Definition and Insurance - Information Management Today

Why DSPM is Essential for Achieving Data Privacy in 2024

Security Affairs

OCTOBER 23, 2024

Looking back at the definition of the GigaOm Radar report, DSPM allows organizations to seek answers to the most pressing questions of security and privacy teams: What sensitive data do we have? Where is it located? DSPM also provides visibility of security and privacy posture, alerting potential gaps.

Data Privacy

Data Privacy Privacy GDPR Compliance

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

eSecurity Planet

MAY 27, 2021

The explosion of ransomware and similar cyber incidents along with rising associated costs is convincing a growing number of insurance companies to raise the premiums on their cyber insurance policies or reduce coverage, moves that could further squeeze organizations under siege from hackers. Insurers Assessing Risks.

Insurance

Insurance Ransomware Risk Data science

Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 7, 2024

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4 Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Artificial Intelligence

Artificial Intelligence Security Data breaches Ransomware

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Will Your Cyber-Insurance Premiums Protect You in Times of War?

Dark Reading

JULY 19, 2022

Multiple cyber-insurance carriers have adopted act-of-war exclusions due to global political instability and are seeking to stretch the definition of war to deny coverage.

Insurance

Vermont Enacts Insurance Data Security Law

Hunton Privacy

JUNE 9, 2022

515 , making Vermont the twenty-first state to enact legislation based on the National Association of Insurance Commissioners Insurance Data Security Model Law (“MDL-668”). On May 27, 2022, Vermont Governor Phil Scott signed H.515

Insurance

Insurance Security Information Security Cybersecurity

Have board directors any liability for a cyberattack against their company?

Security Affairs

NOVEMBER 14, 2022

Add to that, there is the risk of penalties and fines (which are not insurable in most jurisdictions) not only under privacy and data protection regulations but also on the basis of cybersecurity regulations that are now proliferating. Beyond the regulatory reporting requirements, reporting a cyberattack to the public is definitely tricky.

Insurance

Insurance Risk Ransomware Encryption

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

Krebs on Security

JULY 24, 2018

Now the financial institution is suing its insurance provider for refusing to fully cover the losses. In its lawsuit (PDF), National Bank says it had an insurance policy with Everest National Insurance Company for two types of coverage or “riders” to protect it against cybercrime losses. million total. THE LAWSUIT.

Insurance

Insurance Computer and Electronics Phishing Access

What is IT Asset Management (ITAM)? Definition, Benefits & Types

eSecurity Planet

MAY 4, 2023

Asset insurance: Insuring critical assets against loss or damage can give you added protection against financial risks. Definition, Benefits & Types appeared first on eSecurityPlanet.

IT

IT Compliance Cloud Cybersecurity

What Is Encryption? Definition, How it Works, & Examples

eSecurity Planet

DECEMBER 7, 2023

For example, The Health Insurance Portability and Accountability Act (HIPAA) requires security features such as encryption to protect patients’ health information. Definition, How it Works, & Examples appeared first on eSecurity Planet. You can unsubscribe at any time. Subscribe The post What Is Encryption?

Encryption

Encryption IT Passwords IoT

What is Confidential Computing? Definition, Benefits, & Uses

eSecurity Planet

MAY 26, 2023

This approach to analytics is especially helpful in industries like insurance and healthcare where analyzing and interpreting broad patterns can inform insurance rates and diagnostics, respectively. Definition, Benefits, & Uses appeared first on eSecurityPlanet.

Encryption

Encryption Cloud IoT Blockchain

CrowdStrike: Lessons on the Importance of Contracts, Insurance and Business Continuity

IT Governance

JULY 30, 2024

According to Parametrix , an insurance company specialising in Cloud outages, cyber insurance policies likely cover up to 10–20% of losses only. Then there’s insurance. The post CrowdStrike: Lessons on the Importance of Contracts, Insurance and Business Continuity appeared first on IT Governance UK Blog.

Insurance

Insurance Risk Encryption Manufacturing

Is Artificial Intelligence relevant to insurance?

