Insurance, Ransomware and Risk - Cyber Security Informer

RSAC Fireside Chat: Operationalizing diverse security to assure customers, partners–and insurers

The Last Watchdog

JUNE 11, 2025

Related: Getting the most from cyber insurance At RSAC 2025, I met with ESET Chief Security Evangelist Tony Anscombe to trace a quiet but growing convergence: endpoint defense, cyber insurance, and monoculture risk are no longer separate concerns. Cyber insurers want it. And increasingly, that evidence is under scrutiny.

Insurance

Insurance Cyber Insurance Antivirus CISO

Healthcare Now Third-Most Targeted Industry for Ransomware

SecureWorld News

NOVEMBER 14, 2024

Ransomware attacks on healthcare organizations have sharply increased in 2024, as shown by recent research from Safety Detectives. Compared to 2023, healthcare providers are facing a higher frequency of ransomware incidents, impacting their ability to deliver essential services and protect sensitive patient data.

Healthcare

Healthcare Ransomware Identity Theft Data breaches

Report Finds 50% of Scattered Spider Phishing Domains Targeted Finance & Insurance

Digital Shadows

JANUARY 22, 2025

Were thrilled to unveil our latest threat landscape report for the finance and insurance sector, offering in-depth analysis of the evolving cyber threats facing this industry. These methods enable unauthorized access, credential theft, and ransomware deployment, severely disrupting operations and eroding customer trust.

Insurance

Insurance Phishing Social Engineering Engineering

Ransomware negotiator investigated over criminal gang kickbacks

Malwarebytes

JULY 8, 2025

That might not have been the case at Digital Mint, a ransomware negotiation company where one worker allegedly went rogue. According to Bloomberg , Digital Mint is cooperating with the US Department of Justive (DoJ) to investigate allegations that a former employee had worked with ransomware criminals.

Ransomware

Ransomware Cyber Insurance Government Insurance

Top Cybersecurity Trends to Watch Out For in 2025

Centraleyes

DECEMBER 16, 2024

Tools like ChatGPT and Bard, powered by large language models, showcase how generative AI transforms business processesbut they also pose new risks. In a recent survey, 93% of respondents admitted to knowingly increasing their companys cybersecurity risks. The challenge? Securing these AI models and the data they generate.

Cybersecurity

Cybersecurity Insurance Cyber Insurance Technology

Are Leaders Ready to Break the Ransomware Cycle

Security Boulevard

OCTOBER 21, 2024

It is good to see US government leaders realize that ransomware is a growing existential threat to our country, at the hands of our adversaries. A top US national cybersecurity advisor stated in a recent op-ed , “This is a troubling practice that must end.” The government is looking at ways to disrupt ransomware attacks.

Ransomware

Ransomware Insurance Cyber Insurance Government

Dental group lied through teeth about data breach, fined $350,000

Malwarebytes

JANUARY 6, 2025

A US chain of dental offices known as Westend Dental LLC denied a 2020 ransomware attack and its associated data breach, instead telling their customers that data was lost due to an accidentally formatted hard drive. In October 2020, Westend Dental was attacked by the Medusa Locker ransomware group.

Data breaches

Data breaches Ransomware Passwords Insurance

Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory

eSecurity Planet

MARCH 17, 2025

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), has released a joint cybersecurity advisory warning organizations about the escalating threat posed by the Medusa ransomware.

Ransomware

Ransomware Backups Firmware Insurance

Healthcare Cybersecurity Market Soars: Key Trends and Insights

SecureWorld News

MAY 2, 2025

Healthcare cybersecurity demand will be driven by ransomware resilience needs, FDA mandates for medical devices, and AI-powered threat detection," notes the Astute Analytica report. A primary catalyst is the sharp rise in ransomware and other attacks on hospitals and clinics.

Healthcare

Healthcare Marketing Cybersecurity CISO

The Rise of Ransomware-as-a-Service (RaaS)

SecureWorld News

JULY 8, 2025

Ransomware is no longer the work of lone-wolf hackers with deep technical chops. Ransomware-as-a-Service (RaaS) has transformed cybercrime into an accessible, scalable platform that anyone can tap into—no code required. Explosive growth in ransomware attacks across every industry. The result? It starts with awareness.

