InfoSec and Insurance - Cyber Security Informer

State of Cybersecurity in Canada 2025: Key Insights for InfoSec Leaders

SecureWorld News

FEBRUARY 5, 2025

Leverage cyber insurance to mitigate financial risks associated with supply chain attacks. Strengthen Identity and Access Management (IAM) to minimize cloud misconfigurations. Enhance third-party risk management Require comprehensive security assessments for vendors and software providers.

InfoSec

InfoSec Cybersecurity Energy and Utilities Cyber Insurance

AI and the Future of Work: What It Means for Cybersecurity and Beyond

SecureWorld News

MAY 7, 2025

Finance and Insurance Timing: 37 years AI is automating underwriting, risk analysis, and fraud detection. Media, Content, and Design Timing: Now to 3 years Tools like ChatGPT, Midjourney, and Adobe Firefly are enabling content generation with minimal human input.

Cybersecurity

Cybersecurity Artificial Intelligence Threat Detection CISO

How to Build an Effective Security Awareness Program

Trend Micro

JUNE 26, 2025

Here are some examples of goals: Reducing simulation click rates Increasing training completion rates Increased reporting of suspicious emails to IT/Infosec Reduced incidents of breaches due to human error Implementing and measuring user risk scores 4. These targets will provide a clear way to track progress and demonstrate value.

Security Awareness

Security Awareness Cyber Risk Risk Phishing

Demand, CyberInsurance, and Automation/AI Are the Future of InfoSec

Daniel Miessler

NOVEMBER 6, 2020

2021-2030) A Surge in Demand for InfoSec people will result in many more professionals being trained and placed within companies, likely using more of a trade/certification model than a 4-year university model. Jeremiah Grossman and I have been talking about the rise of cybersecurity insurance for years now. Cyberinsurance Will Ascend.

InfoSec

InfoSec Insurance Artificial Intelligence Cybersecurity

Thinking About the Future of InfoSec (v2022)

Daniel Miessler

MARCH 20, 2022

The ideas will cover multiple aspects of InfoSec, from organizational structure to technology. At the highest level, I think the big change to InfoSec will be a loss of magic compared to now. HT to Jeremiah Grossman to also being very early to seeing the role of insurance in InfoSec. Insurance companies.

InfoSec

InfoSec Insurance Technology Engineering

How security pros, the insurance industry, and regulators can combat ransomware

SC Magazine

APRIL 19, 2021

AIG is one of the top cyber insurance companies in the U.S. Today’s columnist, Erin Kennealy of Guidewire Software, offers ways for security pros, the insurance industry and government regulators to come together so insurance companies can continue to offer insurance for ransomware. eflon CreativeCommons CC BY 2.0.

Insurance

Insurance Cyber Insurance Ransomware InfoSec

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

The SEC says First American derives nearly 92 percent of its revenue from its title insurance segment, earning $7.1 Title insurance protects homebuyers from the prospect of someone contesting their legitimacy as the new homeowner. Title insurance is not mandated by law, but most lenders require it as part of any mortgage transaction.

Insurance

Insurance Risk Financial Services CISO

Safety first: Will insurance companies stall or accelerate cybersecurity progress?

SC Magazine

FEBRUARY 8, 2021

Every time a driver buckles up or an airbag is deployed we see the powerful influence of the insurance companies who insisted those measures become mandatory. Now, those insurers are poised to drive cybersecurity investment by insisting that organizations meet certain criteria to qualify for coverage. A maturing model.

Insurance

Insurance Cyber Insurance Cybersecurity Government

The CPRA: What You Should Know as an InfoSec Professional

SecureWorld News

DECEMBER 1, 2022

Cyber insurance (critical). Well documented policies and standards for employees (data handling). Enterprise endpoint protection and remediation (anti-malware, anti-virus software). Endpoint encryption for all laptops. Intrusion detection and response. And more (listen in for the full list). "I

InfoSec

InfoSec Cyber Insurance Consumer Protection Insurance

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

SecureWorld News

JULY 31, 2023

Cybersecurity professionals have various views on last week's news from the United States Securities and Exchange Commission (SEC) when it surprised the InfoSec community and the C-suites of corporate America. What about providing D&O (directors and officers liability) insurance to CISOs? After all, a CISO can't do it all.