IBM Big Data Hub

MAY 1, 2023

In this first of two posts, I investigate the anatomy of artificial intelligence and its impact on insurance. Continued advancement in AI development has resulted today in a definition of AI which has several categories and characteristics. It offers customers and the insurer’s system to interact in a human-like manner.

Artificial Intelligence

Artificial Intelligence Insurance Risk Personal data

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Data Matters

JANUARY 14, 2019

On December 19, 2018, Ohio adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. The Act is designed to “establish standards for data security and for the investigation and notification to the Superintendent of Insurance of a cybersecurity event.”. O.R.C. §§ 3965.01, 3965.04.

Insurance

Insurance Security Cybersecurity Data breaches

Michigan Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Data Matters

FEBRUARY 11, 2019

On December 28, 2018, Michigan adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law in the form of Michigan H.B. The Act defines licensees as persons authorized, registered, or licensed under Michigan insurance laws or required to be so. 6491 (Act). MCL § 500.550.

Insurance

Insurance Security Cybersecurity FOIA

NYDFS issues significant guidance on insurers using AI or external data

Data Protection Report

FEBRUARY 2, 2024

On January 17, 2024 the New York Department of Financial Services (“NYDFS”) published a Proposed Insurance Circular Letter (“Proposed Circular”) regarding the use of artificial intelligence systems (“AIS”) and external consumer data and information sources (“ECDIS”) in insurance underwriting and pricing. Actual Actuarial Validity.

Insurance

Insurance Artificial Intelligence Risk Compliance

Capita warns customers to assume that their data was stolen

Security Affairs

MAY 14, 2023

Exposed data include names, dates of birth, National Insurance numbers, and USS member numbers. “While Capita cannot currently confirm if this data was definitively “exfiltrated” (i.e., “While Capita cannot currently confirm if this data was definitively “exfiltrated” (i.e., ” We are in the final! .

Access

Access Insurance Security Ransomware

Time for a new definition of the "composite" insurer?

CGI

APRIL 25, 2018

Time for a new definition of the "composite" insurer? Composite insurer table. In the UK we rightly take pride in the fact that our ‘local’ propositions have played a significant role in the global development of what we now commonly call ‘Insurance’, but is that all about to change? . p.butler@cgi.com.

Insurance

Insurance Retail Marketing IT

Connecticut Tightens its Data Breach Notification Laws

Data Protection Report

OCTOBER 3, 2021

The amendment: Expands the definition of “personal information”; Shortens the notification deadline after discovery of a breach from 90 to 60 days; Removes the requirement to consult with law enforcement as part of a risk assessment; Deems compliant any person subject to and in compliance with HIPAA and HITECH; and.

Data breaches

Data breaches IT Insurance Passwords

Nevada Expands Definition of Personal Information

Hunton Privacy

JUNE 9, 2015

179 (the “Bill”), which expands the definition of “personal information” in the state’s data security law. a medical identification or health insurance identification number; and. a medical identification or health insurance identification number; and. On May 13, 2015, Nevada Governor Brian Sandoval (R-NV) signed into law A.B.

Insurance

Insurance Passwords Access Security

What Is Integrated Risk Management? Definition & Implementation

eSecurity Planet

APRIL 29, 2024

For example, the Health Insurance Portability and Accountability Act (HIPAA) regulates personal health information and imposes fines for data breach or data inaccessibility. Stakeholders should brainstorm how to manage risk through controls, process changes, insurance, or business decisions such as “stop taking credit cards for payment.”

Risk

Risk Compliance Communications Insurance

US banking regulators propose a rule for 36-hour notice of breach

Data Protection Report

JANUARY 5, 2021

Most importantly, note that this definition is NOT limited to personal information. Among those questions are: Should the definition of “computer security incident” include only occurrences that result in actual harm or actual violation of security policies, security procedures or acceptable use policies?

