Accountability, Insurance and Risk - Cyber Security Informer

RSAC Fireside Chat: Operationalizing diverse security to assure customers, partners–and insurers

The Last Watchdog

JUNE 11, 2025

Related: Getting the most from cyber insurance At RSAC 2025, I met with ESET Chief Security Evangelist Tony Anscombe to trace a quiet but growing convergence: endpoint defense, cyber insurance, and monoculture risk are no longer separate concerns. Cyber insurers want it. And increasingly, that evidence is under scrutiny.

Insurance

Insurance Cyber Insurance Antivirus CISO

RSAC Fireside Chat: Human and machine identity risks are converging — and they’re finally visible

The Last Watchdog

MAY 30, 2025

Non-human service accounts have quietly become one of the biggest liabilities in enterprise security. Yet despite their scale, service accounts remain largely invisible to traditional IAM and PAM systems. Yet despite their scale, service accounts remain largely invisible to traditional IAM and PAM systems.

Risk

Risk Cyber Insurance Accountability Insurance

Report Finds 50% of Scattered Spider Phishing Domains Targeted Finance & Insurance

Digital Shadows

JANUARY 22, 2025

Were thrilled to unveil our latest threat landscape report for the finance and insurance sector, offering in-depth analysis of the evolving cyber threats facing this industry. In this industry, a single compromised account can trigger large-scale phishing campaigns, causing reputational damage, financial losses, and regulatory penalties.

Insurance

Insurance Phishing Social Engineering Engineering

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Unisys, for instance, was found to have framed cyber risks hypothetically even though its systems had already been breached, exfiltrating gigabytes of data. But the SEC’s latest actions underscore that failing to inform stakeholders about material risks and breaches is not an option. Addressing this root cause must be a priority.

CISO

CISO CSO Risk Cyber threats

Author’s Q&A: It’s high time for CISOs to start leading strategically — or risk being scapegoated

The Last Watchdog

MAY 13, 2025

The way accountability is structured, everything rolls downhill to one person, even when the real issues are baked into the system. Can you briefly explain what makes Strategic Performance Intelligence different from current governance, risk and compliance ( GRC ) or dashboard approaches? Build shared accountability across the C-suite.

CISO

CISO Risk Cybersecurity Government

DNA testing company vanishes along with its customers’ genetic data

Malwarebytes

NOVEMBER 12, 2024

All the company’s social media accounts haven’t been updated since 2023 at the latest. So, even if a company has good intentions, there is still a risk of your genetic data being linked to your personally identifiable information (PII). The BBC reports it tried several methods to reach the company but failed in this effort.

Insurance

Insurance Accountability Risk Data breaches

AI Dilemma: Emerging Tech as Cyber Risk Escalates

Trend Micro

JULY 2, 2025

Move faster than your adversaries with powerful purpose-built XDR, cyber risk exposure management, and zero trust capabilities Learn more Extend Your Team Extend Your Team.

Cyber Risk

Cyber Risk Risk Cyber threats Artificial Intelligence

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

The Last Watchdog

JULY 13, 2023

London, July 13, 2023 — Beazley, the leading specialist insurer, today published its latest Risk & Resilience report: Spotlight on: Cyber & Technology Risks 2023. Yet, boardroom focus on cyber risk appears to be diminishing. trillion by 2025, a 300% increase since 2015 1.

Cyber Risk

Cyber Risk Risk Insurance Energy and Utilities

Healthcare Now Third-Most Targeted Industry for Ransomware

SecureWorld News

NOVEMBER 14, 2024

Significant Financial and Operational Costs: Healthcare providers, faced with potential HIPAA fines and the risk of service interruptions, may feel pressured to pay ransom demands. This stolen data is often exposed on both the clear and dark web, heightening risks of identity theft and further perpetuating cybercrime.

Healthcare

Healthcare Ransomware Identity Theft Data breaches

Credit Reporting Companies Put Customer Data at Risk

Adam Levin

MAY 19, 2021

Experian, 2013 – 2015: Hackers stole a trove of information from T-Mobile customers whose data had passed through Experian to check credit there and open a new account. Many companies now offer insurance policies that can help you recoup lost money, and even help you through the reporting and recovery process. Takeaways .