CISO

CISO InfoSec Risk Cyber Risk

How Cyber Insurance Changes the Conversation Around Risk

Threatpost

JULY 19, 2018

In this InfoSec Insider cyber insurance expert Nick Sanna discusses how to balance threat exposures and protecting assets with insurance against hacking, breaches and vulnerabilities.

Cyber Insurance

Cyber Insurance Insurance InfoSec Risk

How War Impacts Cyber Insurance

Threatpost

JULY 12, 2022

Chris Hallenbeck, CISO for the Americas at Tanium, discusses the impact of geopolitical conflict on the cybersecurity insurance market.

Insurance

Insurance Cyber Insurance CISO Marketing

CISA Order Highlights Persistent Risk at Network Edge

Krebs on Security

JUNE 15, 2023

Mandiant said the attackers will continue to change their tactics and malware, “especially as network defenders continue to take action against this adversary and their activity is further exposed by the infosec community.”

Risk

Risk VPN Internet Internet

Hive Ransomware gang leaked 550 GB stolen from Consulate Health Care

Security Affairs

JANUARY 7, 2023

employees info (social security numbers, emails, addresses, phone numbers, photos, insurances info, payments, etc.), and customers info (medical records, credit cards, emails, social security numbers, phone numbers, insurances, etc.). The security breach was also confirmed by the victim in a notice published on its website.

Ransomware

Ransomware Insurance Data breaches InfoSec

Top 5 Security Trends this Summer: RSA Conference & Black Hat 2022

Webroot

JULY 25, 2022

Cyber insurance becomes mainstream discussion. As cyberattacks have become more costly and more challenging to track, cyber insurance has gained prominence across the industry. The cyber insurance market is expected to reach around $20B by 2025.

Cyber Insurance

Cyber Insurance Insurance Marketing Phishing

(ISC)2 Study: Cybersecurity Industry Facing 3.4 Million Shortfall in Workers

SecureWorld News

OCTOBER 20, 2022

Nearly 70% of the InfoSec workforce say their organizations' cybersecurity teams are understaffed. The shortage is particularly severe in aerospace, government, education, insurance and transportation," the study cites. "A

Cybersecurity

Cybersecurity InfoSec Financial Services Insurance

An initial access broker claims to have hacked Deutsche Bank

Security Affairs

NOVEMBER 11, 2022

db.com @DeutscheBank c/o @osint_ben @Europol @DTCERT #cybersecurity #infosec @campuscodi @LawrenceAbrams pic.twitter.com/qFhwQ5zSIY — Dominic Alvieri (@AlvieriD) November 11, 2022. Alvieri speculates that the IAB is the same broker who recently offered for sale access to the systems of the Australian health insurance Medibank.

Banking

Banking Hacking InfoSec Insurance

Seven Massachusetts Cities Join Forces to Bolster Cybersecurity Posture

SecureWorld News

MAY 16, 2023

Brennan is speaking at SecureWorld Chicago on June 8, tackling the topic of "I Can See Clearly Now, the Threats Are Gone: The State of InfoSec and Threat Intelligence Today." Sean Scranton is a consultant on the Cyber Risk Solutions Team at WTW and often speaks on cyber insurance issues. Scranton says: "This is a how-to case study.

Cybersecurity

Cybersecurity Insurance CISO Cyber Risk

Cyber Risk Retainers: Not Another Insurance Policy

Threatpost

JUNE 7, 2022

The costs associated with a cyberattack can be significant, especially if a company does not have an Incident Response plan that addresses risk.

Cyber Risk

Cyber Risk Insurance Risk InfoSec

Record Setting $40M Ransom Paid to Attackers

Security Boulevard

MAY 24, 2021

commercial and casualty insurance companies, reportedly met a $40 million ransom demand after suffering a ransomware infection earlier in the year. CNA, one of the largest U.S. As of this writing, that’s the largest ransom demand ever reported to have been paid by a company following a ransomware attack.

Insurance

Insurance Ransomware CISO InfoSec

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

I seem to be doing most of that activity now on Mastodon , which appears to have absorbed most of the infosec refugees from Twitter, and in any case is proving to be a far more useful, civil and constructive place to post such things. For a variety of reasons, I will no longer be sharing these updates on Twitter.

