CGI

FEBRUARY 28, 2017

Insurers’ digital focus is looking through the wrong ‘lens’. Tue, 02/28/2017 - 03:52. Read any article on digital insurance and it seems to me that it is all about the insurers! harini.kottees….

Insurance 40

Insurance Big data IoT Manufacturing 40

Krebs on Security

MARCH 3, 2020

Last week, KrebsOnSecurity reported to health insurance provider Blue Shield of California that its Web site was flagged by multiple security products as serving malicious content. How did a browser extension lead to a malicious link being added to the health insurance company Web site?

Insurance 285

Insurance File names Risk Marketing 285

Security Affairs

NOVEMBER 30, 2020

“Sources said the county is in the process of paying the $500,000 ransom as it’s insured for such attacks.” We commenced an immediate investigation that included taking certain systems offline and working with computer forensic specialists to determine the nature and scope of the event.

Computer and Electronics 107

Computer and Electronics Ransomware Insurance Encryption 107

Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. Readers may recall that NYDFS’ cybersecurity regulation went into effect in March of 2017. NSC reported a second cybersecurity event to NYDFS on May 12, 2020.

Cybersecurity 94

Cybersecurity Financial Services Phishing Compliance 94

Schneier on Security

FEBRUARY 28, 2024

In the first week of January, the pharmaceutical giant Merck quietly settled its years-long lawsuit over whether or not its property and casualty insurers would cover a $700 million claim filed after the devastating NotPetya cyberattack in 2017. The 9/11 attacks cost insurers and reinsurers $47 billion.

Insurance 115

Insurance Government Cybersecurity Risk 115

HL Chronicle of Data Protection

FEBRUARY 25, 2020

The NYDFS Regulation originally came into effect on March 1, 2017, and provided for a two-year implementation plan for companies to develop a robust cybersecurity program. Notify NYDFS within 72 hours of a qualifying cyber event. Recent events suggest, however, that the grace period may be coming to an end.

Cybersecurity 104

Cybersecurity Financial Services Data breaches Insurance 104

Hunton Privacy

APRIL 27, 2017

Earlier this month, the New York State Department of Financial Services (“NYDFS”) recently published FAQs and key dates for its cybersecurity regulation (the “NYDFS Regulation”) for financial institutions that became effective on March 1, 2017. September 27, 2017 – the initial 30-day period for filing Notices of Exemption ends.

Cybersecurity 53

Cybersecurity Compliance Financial Services Insurance 53

Hunton Privacy

JUNE 30, 2017

On June 26, 2017, Airway Oxygen, a provider of oxygen therapy and home medical equipment, reported that it was the subject of a ransomware attack affecting 500,000 patients’ protected health information. According to Airway Oxygen’s statement , the company discovered the presence of ransomware on its systems in April 2017.

Data breaches 56

Data breaches Ransomware Insurance Access 56

Data Matters

FEBRUARY 7, 2018

By August 28, 2017, Covered Entities were required to have a cybersecurity program in place, as well as a board (or senior officer) approved written cybersecurity policy and Chief Information Security Officer to help protect data and systems. They also became obligated to report cybersecurity events to the NYDFS. .

Compliance 60

Compliance Cybersecurity Information Security Privacy 60

Hunton Privacy

JANUARY 25, 2017

On January 18, 2017, the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) entered into a resolution agreement with MAPFRE Life Insurance Company of Puerto Rico (“MAPFRE”) relating to a breach of protected health information (“PHI”) contained on a portable storage device.

Security awareness 40

Security awareness Insurance Risk Compliance 40

Data Matters

AUGUST 27, 2018

The NYDFS has been assisting Covered Entities with compliance questions through its frequently asked questions (“FAQs”) and answers on the NYDFS website, originally published on June 20, 2017 and updated most recently on August 9, 2018. They also became obligated to report cybersecurity events to the NYDFS.

Cybersecurity 60

Cybersecurity Compliance Encryption Risk 60

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 66

Financial Services Cybersecurity Insurance Risk 66

Data Protection Report

AUGUST 3, 2017

On August 1, 2017, US Senators unveiled a bipartisan bill to mandate baseline cybersecurity requirements for internet connected devices purchased by the federal government. Recent events show that the IoT is an attractive vector for a cyberattack.

IoT 40

IoT Cybersecurity Insurance Marketing 40

AIIM

NOVEMBER 23, 2021

Back in 2017, I called up a few of the information governance friends I’d made through the AIIM Community to better understand the challenges they were up against. We asked the attendees of a recent virtual event, "What's holding you back in your organization's efforts to automate information governance and compliance?"

