U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs

Krebs on Security

A well-organized Nigerian crime ring is exploiting the COVID-19 crisis by committing large-scale fraud against multiple state unemployment insurance programs, with potential losses in the hundreds of millions of dollars, according to a new alert issued by the U.S.

Cyber insurance: A guide for businesses

IT Governance

That’s why they organisations increasingly relying on cyber insurance policies to cover the costs when data breaches and cyber attacks occur. But just how helpful is cyber insurance? What is cyber insurance? How does cyber insurance work? Who needs cyber insurance?

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Mainframes, Freight Trains and Education Pains

Rocket Software

You use a freight train. I’ve seen what those “why are we doing this” folks, who now are in middle and upper management, have done trying to make pickup trucks do what trains were made for. By David Robertson , guest blogger.

Artificial Intelligence Is Set to Rewrite the Rules of Insurance

InfoGoTo

Few industries stand to gain as much by adopting artificial intelligence as insurance. Insurance companies rarely relate to their customers other than at the time of the claim, so making that experience as simple and productive as possible is key to customer retention. Fraud is a major problem for insurers, accounting for 10% of all claims expenditures in some regions. Other insurers are experimenting with discounts tied to the use of fitness trackers and heart monitors.

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Data Matters

2 announcing a Cyber Insurance Risk Framework (the Framework) that describes industry best practices for New York-regulated property/casualty insurers. While acknowledging that “[e]ach insurer’s cyber insurance risk will vary based [on] many factors,” the Framework nonetheless describes seven practices that authorized property/casualty insurers should use to manage their cyber insurance risk. Manage and Eliminate Exposure to Silent Cyber Insurance Risk.

Insurance Occurrence Assurance?

Andrew Hay

Though the breaches are concerning, the real story is that the financial institution suing its insurance provider for refusing to fully cover the losses. From the article: In its lawsuit (PDF), National Bank says it had an insurance policy with Everest National Insurance Company for two types of coverage or “riders” to protect it against cybercrime losses. This, unfortunately, is the nature of insurance.

Finance sector must simplify staff awareness training

IT Governance

In a report published last month , the FCA urged organisations to tackle staff awareness training at all levels, and to ensure the lessons are simple and appropriate to the environment that employees work in. The findings are the result of a discussion between 175 organisation, aiming to address security concerns in the fund and investment management, insurance, retail banking, and retail investment and lending sectors. Staff awareness training is a crucial part of this.

How to make sure your cyber insurance policy pays out

IT Governance

Cyber insurance is big business these days. Damages incurred by information security incidents generally aren’t covered in commercial insurance policies, so a specific policy is necessary to help cover the costs of things like forensic investigation, incident response and notification procedures. The most common reasons that insurers reject cyber insurance claims are organisations’ failure to. Perform staff awareness training.

9 Topics to Cover in Your Privacy Awareness Training Program

MediaPro

That’s why it’s important to implement a privacy awareness training program so all your employees can actively protect sensitive data. We’ve narrowed down nine topics that you should cover in your privacy training program to establish a risk-aware culture in which your employees see data protection as second nature. Here are some of the basics to cover in privacy awareness training: What data needs to be protected.

Cybersecurity Rules for Insurance Companies to Take Effect in South Carolina

Hunton Privacy

New cybersecurity rules for insurance companies licensed in South Carolina are set to take effect in part on January 1, 2019. The new law is the first in the United States to be enacted based on the data security model law drafted by the National Association of Insurance Commissioners. Separately, effective July 1, 2019, the law requires insurance companies licensed in South Carolina to develop and implement a comprehensive, written cybersecurity program.

Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats

The Security Ledger

In this episode of the podcast (#117), we go deep on one of the hottest sectors around: cyber insurance. In the first segment, we talk with Thomas Harvey of the firm RMS about the problem of “silent cyber” risk to insurers and how better modeling of cyber incidents is helping to address that threat. In this episode of the podcast (#117), we go deep on one of the hottest sectors around: cyber insurance. The insurance was dirt cheap. Are insurers ready?

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. The entering into effect of multiple state laws in this area may present challenges for insurance providers operating in states where such cybersecurity requirements are provided for.

How insurers are developing a digital talent flow

Information Management Resources

Training Analytics Liberty MutualRetraining efforts are becoming popular because it's easier to teach tech knowledge to industry experts than vice versa.

AI could help insurers bolster their workforce

Information Management Resources

Rather than just replace jobs, advanced computing technologies could augment them, as long as investments and training are strategic, says Accenture. Artificial intelligence Machine learning Workforce management Accenture

Federal Banking Regulators Request Comment on Proposed Guidance for Third-Party Risk Management

Hunton Privacy

On July 13, 2021, federal bank regulators – the Board of Governors of the Federal Reserve System (the “Board”), the Federal Deposit Insurance Corporation (“FDIC”) and the Office of the Comptroller of the Currency (“OCC”) (collectively, the “Regulators”) – requested public comment on proposed joint guidance regarding banking organizations’ management of risks related to relationships with third-party support and service providers (the “Proposed Guidance”).