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

The Rise of Data Sovereignty and a Privacy Era

SecureWorld News

JUNE 24, 2024

Additionally, there sectoral privacy regulations in the United States, such as the Health Insurance Portability and Accountability Act (HIPAA), and state level regulations like the California Consumer Privacy Act (CCPA). Traditionally, InfoSec lies within the IT organization, and Privacy is housed inside the Legal department.

IoT

IoT InfoSec Artificial Intelligence Risk

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

SecureWorld News

JUNE 13, 2023

It was fitting that the opening keynote panel for SecureWorld Chicago on June 8th was titled " Making the Cybersecurity Music: Navigating Challenges and Opportunities in Today's InfoSec Landscape. You're going to ruffle a few feathers, but don't worry about that."

Cybersecurity

Cybersecurity CISO InfoSec CSO

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

are subject to laws such as the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (the HITECH Act), as well as regulations such as the Clinical Laboratory Improvements Amendments (CLIA). Healthcare Data Privacy Laws. Health data and patient data in the U.S.

Data privacy

Data privacy Encryption Data breaches Insurance

DOJ Cybercrime Watchdog’s First Settlement Signals Crackdown on Small Businesses

Security Boulevard

APRIL 7, 2023

Justice Department’s new Civil-Cyber Fraud Initiative announced its first settlement last month in a novel action that brought false claims allegations over infosec failures against, notably, a sole proprietor.

Small Business

Small Business Cybercrime Insurance Government

12 Pieces Examining Trends in Cybersecurity for 2023

SecureWorld News

DECEMBER 29, 2022

Top 3 Information Security Hiring Trends for 2023 – " Here are three key takeaways to keep in mind when researching for a new role in InfoSec in 2023. ". Some were unexpected, and many were predictable, but all are important to consider when making plans for security in 2023.".

Cybersecurity

Cybersecurity CISO Cyber Insurance Artificial Intelligence

Hack the Capitol returns Tuesday, as all eyes look toward critical infrastructure security

SC Magazine

MAY 3, 2021

Robert Whitman, John Katko, Yvette Clark and Ted Lieu, and panelists spanning academia, industry, security, insurance and major industrial equipment manufacturers. Are there particular lessons you hope infosec people will come away with? The annual event returns on Tuesday for a virtual presentation, including keynotes from Reps.

Hacking

Hacking Education InfoSec Media

Zombie API vs Shadow API: The Crashtest

IT Security Guru

JUNE 26, 2023

Pick Your Path ® was another one that I remember) It’s been around a long time, and a few years ago the Infosec Institute gamified information security by creating the “Zombie Invasion” game. Gamification Remember the Choose Your Own Adventure ® series? Since then it’s moved on to “Deep Space Danger.”

InfoSec

InfoSec Manufacturing Risk Software

HIPAA and Privacy Act Training Challenge Exam [XLS download]

Security Boulevard

MARCH 10, 2024

Contemporary healthcare organizations are obligated to protect a vast amount of sensitive patient data due to the broad definition of Protected Health Information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA).

Insurance

Insurance Healthcare Accountability Technology

The Top 5 Reasons to Use an API Management Platform

Security Affairs

NOVEMBER 20, 2023

Over the course of his 20+ years of IT and Security, Ross has served in a variety of operations and infosec roles for companies in the manufacturing, healthcare, real estate, business insurance, and technology sectors. He has experience with ISO 27001 and SOC 2 Type 2 implementation and maintenance.

Authentication

Authentication Government Technology Risk

How Not to Pay the Ransom? No Soup For You, Ransomware!

Thales Cloud Protection & Licensing

AUGUST 11, 2021

Ransomware incidents covered by cyber insurance policies. Insurance is a valid and efficient tool mitigating the risks of encryption posed by your system's exposure to malware. The insurer provides funding to the insured parties in the event they suffer ransomware invasion.

Ransomware

Ransomware Insurance Encryption Cyber Insurance

Project Svalbard, Have I Been Pwned and its Ongoing Independence

Troy Hunt

MARCH 2, 2020

These were companies spanning all sorts of different industries; big tech, general infosec, antivirus, hosting, finance, e-commerce, cyber insurance - I could go on. The point is the net was cast very wide. We whittled the original 141 companies down to the 43 that were best aligned to the goals I outlined in the original blog post.