Risk

Risk Identity Theft Data breaches VPN

Top Cybersecurity Trends to Watch Out For in 2025

Centraleyes

DECEMBER 16, 2024

Tools like ChatGPT and Bard, powered by large language models, showcase how generative AI transforms business processesbut they also pose new risks. In a recent survey, 93% of respondents admitted to knowingly increasing their companys cybersecurity risks. The challenge? Securing these AI models and the data they generate.

Cybersecurity

Cybersecurity Insurance Cyber Insurance Technology

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

eSecurity Planet

MAY 27, 2021

The explosion of ransomware and similar cyber incidents along with rising associated costs is convincing a growing number of insurance companies to raise the premiums on their cyber insurance policies or reduce coverage, moves that could further squeeze organizations under siege from hackers. Insurers Assessing Risks.

Cyber Insurance

Cyber Insurance Insurance Cyber Attacks Ransomware

Top 8 Cyber Insurance Companies for 2022

eSecurity Planet

APRIL 22, 2022

That’s where cyber insurance may be able to help. For that reason, most experts now recognize that a complete cybersecurity strategy not only includes technological solutions aimed at preventing, detecting, and mitigating attacks, it should also include cyber insurance to help manage the associated financial risks. That’s a 29.1%

Cyber Insurance

Cyber Insurance Insurance Marketing Small Business

Masterclass in CIAM for Insurance: Balancing Security, Experience, and Consent

IT Security Guru

AUGUST 7, 2024

The insurance industry is experiencing a significant transformation fuelled by the ubiquity of digital technologies. As these solutions gain traction in this sector, they add complexity to a regulatory landscape that insurance firms need to navigate, especially when it comes to Customer Identity and Access Management (CIAM).

Insurance

Insurance Data collection Authentication Technology

Dental group lied through teeth about data breach, fined $350,000

Malwarebytes

JANUARY 6, 2025

Westend Dental agreed to settle several violations of the Health Insurance Portability and Accountability Act (HIPAA) in a penalty of $350,000. Nothing showed evidence that a HIPAA-compliant risk analysis had ever been conducted (lists of usernames and passwords in plain text on the compromised server).

Data breaches

Data breaches Ransomware Passwords Insurance

The Evolving Role of Cyber Insurance in Mitigating Ransomware Attacks

SecureWorld News

MARCH 20, 2024

In this regard, many have touted cyber insurance as the knight in shining armor, the end all-be all in terms of mitigating criminals' assaults on your network. On top of this, a significant 41% of victims opted to pay the ransom, which is a difficult decision that's fraught with its own respective complexities and risks.

Cyber Insurance

Cyber Insurance Insurance Ransomware Risk

Anti-Ransomware Company Exagrid Pays $2.6 Million Ransom

Adam Levin

JUNE 4, 2021

Practice the 3Ms: Minimize your risk of exposure: Don’t take unnecessary risks and invest in cyber defenses and education. Monitor networks and accounts: Unusual activity may be a sign that a cyberattack is underway.

Ransomware

Ransomware Backups Insurance Healthcare

Safety first: Will insurance companies stall or accelerate cybersecurity progress?

SC Magazine

FEBRUARY 8, 2021

Every time a driver buckles up or an airbag is deployed we see the powerful influence of the insurance companies who insisted those measures become mandatory. Now, those insurers are poised to drive cybersecurity investment by insisting that organizations meet certain criteria to qualify for coverage. A maturing model.

Insurance

Insurance Cyber Insurance Cybersecurity Government

How to Streamline Your Cybersecurity Risk Management Process

Security Boulevard

DECEMBER 24, 2024

Many industry regulations require or promote cybersecurity risk assessments to bolster incident response, but what is a cybersecurity risk assessment? For example, cyber risk assessments aren't only required under HIPAA (Health Insurance Portability and Accountability Act). The ultimate goal?

