Insurance, Security and Tools - Information Management Today

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

Krebs on Security

FEBRUARY 20, 2024

Instead of listing data stolen from ransomware victims who didn’t pay, LockBit’s victim shaming website now offers free recovery tools, as well as news about arrests and criminal charges involving LockBit affiliates. This prompted several XSS members to start posting memes taunting the group about the security failure.

Ransomware

Ransomware Encryption Insurance Manufacturing

Mitigating the impact of climate change in insurance and other financial services

IBM Big Data Hub

MARCH 25, 2024

According to Berenberg analysts , individual insurance companies faced total claims estimates of up to approximately USD 300 million. For other financial services firms outside of the insurance sector, property accepted as loan security might face climate-related risks as well.

Financial Services

Financial Services Insurance Risk Agriculture

Private UK health data donated for medical research shared with insurance companies

The Guardian Data Protection

NOVEMBER 11, 2023

Observer investigation reveals UK Biobank opened its biomedical database to insurance firms despite pledge it would not do so Sensitive health information donated for medical research by half a million UK citizens has been shared with insurance companies despite a pledge that it would not be. Continue reading.

Insurance

Insurance Data Privacy Privacy Risk

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Insurance and Ransomware

Schneier on Security

JULY 1, 2021

Here’s one more contribution to that issue: a research paper that the insurance industry is hurting more than it’s helping. Although it is a societal problem, cyber insurers have received considerable criticism for facilitating ransom payments to cybercriminals. Often, that’s paying the ransom. News article.

Insurance

Insurance Ransomware Paper Marketing

ONC and HHS OCR Release Updated HIPAA Security Risk Assessment Tool

Hunton Privacy

SEPTEMBER 15, 2023

of the Security Risk Assessment (“SRA”) Tool under the Health Insurance Portability and Accountability Act (“HIPAA”) Security Rule. The SRA is designed to assist small- and medium-sized covered entities with conducting the risk analyses required under the HIPAA Security Rule.

Risk

Risk Security Insurance Cybersecurity

GUEST ESSAY: Skeptical about buying life insurance online? Here’s how to do it — securely

The Last Watchdog

AUGUST 24, 2020

Purchasing life insurance once meant going to an insurer’s office or booking an appointment with an insurance agent. Today’s generation is used to getting everything done fast and easy, so life insurance providers had to get with the times and cover all customers’ needs and requirements.

Insurance

Insurance IT Security Access

Top 8 Cyber Insurance Companies for 2022

eSecurity Planet

APRIL 22, 2022

That’s where cyber insurance may be able to help. For that reason, most experts now recognize that a complete cybersecurity strategy not only includes technological solutions aimed at preventing, detecting, and mitigating attacks, it should also include cyber insurance to help manage the associated financial risks. That’s a 29.1%

Insurance

Insurance Ransomware Cybersecurity Marketing

Cyber-insurance – 72 hours for the insured party to file a criminal complaint: GDPR’s false friend

Data Protection Report

MARCH 21, 2023

The French Information and Digital Security Experts Club ( CESIN ) has estimated that 54% of French companies were subject to cyberattacks in 2021, [1] while France Assureurs has put cyberattack risks on top of all other risks for the sixth year in a row. [2] 12-10-1 into the French Insurance code. However, in the end, Article L.12-10-1

Insurance

Insurance Data breaches Personal data GDPR

Is Artificial Intelligence relevant to insurance?

IBM Big Data Hub

MAY 1, 2023

In this first of two posts, I investigate the anatomy of artificial intelligence and its impact on insurance. Soon after, AI’s capabilities extended to Speech and Natural Language processing, such as with IBM Watson, and for Image Recognition, which is now ubiquitously used for unlocking phones and other biometric security.

Artificial Intelligence

Artificial Intelligence Insurance Risk Personal data

FTC Releases Updated Mobile Health App Compliance Tool

Hunton Privacy

DECEMBER 16, 2022

On December 7, 2022, the Federal Trade Commission released an updated Mobile Health App Interactive Tool to help developers determine what federal laws and regulations apply to apps that collect and process health data.

Compliance

Compliance Insurance Privacy Access

Lloyd’s Will No Longer Include Nation-State Attacks in its Cyber Insurance Policies

IT Governance

AUGUST 25, 2022

Lloyd’s of London has announced that its insurance policies will no longer cover losses resulting from certain nation-state cyber attacks or acts of war. In a memo sent to the organisation’s insurance syndicates , Underwriting Director Tony Chaudhry said that Lloyd’s remains “strongly supportive” of policies that cover cyber attacks.

