Government, Industry and Insurance - Information Management Today

U.S. banking regulators order banks to notify cybersecurity incidents in 36 hours

Security Affairs

NOVEMBER 20, 2021

banking regulators this week approved a rule that obliges banks to report any major cybersecurity incidents to the government within 36 hours of discovery. The rule was approved by the Federal Reserve, Federal Deposit Insurance Corporation and Office of the Comptroller of the Currency.

Cybersecurity

Cybersecurity Financial Services Insurance Ransomware

Insurance and Ransomware

Schneier on Security

JULY 1, 2021

Here’s one more contribution to that issue: a research paper that the insurance industry is hurting more than it’s helping. However, the most pressing challenge currently facing the industry is ransomware. To date, the UK government has taken a light-touch approach to the cyber insurance industry.

Insurance

Insurance Ransomware Paper Marketing

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

As organizations continue facing escalating cyber threats, how they communicate multiplying and rapidly morphing cyber exposures – in essence how much they choose to abide by industry standards and embrace ethical practices — remains under intense scrutiny. 1 million for a company the size of Checkpoint is but a slap on the wrist.

Cybersecurity

Cybersecurity Risk Government Compliance

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Canada Gov plans to ban the Flipper Zero to curb car thefts

Security Affairs

FEBRUARY 12, 2024

The Canadian government is going to ban the tool Flipper Zero because it is abused by crooks to steal vehicles in the country. The Canadian government announced that it plans to ban the tool Flipper Zero , and similar hacking devices, to curb the surge in car thefts. ” said Canadian Industry Minister François-Philippe Champagne.

Government

Government Sales Insurance IT

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

Security Affairs

FEBRUARY 28, 2024

” Government experts believe that the increase in targeted attacks against the healthcare sector is the response of the group to law enforcement actions against the Blackcat group in early December 2023. municipal governments, defense contractors, and critical infrastructure organizations).” reads the press release. “To

Ransomware

Ransomware Government Insurance Manufacturing

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

eSecurity Planet

MAY 27, 2021

The explosion of ransomware and similar cyber incidents along with rising associated costs is convincing a growing number of insurance companies to raise the premiums on their cyber insurance policies or reduce coverage, moves that could further squeeze organizations under siege from hackers. Insurers Assessing Risks.

Insurance

Insurance Ransomware Risk Data science

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

The SEC says First American derives nearly 92 percent of its revenue from its title insurance segment, earning $7.1 Title insurance protects homebuyers from the prospect of someone contesting their legitimacy as the new homeowner. Title insurance is not mandated by law, but most lenders require it as part of any mortgage transaction.

Insurance

Insurance Risk Financial Services Mining

Dark Overlord hacking crew publishes first batch of confidential 9/11 files

Security Affairs

JANUARY 6, 2019

The Dark Overlord hacking group claims to have stolen a huge trove of documents from the British insurance company Hiscox, Hackers stole “hundreds of thousands of documents,” including tens of thousands files related to the 9/11 terrorist attacks. “ There’s five layers to go. Layer 1, 2, 3, 4, and fine finally Layer 5.

Insurance

Insurance Data breaches Government Sales

Cyber insurance: A guide for businesses

IT Governance

OCTOBER 15, 2020

That’s why they organisations increasingly relying on cyber insurance policies to cover the costs when data breaches and cyber attacks occur. But just how helpful is cyber insurance? What is cyber insurance? How does cyber insurance work? What does a cyber insurance policy cover? Who needs cyber insurance?

Insurance

Insurance Data breaches Risk Security

Ransomware Bites Dental Data Backup Firm

Krebs on Security

AUGUST 29, 2019

-based PerCSoft is a cloud management provider for Digital Dental Record (DDR), which operates an online data backup service called DDS Safe that archives medical records, charts, insurance documents and other personal information for various dental offices across the United States. ” Read the full ProPublica piece here. .

Ransomware

Ransomware Insurance Encryption Cloud

Digital Preservation -- High Stakes for Finance and Insurance Companies

AIIM

FEBRUARY 22, 2018

In a recent AIIM survey, 85% of finance and insurance executives said that digital preservation was “important” or “very important” to their organizations – even higher than the 77% reported in other industries. Why is it particularly important in finance and insurance?

Digital preservation

Digital preservation Insurance Financial Services Digital transformation

DORA Compliance Strategy for Business Leaders

Security Affairs

JUNE 14, 2024

In January 2025, European financial and insurance institutions, their business partners and providers, must comply with DORA. In January 2025, financial and insurance institutions in Europe and any organizations that do business with them must comply with the Digital Operation Resilience Act, also known as DORA.

Compliance

Compliance Insurance Risk Cloud

Security Affairs newsletter Round 460 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 25, 2024

Iran Crisis Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign U.S.