Information governance 118

Information governance Government Customer Experience Archiving 118

Data Protection Report

SEPTEMBER 11, 2017

In one example of a post-attack disclosure, FedEx’s most recent 10-K (May 2017) discusses the impact of the WannaCry and Petya attacks on FedEx systems and subsidiaries. Still, in what for the moment might seem like a more pedestrian risk, companies continue to be affected by ransomware. Here is how some companies have addressed it.

Risk 40

Risk Ransomware Insurance Data breaches 40

IT Governance

MAY 1, 2018

According to the 2017 SANS Incident Response Survey , the challenges facing CIR management include: A lack of resources; Staffing and skills shortages; Budgetary shortages for tools and technology; Detecting sophisticated attackers and removing their traces; and. The common challenges facing incident response. It’s a legal requirement.

Information Security 58

Information Security Risk IoT Insurance 58

Hunton Privacy

MAY 16, 2017

On May 12, 2017, a massive ransomware attack began affecting tens of thousands of computer systems in over 100 countries. And in some cases, a business’ inability to maintain its day-to-day operations during a ransomware attack could deny people critical access to services like health care in the event of an emergency.” Litigation.

Ransomware 61

Ransomware Insurance Access Information Security 61

eSecurity Planet

SEPTEMBER 14, 2022

According to statistics from the FBI’s 2021 Internet Crime Report , complaints to the Internet Crime Complaint Center (IC3) have been rising since 2017. Finance and insurance finished a close second at 22.4%. Finance and insurance companies were particularly vulnerable to the sort of phishing scams we’re talking about.

Energy and Utilities 120

Energy and Utilities Phishing Blockchain Cybersecurity 120

Security Affairs

NOVEMBER 26, 2018

Reporting an event is one action that can help. in 2017 totaled 1,579, a nearly 44.7 Reporting an event is one action that can help. The way in which you respond to a data breach has a significant impact on how severe its consequences are. The number of data breaches that were tracked in the U.S. In the U.S.,

Data breaches 92

Data breaches Personal data GDPR Cybersecurity 92

eDiscovery Daily

FEBRUARY 18, 2019

The plaintiff’s workers’ compensation claim was settled in January 2017. The plaintiff subsequently filed the suit in July 2017. On July 3, 2018, plaintiff tendered a document request for, among other things, “surveillance footage, recordings or other video…that refer or relate to any events alleged in Plaintiff’s Complaint.”

e-Discovery 43

e-Discovery Computer and Electronics Insurance Education 43

Data Matters

OCTOBER 2, 2019

Part 2 (“Part 2”) regulations that place restrictive conditions on the disclosure of SUD patient records—limitations that go above and beyond Health Insurance Portability and Accountability Act (“HIPAA”) restrictions. HHS revised the Part 2 rules in 2017 and made further modifications in 2018.)

Privacy 66

Privacy Insurance IT 66

DLA Piper Privacy Matters

NOVEMBER 6, 2018

The Court of Appeal delivered its decision in the case of WM Morrisons Supermarkets Plc v Various Claimants ([2018] EWCA Civ 2339) in October, dismissing Morrisons’ appeal against an earlier decision from 2017 finding the supermarket vicariously liable for the actions of a former employee, Andrew Skelton. Morrisons #2 Court of Appeal.

Insurance 45

Insurance Data breaches Personal data GDPR 45

CGI

MARCH 3, 2019

It also gives the authorities the power to impose hefty fines in the event of a breach. Late in 2017, CGI UK commissioned and directed the Centre for Economics and Business Research (CEBR) and Opinium to conduct a survey and research around attitudes towards and preparedness for GDPR. Consequences of a breach. Suppliers and GDPR.

GDPR 45

GDPR Insurance Data breaches Personal data 45

eSecurity Planet

FEBRUARY 16, 2021

The internet is fraught with peril these days, but nothing strikes more fear into users and IT security pros than the threat of ransomware. A ransomware attack is about as bad as a cyber attack can get. Here, then, is a comprehensive look at ransomware, what it is, how to prevent it, and what to do if you become one of its unfortunate victims.

Ransomware 97

Ransomware Encryption Insurance Cloud 97

HL Chronicle of Data Protection

MARCH 14, 2019

The plan must enable FIs to promptly respond to and recover from security events affecting customer information. It must also address the goals of the plan, internal processes for responding to a security event, and documentation and reporting regarding security events and related incident response activities. Board reporting.