Insurance

Insurance IT Government Risk

The risks and limitations of AI in insurance

IBM Big Data Hub

MAY 8, 2023

In my previous post , I described the different capabilities of both discriminative and generative AI, and sketched a world of opportunities where AI changes the way that insurers and insured would interact. Usage risk—inaccuracy The performance of an AI system heavily depends on the data from which it learns.

Insurance

Insurance Risk Artificial Intelligence Government

Reducing Risks from Cyber Incidents with Cyber and D&O Insurance

Hunton Privacy

AUGUST 10, 2023

On July 25, 2023, Hunton published a client alert discussing the importance of cyber and directors and officers (“D&O”) liability insurance for companies and their executives to guard against cyber-related exposures. Securities and Exchange Commission (“SEC”) has adopted new final rules about cyber risk management and incident disclosure.

Insurance

Insurance Risk Security Cybersecurity

On Cybersecurity Insurance

Schneier on Security

SEPTEMBER 10, 2019

Good paper on cybersecurity insurance: both the history and the promise for the future. From the conclusion: Policy makers have long held high hopes for cyber insurance as a tool for improving security. Cyber insurance appears to be a weak form of governance at present.

Insurance

Insurance Cybersecurity Risk Paper

The False Economy of Deprioritising Security

IT Governance

MARCH 20, 2024

In the UK, cyber security has been dropping down the board’s list of priorities. The UK government’s Cyber Security Breaches Survey 2023 confirms this trend. Fewer directors, trustees and other senior managers of both UK businesses and charities see cyber security as a high priority in 2023 compared to 2022. Specifically, a 13.4%

Security

Security Data breaches Government Insurance

The Financial Service and Insurance Industries Need Intelligent Document Processing; Here’s Why

Rocket Software

MARCH 14, 2022

Analyst firm IDC recently published a Vendor Spotlight report featuring ASG Mobius Content Services (Mobius) and its applications in the financial service and insurance industries. IDP Trends in the Financial and Insurance Industries. Challenges to Effective IDP.

Financial Services

Financial Services Insurance Digital transformation Paper

Security Affairs newsletter Round 463 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 17, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Data breaches Security Computer and Electronics Ransomware

Security Affairs newsletter Round 460 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 25, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Military

Military Security Ransomware Insurance

What are the benefits of cyber security as a service?

IT Governance

DECEMBER 14, 2021

With organisations’ cyber security requirements becoming more complex and the threat of cyber attacks growing each year, many decision-makers are turning towards cyber security as a service. This approach, also known as managed cyber security, works by outsourcing cyber security to a third party. You’ll save money.

Security

Security Insurance Data breaches Information Security

Best Third-Party Risk Management (TPRM) Tools of 2021

eSecurity Planet

AUGUST 27, 2021

Cyberattacks caused by supply chain vulnerabilities mean organizations need a renewed perspective on how to address third-party security. In a developing market, third-party risk management (TPRM) software and tools could be the answer to helping organizations fill the gap. Best Third-Party Risk Management (TPRM) Tools.

Risk

Risk Compliance Marketing Cybersecurity

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. GDPR (among other legal requirements in the EU and elsewhere) can expose multinational organizations to hefty financial penalties, additional rules for disclosing data breaches, and increased scrutiny of the adequacy of their data security.

Data Privacy

Data Privacy Compliance Privacy Security

Webinar on the SAFETY Act, Security and Insurance

Hunton Privacy

OCTOBER 14, 2019

Recent headlines underscore the security challenges faced by public-facing businesses. The SAFETY Act, administered by the Department of Homeland Security, is coming of age as an important tool to reduce risk and limit liability. Bruce Cohen, SVP, Client Executive, Lockton Companies.

Insurance

Insurance Security Retail Risk

How to make sure your cyber insurance policy pays out

IT Governance

JULY 15, 2019

Cyber insurance is big business these days. Damages incurred by information security incidents generally aren’t covered in commercial insurance policies, so a specific policy is necessary to help cover the costs of things like forensic investigation, incident response and notification procedures.

Insurance

Insurance Data breaches Risk Information Security

RSAC insights: How ‘TPRM’ can help shrink security skills gap — while protecting supply chains

The Last Watchdog

JUNE 2, 2022

Big banks and insurance companies instilled the practice of requesting their third-party vendors to fill out increasingly bloated questionnaires, called bespoke assessments, which they then used as their sole basis for assessing third-party risk. It does this by ingesting and correlating data from a wide array of security-related datasets.

Security

Security Risk Digital transformation Cybersecurity

GUEST ESSAY: How to secure ‘Digital Twins’ to optimize asset use, while reducing exposures

The Last Watchdog

AUGUST 8, 2022

Add in an increasing focus on data becoming a crucial enterprise asset—as well as the introduction of countless database and analytical tools, digital twins, artificial intelligence, and machine learning—and we are dealing with unprecedented technical complexities and risk. Access security challenges. Managing scenarios.