Military

Military Security Ransomware Government

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

Sherrets Dane Sherrets , Innovation Architect, HackerOne Well see greater industry adoption of AI security and safety standards. And industries like healthcare face persistent targeting due to their outdated systems and high-value data. The SEC Cybersecurity Disclosure Rule highlights transparency in governance.

Compliance

Compliance Cybersecurity Risk Privacy

US pharmacy outage caused by Blackcat ransomware attack on Optum Solutions

Security Affairs

FEBRUARY 27, 2024

Optum Solutions is a subsidiary of UnitedHealth Group, a leading health insurance company in the United States. The Company has retained leading security experts, is working with law enforcement and notified customers, clients and certain government agencies.” ” reads the Reuters. healthcare organizations.

Ransomware

Ransomware Government Insurance Manufacturing

Maze ransomware gang discloses data from drug testing firm HMR

Security Affairs

APRIL 8, 2020

The research firm revealed that many of the government IDs exposed in the data breach have since expired. Attackers are targeting organizations in the healthcare industry via malspam campaigns using malicious attachments. ” continues the notification. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Data breaches Encryption Financial Services

The Financial Service and Insurance Industries Need Intelligent Document Processing; Here’s Why

Rocket Software

MARCH 14, 2022

Analyst firm IDC recently published a Vendor Spotlight report featuring ASG Mobius Content Services (Mobius) and its applications in the financial service and insurance industries. IDP Trends in the Financial and Insurance Industries. Challenges to Effective IDP.

Financial Services

Financial Services Insurance Digital transformation Paper

Cybersecurity Insurance Not Paying for NotPetya Losses

Schneier on Security

MARCH 8, 2019

This will complicate things: To complicate matters, having cyber insurance might not cover everyone's losses. Zurich American Insurance Company refused to pay out a $100 million claim from Mondelez, saying that since the U.S.

Insurance

Insurance Cybersecurity Military Government

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

The Last Watchdog

FEBRUARY 25, 2019

based supplier of identity access management (IAM) systems, which recently announced a partnership with Omada, a Copenhagen-based provider of identity governance administration (IGA) solutions. Governance and attestation quickly became a very big deal. Compliance became a huge driver for governance and attestation,” Curcio said. “It

Access

Access Government Authentication Data breaches

Lloyd’s Will No Longer Include Nation-State Attacks in its Cyber Insurance Policies

IT Governance

AUGUST 25, 2022

Lloyd’s of London has announced that its insurance policies will no longer cover losses resulting from certain nation-state cyber attacks or acts of war. In a memo sent to the organisation’s insurance syndicates , Underwriting Director Tony Chaudhry said that Lloyd’s remains “strongly supportive” of policies that cover cyber attacks.

Insurance

Insurance IT Government Risk

The Top 5 Reasons to Use an API Management Platform

Security Affairs

NOVEMBER 20, 2023

Organizations need to govern and control the API ecosystem, this governance is the role of API management. organizations need to govern and control the API ecosystem. This governance is the role of API management. APIs – like any other technical resource – won’t manage themselves.

Authentication

Authentication Risk Government Security

Experts: Breach at IT Outsourcing Giant Wipro

Krebs on Security

APRIL 15, 2019

Wipro says it has more than 170,000 employees helping clients across six continents with Fortune 500 customers in healthcare, banking, communications and other industries. Another curious, if only coincidental, development: On April 4, 2019, the government of India sold “enemy” shares in Wipro worth approximately $166 million.

IT

IT Insurance Communications Phishing

TA505 group updates tactics and expands the list of targets

Security Affairs

AUGUST 28, 2019

The TA505 also targeted government agencies in Saudi Arabia, Oman, and Qatar using another type of.XLS or.DOC attachments. and which used emails with subjects pertaining to finance or urgent concerns on insurance policies. The emails used in these campaigns used subjects pertaining to finance or urgent concerns on insurance policies.”

e-Delivery

e-Delivery Insurance Retail Government

U.S. Treasury Department Seeks Public Comment On Potential Federal Cyber Insurance Program

Data Matters

OCTOBER 20, 2022

Treasury Department is seeking public comment on the need and scope for a potential federal insurance response to catastrophic cyber incidents, akin to the one put in place for terrorism insurance after the attacks of September 11, 2001. The request, published by the Federal Insurance Office (FIO) in the U.S. Background.

Insurance

Insurance Marketing Cybersecurity Risk

Security Affairs newsletter Round 488 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

SEPTEMBER 8, 2024

Head Mare hacktivist group targets Russia and Belarus Zyxel fixed critical OS command injection flaw in multiple routers VMware fixed a code execution flaw in Fusion hypervisor U.S.

Security

Security Data breaches Artificial Intelligence Ransomware

Security Affairs newsletter Round 362 by Pierluigi Paganini

Security Affairs

APRIL 24, 2022

T-Mobile confirms Lapsus$ had access its systems Are you using Java 15/16/17 or 18 in production? Patch them now!

