Insurance Coverage for NotPetya Losses

Schneier on Security

Tarah Wheeler and Josephine Wolff analyze a recent court decision that the NotPetya attacks are not considered an act of war under the wording of Merck’s insurance policy, and that the insurers must pay the $1B+ claim.

Insurance and Ransomware

Schneier on Security

Here’s one more contribution to that issue: a research paper that the insurance industry is hurting more than it’s helping. Although it is a societal problem, cyber insurers have received considerable criticism for facilitating ransom payments to cybercriminals.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

CyberSecurity Is Not Enough: Businesses Must Insure Against Cyber Losses

Joseph Steinberg

Ironically, while many larger enterprises purchase insurance to protect themselves against catastrophic levels of hacker-inflicted damages, smaller businesses – whose cyber-risks are far greater than those of their larger counterparts – rarely have adequate (or even any) coverage.

13 Important Considerations When Obtaining Cyber Liability Insurance

Joseph Steinberg

Likewise, the complexity of cybersecurity and of evaluating related risks has also translated into many insurance companies seeking to insure only large enterprises – the cost of doing business with small and medium sized business is simply not worth their time.

Top 8 Cyber Insurance Companies for 2022

eSecurity Planet

That’s where cyber insurance may be able to help. But there’s a catch: Insurers are going to carefully assess your cybersecurity controls before writing any policy, and there are limits to coverage. Cyber Insurance is Booming. Selecting a Cyber Insurer.

Where Next for Government in the Cyber Insurance Market?

Lohrman on Security

Cyber insurance is only getting more expensive, and the market is changing dramatically, with more changes to come. So what trends will drive adoption, rates and the wider future of cyber insurance

Merck Wins Insurance Lawsuit re NotPetya Attack

Schneier on Security

The insurance company Ace American has to pay for the losses: On 6th December 2021, the New Jersey Superior Court granted partial summary judgment (attached) in favour of Merck and International Indemnity, declaring that the War or Hostile Acts exclusion was inapplicable to the dispute.

Cyber War now excluded from Cyber Insurance

CyberSecurity Insiders

For all those companies who are planning to renew their cyber insurance policy or are in a procedure to take one, here’s a piece of information that might interest you. Most of the Cyber Insurance companies have excluded ‘Cyber War’ consequences from their policies.

Cybersecurity Insurance

Schneier on Security

Good article about how difficult it is to insure an organization against Internet attacks, and how expensive the insurance is. Typically in insurance we use the past as prediction for the future, and in cyber that's very difficult to do because no two incidents are alike," said Lori Bailey, global head of cyberrisk for the Zurich Insurance Group. In my new book -- out in September -- I write: There are challenges to creating these new insurance products.

Cyber-Liability Insurance 101: First Party Vs. Third Party Risks

Joseph Steinberg

Understanding the difference between the two is also essential when seeking to obtain – and when acquiring – cyber-liability insurance. First-party insurance, therefore, typically covers the costs of actions needed after a data breach, extortion, ransomware attack, or other hacker malfeasance.

The Future of Cyber Insurance

Dark Reading

Having cyber insurance is a good idea if the costs make sense — it could be the difference between going out of business and staying afloat. But it shouldn't be your first course of action

Major Israeli Insurance Company Hacked

Adam Levin

The personal information of thousands of Israeli citizens has been compromised as the result of a cyberattack on Shirbit, a leading insurance company. . The post Major Israeli Insurance Company Hacked appeared first on Adam Levin.

SMBs and Cyber Insurance – Third Certainty #27

Adam Levin

With the average cost of a data breach exceeding three million dollars, cyber insurance has become a necessity for SMBs. The post SMBs and Cyber Insurance – Third Certainty #27 appeared first on Adam Levin.

Next CISO headache: Vendor cyber insurance

CyberSecurity Insiders

Cyber insurance coverage? The many breaches and the dollar judgements handed down make cyber insurance another costly operating investment. Typically, a corporation’s top tier of vendors has some form of cyber insurance. Through the roof these days.