Sales 43

Insurers’ top trends and priorities: A look at the 2017 CGI Client Global Insights (part 2)

CGI

Insurers’ top trends and priorities: A look at the 2017 CGI Client Global Insights (part 2). In my previous blog , I introduced findings from in-person interviews CGI held in 2017 with more than 1,300 client executives across 17 countries, including insurance business and IT executives. I shared a number of industry trends that are driving insurers to pick up their pace of change and pursue digitalization.

Insurers’ top trends and priorities: A look at the 2017 CGI Client Global Insights (part 2)

CGI

Insurers’ top trends and priorities: A look at the 2017 CGI Client Global Insights (part 2). In my previous blog , I introduced findings from in-person interviews CGI held in 2017 with more than 1,300 client executives across 17 countries, including insurance business and IT executives. I shared a number of industry trends that are driving insurers to pick up their pace of change and pursue digitalization.

How to Save on Cyber Insurance and Be Harder to Hack

Adam Levin

Cyber insurance is still evolving, and as such you can still get good deals even if your cybersecurity is not completely up to snuff. Insurance often moves in lockstep with regulation. Training better cyber hygiene trumps a better system every time.

Regulatory Update: NAIC Summer 2020 National Meeting

Data Matters

The National Association of Insurance Commissioners (NAIC) held its Summer 2020 National Meeting (Summer Meeting) from July 27 to August 14, 2020. The current draft of the FAQ document addresses topics such as general background, the intersection of state insurance regulation and federal securities law regulation, how to satisfy the best interest standard of conduct, and insurer supervision and training requirements.

Paper 64

Ethical Use of Data for Training Machine Learning Technology - Part 1

AIIM

This is the first part of a 3-part series on the Ethical Use of Data for Training Machine Learning Technology by guest authors Andrew Pery and Michael Simon. Increasingly, AI-based applications are used to adjudicate entitlement benefits such as eligibility for unemployment insurance.

CISCO 2020 Privacy Benchmark Study Measures Return on Investing in Privacy Accountability

Hunton Privacy

Centre for Information Policy Leadership Online Privacy Accountability Insurance ProviderOn January 27, 2020, CISCO released its 2020 Data Privacy Benchmark Study entitled “From Privacy to Profit: Achieving Positive Returns on Privacy Investments” (the “Study”).

Nationwide preps for first external hackathon

Information Management Resources

The multiline insurer is giving developers an opportunity to solve business problems in a two-day event. Training Employee engagement Millennials Internet of things Recruiting Nationwide Plug and Play

Executive Exchange “Round Up” – Rethinking How We Work

InfoGoTo

Our Covid-19 panel consisting of 4 customers in manufacturing, financial services and insurance, related their journeys to minimize the pandemic’s disruption to their businesses and roles. On October 5th and 6th, Iron Mountain hosted an Executive Exchange with 28 of our global customers.

Why ISO 27005 risk management is the key to achieving ISO 27001 certification

IT Governance

There are two ways you can do this: by outsourcing the security efforts to another organisation or by purchasing cyber insurance to ensure you have the funds to respond appropriately in the event of a disaster. Our ISO 27005 Certified ISMS Risk Management training course is the ideal starting point for anyone who wants to know more about how to deal with information security threats. Risk Management Training ISO27005 ISO27701

Risk 57

NYDFS Cybersecurity Regulation: Additional Cybersecurity Program Safeguards Due September 4, 2018

Data Matters

Covered Entities were also required to provide regular cybersecurity awareness training for all personnel. Compliance Cybersecurity Data Breaches Enforcement Financial Privacy Information Security Insurance Policy Regulation U.S. Companies subject to New York’s Cybersecurity Regulation are acting quickly to finalize their compliance obligations as the fifth “due date,” September 4, 2018, quickly approaches.

3 Easy Ways to do ML with Oracle Analytics Cloud

Perficient Data & Analytics

Here are some of the example we can get out of Explain: Are customers with a certain type of insurance in a certain region likely to renew their subscriptions? Train and Apply ML Models. In OAC we can use Data Flows to create and train a model and then use that model in other data flows to apply to incoming data sets. The first Data Flow is to create and train the model based on a larger subset of the historical data.

#ModernDataMasters: Lewis Ownes, CEO Agile Solutions

Reltio

In the early days I worked in data transformation for data into banks through digital printing – amazing that I trained to do all these elaborate hand-crafted books and ended up doing cheque books! Uncategorized B Compliance & GDPR B Consumer 360 B Customer 360 B Digital Transformation B Financial Services & Insurance B Healthcare B High-Tech & Manufacturing B IT B Business B Life Sciences B Machine Learning B Patient & Member 360 B Retail & CPG

Aetna $17.2 Million Breach Settlement Brings Lessons for Handling Health Data

HL Chronicle of Data Protection

The settlements highlight the importance of maintaining and implementing comprehensive policies and procedures, and related trainings and audits, to prevent unauthorized disclosures of protected health information (PHI). For five years, Aetna would also be required to provide annual training on this policy to in-house counsel whose primary responsibilities include managing litigation involving Aetna and to provide any updates to the policy to opposing counsel.