Ransomware

Ransomware Cybercrime Phishing Cryptocurrency

From Risk to ROI: How Security Maturity Drives Business Value

Thales Cloud Protection & Licensing

AUGUST 11, 2025

From Risk to ROI: How Security Maturity Drives Business Value madhav Tue, 08/12/2025 - 04:30 Cyber threats are like moving targets—constantly evolving and increasingly pervasive. Additionally, the framework provides a phased strategy for implementing data security, prioritizing three key objectives: compliance, risk management, and security.

Risk

Risk Healthcare Cyber threats Manufacturing

Verizon's 2025 DBIR: Threats Are Faster, Smarter, and More Personal

SecureWorld News

APRIL 23, 2025

The DBIR breaks down breach trends across industries: Financial and Insurance: Heavily targeted by credential stuffing and phishing; fastest detection rates. Public Sector: DoS attacks and ransomware remain major concerns. Manufacturing: IP theft and ransomware are top risks; OT/ICS systems still lag in basic controls.

CISO

CISO Backups Ransomware Risk

Top 10 Cybersecurity Trends to Expect in 2025

Hacker's King

DECEMBER 24, 2024

Quantum Computing Threats While quantum computing offers immense potential, it also poses a serious risk to traditional encryption methods. Expansion of Cyber Insurance As cyberattacks grow in frequency and scale, the demand for cyber insurance will surge.

Cybersecurity

Cybersecurity Cyber Insurance IoT Insurance

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches

Data breaches Cybercrime Cyber Insurance Marketing

State of Cybersecurity in Canada 2025: Key Insights for InfoSec Leaders

SecureWorld News

FEBRUARY 5, 2025

The State of Cybersecurity in Canada 2025 report, published by the Canadian Cybersecurity Network (CCN) and the Security Architecture Podcast , delivers an in-depth analysis of the evolving threat landscape, emerging risks, and strategic recommendations for Canadian organizations. Key findings: the cyber threat landscape in 2025 1.

InfoSec

InfoSec Cybersecurity Energy and Utilities Cyber Insurance

From Risk to ROI: How Security Maturity Drives Business Value

Security Boulevard

AUGUST 11, 2025

From Risk to ROI: How Security Maturity Drives Business Value madhav Tue, 08/12/2025 - 04:30 Cyber threats are like moving targets—constantly evolving and increasingly pervasive. Additionally, the framework provides a phased strategy for implementing data security, prioritizing three key objectives: compliance, risk management, and security.

Risk

Risk Healthcare Cyber threats Manufacturing

Why MSSPs Must Prioritize Cyber Risk Quantification in 2025

Centraleyes

JUNE 9, 2025

Have you ever had a client ask, “How much risk are we facing?” They want risk explained in clear, unambiguous terms—and most of all, they want numbers. Cyber Risk Quantification (CRQ) helps MSSPs turn security work into real business value. What Is Cyber Risk Quantification? What Is Cyber Risk Quantification?

Cyber Risk

Cyber Risk Risk Insurance Cyber Insurance

Krispy Kreme Cyber Attack a Wake-Up Call for the Food Industry

SecureWorld News

MARCH 17, 2025

Although there remains some ambiguity over whether ransomware was employed, the Play ransomware gang later claimed responsibility , alleging that sensitive data, such as payroll records, contracts, tax documents, and customer financial information, was exfiltrated.

Cyber Attacks

Cyber Attacks Digital transformation Threat Detection Cyber Insurance

New Cybersecurity Rules for Financial Institutions in New York State Take Effect November 1, 2024

Thales Cloud Protection & Licensing

OCTOBER 24, 2024

The cybersecurity regulations apply to entities overseen by the NYDFS, such as financial institutions, insurance companies, agents, and brokers, as well as banks, trusts, mortgage lenders and brokers, money transmitters, check cashers, and other related businesses. Human error was the leading cause of cloud-based data breaches.

Financial Services

Financial Services Cybersecurity CISO Backups

Scattered Spider Targets U.S. Critical Infrastructure Through VMware Attacks

SecureWorld News

JULY 28, 2025

The threat actors are bypassing traditional endpoint protections by directly attacking the hypervisor layer, utilizing social engineering and identity compromise to hijack administrative access and deploy ransomware from within. He emphasized that virtualization—which is meant to simplify operations—also centralizes risk.