How To Start An Insurance Business In 2022

SecureBlitz

Learn how to start an insurance business in 2022 in this post. If you are looking for a recession-proof business, entering the insurance industry is the right choice. Insurance is an essential part of life for the majority of Americans.

Cybersecurity Insurance Not Paying for NotPetya Losses

Schneier on Security

This will complicate things: To complicate matters, having cyber insurance might not cover everyone's losses. Zurich American Insurance Company refused to pay out a $100 million claim from Mondelez, saying that since the U.S. I get that $100 million is real money, but the insurance industry needs to figure out how to properly insure commercial networks against this sort of thing. cybersecurity hacking insurance malware ransomware russia war

Cyber Insurance and the Changing Global Risk Environment

Security Affairs

When security fails, cyber insurance can become crucial for ensuring continuity. Our reliance on digital technology and the inherited risk is a key driving factor for buying cyber risk insurance. When security fails, cyber insurance can become crucial for ensuring continuity.

What’s happening in the world of personal cyber insurance?

Malwarebytes

You’ve likely only seen cybercrime insurance primarily mentioned in relation to attacks on businesses. Some folks think the mere presence of insurance simply encourages more attacks , and is hurting more than it’s helping. Drawing insurance lines in the sand.

Ransomware gang says it targets firms who have cyber insurance

Graham Cluley

A member of the REvil ransomware gang claims that the group specifically targets firms who have taken our cyber insurance. And what's more, it will hack insurance firms to identify them. Data loss Malware Ransomware data breach insurance ransomware Revil Travelex

How Cyber Insurance Drives DevSecOps

Security Boulevard

The costs and impacts of the SolarWinds breach were a wakeup call for third-party software vendors and their insurers. Insurers are aware that third-party software is being targeted, which is driving up insurance rates, says Rob Beeler, CTO and cofounder of Trava Security.

What is Identity theft Insurance?

Identity IQ

Identity theft insurance is a type of insurance policy that can help victims recover from losses caused by identity theft. It may be offered as a standalone policy, or as a benefit with other types of insurance or identity protection plans.

Insurance company says it will no longer cover state funded Cyber Attacks

CyberSecurity Insiders

Lloyd’s of London Insurance, simply known as Lloyd’s Insurance, has released a media update that it will no longer cover losses that were incurred because of cyber wars among nations. Cyber Attack Lloyds cyber insurance

Multi-Factor Authentication: A Key to Cyber Risk Insurance Coverage

Security Boulevard

Buying a cyber risk insurance program can help outsource residual risk, and deploying multi-factor authentication is […]… Read More. The post Multi-Factor Authentication: A Key to Cyber Risk Insurance Coverage appeared first on The State of Security.

What Is Cyber Liability Insurance?

Security Boulevard

In the face of mounting cyber attacks, many organizations look to mitigate their risk through insurance. But what is cyber liability insurance exactly? The post What Is Cyber Liability Insurance? The post What Is Cyber Liability Insurance?

Cyber insurance giant CNA hit by ransomware attack

Graham Cluley

Insurance firm CNA Hardy says that it has suffered a “sophisticated cybersecurity attack” that has impacted its operations, including its email system. Data loss Malware Ransomware data breach Evil Corp insurance Phoenix Locker ransomware

Is it Time to Update Your Cyber Insurance Strategy?

Security Boulevard

In 2021, rethinking your cyber insurance strategy should be a top priority for CISOs and executive leadership. The elevated risk landscape is driving growing demand for cyber insurance: Nearly four out of five organizations. The post Is it Time to Update Your Cyber Insurance Strategy?

Smashing Security podcast #223: Booze, nudes, and insurance dudes

Graham Cluley

Should insurance companies be banned from helping companies pay ransomware demands? Malware Phishing Podcast Ransomware domain name insurance phishing ransomware Smashing SecurityHow has malware is messing with motorcars in the United States?

The Role of Security Frameworks in Determining Cyber Insurance Risks | Apptega

Security Boulevard

Will NYDFS’s Cyber Insurance Framework Set a Precedent for the Cyber Insurance Industry? The post The Role of Security Frameworks in Determining Cyber Insurance Risks | Apptega appeared first on Security Boulevard.

