article thumbnail

The future of cyber insurance

IT Security Guru

Cyber insurers are losing money. The insurance sector is battling its losses by increasing premiums – which have gone up by some 94% between 2019 and 2022 – creating the artificial impression that the sector is growing. How is cyber insurance changing?

article thumbnail

What’s happening in the world of personal cyber insurance?

Malwarebytes

You’ve likely only seen cybercrime insurance primarily mentioned in relation to attacks on businesses. Some folks think the mere presence of insurance simply encourages more attacks , and is hurting more than it’s helping. Drawing insurance lines in the sand.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Ransomware: Number One Cyber Insurance Claim

SecureWorld News

Trends of cyber insurance claims for 2020. Coalition, a cyber insurance company, recently released a report detailing the categories of cyber attacks as well as the cause behind the attacks for the first half of 2020. 54% of cyber attacks started with email.

article thumbnail

2023 Predictions for Storage and Backup Ransomware

CyberSecurity Insiders

2022 clearly demonstrated that attacks on data represent the greatest cyber-threat organizations face. Many of these attacks took advantage of known vulnerabilities and security misconfigurations in storage and backup systems. And backup and storage systems are rife with unpatched CVEs.

Backups 138
article thumbnail

HardBit ransomware tailors ransom to fit your cyber insurance payout

Malwarebytes

Ransomware authors are wading into the cybersecurity insurance debate in a somewhat peculiar way. Specifically: urging victims to disclose details of their insurance contract , in order to tailor a ransom which will be beneficial to the company under attack.

article thumbnail

Scant evidence that cyber insurance boom is leading to better security

SC Magazine

The rise of the cyber insurance has largely failed to promote better cybersecurity practices among the industries they cover, according to a new report released Monday from British security think tank RUSI.

article thumbnail

CISA Extends Recommendations to Non-Federal Organizations Fighting Astounding Volumes of Malicious Email Cyber insurance – Sprea…

Security Boulevard

Cyber insurance sounds like a smart idea for both insurers and purchasers. But for cyber insurance to be viable, insurers must improve their understanding of the risks involved, and require the companies they insure to implement effective cyber controls.

article thumbnail

Cyber-insurance – Spreading the risk and driving it down Protecting Against Multi-Factor Authentication Hacks Tracking 2022 Cybe…

Security Boulevard

Cyber insurance sounds like a smart idea for both insurers and purchasers. But for cyber insurance to be viable, insurers must improve their understanding of the risks involved, and require the companies they insure to implement effective cyber controls.

article thumbnail

Ransomware Bites Dental Data Backup Firm

Krebs on Security

PerCSoft , a Wisconsin-based company that manages a remote data backup service relied upon by hundreds of dental offices across the country, is struggling to restore access to client systems after falling victim to a ransomware attack. Cloud data and backup services are a prime target of cybercriminals who deploy ransomware. It remains unclear whether PerCSoft or DDR — or perhaps their insurance provider — paid the ransom demand in this attack.

Backups 216
article thumbnail

How One Company Survived a Ransomware Attack Without Paying the Ransom

eSecurity Planet

Cyber Insurer Provides Help. As Spectra Logic had the foresight to take out cyber insurance , Chubb representatives were professional and helpful, according to Mendoza. Also read: Top 8 Cyber Insurance Companies for 2022 Best Ransomware Removal and Recovery Services.

Backups 129
article thumbnail

A CISOs Practical Guide to Storage and Backup Ransomware Resiliency

The Hacker News

From a cyber risk perspective, attacks on data are the most prominent threat to organizations. Regulators, cyber insurance firms, and auditors are paying much closer attention to the integrity, resilience, and recoverability of organization data – as well asOne thing is clear.

article thumbnail

After Springhill: Assessing the Impact of Ransomware Lawsuits

eSecurity Planet

Cyber Insurance No Longer Reliable. ” Crockett said unofficial numbers indicate that only about 10 percent of such cyber insurance claims are paid out. Also read: Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs.

article thumbnail

Cyber Liability Insurance – What You Need to Know

Duo's Security Blog

Cyber liability insurance can be a lifeline in the event of a major incident or breach. Cyber incidents rose 35% in 2020 with data breaches costing businesses an average of $4.24 million per year , resulting in cyber insurance premiums jumping up by 50-100%.

article thumbnail

It’s time to ask: Is ransomware insurance bad for cybersecurity?

Webroot

The issue at the heart of ransomware insurance will be familiar to most parents of young children: rewarding bad behavior only invites more of the same, so it’s generally not a good idea. But critics of the ransomware insurance industry argue that’s exactly what the practice does.