Data breaches

Data breaches Marketing Cyber Insurance InfoSec

Peer Report Explores Concerns, Challenges Facing Cybersecurity Leaders

SecureWorld News

AUGUST 23, 2023

What's important now is for executive leadership to have that same sense of urgency as infosec leaders. The 'it could never happen here' mentality disappears when data breaches, usually from phishing attacks, are literally happening everywhere, in every industry, to companies of all sizes.

Cybersecurity

Cybersecurity Cyber Risk Risk Cyber Insurance

The TikTok Ban Bill, Your Car is Spying on You, Signal’s Username Update

Security Boulevard

MARCH 17, 2024

In episode 321, the hosts discuss how connected cars are sharing driving data with insurance companies, potentially leading to increased rates for drivers. They also talk about the anti-TikTok bill passed by the House, which could force ByteDance to sell TikTok or face a ban in app stores.

Insurance

Insurance Surveillance Data privacy InfoSec

Inflation Is Making Cybersecurity Even More Challenging for Leaders

SecureWorld News

OCTOBER 19, 2023

Economic effects, including inflationary pressures, have had a broad impact across the InfoSec landscape," Smeaton said. As cyber threats surge, the expenses associated with cyber insurance rise, adding to the financial strain. Andrew Smeaton, CISO at Afiniti, says reassessment of cybersecurity programs and plans is necessary.

Cybersecurity

Cybersecurity CISO Phishing Education

Thales and Imperva Win Big in 2024

Thales Cloud Protection & Licensing

DECEMBER 13, 2024

Global Infosec Awards At the 2024 RSA Conference, Imperva nabbed an astounding eleven Cyber Defense Magazine Global InfoSec Awards. Global Infosec Awards At the 2024 RSA Conference, Imperva nabbed an astounding eleven Cyber Defense Magazine Global InfoSec Awards.

InfoSec

InfoSec Authentication Marketing B2B

HUMAN Cements Leadership Position in Bot Mitigation and Fight Against Fraud

CyberSecurity Insiders

AUGUST 1, 2021

A 25+ year industry veteran with a successful track record of growing revenues, scaling organizations and developing new markets around the globe, Raad will lead the people ops, IT and infosec teams on diversity, equity and inclusion; upskilling and mentorship initiatives. Isaac Itenberg also joined the leadership team as the company’s CFO.

InfoSec

InfoSec Marketing Advertising Internet

Thales and Imperva Win Big in 2024

Security Boulevard

DECEMBER 13, 2024

Global Infosec Awards At the 2024 RSA Conference, Imperva nabbed an astounding eleven Cyber Defense Magazine Global InfoSec Awards. This year, MarCom recognized the success of our Data Threat Report (DTR), which achieved nearly 800 media mentions, 295 million impressions, and more than 5 million in the sales pipeline.

InfoSec

InfoSec Authentication Marketing Data privacy

Information risk and security for professional services

Notice Bored

APRIL 20, 2022

I have in mind consultancy, advisory and other specialist services such as: Building and construction services e.g. architecture, surveying; B usiness services e.g. marketing and sales, strategy and management consulting, auditing, quality consulting; E ngineering services e.g. electrical and electronic design, materials science, measurement and calibration; (..)

Risk

Risk Energy and Utilities Computers and Electronics Telecommunications

Kaseya Ransomware Attack Through the Eyes of the Victim

SecureWorld News

JULY 6, 2021

Kaseya ransomware attack: what InfoSec is saying. Should be a wake up call for governments, insurance, businesses etc. The ransomware attack is now making headlines around the world, with security researchers pointing the finger at Russian ransomware operator REvil, which recently attacked the world's largest meat producer, JBS.

Ransomware

Ransomware Retail InfoSec Software

Security Awareness Training and Human Risk Management Company AwareGO Achieves Year of Outstanding Growth

CyberSecurity Insiders

FEBRUARY 3, 2022

Over half of AwareGO’s customers come from industries that are number one targets for cybersecurity attacks, including finance and insurance as well as manufacturing and energy. Monthly active users grew by 200% and monthly recurring revenue grew by 116%.