Risk

Risk Cybersecurity Cyber Risk Insurance

Scant evidence that cyber insurance boom is leading to better security

SC Magazine

JUNE 28, 2021

The rise of the cyber insurance has largely failed to promote better cybersecurity practices among the industries they cover, according to a new report released Monday from British security think tank RUSI. Growing losses from ransomware attacks have…emphasized that the current reality is not sustainable for insurers either.

Cyber Insurance

Cyber Insurance Insurance Ransomware Marketing

CISA Order Highlights Persistent Risk at Network Edge

Krebs on Security

JUNE 15, 2023

TechCrunch has been tracking the fallout from victim organizations , which range from banks and insurance providers to universities and healthcare entities. MOVEit parent Progress Software has since released security updates to address the weakness, but Cl0p claims to have already used it to compromise hundreds of victim organizations.

Risk

Risk VPN Internet Internet

Why DSPM is Essential for Achieving Data Privacy in 2024

Security Affairs

OCTOBER 23, 2024

It becomes increasingly difficult to gain complete visibility or transparency that could help security and privacy teams discover sensitive data, identify its security and compliance postures, and mitigate risks. To add to the difficulty, the advent of Generative AI (GenAI) has brought unprecedented security and privacy risks.

Data privacy

Data privacy Unstructured Data Risk Data breaches

Experian API Exposed Credit Scores of Most Americans

Krebs on Security

APRIL 28, 2021

In addition to credit scores, the Experian API returns for each consumer up to four “risk factors,” indicators that might help explain why a person’s score is not higher. “Too many consumer finance company accounts,” the API concluded about my friend’s score. .

Insurance

Insurance Identity Theft Accountability Technology

4 ways businesses can save money on cyber insurance

Malwarebytes

JULY 10, 2022

Without cyber insurance , you can expect to pay a dizzying amount of cash. In 2022 alone, the average cost of a data breach for businesses under 1,000 employees was close to $3 million—and these costs are coming from activities that cyber insurers typically cover, such as detecting and responding to the breach. Fixed rate.

Cyber Insurance

Cyber Insurance Insurance Data breaches Phishing

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

Krebs on Security

NOVEMBER 19, 2021

One of the more common ways cybercriminals cash out access to bank accounts involves draining the victim’s funds via Zelle , a “peer-to-peer” (P2P) payment service used by many financial institutions that allows customers to quickly send cash to friends and family.

Scams

Scams Banking Passwords Authentication

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

This shift is expected to place significant pressure on organizations that haven’t yet developed trusted data to manage risk effectively. To mitigate risks, businesses will invest in modern, privacy-enhancing technologies (PETs), such as trusted execution environments (TEEs) and fully homomorphic encryption (FHE).

Cybersecurity

Cybersecurity CISO Risk Government

Sperm bank breach deposits data into hands of cybercriminals

Malwarebytes

MARCH 19, 2025

The information potentially involved varies by customer but includes names and one or more of the following: Drivers license numbers Bank account and routing numbers. Social Security Numbers (SSN) Health insurance information CCB is posting lettersalong the lines of this California example to everyone who may be impacted.

Banking

Banking Data breaches Computers and Electronics Insurance

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Webroot

MARCH 3, 2025

The event is sponsored by the Federal Trade Commission (FTC), and other participating agencies include the Federal Deposit Insurance Corporation (FDIC), AARP , and the Better Business Bureau (BBB). The growing risks to your data During the third quarter of 2024, data breaches exposed more than 422 million records worldwide.

Consumer Protection

Consumer Protection Identity Theft Scams Social Engineering

Verizon's 2025 DBIR: Threats Are Faster, Smarter, and More Personal

SecureWorld News

APRIL 23, 2025

Phishing accounted for nearly 25% of all breaches. The DBIR breaks down breach trends across industries: Financial and Insurance: Heavily targeted by credential stuffing and phishing; fastest detection rates. Manufacturing: IP theft and ransomware are top risks; OT/ICS systems still lag in basic controls. Jason Soroko , Sr.

CISO

CISO Backups Ransomware Risk

The Case for Limiting Your Browser Extensions

Krebs on Security

MARCH 3, 2020

Last week, KrebsOnSecurity reported to health insurance provider Blue Shield of California that its Web site was flagged by multiple security products as serving malicious content. How did a browser extension lead to a malicious link being added to the health insurance company Web site?