#ModernDataMasters: Steve Whiting, Chief Operations Officer

Reltio

I was trained in Oracle relational databases and GUI tools to deliver group-wide Banking Systems. I worked in several Telcos and latterly in the City for an international insurance company. Uncategorized B Compliance & GDPR B Consumer 360 B Customer 360 B Digital Transformation B Financial Services & Insurance B Healthcare B High-Tech & Manufacturing B IT B Business B Life Sciences B Machine Learning B Patient & Member 360 B Retail & CPG

MDM 40

New York Banking Regulator Announces New Cybersecurity Assessment Process

Hunton Privacy

Cybersecurity insurance coverage and other third party protections. Cyber Insurance Cybersecurity Financial Privacy Information Security New York Service ProviderOn December 10, 2014, the New York State Department of Financial Services (the “Department”) announced that it issued an industry guidance letter to all Department-regulated banking institutions that formally introduces the Department’s new cybersecurity preparedness assessment process.

GUEST ESSAY: A guide to implementing best security practices — before the inevitable breach

The Last Watchdog

In fact, recent research reveals that about 60% of information security stakeholders have an IT background, but about the same amount lack formal technical training[1]. the Health Insurance Portability and Accountability Act (HIPAA)), the answer is generally that a company should implement a “reasonable data privacy and security program” under all circumstances. Insurability.

GUEST ESSAY: Why the next round of cyber attacks could put many SMBs out of business

The Last Watchdog

While large corporations can get cyber security insurance and engage legions of consultants, the question is: what can the average SMB do to prepare for and protect themselves from a potential cyberattack – at a price they can afford? Employees at a small business are not typically trained to be alert to potential cyber intrusions like a phishing email. In the last year, the news media has been full of stories about vicious cyber breaches on municipal governments.

Dentists: Don’t Forget HIPAA Compliance

HIPAA

And, if asked, most dentists and their staff would say they know what the HIPAA regulations are, and yes, they have been trained, but are they really up to date with HIPAA’s ever expanding changes and compliance requirements? Are they trained in the areas of HIPAA Security, Privacy, Enforcement and Breach Notification Rules and do they know that they must be in compliance with the 2013 HIPAA Omnibus Final Rule by September 23, 2013?

Dentists: Don’t Forget HIPAA Compliance

HIPAA

And, if asked, most dentists and their staff would say they know what the HIPAA regulations are, and yes, they have been trained, but are they really up to date with HIPAA’s ever expanding changes and compliance requirements? Are they trained in the areas of HIPAA Security, Privacy, Enforcement and Breach Notification Rules and do they know that they must be in compliance with the 2013 HIPAA Omnibus Final Rule by September 23, 2013?

Dentists: Don’t Forget HIPAA Compliance

HIPAA

And, if asked, most dentists and their staff would say they know what the HIPAA regulations are, and yes, they have been trained, but are they really up to date with HIPAA’s ever expanding changes and compliance requirements? Are they trained in the areas of HIPAA Security, Privacy, Enforcement and Breach Notification Rules and do they know that they must be in compliance with the 2013 HIPAA Omnibus Final Rule by September 23, 2013?

SHARED INTEL: Akamai reports web attack traffic spiked 62 percent in 2020 — all sectors hit hard

The Last Watchdog

Criminals even offer training to those who are new. This training can be pirated security training videos or books, or actual classes. In the United States, it’s old enough to rent a car, drink in a bar, and it is almost old enough to qualify for some car insurance discounts. Some instructive fresh intelligence about how cyber attacks continue to saturate the Internet comes to us from Akamai Technologies. Related: DHS launches 60-day cybersecurity sprints.

Why Cybersecurity Pros Should Care About Governance

Getting Information Done

As a result, companies are turning to cyber insurance. Certainly, insurers will be happy for the additional business, but they won’t be handing out claim payouts easily. Insurers will investigate each breach thoroughly, and if negligence or the controls and cyber prevention technologies do not match what was represented in the insurance application, they will not pay on the claim. Will this be the cyber insurance equivalent to Fitbit?

Why a Business Intelligence Data Strategy Needs Machine Intelligence

InfoGoTo

This capability can be applied to classify images automatically and attach them to relevant records, such as insurance claims and facilities documents. Algorithms can be trained to spot departures from standard language, identify potential risks and automate error-prone workflows.

Redcar and Cleveland Borough Council still offline after suffering cyber attack

IT Governance

According to a report from the insurance broker Gallagher , 49% of local councils have been attacked since the start of 2017 and 37% were attacked in the first half of 2019 alone.

OCR Settles with Orthopedic Clinic for $1.5 Million for Alleged HIPAA Noncompliance

Hunton Privacy

million settlement with Athens Orthopedic Clinic PA (“Athens Orthopedic”) for alleged violations of the Health Insurance Portability and Accountability Act (“HIPAA”) Privacy and Security Rules. The records of 208,557 patients were stolen and posted online, including names, dates of birth, Social Security numbers, medical procedure details, test results, billing information and health insurance information. On September 21, 2020, the U.S.