Insurance

Insurance Paper Encryption Security

5 Good Reasons to Hire a Ransomware Recovery Expert

eSecurity Planet

OCTOBER 5, 2021

Cyber Insurance companies used to simply provide lists of potential vendors approved by the insurer, but with the rising costs of breaches, insurers need to control costs. For this scenario, the definition of team may be quite broad.

Ransomware

Ransomware Insurance Cleanup Cybersecurity

Regulatory Update: NAIC Summer 2021 National Meeting

Data Matters

SEPTEMBER 20, 2021

The National Association of Insurance Commissioners (NAIC) held its Summer 2021 National Meeting (Summer Meeting) August 14-17, 2021. Highlights include, among others, adoption of revised risk-based capital bond factors for life insurers, amendments to SSAP No. NAIC Adopts Revised Risk-Based Capital Bond Factors for Life Insurers.

Insurance

Insurance e-Delivery Paper Cybersecurity

Business ID Theft Soars Amid COVID Closures

Krebs on Security

JULY 27, 2020

She shared with me a copy of the lease, which included a fraudulent ID and even a vehicle insurance card for a Land Cruiser we got rid of like 15 years ago. “It’s still not good by any means, but it’s definitely better for consumers than it is for businesses. ” PHANTOM OFFICES. . ” RECYCLING VICTIMS. .

Energy and Utilities

Energy and Utilities Computer and Electronics Insurance Risk

BEST PRACTICES: Rising complexities of provisioning identities has pushed ‘IGA’ to the fore

The Last Watchdog

APRIL 3, 2019

Its customer base is comprised of eight of the top 15 banks, four of the top six healthcare insurance and managed care providers, nine of the top 15 property and casualty insurance providers, five of the top 13 pharmaceutical companies, and 11 of the largest 15 federal agencies. Users re-defined. Most often, a user is a human being.

Digital transformation

Digital transformation Insurance Compliance Healthcare

Regulatory Update: NAIC Summer 2022 National Meeting

Data Matters

SEPTEMBER 7, 2022

The National Association of Insurance Commissioners (NAIC) held its Summer 2022 National Meeting (Summer Meeting) August 9–13, 2022. The Privacy Working Group has been reviewing state insurance privacy protections regarding the collection, ownership, use, and disclosure of information gathered in connection with insurance transactions.

Insurance

Insurance Paper Privacy Risk

RSAC insights: CyberGRX finds a ton of value in wider sharing of third-party risk assessments

The Last Watchdog

MAY 10, 2021

Back in the mid-1990s, big banks and insurance companies came up with something called “bespoke assessments” as the approach for assessing third party vendor risk. I came away from my discussion with Kneip encouraged that the answer is definitely, yes. This took the form of programmatic audits.

Risk

Risk Insurance Access Security

What 2025 HIPAA Changes Mean to You

Thales Cloud Protection & Licensing

FEBRUARY 3, 2025

The Health Insurance Portability and Accountability Act (HIPAA) is a US federal law that created the national standards when it was first published to protect sensitive patient health information (PHI) from being disclosed without the patients consent or knowledge. 60% of healthcare respondents have five or more key management systems in use.

Encryption

Encryption Compliance Insurance Authentication

9 cyber security predictions for 2022

IT Governance

FEBRUARY 15, 2022

Cyber insurance will become more popular and more comprehensive. It’s led to a growing trend for organisations to purchase cyber insurance, which Forbes contributor Emil Sayegh believes will continue in 2022. This market squeeze will certainly affect the cyber insurance industry itself. “We

Security

Security Insurance Authentication Passwords

The noodle soup of B2B IAM and third-party identities

Thales Cloud Protection & Licensing

FEBRUARY 25, 2025

Yet, despite the growing importance of managing external identities, the industry lacks a unified definition of B2B IAM. Each use case demands different capabilities, making a universal definition even harder. Think about your local insurance broker or a small medical practice. Source: S&P Global Market Intelligence (2024).