Privacy 40

Privacy Risk Cybersecurity Information Security 40

Info Source

SEPTEMBER 18, 2018

In 2017, the worldwide market grew by 11.3% Case Management applications are in demand in top vertical markets including: Retail Banking, Insurance, and Healthcare. Northport, NY – September 18, 2018 – HSA, Inc., reaching US$4.1bn in end-user revenues.

Marketing 40

Marketing ECM Cloud Retail 40

Data Matters

JANUARY 2, 2018

In November 2017, the Supreme Court heard oral arguments in Carpenter v. The General Court of the EU is now considering the validity of the Privacy Shield in a case brought by La Quadrature du Net and others (with a second case brought by Digital Rights Ireland being dismissed for lack of standing in November 2017). persons.

Privacy 66

Privacy Cybersecurity Data breaches GDPR 66

Data Protection Report

AUGUST 16, 2017

On the 7 th August 2017, the UK’s Government Department for Digital, Culture, Media and Sport issued a Statement of Intent (the Statement ) outlining its planned reforms of the UK’s data protection laws which are to be implemented by the Data Protection Bill (the Bill ).

Government 40

Government GDPR Personal data Insurance 40

ARMA International

FEBRUARY 21, 2020

A company in Wisconsin had a “chipping party” in 2017 to implant microchips in some of its employees to make it easier for them to access the buildings and systems and to buy food in the company break room. [1]. Welcome to the Age of the Internet of Bodies. Benefits and Risks. Each type of IoB device brings with it benefits and risks.

Computer and Electronics 106

Computer and Electronics Privacy Artificial Intelligence IoT 106

Data Protection Report

JANUARY 7, 2019

Entities covered by the Regulation, which includes not only banks and insurers, but also other financial service institutions and licensees regulated by the DFS that utilize third-party service providers, will be required to implement third-party risk management programs by March 1. Third-party service provider risk management program.

Cybersecurity 40

Cybersecurity Compliance Financial Services Risk 40

ARMA International

AUGUST 2, 2019

with Equifax in connection with a 2017 data breach that exposed sensitive, personal data of around 147 million people. See FTC press release Equifax to Pay $575 Million as Part of Settlement with FTC, CFPB, and States Related to 2017 Data Breach , July 22, 2019.). Equifax agreed to pay between $575 million and $700 million in total.

Cloud 41

Cloud Data breaches Encryption Access 41

DLA Piper Privacy Matters

DECEMBER 7, 2017

The “Google You Owe Us” website indicates that the claimant has however arranged for the third party funder to take out After the Event Insurance so that the insurer pays the winning side’s costs in such circumstances. Various Claimants v Wm Morrisons Supermarket PLC [2017] 3113.

Risk 40

Risk Privacy GDPR Data breaches 40

Data Matters

FEBRUARY 25, 2021

The FCA has provided new guidance for PIs and EMIs using the “insurance or comparable guarantee” method of safeguarding. This includes a requirement that the insurance policy or comparable guarantee must pay out for the full amount of any claim regardless of how the relevant insolvency event occurs (including if the firm is at fault).

Authentication 66

Authentication Paper Risk Insurance 66

Adam Levin

AUGUST 26, 2019

The discovery, announcement, and subsequent arrest of the alleged perpetrator all happened within a week of the FTC’s settlement with Equifax for its own 2017 mega-breach. While it’s easy to dismiss the Capital One breach as a sort of ho-hum cataclysmic event, two follow-up news stories grabbed my attention.

Data breaches 56

Data breaches e-Discovery Cloud Insurance 56

IT Governance

MAY 16, 2019

There are two ways you can do this: by outsourcing the security efforts to another organisation or by purchasing cyber insurance to ensure you have the funds to respond appropriately in the event of a disaster. ISO 27005 provides a detailed but flexible structure to meet its requirements, comprising five stages. Identification.

Risk 51

Risk Information Security Insurance Security 51

DLA Piper Privacy Matters

OCTOBER 20, 2017

On 18 October 2017, WP29 published proposed Guidelines on two key aspects of the GDPR – namely: Personal Data Breach Notification (Articles 33/34); and. Both proposed Guidelines are open for consultation until 28 November 2017. Profiling and Automated Decision Making (Article 22). Data Breach Notification.

Data breaches 40

Data breaches Personal data Encryption GDPR 40

Krebs on Security

JULY 24, 2018

Now the financial institution is suing its insurance provider for refusing to fully cover the losses. But just eight months later — in January 2017 according to the lawsuit — hackers broke in to the bank’s systems once more, again gaining access to the financial institution’s systems via a phishing email.

Insurance 189

Insurance Computer and Electronics Phishing Access 189