Insurance 122
article thumbnail

Lessons from a real-life ransomware attack

Malwarebytes

Sadly, there’s rarely discussion about the lengthy recovery, which, according to the Ransomware Task Force, can last an average of 287 days , or about the complicated matter that the biggest, claimed defense to ransomware attacks—backups—often fail. Your backups may not work.

article thumbnail

University of Utah pays a $457,000 ransom to ransomware gang

Security Affairs

The University was able to recover the operations from the backups, but decided to pay the ransom to avoid having ransomware operators leak student information online. University of Utah officials explained that the university’s cyber insurance policy covered part of the ransom.

article thumbnail

HardBit ransomware gang adjusts their demands so the insurance company would cover the ransom cost

Security Affairs

Recently emerged HardBit ransomware gang adjusts their demands so the insurance company would cover the ransom cost. For those who have cyber insurance against ransomware attacks.

article thumbnail

Ransomware Attack Hits Carnival Cruise Corporation: What We Know

SecureWorld News

Here is Carnival Corporation's ransomware and cyber incident statement, in full: On August 15, 2020, Carnival Corporation and Carnival plc (together, the "Company," "we," "us," or "our") detected a ransomware attack that accessed and encrypted a portion of one brand’s information technology systems.

article thumbnail

Higher Ed Ransomware Attack: University Pays Hackers $450,000

SecureWorld News

The ISO assisted the college in restoring locally managed IT services and systems from backup copies. The University had servers encrypted but restored the systems and the access from backups. And number one is cyber insurance.

article thumbnail

Predictions 2023, Part 1: What will the new year bring for the InfoSec Community?

CyberSecurity Insiders

More challenges associated with cyber insurance as more awareness of cyber incidents' reputational and financial risks come to light. As cyber threats continue to increase and technologies become more complex, skills will need to evolve to handle the onslaught.

InfoSec 112
article thumbnail

Best Disaster Recovery Solutions for 2022

eSecurity Planet

But it also requires software to orchestrate data movement, backup and restore technology to ensure a current copy of data is available, and the ability to recover systems and data rapidly. This type of backup and DR technology offers RPOs measured in hours.

Backups 120
article thumbnail

One Year Later: What Have We Learned Since the Colonial Pipeline Attack

Thales Cloud Protection & Licensing

Cyber insurance coverage ramps up. There is also huge debate around cyber insurance and whether it is fit for purpose. However, cyber insurance can’t protect your business against the reputational and brand loss that results from a cyberattack. Cyber War.

article thumbnail

11 Cybersecurity investments you can make right now

CyberSecurity Insiders

Cyber insurance. Cyber insurance is designed to protect businesses from the financial repercussions of a cyber-attack. Cyber insurance has also become a new compliance requirement in many industries, including healthcare, finance, and retail.

article thumbnail

How to Recover From a Ransomware Attack

eSecurity Planet

An organization must: Prepare a good backup policy and procedure. We also need to periodically check that the policy is up to date with the latest insurance providers, incident response vendors, attorneys, and executives’ contact information.

article thumbnail

Education Sector has Seen a 44% Rise in Cyber Attacks Since 2021

CyberSecurity Insiders

The education sector is increasingly vulnerable to simple and sophisticated cyber threats, and higher learning is especially vulnerable. Here are a few prime examples of cyber-attacks in the education sector. Freshly on the heels of this cyber security nightmare, the Albuquerque school system was breached. Cyber insurance. Often, educational institutions see cyber insurance as a needless expense. Make backups, and practice restoring from them.

article thumbnail

To Cover or Not to Cover: The Cyber Liability Insurance Quandary Facing Small- and Medium-Sized Businesses

Duo's Security Blog

Much has been published about how the demand — and subsequent cost — for cyber liability insurance has skyrocketed in line with increasing incidents of cyberattacks. Of course, insurance cover is not the only measure that can be taken. What are you doing about backups?

article thumbnail

#ISC2CONGRESS – Lessons Learned from the Baltimore Ransomware Attack

CyberSecurity Insiders

The city did not have a cyber incident response team (CIRT), or well-defined plans for activating an incident response, or how to handle communication and escalation. The only saving grace was that the city had invested in both on-premise and cloud backups. Backup Strategy.

article thumbnail

U.S. Secret Service on Ransomware: 'What's at Stake Is Disruption'

SecureWorld News

This ranges from Secret Service agents discussing elements of cyber hygiene with those they protect to tracking down cybercrime fugitives. The latest estimates are around 20% of actual ransomware instances get reported to law enforcement or insurance or regulators," Sheridan said.

article thumbnail

How to Decrypt Ransomware Files – And What to Do When That Fails

eSecurity Planet

The best defense and the best option for recovery will always be the availability of sufficient, isolated data backups and a practiced restoration process. What can be done to recover from ransomware attacks when backups are not available? Insured companies often will not have options.

