CyberSecurity Is Not Enough: Businesses Must Insure Against Cyber Losses

Joseph Steinberg

Ironically, while many larger enterprises purchase insurance to protect themselves against catastrophic levels of hacker-inflicted damages, smaller businesses – whose cyber-risks are far greater than those of their larger counterparts – rarely have adequate (or even any) coverage.

Insurance and Ransomware

Schneier on Security

Here’s one more contribution to that issue: a research paper that the insurance industry is hurting more than it’s helping. Although it is a societal problem, cyber insurers have received considerable criticism for facilitating ransom payments to cybercriminals.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

On Cybersecurity Insurance

Schneier on Security

Good paper on cybersecurity insurance: both the history and the promise for the future. From the conclusion: Policy makers have long held high hopes for cyber insurance as a tool for improving security. Cyber insurance appears to be a weak form of governance at present. However, the cost of external response services is covered, which suggests insurers believe ex-post responses to be more effective than ex-ante mitigation.

SMBs and Cyber Insurance – Third Certainty #27

Adam Levin

With the average cost of a data breach exceeding three million dollars, cyber insurance has become a necessity for SMBs. The post SMBs and Cyber Insurance – Third Certainty #27 appeared first on Adam Levin.

Major Israeli Insurance Company Hacked

Adam Levin

The personal information of thousands of Israeli citizens has been compromised as the result of a cyberattack on Shirbit, a leading insurance company. . The post Major Israeli Insurance Company Hacked appeared first on Adam Levin.

Cyberresilience: Your Data Insurance Policy

Security Boulevard

The post Cyberresilience: Your Data Insurance Policy appeared first on Security Boulevard. In the wake of the Colonial Pipeline hack, businesses all over the world are getting a very loud reminder that they could be next to be compromised by a ransomware intrusion.

The Perils of Cyber Insurance

Security Boulevard

On this episode of The View With Vizard, host Mike Vizard talks with Max Pruger, general manager of compliance for Kaseya, about the pros and cons, benefits and pitfalls of cyber insurance. The post The Perils of Cyber Insurance appeared first on Security Boulevard.

Cybersecurity Insurance Not Paying for NotPetya Losses

Schneier on Security

This will complicate things: To complicate matters, having cyber insurance might not cover everyone's losses. Zurich American Insurance Company refused to pay out a $100 million claim from Mondelez, saying that since the U.S. I get that $100 million is real money, but the insurance industry needs to figure out how to properly insure commercial networks against this sort of thing. cybersecurity hacking insurance malware ransomware russia war

What is Identity theft Insurance?

Identity IQ

Identity theft insurance is a type of insurance policy that can help victims recover from losses caused by identity theft. It may be offered as a standalone policy, or as a benefit with other types of insurance or identity protection plans.

Action Fraud Warns of Ongoing UK National Insurance Scam

Hot for Security

The UK’s National Fraud & Cyber Crime Reporting Center (Action Fraud) is warning citizens about a National Insurance scam targeting their personally identifiable information (PII).

NY Department of Financial Services Issues Cyber Fraud Alert to Auto Insurers

Hot for Security

The New York Department of Financial Services (NYDFS) has issued an alert to instant-quote websites, particularly car insurers, warning of a growing campaign to steal nonpublic information (NPI).

Will Your Insurance Policies Step in After a Cyber-Attack?

Security Boulevard

Read article > The post Will Your Insurance Policies Step in After a Cyber-Attack? The post Will Your Insurance Policies Step in After a Cyber-Attack? Security Bloggers Network Blog Posts Cyber Risk Insurance

Ransomware gang says it targets firms who have cyber insurance

Graham Cluley

A member of the REvil ransomware gang claims that the group specifically targets firms who have taken our cyber insurance. And what's more, it will hack insurance firms to identify them. Data loss Malware Ransomware data breach insurance ransomware Revil Travelex

Cyber insurance giant CNA paid out $40 million to its ransomware attackers

Graham Cluley

Data loss Malware Ransomware CNA data breach insurance ransomwareYes, you read that correctly. FORTY MILLION DOLLARS.