Insurance

Insurance Advertising Internet Internet

Cyber and Privacy Risks for Real Estate Enterprises

SecureWorld News

JANUARY 31, 2024

Cyber risk is an existential issue for companies of all sizes and in all industries. However, it also exposes companies to additional layers of risk. However, it also exposes companies to additional layers of risk. All stakeholders, including insurers, need to understand whose cyber insurance policy responds to an incident.

Risk

Risk Cyber Insurance Insurance Data breaches

Telehealth Hazard? HHS Loosens HIPAA Standards for Telemedicine

Adam Levin

MARCH 18, 2020

“The current pandemic is pushing the entire medical industry to minimize risk,” he added. In response to this potential problem, the department of Health and Human Services has waived penalties and loosened some of the requirements of the act.

Insurance

Insurance Healthcare Accountability Technology

Healthcare Cybersecurity Market Soars: Key Trends and Insights

SecureWorld News

MAY 2, 2025

Breaches can disrupt care delivery and put lives at risk, not to mention lead to hefty compliance fines. Healthcare executives are responding by viewing cybersecurity not just as an IT issue, but as a core business risk. The report highlights that this surge in security spending has even created a $3.2

Healthcare

Healthcare Marketing Cybersecurity CISO

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches

Data breaches Cybercrime Cyber Insurance Marketing

New AI “agents” could hold people for ransom in 2025

Malwarebytes

FEBRUARY 4, 2025

And yet, if artificial intelligence achieves what is called an agentic model in 2025, novel and boundless attacks could be within reach, as AI tools take on the roles of agents that independently discover vulnerabilities, steal logins, and pry into accounts. These are real threats, but they are not novel.

Artificial Intelligence

Artificial Intelligence Small Business Malware Technology

“We will hold them accountable”: General Motors sued for selling customer driving data to third parties

Malwarebytes

AUGUST 20, 2024

million Texans’ private driving data to insurance companies without their knowledge or consent. We will hold them accountable.” GM had agreements with various companies which allowed them to the driving data to calculate a driving score based on risk analysis. The court filing provides some more detail.

Insurance

Insurance Accountability Data collection Surveillance

Robocall Legal Advocate Leaks Customer Data

Krebs on Security

AUGUST 3, 2020

Use our robust API to seamlessly scrub these high-risk numbers from your outbound campaigns and inbound calls, or adjust your suppression settings to fit your individual requirements and appetite for risk.” Scrub against active plaintiffs, pre litigation complainers, active attorneys, attorney associates, and more.

Marketing

Marketing Mobile Consumer Protection Wireless

Business ID Theft Soars Amid COVID Closures

Krebs on Security

JULY 27, 2020

. “The ferocity of cyber criminals to take advantage of COVID-19 uncertainties by preying on small businesses is disturbing,” said Andrew LaMarca , who leads the global high-risk and fraud team at Dun & Bradstreet. For the past several months, Milwaukee, Wisc. ” PHANTOM OFFICES. ” RECYCLING VICTIMS. .

Identity Theft

Identity Theft Small Business Energy and Utilities Computers and Electronics

The Need to Simplify Compliance Risk Control Implementation

Security Boulevard

AUGUST 31, 2021

Organizations around the world must fulfill an increasing number of regulatory requirements including NIST, Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI-DSS) and General Data Protection Regulation (GDPR) as well as federal and state data breach laws.

Risk

Risk Data breaches Healthcare Financial Services

COVID-19 Vaccination Management Problems Have Created a Privacy Nightmare For Americans – Even Without Vaccine Passports

Joseph Steinberg

APRIL 20, 2021

Hospitals, medical clinics, labs, pharmacies, insurance companies, and others involved in the vaccination process often require people who want to be vaccinated to share large amounts of both medical and demographic data in order to register for vaccine appointments. Provide as little information as possible to vaccinators.