Social Engineering

Social Engineering Backups Phishing Engineering

Cybersecurity Snapshot: WEF Offers AI Security Best Practices, as DORA Regulation Places Strict Cyber Rules on Banks

Security Boulevard

JANUARY 24, 2025

And get the latest on ransomware trends; CIS Benchmarks; and data privacy. The latest guidance for adopting AI securely comes from the World Economic Forum, whose new Artificial Intelligence and Cybersecurity: Balancing Risks and Rewards report seeks to explain how organizations can benefit from AI while reducing their cybersecurity risks.

Banking

Banking Cybersecurity Artificial Intelligence Ransomware

New AI “agents” could hold people for ransom in 2025

Malwarebytes

FEBRUARY 4, 2025

In 2023, Malwarebytes Labs subverted these boundaries to successfully get ChatGPT to write ransomware twice. Cybercrime is a very mature field that relies on a set of well-established tools, such as phishing, information stealers, and ransomware that are already feature complete. That could change in 2025.

Artificial Intelligence

Artificial Intelligence Small Business Malware Technology

Why I Refused to Say “People Are the Weakest Link in Cyber”

Jane Frankland

JUNE 24, 2025

The UK Government’s refreshed Cyber Governance Code of Practice sets a clear direction with guidance, and is holding boards accountable for human cyber risk. I’m approaching this from my role with OutThink , the Cybersecurity Human Risk Management platform I proudly represent as an advisor and brand ambassador. Not a bolt-on.

Cyber Risk

Cyber Risk Security Awareness Risk Government

Security Roundup October 2024

BH Consulting

OCTOBER 24, 2024

Grant aid for SME cybersecurity as the Ireland’s industry expands A new grant aims to help SMEs to review and update their cybersecurity and mitigate against the risk of incidents. Denial of Service (DDoS) attacks and ransomware dominated, making up for more than half the observed incidents.

Social Engineering

Social Engineering Passwords Cybersecurity Ransomware

Risk Management in Higher Education: Top Challenges and Proven Solutions

Centraleyes

MAY 21, 2025

Leading a university also means managing a very complex set of risks: cyberattacks, financial instability, regulatory shifts, and reputational fallout, just to name a few. These risks threaten an institutions ability to educate, innovate, and serve its community. Top Challenges in Risk Management for Colleges and Universities 1.

Education

Education Risk Cyber Insurance Insurance

AI Dilemma: Emerging Tech as Cyber Risk Escalates

Trend Micro

JULY 2, 2025

Move faster than your adversaries with powerful purpose-built XDR, cyber risk exposure management, and zero trust capabilities Learn more Extend Your Team Extend Your Team.

Cyber Risk

Cyber Risk Risk Cyber threats Artificial Intelligence

NYDFS Cybersecurity Regulation: Dates, Facts and Requirements

Centraleyes

MARCH 13, 2025

Enacted in 2017, this regulation is all about minimizing risk in the financial services sector, which, lets face it, is prime real estate for cybercriminals. The program should be tailored to your specific business risks. Insight: Many businesses make the mistake of copying templates without understanding their unique risks.

Cybersecurity

Cybersecurity Financial Services Risk Encryption

Supply-chain dependencies: Check your resilience blind spot

We Live Security

AUGUST 12, 2025

In my example, say the taco seasoning company is disrupted by ransomware, and while the cybercriminal may ask the seasoning company to pay a demand directly, they may actually gain more if they requested payment from all the companies reliant on the supplier’s product, as a lack of supply may cost them more than the supplier itself.

Cyber Insurance

Cyber Insurance Policy Compliance Insurance Risk

Top Cyber Attacker Techniques, August–October 2024

Digital Shadows

NOVEMBER 26, 2024

Despite a slowdown in “LockBit” ransomware activity due to law enforcement actions and a loss of affiliate trust, it remains a key player. Meanwhile, “RansomHub” is rising rapidly due to its attractive ransomware-as-a-service (RaaS) model. Despite the importance of employee training, sometimes it just isn’t enough.

Cyber Attacks

Cyber Attacks Phishing Ransomware Cyber Insurance

Allianz Life says majority of 1.4 million US customers’ info breached

Malwarebytes

JULY 29, 2025

Insurance company Allianz Life was breached, exposing the data of most of its 1.4 However, in June, Google warned about a ransomware group that was specializing in voice phishing (vishing) campaigns that are specifically designed to compromise organizations’ Salesforce instances for large-scale data theft and extortion.