Insurance 126
article thumbnail

Ransomware attacks can and will shut you down

Cisco Security

Downtime varied from minimal disruption (thanks to frequent data backups) to months upon months of recovery time . Protect yourself from Cyber criminals . In today’s climate of ever-increasing sophisticated cyber threats this won’t cut it.

Retail 110
article thumbnail

Safe Security Launches Return on Security Investment Calculator to Help Organizations Maximize Returns on Cybersecurity Budgets

CyberSecurity Insiders

global leader in cyber risk quantification and management (CRQM), today announced the Return on Security Investment (ROSI) Calculator, a new module of the SAFE platform. Cyber Risk Insights Conference 2022 – Oct. PALO ALTO, Calif.–(

article thumbnail

The dos and don’ts of ransomware negotiations

CyberSecurity Insiders

Consider exploring other solutions, such as restoring your data from backups. If you do not have backups, cybersecurity experts may be able to help you recover your data since many ransomware strains were decrypted and keys are publicly available. Cyber Threats Detect AlienVault

article thumbnail

Discover 2022’s Nastiest Malware

Webroot

As a result, many organizations are shifting away from cyber insurance and adopting layered defenses in an effort to achieve cyber resilience. The key to staying safe is a layered approach to cybersecurity backed up by a cyber resilience strategy.

article thumbnail

Online Schools Company Pays Hacker Ransom

SecureWorld News

We carry insurance, including cyber insurance, which we believe to be commensurate with our size and the nature of our operations. Which of the ransomware gangs or groups hit K12 Inc and its network in this cyber attack? Can we restore from these backups?

article thumbnail

Multiple schools hit by Vice Society ransomware attack

Malwarebytes

As we’ve seen recently, cyber insurance is no guarantee of avoiding a ransomware pitfall either with refusal of payout being decided in a court of law. Backup your data. Backups are the last line of defence against an attack that encrypts your data.

Backups 68
article thumbnail

Ransomware in 2020

Cytelligence

Effectiveness of data backup strategies. Unlocking – Organizations can either pay the ransom and hope for the cybercriminals to actually decrypt the affected files (which in many cases does not happen), or they can attempt a recovery by removing infected files and systems from the network and restoring data from clean backups. Unfortunately, the citizens of the country had to pay the ransom as the city had no cyber insurance.

article thumbnail

The Pain of Double Extortion Ransomware

Thales Cloud Protection & Licensing

Ransomware attacks have become much more dangerous and have evolved beyond basic security defenses and business continuity techniques like next-gen antivirus and backups. At this point, typical defenses for ransomware, such as backups and restoration of systems and data, do not apply.

article thumbnail

Local government cybersecurity: 5 best practices

Malwarebytes

Cyber Infrastructure Survey (CIS) : A free assessment of essential cybersecurity practices in-place for critical services. Cyber Resilience Review (CRR) : The CRR assessment evaluates your organization’s operational resilience and cybersecurity practices.

article thumbnail

Play ransomware group claims to have stolen hotel chain data

Malwarebytes

From the H-Hotel release : “ unknown persons carried out a cyber attack on the IT network of the hotel company H-Hotels.com, which led to restrictions in digital communication. The cyber attack was discovered by the hotel company's IT security systems on Sunday.

Backups 72
article thumbnail

Ransomware Incident Response: What Is It Like?

SecureWorld News

And then reality hits again when many organizations realize their backups are "out" as an option: "And then you see your internal team say, ' Oh, well, let's hurry up. W e've got backups. Let's get our backups going. The mainstream media focused on eastern U.S.

Backups 68
article thumbnail

School Cyberattack Aftermath: What Happens to Kids' Data?

SecureWorld News

They followed the FBI’s advice to not pay the hackers and restored their system from backups they had kept for such an emergency. Other cyber scams where children's data can be vulnerable. The mail just arrived, and you are scanning through it.

article thumbnail

Ransomware Protection in 2021

eSecurity Planet

A ransomware attack is about as bad as a cyber attack can get. Offline Backups. While virtual backups are great, if you’re not storing data backups offline, you’re at risk of losing that data. Without external backups or rollback technology, recovery is impossible.

article thumbnail

Securing Government Agencies: Essential Eight and Other Efforts

Duo's Security Blog

The eight areas are: Application Control Patch Applications Configure Microsoft Office Macro Settings User Application Hardening Restrict Administrative Privileges Patch Operating Systems Multi Factor Authentication Daily Backups Each area comes with guidance to improve maturity of the area.