Remove Accountability Remove Insurance Remove Risk
article thumbnail

RSAC Fireside Chat: Operationalizing diverse security to assure customers, partners–and insurers

The Last Watchdog

Related: Getting the most from cyber insurance At RSAC 2025, I met with ESET Chief Security Evangelist Tony Anscombe to trace a quiet but growing convergence: endpoint defense, cyber insurance, and monoculture risk are no longer separate concerns. Cyber insurers want it. And increasingly, that evidence is under scrutiny.

article thumbnail

Risk Management and Threat Modeling

Adam Shostack

Threat modeling finds threats; risk management helps us deal with the tricky ones. One the most common questions I’m asked is “what’s the relationship of threat modeling to risk management?” The simple answer is that threat modeling always precedes and sometimes feeds into risk management. The bully threatened to beat him up.”

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Report Finds 50% of Scattered Spider Phishing Domains Targeted Finance & Insurance

Digital Shadows

Were thrilled to unveil our latest threat landscape report for the finance and insurance sector, offering in-depth analysis of the evolving cyber threats facing this industry. In this industry, a single compromised account can trigger large-scale phishing campaigns, causing reputational damage, financial losses, and regulatory penalties.

article thumbnail

SHARED INTEL Q&A: Inside the access mess no one sees — and the identity risk no one owns

The Last Watchdog

The evidence is mounting: •62% of interactive intrusions involved valid account abuse, according to CrowdStrike’s 2023 threat report. With regulatory frameworks like GDPR and HIPAA intensifying scrutiny—and cyber insurers demanding tighter access controls—SPHERE’s platform-based approach is gaining traction. But the world has changed.

article thumbnail

‘Treacherous Territory’: Cyber Experts Warn of Unprecedented Threats

eSecurity Planet

Airlines, insurance firms, and other industries are finding themselves in the crosshairs of increasingly sophisticated hackers, and experts say both businesses and individuals must act now to avoid falling victim. Insurance and payroll firms also breached Beyond airlines and retailers, insurance and benefits providers are also under siege.

article thumbnail

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

Unisys, for instance, was found to have framed cyber risks hypothetically even though its systems had already been breached, exfiltrating gigabytes of data. But the SEC’s latest actions underscore that failing to inform stakeholders about material risks and breaches is not an option. Addressing this root cause must be a priority.

article thumbnail

RSAC Fireside Chat: Human and machine identity risks are converging — and they’re finally visible

The Last Watchdog

Non-human service accounts have quietly become one of the biggest liabilities in enterprise security. Yet despite their scale, service accounts remain largely invisible to traditional IAM and PAM systems. Yet despite their scale, service accounts remain largely invisible to traditional IAM and PAM systems.