Security

Security Phishing Ransomware Insurance

Access to over 3,000 compromised sites sold on Russian black marketplace MagBo

Security Affairs

SEPTEMBER 19, 2018

Most of the compromised websites are e-commerce sites, but crooks also offered access to websites of organizations in healthcare, legal, education and insurance industries and belonging to government agencies. According to the experts, most of the compromised servers are from U.S., Russian, or German hosting services.

Access

Access Mining Insurance Education

Previously undetected Earth Longzhi APT group is a subgroup of APT41

Security Affairs

NOVEMBER 15, 2022

The researchers analyzed two campaigns attributed to Earth Longzhi; the first one conducted between 2020 to 2021 targeted the government, infrastructure, and health industries in Taiwan and the banking sector in China.

Archiving

Archiving Passwords Metadata Insurance

How to Get Executive Support for Your Next Information Governance Initiative

AIIM

NOVEMBER 23, 2021

Back in 2017, I called up a few of the information governance friends I’d made through the AIIM Community to better understand the challenges they were up against. Four years later, we're finally seeing this shift in governance mindsets in nearly every AIIM member organization we speak with. Let's dive in! Customer, customer, customer!

Information governance

Information governance Government Customer Experience Archiving

Is Artificial Intelligence relevant to insurance?

IBM Big Data Hub

MAY 1, 2023

In this first of two posts, I investigate the anatomy of artificial intelligence and its impact on insurance. Academia is in an uproar over originality of authorship, and governments have even started to outlaw its general use. It offers customers and the insurer’s system to interact in a human-like manner.

Artificial Intelligence

Artificial Intelligence Insurance Risk Personal data

BazarCall attacks have revolutionized ransomware operations

Security Affairs

AUGUST 11, 2022

As a highly skilled (and most likely government-affiliated) group, Quantum was able to purchase exclusive email datasets and manually parse them to identify relevant employees at high-profile companies. The industries are considered privileged targets in almost all internal manuals , which were shared between ex-Conti members.

Ransomware

Ransomware Phishing Insurance Access

CrowdStrike: Lessons on the Importance of Contracts, Insurance and Business Continuity

IT Governance

JULY 30, 2024

According to Parametrix , an insurance company specialising in Cloud outages, cyber insurance policies likely cover up to 10–20% of losses only. If using encryption adds an extra step to the recovery, is that why security-conscious industries were hit harder than others? Then there’s insurance. of its share price.

Insurance

Insurance Risk Encryption Manufacturing

The risks and limitations of AI in insurance

IBM Big Data Hub

MAY 8, 2023

In my previous post , I described the different capabilities of both discriminative and generative AI, and sketched a world of opportunities where AI changes the way that insurers and insured would interact. Usage risk—inaccuracy The performance of an AI system heavily depends on the data from which it learns.

Insurance

Insurance Risk Artificial Intelligence Government

US CISA and FBI publish joint alert on DarkSide ransomware

Security Affairs

MAY 13, 2021

Early this year the group announced that it will no longer attack organizations in the healthcare industry, companies involved in the development and distribution of COVID-19 vaccines, and funeral service organizations. The alert provides technical details and mitigations related to the activity of Darkside ransomware gang.

Ransomware

Ransomware Phishing Risk Encryption

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Data Matters

FEBRUARY 10, 2021

2 announcing a Cyber Insurance Risk Framework (the Framework) that describes industry best practices for New York-regulated property/casualty insurers. According to NYDFS, the incorporation of these practices should be proportionate to each insurer’s size, resources, geographic distribution, and other factors.

Insurance

Insurance Financial Services Cybersecurity Risk

NYDFS issues significant guidance on insurers using AI or external data

Data Protection Report

FEBRUARY 2, 2024

On January 17, 2024 the New York Department of Financial Services (“NYDFS”) published a Proposed Insurance Circular Letter (“Proposed Circular”) regarding the use of artificial intelligence systems (“AIS”) and external consumer data and information sources (“ECDIS”) in insurance underwriting and pricing. Actual Actuarial Validity.

Insurance

Insurance Artificial Intelligence Risk Compliance

Op Wocao – China-linked APT20 was able to bypass 2FA

Security Affairs

DECEMBER 23, 2019

The attacks aimed at government entities and managed service providers (MSPs) that were active in many industries, including aviation, healthcare, finance, insurance, energy, and gambling. “Operation Wocao (??, “W? ” reads the report published by Fox-IT.

Authentication

Authentication Insurance Access Government

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

JULY 30, 2018

A chance meeting – in an elevator, no less – led to Kim veering over to the cybersecurity industry. DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. LW: What’s the market for this?