Security Awareness

Security Awareness Risk Marketing InfoSec

Cyber CEO: 7 Tips to Stay Cyber Safe While Online Holiday Shopping

Herjavec Group

NOVEMBER 23, 2021

Your credit card or PayPal account offers more protection if you are the victim of a cyber-attack because they are not directly linked to your bank account and provide insurance for theft. I’ve been in infosec for over 30 years and have had the great privilege of evolving and learning as a cybersecurity executive in a space I love.

Cybercrime

Cybercrime InfoSec Encryption Risk

NBlog Sept 4 - standardising ISMS data interfaces

Notice Bored

SEPTEMBER 3, 2020

Perhaps we should develop an outline specification and propose such a standard to ISO/IEC JTC1 SC 27. A N ew W ork I tem P roposal would need sufficient details to be clear about what is being proposed and why , expanding on the requirement.

Risk

Risk Insurance Government Marketing

Mapping HIPAA to ISO 27001: A Comprehensive Guide

Centraleyes

DECEMBER 7, 2024

Diving into HIPAA Compliance: What You Need to Know The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a law in the US that oversees the privacy and security of protected health information (PHI). Examples of health-related data that are addressed in both ISO 27001 and HIPAA are listed below.

Healthcare

Healthcare Information Security Risk Surveillance

State of Cybersecurity in Canada 2025: Key Insights for InfoSec Leaders

AI and the Future of Work: What It Means for Cybersecurity and Beyond

Trending Sources

How to Build an Effective Security Awareness Program

Demand, CyberInsurance, and Automation/AI Are the Future of InfoSec

Thinking About the Future of InfoSec (v2022)

How security pros, the insurance industry, and regulators can combat ransomware

First American Financial Pays Farcical $500K Fine

Safety first: Will insurance companies stall or accelerate cybersecurity progress?

The CPRA: What You Should Know as an InfoSec Professional

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

How Cyber Insurance Changes the Conversation Around Risk

How War Impacts Cyber Insurance

CISA Order Highlights Persistent Risk at Network Edge

Hive Ransomware gang leaked 550 GB stolen from Consulate Health Care

Top 5 Security Trends this Summer: RSA Conference & Black Hat 2022

(ISC)2 Study: Cybersecurity Industry Facing 3.4 Million Shortfall in Workers

An initial access broker claims to have hacked Deutsche Bank

Seven Massachusetts Cities Join Forces to Bolster Cybersecurity Posture

Cyber Risk Retainers: Not Another Insurance Policy

Record Setting $40M Ransom Paid to Attackers

Happy 13th Birthday, KrebsOnSecurity!

The Rise of Data Sovereignty and a Privacy Era

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

Security Compliance & Data Privacy Regulations

DOJ Cybercrime Watchdog’s First Settlement Signals Crackdown on Small Businesses

12 Pieces Examining Trends in Cybersecurity for 2023

Hack the Capitol returns Tuesday, as all eyes look toward critical infrastructure security

Zombie API vs Shadow API: The Crashtest

HIPAA and Privacy Act Training Challenge Exam [XLS download]

The Top 5 Reasons to Use an API Management Platform

How Not to Pay the Ransom? No Soup For You, Ransomware!

Project Svalbard, Have I Been Pwned and its Ongoing Independence

Peer Report Explores Concerns, Challenges Facing Cybersecurity Leaders

The TikTok Ban Bill, Your Car is Spying on You, Signal’s Username Update

Inflation Is Making Cybersecurity Even More Challenging for Leaders

Thales and Imperva Win Big in 2024

HUMAN Cements Leadership Position in Bot Mitigation and Fight Against Fraud

Thales and Imperva Win Big in 2024

Information risk and security for professional services

Kaseya Ransomware Attack Through the Eyes of the Victim

Security Awareness Training and Human Risk Management Company AwareGO Achieves Year of Outstanding Growth

Cyber CEO: 7 Tips to Stay Cyber Safe While Online Holiday Shopping

NBlog Sept 4 - standardising ISMS data interfaces

Mapping HIPAA to ISO 27001: A Comprehensive Guide

Stay Connected