Healthcare

Healthcare Insurance Computers and Electronics Data collection

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

The CLOP members said one tried-and-true method of infecting healthcare providers involved gathering healthcare insurance and payment data to use in submitting requests for a remote consultation on a patient who has cirrhosis of the liver. Encrypting sensitive data wherever possible. ”

Healthcare

Healthcare Backups Ransomware Insurance

Senators Urge FTC to Probe ID.me Over Selfie Data

Krebs on Security

MAY 18, 2022

for “deceptive statements” the company and its founder allegedly made over how they handle facial recognition data collected on behalf of the Internal Revenue Service , which until recently required anyone seeking a new IRS account online to provide a live video selfie to ID.me. would be permanently deleted.

Government

Government Accountability Surveillance Data collection

Types of Risk Assessment Methodologies: Choosing the Right Approach for Your Needs

Centraleyes

MARCH 17, 2025

Every organization faces risks that threaten its objectives, assets, and operations. A risk assessment is the foundation for identifying, analyzing, and prioritizing these risks. Understanding the basics of risk assessment is the first step in building a resilient and proactive strategy to mitigate risks and vulnerabilities.

Risk

Risk Insurance Small Business Cybersecurity

MSPs: Becoming the Trusted Cyber Insurance Advisor

Duo's Security Blog

FEBRUARY 4, 2025

With the rate that new threats emerge, it may come as no surprise that cyber liability insurance can be traced back to 1997. In its modern iteration, cyber liability insurance mitigates the losses and business costs associated with cyber incidents and resulting downtime. What would an insurer do? At least not alone.

Cyber Insurance

Cyber Insurance Insurance Authentication Risk

RSAC Fireside Chat: Operationalizing diverse security to assure customers, partners–and insurers

RSAC Fireside Chat: Human and machine identity risks are converging — and they’re finally visible

Trending Sources

Report Finds 50% of Scattered Spider Phishing Domains Targeted Finance & Insurance

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Author’s Q&A: It’s high time for CISOs to start leading strategically — or risk being scapegoated

DNA testing company vanishes along with its customers’ genetic data

AI Dilemma: Emerging Tech as Cyber Risk Escalates

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

Healthcare Now Third-Most Targeted Industry for Ransomware

Credit Reporting Companies Put Customer Data at Risk

Top Cybersecurity Trends to Watch Out For in 2025

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

Top 8 Cyber Insurance Companies for 2022

Masterclass in CIAM for Insurance: Balancing Security, Experience, and Consent

Dental group lied through teeth about data breach, fined $350,000

The Evolving Role of Cyber Insurance in Mitigating Ransomware Attacks

Anti-Ransomware Company Exagrid Pays $2.6 Million Ransom

Safety first: Will insurance companies stall or accelerate cybersecurity progress?

How to Streamline Your Cybersecurity Risk Management Process

Scant evidence that cyber insurance boom is leading to better security

CISA Order Highlights Persistent Risk at Network Edge

Why DSPM is Essential for Achieving Data Privacy in 2024

Experian API Exposed Credit Scores of Most Americans

4 ways businesses can save money on cyber insurance

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

Sperm bank breach deposits data into hands of cybercriminals

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Verizon's 2025 DBIR: Threats Are Faster, Smarter, and More Personal

The Case for Limiting Your Browser Extensions

Cyber and Privacy Risks for Real Estate Enterprises

Telehealth Hazard? HHS Loosens HIPAA Standards for Telemedicine

Healthcare Cybersecurity Market Soars: Key Trends and Insights

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

New AI “agents” could hold people for ransom in 2025

“We will hold them accountable”: General Motors sued for selling customer driving data to third parties

Robocall Legal Advocate Leaks Customer Data

Business ID Theft Soars Amid COVID Closures

The Need to Simplify Compliance Risk Control Implementation

COVID-19 Vaccination Management Problems Have Created a Privacy Nightmare For Americans – Even Without Vaccine Passports

New Ransom Payment Schemes Target Executives, Telemedicine

Senators Urge FTC to Probe ID.me Over Selfie Data

Types of Risk Assessment Methodologies: Choosing the Right Approach for Your Needs

MSPs: Becoming the Trusted Cyber Insurance Advisor

Stay Connected