Cyber insurance giant CNA hit by ransomware attack

Graham Cluley

Insurance firm CNA Hardy says that it has suffered a “sophisticated cybersecurity attack” that has impacted its operations, including its email system. Data loss Malware Ransomware data breach Evil Corp insurance Phoenix Locker ransomware

Smashing Security podcast #223: Booze, nudes, and insurance dudes

Graham Cluley

Should insurance companies be banned from helping companies pay ransomware demands? Malware Phishing Podcast Ransomware domain name insurance phishing ransomware Smashing SecurityHow has malware is messing with motorcars in the United States?

Avaddon Targets Insurer AXA with Ransomware | Avast

Security Boulevard

Just a week after announcing it would no longer cover ransomware payments in France, global insurance company AXA has been hit with a targeted ransomware attack. The post Avaddon Targets Insurer AXA with Ransomware | Avast appeared first on Security Boulevard.

U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs

Krebs on Security

A well-organized Nigerian crime ring is exploiting the COVID-19 crisis by committing large-scale fraud against multiple state unemployment insurance programs, with potential losses in the hundreds of millions of dollars, according to a new alert issued by the U.S.

US Business Insurance company pays $40 million to ransomware hackers

CyberSecurity Insiders

CNA Financial that offers customized business insurance-related services across the United States has reportedly paid $40 million to hackers to free up its database from the encryption-driven file-encrypting malware. . Ransomware CNA Insurance

Is it Time to Update Your Cyber Insurance Strategy?

Security Boulevard

In 2021, rethinking your cyber insurance strategy should be a top priority for CISOs and executive leadership. The elevated risk landscape is driving growing demand for cyber insurance: Nearly four out of five organizations. The post Is it Time to Update Your Cyber Insurance Strategy?

Suspected ransomware attack on CNA Insurance Chicago

CyberSecurity Insiders

United States largest insurance provider CAN Insurance has become a recent victim to a cyber attack making its website and services inaccessible to users from the past three days. The post Suspected ransomware attack on CNA Insurance Chicago appeared first on Cybersecurity Insiders.

Cybersecurity Insurers Are Putting an End to the ‘Pass the Buck’ Era

Security Boulevard

The post Cybersecurity Insurers Are Putting an End to the ‘Pass the Buck’ Era appeared first on TechSpective. The post Cybersecurity Insurers Are Putting an End to the ‘Pass the Buck’ Era appeared first on Security Boulevard.

Congress to review Federal Cyber Terrorism Risk Insurance Program

CyberSecurity Insiders

The objective is to reassess the coverage provided by the Federal Cyber Terrorism Risk Insurance Program( TRIP) in the event of cyber-terrorist activities on the IT infrastructure hosted by public and private properties. News Insurance Cyber Terrorism

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

eSecurity Planet

The explosion of ransomware and similar cyber incidents along with rising associated costs is convincing a growing number of insurance companies to raise the premiums on their cyber insurance policies or reduce coverage, moves that could further squeeze organizations under siege from hackers.

No more insurance reimbursements for Ransomware Attacks in France

CyberSecurity Insiders

French multinational Insurance Company AXA has publicly announced that it will not issue any reimbursements for the victims of Ransomware attacks in France. The post No more insurance reimbursements for Ransomware Attacks in France appeared first on Cybersecurity Insiders.

New Cyber Insurance Guidelines for New York businesses

CyberSecurity Insiders

As cyber insurance plays a critical role in managing cyber risks, New York Department of Financial Services has planned a new set of guidelines for companies that are seeking insurance policies to minimize cyber losses on a financial note. News cyber insurance New York

Theft of Customer Data Is a Growing Risk for U.S. Health Insurers

Heimadal Security

Because of the increasingly advanced methods used by hackers during the expansion of remote healthcare delivery and the growing digitization of insurance transactions, clinical records, and billing, American health insurers are currently vulnerable to cybersecurity attacks.

