the South Carolina Insurance Data Security Act (H.B. By doing so, South Carolina joined Connecticut and New York as states with cybersecurity regulations for insurance companies.

How Cyber Insurance Changes the Conversation Around Risk

Threatpost

In this InfoSec Insider cyber insurance expert Nick Sanna discusses how to balance threat exposures and protecting assets with insurance against hacking, breaches and vulnerabilities. Hacks Vulnerabilities Web Security Cyber Insurance Factor Analysis of Information Risk Maersk NotPetya

How to make sure your cyber insurance policy pays out

IT Governance

Cyber insurance is big business these days. Find out how a ransomware victim used cyber insurance to guide its response effort >> A cyber insurance policy doesn’t necessarily guarantee that you will receive aid following a data breach.

Spurring Growth Initiatives Through Tax Reform in Insurance

Perficient Data & Analytics

has created a jubilant atmosphere, as the rates are generally expected to boost earnings and investments for many insurers. We are investing in their future and strengthening their long-term financial security with structural improvements that will endure. — To learn what else is driving growth, productivity, and efficiency, download our new guide: 2018 State of the Insurance Industry.

Group-IB and CryptoIns introduce the world’s first insurance against cyber threats for cryptocurrency exchanges

Security Affairs

Group-IB and Swiss insurance broker ASPIS that owns CryptoIns project, have developed the world’s first scoring model for assessing cryptocurrency exchanges. Group-IB, an international company that specializes in preventing cyber attacks, and a Swiss insurance broker ASPIS SA that owns CryptoIns project, have developed the world’s first scoring model for assessing cryptocurrency exchanges cybersecurity, allowing the exchanges’ clients to ensure their assets.

Hunton Insurance Head Comments on Hotel Data Breach Coverage Dispute

Hunton Privacy

As reported on the Insurance Recovery Blog , Hunton Andrews Kurth insurance practice head Walter Andrews recently commented to the Global Data Review regarding the infirmities underlying an Orlando, Florida federal district court’s ruling that an insurer does not have to defend its insured for damage caused by a third-party data breach. To me, it’s clear that there were two reasonable interpretations of the insurance policy here.”.

Amazon Exposes Emails, Insurance Company Surveillance, and More Security News This Week

WIRED Threat Level

A USPS data leak, Windows passwords go bye-bye, and more security news this week. Security

Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats

The Security Ledger

In this episode of the podcast (#117), we go deep on one of the hottest sectors around: cyber insurance. In this episode of the podcast (#117), we go deep on one of the hottest sectors around: cyber insurance. The insurance was dirt cheap. Are insurers ready?

Insurers need to formalize IoT strategy

Information Management Resources

Four out of five carriers don't have a plan for collecting, analyzing or securing the flood of data from connected devices, according to LexisNexis survey. Telematics Internet of things Connected cars Connected home Growth strategies Big data Claims Property and casualty insurance Life insurance LexisNexis

Cybersecurity Rules for Insurance Companies to Take Effect in South Carolina

Hunton Privacy

New cybersecurity rules for insurance companies licensed in South Carolina are set to take effect in part on January 1, 2019. The new law is the first in the United States to be enacted based on the data security model law drafted by the National Association of Insurance Commissioners. Separately, effective July 1, 2019, the law requires insurance companies licensed in South Carolina to develop and implement a comprehensive, written cybersecurity program.

China: Navigating China: Episode 10: Stricter data localisation and security rules for financial and insurance data in China

DLA Piper Privacy Matters

The People’s Bank of China has released new guidelines on collection and processing of personal financial information (“PFI Guidelines”), which provide much-needed clarity on how personal financial information in China should be processed, secured and transferred. Carolyn Bigg, Hong Kong.

Webinar on the SAFETY Act, Security and Insurance

Hunton Privacy

Recent headlines underscore the security challenges faced by public-facing businesses. Those exposed to these threats, including providers of security services and products, face the potential of bodily injury to customers and employees, serious damage to facilities and operations, extended business disruption, and significant reputational harm as well as years of costly litigation – notwithstanding best efforts to protect against dangerous persons and events.

14 top home insurance companies' smart-tech initiatives

Information Management Resources

Homeowners insurance Analytics Internet of things Big data Data security Allstate State Farm Nationwide Progressive Farmers Insurance Liberty MutualA look at how leading property carriers are leveraging connected devices to improve the customer experience.

How Website Security Must Evolve

Data Breach Today

Carlos Pero of Zurich Insurance on Protecting the 'Castle' As a result of cloud computing and the internet of things, the approaches to security for websites must change, says Carlos Pero of Zurich Insurance

Off-Site Storage for Insurance Companies

Armstrong Archives

Your insurance company has been collecting and storing consumer data for as long as it’s been in business. That information is vital to your everyday operation, and it’s vulnerable to security breech. Many companies look to off-site storage for an affordable, secure solution.

The App Creeping on Your IG Location, Jakarta’s Insurance Crisis, and More News

WIRED Threat Level

Security Security / PrivacyCatch up on the most important news from today in two minutes or less.

Big data security guidelines that insurance organizations need to know

Information Management Resources

Big data offers ample opportunities, but also increases security concerns because online data is so much more vulnerable to cyber attacks. Data security Cyber security Cyber attacks