Ransomware Damage Claims Driving Insurance Hikes

Security Weekly

The costs of cyber insurance policies are rising exponentially while underwriters are tightening the rules around who qualifies for cyber insurance, and at the same time, insurer capacity is constricting dramatically.

Cyber insurance giant CNA paid out $40 million to its ransomware attackers

Graham Cluley

Data loss Malware Ransomware CNA data breach insurance ransomwareYes, you read that correctly. FORTY MILLION DOLLARS.

NY Department of Financial Services Issues Cyber Fraud Alert to Auto Insurers

Hot for Security

The New York Department of Financial Services (NYDFS) has issued an alert to instant-quote websites, particularly car insurers, warning of a growing campaign to steal nonpublic information (NPI).

Action Fraud Warns of Ongoing UK National Insurance Scam

Hot for Security

The UK’s National Fraud & Cyber Crime Reporting Center (Action Fraud) is warning citizens about a National Insurance scam targeting their personally identifiable information (PII).

New Cyber Insurance Guidelines for New York businesses

CyberSecurity Insiders

As cyber insurance plays a critical role in managing cyber risks, New York Department of Financial Services has planned a new set of guidelines for companies that are seeking insurance policies to minimize cyber losses on a financial note. News cyber insurance New York

Insurance Companies: A “Tasty Morsel” to Cyber Criminals

Security Boulevard

Yes, this is one of the tastiest morsels…to hack the insurers first—to get their customer base and work in a targeted way from there.” The post Insurance Companies: A “Tasty Morsel” to Cyber Criminals appeared first on SecZetta. The post Insurance Companies: A “Tasty Morsel” to Cyber Criminals appeared first on Security Boulevard. Security Bloggers Network Industry Blog Industry Insights insurance

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

eSecurity Planet

The explosion of ransomware and similar cyber incidents along with rising associated costs is convincing a growing number of insurance companies to raise the premiums on their cyber insurance policies or reduce coverage, moves that could further squeeze organizations under siege from hackers.

Suspected ransomware attack on CNA Insurance Chicago

CyberSecurity Insiders

United States largest insurance provider CAN Insurance has become a recent victim to a cyber attack making its website and services inaccessible to users from the past three days. The post Suspected ransomware attack on CNA Insurance Chicago appeared first on Cybersecurity Insiders.

Will Your Insurance Policies Step in After a Cyber-Attack?

Security Boulevard

Read article > The post Will Your Insurance Policies Step in After a Cyber-Attack? The post Will Your Insurance Policies Step in After a Cyber-Attack? Security Bloggers Network Blog Posts Cyber Risk Insurance

Breach Response Shift: More Lawyers, Less Cyber-Insurance Coverage

Dark Reading

Meanwhile, cyber-insurance premiums are rising but covering less Companies are more likely to rely on outside attorneys to handle cyber response in order to contain potential lawsuits.

U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs

Krebs on Security

A well-organized Nigerian crime ring is exploiting the COVID-19 crisis by committing large-scale fraud against multiple state unemployment insurance programs, with potential losses in the hundreds of millions of dollars, according to a new alert issued by the U.S.

Insurance industry being ravaged by high rate of cyberattacks

Tech Republic Security

The post Insurance industry being ravaged by high rate of cyberattacks appeared first on TechRepublic. A new report from Black Kite shows the entire sector may be ripe for ransomware attacks. Security

Merck Wins Insurance Lawsuit re NotPetya Attack

Security Boulevard

The insurance company Ace American has to pay for the losses: On 6th December 2021, the New Jersey Superior Court granted partial summary judgment (attached) in favour of Merck and International Indemnity, declaring that the War or Hostile Acts exclusion was inapplicable to the dispute.

Cyberresilience: Your Data Insurance Policy

Security Boulevard

The post Cyberresilience: Your Data Insurance Policy appeared first on Security Boulevard. In the wake of the Colonial Pipeline hack, businesses all over the world are getting a very loud reminder that they could be next to be compromised by a ransomware intrusion.

Cyber Insurance and War Exclusions

Dark Reading

Here's what a cybersecurity lawyer thinks security pros need to know in light of Russia's invasion of Ukraine