An Interesting Approach to Cyber Insurance

Dark Reading

What if insurers were to offer companies an incentive -- say, a discount -- for better protecting themselves? You know, the way car insurance companies offer lower premiums to customers who take a driver's ed course

Cyber Insurance Firms Start Tapping Out as Ransomware Continues to Rise

Dark Reading

A global insurance carrier refuses to write new ransomware policies in France, while insurers rewrite policies. Are we heading toward a day when ransomware incidents become uninsurable

How Are Cyber Insurance Companies Assessing Ransomware Risk?

Dark Reading

From limiting claims payments to tying payments to policyholders' actions, the cyber insurance industry is in "a very dynamic place right now," says Corvus Insurance CEO Phil Edmundson

Understanding Insurance Exclusions That May Leave You Vulnerable

Security Boulevard

In this blog post we expand on the issue of silent cyber we mentioned in our last blog and dive into different examples of insurance exclusions that may be present in your portfolio. The post Understanding Insurance Exclusions That May Leave You Vulnerable appeared first on Security Boulevard.

17 cyber insurance application questions you'll need to answer

CSO Magazine

I recently had to renew the cyber insurance policy for the office and it was interesting to see the evolution of questions asked over the years. Now the questions suggest that insurance providers understand that network security includes much more than antivirus software.

Using Insurance Data to Better Tackle Ransomware

Security Boulevard

Since the early 2000s, many companies have purchased cyber insurance to protect them when data is stolen, networks are breached, regulatory agencies levy fines, or other related incidents occur. The topics of ransomware and how the insurance industry can impact.

The Adoption of Cybersecurity Insurance and its Role in the Modern World

Security Boulevard

In this part of the blog series on the connection between cybersecurity and insurance, we move into the adoption of cybersecurity insurance and what is typically covered by these policies. Security Bloggers Network Blog Posts Cyber Risk Insurance

Insurance giant CNA reports data breach after ransomware attack

Bleeping Computer

CNA Financial Corporation, a leading US-based insurance company, is notifying customers of a data breach following a Phoenix CryptoLocker ransomware attack that hit its systems in March. [.].

Insurance firm CNA discloses data breach after March ransomware attack

Security Affairs

Insurance giant CNA notifies customers of a data breach after the Phoenix CryptoLocker ransomware attack suffered in March. US insurance giant CNA is notifying customers of a data breach after the ransomware attack that it suffered in March.

What to consider when shopping for cyber insurance

Tech Republic Security

Cyber insurance is gaining favor in the business world. An expert offers tips on how to get what's needed for the best price

US insurance giant AJG reports data breach after ransomware attack

Bleeping Computer

Gallagher (AJG), a US-based global insurance brokerage and risk management firm, is mailing breach notification letters to potentially impacted individuals following a ransomware attack that hit its systems in late September. [.]. Arthur J.

Why cybersecurity insurance may be worth the cost

Tech Republic Security

Cybersecurity insurance can compensate you in the event of a cyberattack. But how do you determine the right policy for your needs

Insurer AXA says it will no longer cover ransomware payments in France

Hot for Security

Insurance giant AXA has said that it is no longer writing cyberinsurance policies in France that cover ransom payments to extortionists. In addition, it will not affect existing policies that companies may have with the insurer.

The Double-Edged Sword of Cybersecurity Insurance

Dark Reading

With ransomware on the rise, more organizations are opting to purchase cyber insurance -- tipping off criminals about how much to demand for access back to pilfered systems and data

Four years after NotPetya, cyber insurance is still catching up

CSO Magazine

Faced with increasing payouts and a likely storm of litigation around the recent SolarWinds and Microsoft Exchange server compromises, cyber insurers are facing an “existential battle” for their future, a leading cybersecurity researcher and privacy consultant has warned.

What is Cyber Liability Insurance?

Duo's Security Blog

Don’t worry though, there's already an insurance policy for that. What is Cyber Liability Insurance? Cyber liability insurance, sometimes known as cyber insurance, is distinct from traditional commercial general liability and property insurance policies.