Encryption

Encryption Military Passwords Authentication

Simplifying Compliance in the Complex U.S. FinServ Regulatory Landscape

Thales Cloud Protection & Licensing

JANUARY 16, 2025

Understanding the US FinServ Compliance Landscape The US financial services industry is subject to a vast number of laws and regulations. It emphasizes the need for encryption, data governance, and secure information-sharing practices to prevent and mitigate cyber threats.

Compliance

Compliance Financial Services Encryption Insurance

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Data Matters

JANUARY 14, 2019

On December 19, 2018, Ohio adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. The Act is designed to “establish standards for data security and for the investigation and notification to the Superintendent of Insurance of a cybersecurity event.”.

Insurance

Insurance Security Cybersecurity Data breaches

Multinational ICICI Bank leaks passports and credit card numbers

Security Affairs

APRIL 20, 2023

In 2022, the ICICI Bank’s resources were named a “critical information infrastructure” by the Indian government – any harm to it can impact national security. ICICI Bank’s response Threat to financial accounts Finance and insurance are one of the most targeted industries by cybercriminals.

Personal data

Personal data Phishing Risk Communications

Privacy in an open-data world: Why government agencies need to be proactive

Collibra

JUNE 23, 2023

Government agencies — from DC to Duluth, NYC to LA — are struggling. As more of our interactions and transactions occur online, the need for robust data protection measures becomes increasingly critical to safeguard personal data and maintain public trust in government institutions. There’s no going back.

Privacy

Privacy Government Data Privacy Data breaches

How Cybersecurity Insurance Can Work To Help An Organization

Thales Cloud Protection & Licensing

JULY 4, 2022

How Cybersecurity Insurance Can Work To Help An Organization. In the last 20+ years, cybersecurity insurance has added risk transference to the available palette of palliative choices. I recently spoke with Neira Jones and Danna Bethlehem about how cybersecurity insurance can work to help an organization. regulations.

Insurance

Insurance Cybersecurity Ransomware Cleanup

New York Regulators Call on Insurers to Strengthen the Cyber Underwriting Process

Hunton Privacy

FEBRUARY 25, 2021

As reported on the Hunton Insurance Recovery blog , on February 4, 2021, the New York Department of Financial Services (“NYDFS”), which regulates the business of insurance in New York, has issued guidelines, in the Insurance Circular Letter No. sought coverage for expenses under its property insurance policy.

Insurance

Insurance Cybersecurity Risk Education

U.S. banking regulators order banks to notify cybersecurity incidents in 36 hours

Insurance and Ransomware

Webinars

Trending Sources

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Webinars

Canada Gov plans to ban the Flipper Zero to curb car thefts

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

First American Financial Pays Farcical $500K Fine

Dark Overlord hacking crew publishes first batch of confidential 9/11 files

Cyber insurance: A guide for businesses

Ransomware Bites Dental Data Backup Firm

Digital Preservation -- High Stakes for Finance and Insurance Companies

DORA Compliance Strategy for Business Leaders

Security Affairs newsletter Round 460 by Pierluigi Paganini – INTERNATIONAL EDITION

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

US pharmacy outage caused by Blackcat ransomware attack on Optum Solutions

Maze ransomware gang discloses data from drug testing firm HMR

The Financial Service and Insurance Industries Need Intelligent Document Processing; Here’s Why

Cybersecurity Insurance Not Paying for NotPetya Losses

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

Lloyd’s Will No Longer Include Nation-State Attacks in its Cyber Insurance Policies

The Top 5 Reasons to Use an API Management Platform

Experts: Breach at IT Outsourcing Giant Wipro

TA505 group updates tactics and expands the list of targets

U.S. Treasury Department Seeks Public Comment On Potential Federal Cyber Insurance Program

Security Affairs newsletter Round 488 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 362 by Pierluigi Paganini

Access to over 3,000 compromised sites sold on Russian black marketplace MagBo

Previously undetected Earth Longzhi APT group is a subgroup of APT41

How to Get Executive Support for Your Next Information Governance Initiative

Is Artificial Intelligence relevant to insurance?

BazarCall attacks have revolutionized ransomware operations

CrowdStrike: Lessons on the Importance of Contracts, Insurance and Business Continuity

The risks and limitations of AI in insurance

US CISA and FBI publish joint alert on DarkSide ransomware

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

NYDFS issues significant guidance on insurers using AI or external data

Op Wocao – China-linked APT20 was able to bypass 2FA

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

Simplifying Compliance in the Complex U.S. FinServ Regulatory Landscape

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Multinational ICICI Bank leaks passports and credit card numbers

Privacy in an open-data world: Why government agencies need to be proactive

How Cybersecurity Insurance Can Work To Help An Organization

New York Regulators Call on Insurers to Strengthen the Cyber Underwriting Process

Stay Connected