Social Engineering

Social Engineering Data breaches Phishing Passwords

Cyber Essentials Plus (v3.2 – Technical Testing Prep)

Centraleyes

JULY 27, 2025

The Cyber Essentials Plus (v3.2 – Technical Testing Prep) assessment on the Centraleyes platform helps organizations systematically prepare for their official CE+ audit. technical testing with speed and precision.

Insurance

Insurance Cyber Insurance Government Authentication

2024 Thales Global Data Threat Report: Trends in Financial Services

Thales Cloud Protection & Licensing

OCTOBER 14, 2024

Looking at FinServ firms’ top threats, ransomware attacks against this sector continue to grow, with 18% saying they had suffered an attack. For example, nearly half (49%) of those surveyed said they use five or more key management systems, running the risk of gaps in management and configuration inviting criminals to exploit them.

Financial Services

Financial Services Threat Reports Authentication Banking

How to Build an Effective Security Awareness Program

Trend Micro

JUNE 26, 2025

Move faster than your adversaries with powerful purpose-built XDR, cyber risk exposure management, and zero trust capabilities Learn more Extend Your Team Extend Your Team.

Security Awareness

Security Awareness Cyber Risk Risk Phishing

Securing Critical Infrastructure Against Cyberattacks

SecureWorld News

JULY 1, 2025

Ransomware-as-a-Service collectives go even further in allowing practically anyone to enact cyberattacks; the Play gang weaponized a 2025 Windows zero-day just days after it was introduced, bundling the exploit into its affiliate kit for paying customers. Supply chain weaknesses compound the risk. allies are taking.

Social Engineering

Social Engineering Engineering Phishing Healthcare

LW ROUNDTABLE: Lessons learned from the headline-grabbing cybersecurity incidents of 2024

The Last Watchdog

DECEMBER 15, 2024

Silva Joe Silva , CEO, Spektion Reflecting on attacks in 2024, many organizations lacked visibility into their third-party software leaving themselves open to exploitation.Until organizations can shift software risk management leftbeyond reactive patchingthey will remain. Software sprawl continues to expand the attack surface. If the U.S.

Cybersecurity

Cybersecurity CISO Cyber threats Risk

Security Affairs newsletter Round 495 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 27, 2024

Chinese cyber spies targeted phones used by Trump and Vance Irish Data Protection Commission fined LinkedIn €310M for GDPR infringement Change Healthcare data breach impacted over 100 million people OnePoint Patient Care data breach impacted 795916 individuals From Risk Assessment to Action: Improving Your DLP Response U.S.

Data breaches

Data breaches Healthcare Cybercrime Hacking

The Cybersecurity Challenge in Mergers and Acquisitions

Digital Shadows

DECEMBER 5, 2024

Together, these factors magnify any existing vulnerabilities, transforming manageable risks into significant threats during the M&A period. We’ll also provide actionable recommendations so you can proactively defend against these heightened risks and ensure a more secure and successful integration.

Cybersecurity

Cybersecurity Accountability Risk Software

Ensuring Secure Container Deployments with Image Signature Verification

Trend Micro

JUNE 10, 2025

Move faster than your adversaries with powerful purpose-built XDR, cyber risk exposure management, and zero trust capabilities Learn more Extend Your Team Extend Your Team.

Cyber Risk

Cyber Risk Risk Network Security Insurance

Innovation in the Fast Lane: Lessons from Motorsport and Cybersecurity

Trend Micro

JUNE 10, 2025

Move faster than your adversaries with powerful purpose-built XDR, cyber risk exposure management, and zero trust capabilities Learn more Extend Your Team Extend Your Team.

Cybersecurity

Cybersecurity Cyber Risk Risk Artificial Intelligence

DORA arrives: Here’s what you need to know

BH Consulting

JANUARY 17, 2025

Close to 65 per cent of financial organisations said they experienced a ransomware incident, up from 34 per cent in 2021. Between this and the Central Bank of Irelands guidance on ICT risk management and outsourcing, covered entities have had to put many good operational resilience and ICT risk management practices in place already.

Risk

Risk Banking Financial Services Insurance

Security Roundup February 2025

BH Consulting

FEBRUARY 24, 2025

Cybercriminals felt the heat from law enforcement last year, while ransomware payments fell. Intel471 has a detailed analysis of other significant law enforcement operations in 2024, including against the LockBit ransomware gang and multiple malware droppers. But still, progress is progress.