Security

Security Artificial Intelligence Risk Cybersecurity

How to Decrypt Ransomware Files – And What to Do When That Fails

eSecurity Planet

OCTOBER 18, 2022

The bad news is it doesn’t work most of the time: Paid ransom decryption tools and keys don’t always work. Free decryption tools don’t always work. Paid decryption tools don’t always work. First, call the cyber insurance company that issued the organization’s cybersecurity policy. Ransomware Decryption Tool Options.

Ransomware

Ransomware Encryption Insurance Access

The Week in Cyber Security and Data Privacy: 6 – 12 November 2023

IT Governance

NOVEMBER 13, 2023

On 14 September, Mulkay discovered that the compromised files contained personal information, including “name, address, date of birth, Social Security number, driver’s license number or state ID, medical treatment information, and health insurance information”. Some patients also had their Social Security numbers exposed.”

Data Privacy

Data Privacy Privacy Security Data breaches

Busy? Hire a Robot(ic Process Automation Tool)

Rocket Software

NOVEMBER 19, 2020

As our CEO Andy Youniss noted in his letter earlier this month, ConnectIQ is “a robotic process automation (RPA) tool for mainframe environments, and helps companies create new efficiencies by automating the most often repeated, most labor-intensive functions.” . You may not have heard, but Rocket recently acquired ConnectIQ. The post Busy?

Insurance

Insurance Financial Services Sales Government

How to manage the growing costs of cyber security

IT Governance

SEPTEMBER 1, 2021

Cyber security is becoming an expensive endeavour for organisations – and in many cases, the costs are so high that they can’t deal with threats appropriately. However, it’s one thing to want to invest in cyber security, but something else entirely to set aside the budget to do so. It doesn’t have to be this way, though.

Security

Security GDPR Cloud Insurance

Evolution of Cloud Security: From Shared Responsibility to Shared Fate

Thales Cloud Protection & Licensing

NOVEMBER 9, 2021

Evolution of Cloud Security: From Shared Responsibility to Shared Fate. These were just some of the major facets of cloud transformation that are creating challenges for data security that I discussed with Sunil Potti, Vice President and General Manager, Google Cloud in a recent Thales Security Sessions podcast moderated by Neira Jones.

Cloud

Cloud Security Encryption Insurance

China-linked Moshen Dragon abuses security software to sideload malware

Security Affairs

MAY 3, 2022

The cyperespionage group also uses additional tools, including an LSA notification package and the GUNTERS passive backdoor. “SentinelLabs recently uncovered a cluster of activity targeting the telecommunication sector in Central Asia, utilizing tools and TTPs commonly associated with Chinese APT actors. Pierluigi Paganini.

Security

Security Military Insurance Cybersecurity

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk

Risk Financial Services Insurance Cybersecurity

Automated Security and Compliance Attracts Venture Investors

eSecurity Planet

FEBRUARY 14, 2023

I remember the first time we were asked for a SOC 2 report, which quickly became the minimum bar requirement in our industry for proof of an effective security program,” he said. The vision was to automate security and compliance across 14 frameworks, including SOC 2, ISO 27001, HIPAA and GDPR. Growth has definitely been robust. “Our

Compliance

Compliance Security Cybersecurity Marketing

Is Cyber Essentials Enough to Secure Your Organisation?

IT Governance

JUNE 9, 2022

Organisations that are looking to bolster their information security practices are often advised to certify to Cyber Essentials – and for good reason. Secure configuration , which helps administrators select appropriate settings for devices and software. When implemented correctly, these controls can prevent about 80% of cyber attacks.

Security

Security Insurance Information Security Data breaches

Security Affairs newsletter Round 311

Security Affairs

APRIL 25, 2021

Every week the best security articles from Security Affairs free for you in your email box. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. The post Security Affairs newsletter Round 311 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook.

Security

Security Ransomware Insurance Privacy

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

The Last Watchdog

APRIL 30, 2019

I had the chance at RSA 2019 to visit with George Wrenn, founder and CEO of CyberSaint Security , a cybersecurity software firm that plays directly in this space. And they echo through a wide variety of other risk assessment tools and initiatives that touch on third-party risks and data privacy. That could be for insurance purposes.

Cybersecurity

Cybersecurity Insurance Security Privacy

Top GRC Tools & Software for 2021

eSecurity Planet

JANUARY 21, 2021

Data privacy regulations like the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) can be hard to navigate for businesses of any size, but GRC tools can simplify and streamline compliance with all of the requirements. Contents: Top GRC tools comparison. Top GRC tools comparison.