B2B

B2B Access Privacy Risk

Acuity Who? Attempts and Failures to Attribute 437GB of Breached Data

Troy Hunt

NOVEMBER 14, 2023

Some more data points before going further: The files is named "ACUITY_MASTER_18062020.csv"

Insurance

Insurance Data breaches Mining IT

Confessions of an ID Theft Kingpin, Part II

Krebs on Security

AUGUST 27, 2020

But he added that Ngo’s service if it existed today probably would be even more successful and lucrative given the sheer number of scammers involved in using stolen identity data to defraud states and the federal government out of pandemic assistance loans and unemployment insurance benefits. He was definitely the new coin of the realm.”

Retail

Retail Government Access Insurance

Subject Access Request: Germany’s highest court widens the scope of data subject access requests in Germany

Data Protection Report

JULY 28, 2021

The defendant was a life insurance company and the claimant their insured. With regards to the scope of the data subject access right, the FCJ refers to the legal definition of personal data in Article 4(1) GDPR. In particular, the court held the following: No requirement of “essential biographical information”.

Access

Access GDPR Personal data Insurance

We Infiltrated a Counterfeit Check Ring! Now What?

Krebs on Security

JUNE 30, 2021

In a report released in 2019 (PDF), Agari profiled a group it dubbed “ Scattered Canary ” that is operating principally out of West Africa and dabbles in a dizzying array of schemes, including BEC and romance scams, FEMA and SBA loans, unemployment insurance fraud, counterfeit checks and of course money laundering. Image: Agari.

Insurance

Insurance IT Education Government

Vermont’s Amendments to Data Breach Law and New Student Privacy Law Effective July 1, 2020

Hunton Privacy

JUNE 22, 2020

The amendments to Vermont’s Security Breach Notice Act include expanding the definition of Personally Identifiable Information (“PII”), expanding the definition of a breach to include login credentials and narrowing the permissible circumstances under which substitute notice may be used.

Data breaches

Data breaches Privacy Education Data Privacy

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Hunton Privacy

OCTOBER 14, 2021

Additional bills, amending the California Confidentiality of Medical Information Act (“CMIA”) and the California Insurance Code, also were also signed into law. The bill uses the same definition of “genetic data” as provided for in AB-825. Medical Data: CMIA and Californian Insurance Code Amendment Bill.

Privacy

Privacy Insurance Security Data breaches

Four Use Cases Proving the Benefits of Metadata-Driven Automation

erwin

FEBRUARY 7, 2019

The banking, financial services and insurance industry typically deals with higher data velocity and tighter regulations than most. Metadata-Driven Automation in the Insurance Industry. Insurance is another industry that has to cope with high data velocity and stringent data regulations.

Metadata

Metadata Healthcare Insurance Financial Services

HHS Office for Civil Rights Proposes Measures to Strengthen Cybersecurity in Health Care Under HIPAA

Thales Cloud Protection & Licensing

JANUARY 22, 2025

The Health Insurance Portability and Accountability Act (HIPAA), enacted in 1996, established national standards to safeguard sensitive patient health information (PHI) and prevent unauthorized disclosures. New measures proposed by HHS Multi-Factor Authentication (MFA) : Clear definitions to enhance security when accessing sensitive systems.

Cybersecurity

Cybersecurity Data breaches Encryption Compliance

Federal Regulators Issue New Cyber Incident Reporting Rule for Banks

Hunton Privacy

NOVEMBER 23, 2021

On November 18, 2021, the Federal Reserve, Federal Deposit Insurance Corporation, and Office of the Comptroller of the Currency issued a new rule regarding cyber incident reporting obligations for U.S. banks and service providers.

Insurance

Insurance Compliance Security IT

On Cyber Warranties

Schneier on Security

MARCH 26, 2020

Ambiguous definitions of the buyer's obligations and excluded events create uncertainty over what is covered. Moving toward standardized terms and conditions may help consumers, as has been pursued in cyber insurance, but this is in tension with innovation and product diversity. [.].

Marketing

Marketing Insurance Risk IT

New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Effective October 2021

Hunton Privacy

AUGUST 2, 2021

In passing the law, Connecticut joins a number of other states in expanding the definition of “personal information” in its data breach notification statute. requiring “preliminary substitute notice” to individuals if a business cannot provide direct notification within the 60-day notification timeframe. Cybersecurity Safe Harbor (HB 6607).