Cyber Insurance

Cyber Insurance Insurance Ransomware Artificial Intelligence

The danger of data breaches — what you really need to know

Webroot

APRIL 22, 2025

Chances are youve received at least one of these letters, which means you have been put at risk for identity theft and major financial losses. Hijacking online accounts : If your login credentials (usernames and passwords) are leaked, all your online accounts are put at risk. In 2024, more than 1.3

Data breaches

Data breaches Identity Theft Passwords eCommerce

Australia’s 28-Day Cyber Comeback

Centraleyes

JUNE 26, 2025

The Regulatory Catalyst The Cybersecurity Act 2024, passed in December, codifies 72-hour ransomware payment reporting and heftier penalties for lax controls. Centraleyes, an AI-powered risk-management platform with customers in the Asia-Pacific region, reports a similar trend.

Cyber Insurance

Cyber Insurance Insurance Backups Healthcare

Key Cybersecurity Trends for 2025. My Predictions

Jane Frankland

JANUARY 12, 2025

In this blog, I’m exploring these changes, grouped under key categories that I’ve used in previous years, to help business leaders and cyber risk owners better prepare for the evolving landscape. Critical infrastructure face heightened risk from targeted disruptions, as do small businesses who are the backbone of the economy.

Cybersecurity

Cybersecurity CISO Insurance IoT

RSAC Fireside Chat: Operationalizing diverse security to assure customers, partners–and insurers

Healthcare Now Third-Most Targeted Industry for Ransomware

Trending Sources

Report Finds 50% of Scattered Spider Phishing Domains Targeted Finance & Insurance

Ransomware negotiator investigated over criminal gang kickbacks

Top Cybersecurity Trends to Watch Out For in 2025

Are Leaders Ready to Break the Ransomware Cycle

Dental group lied through teeth about data breach, fined $350,000

Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory

Healthcare Cybersecurity Market Soars: Key Trends and Insights

The Rise of Ransomware-as-a-Service (RaaS)

From Risk to ROI: How Security Maturity Drives Business Value

Verizon's 2025 DBIR: Threats Are Faster, Smarter, and More Personal

Top 10 Cybersecurity Trends to Expect in 2025

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

State of Cybersecurity in Canada 2025: Key Insights for InfoSec Leaders

From Risk to ROI: How Security Maturity Drives Business Value

Why MSSPs Must Prioritize Cyber Risk Quantification in 2025

Krispy Kreme Cyber Attack a Wake-Up Call for the Food Industry

New Cybersecurity Rules for Financial Institutions in New York State Take Effect November 1, 2024

Scattered Spider Targets U.S. Critical Infrastructure Through VMware Attacks

Cybersecurity Snapshot: WEF Offers AI Security Best Practices, as DORA Regulation Places Strict Cyber Rules on Banks

New AI “agents” could hold people for ransom in 2025

Why I Refused to Say “People Are the Weakest Link in Cyber”

Security Roundup October 2024

Risk Management in Higher Education: Top Challenges and Proven Solutions

AI Dilemma: Emerging Tech as Cyber Risk Escalates

NYDFS Cybersecurity Regulation: Dates, Facts and Requirements

Supply-chain dependencies: Check your resilience blind spot

Top Cyber Attacker Techniques, August–October 2024

Allianz Life says majority of 1.4 million US customers’ info breached

Cyber Essentials Plus (v3.2 – Technical Testing Prep)

2024 Thales Global Data Threat Report: Trends in Financial Services

How to Build an Effective Security Awareness Program

Securing Critical Infrastructure Against Cyberattacks

LW ROUNDTABLE: Lessons learned from the headline-grabbing cybersecurity incidents of 2024

Security Affairs newsletter Round 495 by Pierluigi Paganini – INTERNATIONAL EDITION

The Cybersecurity Challenge in Mergers and Acquisitions

Ensuring Secure Container Deployments with Image Signature Verification

Innovation in the Fast Lane: Lessons from Motorsport and Cybersecurity

DORA arrives: Here’s what you need to know

Security Roundup February 2025

The danger of data breaches — what you really need to know

Australia’s 28-Day Cyber Comeback

Key Cybersecurity Trends for 2025. My Predictions

Stay Connected