Compliance

Compliance Risk Government Retail

Researchers released a free decryptor for Black Basta ransomware

Security Affairs

JANUARY 2, 2024

A team of researchers released a suite of tools that could help victims to decrypt data encrypted with by the Black Basta ransomware. Independent security research and consulting team SRLabs discovered a vulnerability in Black Basta ransomware’s encryption algorithm and exploited it to create a free decryptor.

Ransomware

Ransomware Encryption Blockchain Insurance

MY TAKE: Can Hollywood’s highly effective ‘source-code’ security tools help make IoT safe?

The Last Watchdog

SEPTEMBER 7, 2018

Related: HBO hack spurs cyber insurance market. And over the years they’ve also financed security breakthroughs – at the source-code level. These security breakthroughs have not received much mainstream attention. But Hollywood has shelled out multi millions to support the advance of source-code security.

IoT

IoT Security Digital transformation Cloud

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

The Last Watchdog

OCTOBER 5, 2023

Byron is the founder and editor-in-chief of The Last Watchdog on Privacy & Security. Byron: To detect deep fakes, organizations can use digital watermarking, AI-driven detection tools, and media provenance tracking. He previously chronicled the emergence of cybercrime while covering Microsoft for USA TODAY.

Cybersecurity

Cybersecurity Privacy Cloud IoT

A guide to the GDPR for insurance companies

IT Governance

MAY 30, 2018

A report published by research and consultancy company Celent highlights the challenges that the GDPR presents to insurers. Insurers are data controllers: a person, public authority, agency or body that determines the purpose of processing personal data. Steps insurers should take to become GDPR compliant.

Insurance

Insurance GDPR Compliance Data collection

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries. For example, in 2019 McAfee found that for targets in Japan, the 16Shop kit would also collect Web ID and Card Password, while US victims will be asked for their Social Security Number.

Phishing

Phishing Passwords Insurance Sales

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

Security Affairs

APRIL 30, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Cybersecurity Authentication

‘Tis the Season for the Wayward Package Phish

Krebs on Security

NOVEMBER 4, 2021

Louis Morton , a security professional based in Fort Worth, Texas, forwarded an SMS phishing or “smishing” message sent to his wife’s mobile device that indicated a package couldn’t be delivered. com — from a desktop web browser redirects the visitor to a harmless page with ads for car insurance quotes. .”

Phishing

Phishing Insurance Passwords Privacy

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

Mitigating the impact of climate change in insurance and other financial services

Webinars

Trending Sources

Private UK health data donated for medical research shared with insurance companies

Webinars

Insurance and Ransomware

ONC and HHS OCR Release Updated HIPAA Security Risk Assessment Tool

GUEST ESSAY: Skeptical about buying life insurance online? Here’s how to do it — securely

Top 8 Cyber Insurance Companies for 2022

Cyber-insurance – 72 hours for the insured party to file a criminal complaint: GDPR’s false friend

Is Artificial Intelligence relevant to insurance?

FTC Releases Updated Mobile Health App Compliance Tool

Lloyd’s Will No Longer Include Nation-State Attacks in its Cyber Insurance Policies

The risks and limitations of AI in insurance

Reducing Risks from Cyber Incidents with Cyber and D&O Insurance

On Cybersecurity Insurance

The False Economy of Deprioritising Security

The Financial Service and Insurance Industries Need Intelligent Document Processing; Here’s Why

Security Affairs newsletter Round 463 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 460 by Pierluigi Paganini – INTERNATIONAL EDITION

What are the benefits of cyber security as a service?

Best Third-Party Risk Management (TPRM) Tools of 2021

Security Compliance & Data Privacy Regulations

Webinar on the SAFETY Act, Security and Insurance

How to make sure your cyber insurance policy pays out

RSAC insights: How ‘TPRM’ can help shrink security skills gap — while protecting supply chains

GUEST ESSAY: How to secure ‘Digital Twins’ to optimize asset use, while reducing exposures

How to Decrypt Ransomware Files – And What to Do When That Fails

The Week in Cyber Security and Data Privacy: 6 – 12 November 2023

Busy? Hire a Robot(ic Process Automation Tool)

How to manage the growing costs of cyber security

Evolution of Cloud Security: From Shared Responsibility to Shared Fate

China-linked Moshen Dragon abuses security software to sideload malware

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

Automated Security and Compliance Attracts Venture Investors

Is Cyber Essentials Enough to Secure Your Organisation?

Security Affairs newsletter Round 311

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

Top GRC Tools & Software for 2021

Researchers released a free decryptor for Black Basta ransomware

MY TAKE: Can Hollywood’s highly effective ‘source-code’ security tools help make IoT safe?

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

A guide to the GDPR for insurance companies

Karma Catches Up to Global Phishing Service 16Shop

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

‘Tis the Season for the Wayward Package Phish

Stay Connected