Cybersecurity

Cybersecurity Insurance Military Data Privacy

“An act of war”: Zurich American refuses to pay out on cyber insurance policy following NotPetya attack

IT Governance

APRIL 3, 2019

US food giant Mondelez is suing insurance company Zurich American for denying a $100 million (£76 million) claim filed after the NotPetya attack. In that regard, it was a job well done, with one report estimating that insurers could expect to pay out more than $80 billion (£61 billion) as a result of the attack.

Insurance

Insurance Ransomware Government Paper

Washington Amends Data Breach Notification Law

Hunton Privacy

MAY 9, 2019

The new requirements include the following: Expanded Definition of Personal Information. HB 1071 expands the definition of “personal information.” As reported by Bloomberg Law , on May 7, 2019, Washington State Governor Jay Inslee signed a bill ( HB 1071 ) amending Washington’s data breach notification law.

Data breaches

Data breaches Passwords Insurance Military

Regulatory Update: NAIC Spring 2019 National Meeting

Data Matters

MAY 9, 2019

The National Association of Insurance Commissioners (NAIC) held its Spring 2019 National Meeting (Spring Meeting) in Orlando, Florida, from April 6 to 9, 2019. Other notable revisions include the following: The definition of “Reciprocal Jurisdiction” was broadened to include U.S. This post summarizes the highlights from this meeting.

Insurance

Insurance Blockchain Big data Risk

Why DSPM is Essential for Achieving Data Privacy in 2024

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

Webinars

Trending Sources

Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

Webinars

Will Your Cyber-Insurance Premiums Protect You in Times of War?

Vermont Enacts Insurance Data Security Law

Have board directors any liability for a cyberattack against their company?

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

What is IT Asset Management (ITAM)? Definition, Benefits & Types

What Is Encryption? Definition, How it Works, & Examples

What is Confidential Computing? Definition, Benefits, & Uses

CrowdStrike: Lessons on the Importance of Contracts, Insurance and Business Continuity

Is Artificial Intelligence relevant to insurance?

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Michigan Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

NYDFS issues significant guidance on insurers using AI or external data

Capita warns customers to assume that their data was stolen

Time for a new definition of the "composite" insurer?

Connecticut Tightens its Data Breach Notification Laws

Nevada Expands Definition of Personal Information

What Is Integrated Risk Management? Definition & Implementation

US banking regulators propose a rule for 36-hour notice of breach

5 Good Reasons to Hire a Ransomware Recovery Expert

Regulatory Update: NAIC Summer 2021 National Meeting

Business ID Theft Soars Amid COVID Closures

BEST PRACTICES: Rising complexities of provisioning identities has pushed ‘IGA’ to the fore

Regulatory Update: NAIC Summer 2022 National Meeting

RSAC insights: CyberGRX finds a ton of value in wider sharing of third-party risk assessments

What 2025 HIPAA Changes Mean to You

9 cyber security predictions for 2022

The noodle soup of B2B IAM and third-party identities

Acuity Who? Attempts and Failures to Attribute 437GB of Breached Data

Confessions of an ID Theft Kingpin, Part II

Subject Access Request: Germany’s highest court widens the scope of data subject access requests in Germany

We Infiltrated a Counterfeit Check Ring! Now What?

Vermont’s Amendments to Data Breach Law and New Student Privacy Law Effective July 1, 2020

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Four Use Cases Proving the Benefits of Metadata-Driven Automation

HHS Office for Civil Rights Proposes Measures to Strengthen Cybersecurity in Health Care Under HIPAA

Federal Regulators Issue New Cyber Incident Reporting Rule for Banks

On Cyber Warranties

New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Effective October 2021

“An act of war”: Zurich American refuses to pay out on cyber insurance policy following NotPetya attack

Washington Amends Data Breach Notification Law

Regulatory Update: NAIC Spring 2019 National Meeting

Stay Connected