Tag: insurance
-
DOGE Access to Personal Information and The Difficulty of Showing Harm in Privacy Litigation
by
in SecurityNewsIf a company has effective insurance, prevention becomes even less cost-effective. By failing to “value” privacy alone, the system skews in favor of not protecting privacy. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/doge-access-to-personal-information-and-the-difficulty-of-showing-harm-in-privacy-litigation/
-
Third-Party Attacks Drive Major Financial Losses in 2024
by
in SecurityNewsData from Resilience found that third-party attacks made up 23% of material cyber insurance claims in 2024, with ransomware attacks targeting vendors a major driver First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/third-party-financial-losses/
-
How to create an effective incident response plan
by
in SecurityNews
Tags: access, advisory, attack, backup, breach, business, ceo, ciso, communications, corporate, cyber, cybersecurity, email, endpoint, exploit, finance, governance, guide, incident, incident response, insurance, law, lessons-learned, malicious, monitoring, network, office, phone, ransomware, risk, security-incident, service, strategy, supply-chain, technology, threat, updateEstablish a comprehensive post-incident communications strategy: Another key element that can make or break an incident response strategy is communications. Without clear communications among the major stakeholders of the business, a company might experience much longer downtimes or the loss of vital processes for extended periods.”How are you going to go about communicating? With whom?…
-
Global tech spend to approach $5 trillion this year: Forrester
by
in SecurityNewsThe U.S. market is expected to exceed $2 trillion for the first time, with financial services and insurance leading the charge, the analyst firm said. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/tech-spend-software-forrester/740632/
-
Court: UnitedHealth Must Answer for AI-Based Claim Denials
by
in SecurityNewsLawsuit Alleges Insurer Used AI Tool in Denying Patients Medically Necessary Care. A proposed class action lawsuit against UnitedHealth Group that claims the company’s insurance unit UnitedHealthCare used of artificial intelligence tools to deny Medicare Advantage claims for medically necessary care has the green light to proceed from a federal judge First seen on govinfosecurity.com…
-
Unusual attack linked to Chinese APT group combines espionage and ransomware
by
in SecurityNews
Tags: apt, attack, breach, china, cloud, country, credentials, crime, crimes, crypto, cyber, cybercrime, cyberespionage, data, encryption, espionage, exploit, finance, firewall, government, group, hacker, infection, insurance, intelligence, korea, microsoft, network, north-korea, ransom, ransomware, russia, software, tactics, technology, threat, veeam, vulnerabilityThe attacker demanded a $2-million ransom: The attack that resulted in the deployment of the RA World ransomware program, as well as data exfiltration, had the same chain: the toshdpdb.exe loading toshdpapi.dll then decrypting toshdp.dat which resulted in the PlugX variant being deployed. The difference is the attacker then chose to deploy the RA World…
-
UK monitoring group to classify cyber incidents on earthquake-like scale
by
in SecurityNewsRisk management: The CMC hopes this increased understanding will spur the development of improved incident response planning. Experts quizzed by CSO on CMC welcomed its launch.Ivan Milenkovich, vice president of cyber risk technology in EMEA at Qualys, said data from the CMC has the potential to allow IT security professionals to make better risk assessments,…
-
New UK Cyber Monitoring Centre Introduces ‘Richter Scale’ for Cyber-Attacks
by
in SecurityNewsThis new independent non-profit was set up by the UK insurance industry to bring more transparency around cyber events First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-uk-cyber-monitoring-centre/
-
21% of CISOs pressured to not report compliance issues
by
in SecurityNews
Tags: awareness, breach, business, ceo, ciso, compliance, control, corporate, cybersecurity, data, dora, finance, framework, governance, incident response, infrastructure, insurance, law, nis-2, regulation, resilience, risk, security-incident, trainingCISOs are increasingly getting caught between business pressures and regulatory obligations, leaving them struggling to balance corporate loyalty and legal accountability.To wit: One in five (21%) security leaders have been pressured by other executives or board members not to report compliance issues at their companies, according to a recent study by security vendor Splunk.The same…
-
What 2025 HIPAA Changes Mean to You
by
in SecurityNews
Tags: access, application-security, authentication, breach, business, cloud, compliance, control, cybersecurity, data, encryption, healthcare, HIPAA, identity, incident response, insurance, law, mfa, monitoring, nist, office, penetration-testing, privacy, risk, risk-analysis, service, strategy, threat, tool, vulnerabilityWhat 2025 HIPAA Changes Mean to You madhav Tue, 02/04/2025 – 04:49 Thales comprehensive Data Security Platform helps you be compliant with 2025 HIPAA changes. You are going about your normal day, following routine process at your healthcare organization, following the same business process you’ve followed for the last twelve years. You expect Personal Health…
-
HIPAA Cybersecurity Requirements and Best Practices
by
in SecurityNewsThe Health Insurance Portability and Accountability Act (HIPAA) mandates a stringent framework for protecting sensitive patient information. These standards form the foundation of cybersecurity measures within the healthcare sector, ensuring… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/hipaa-cybersecurity-requirements-and-best-practices/
-
Globe Life Ransomware Attack Exposes Personal and Health Data of 850,000+ Users
by
in SecurityNewsGlobe Life Inc., a prominent insurance provider, has confirmed a major data breach that exposed the personal and health-related information of over 850,000 users. The company disclosed the incident in a recent filing with the U.S. Securities and Exchange Commission (SEC), reporting that the breach resulted from an extortion attempt by an unknown threat actor.…
-
Insurance Company Globe Life Notifying 850,000 People of Data Breach
by
in SecurityNewsInsurance firm Globe Life says a threat actor may have compromised the personal information of roughly 850,000 individuals. The post Insurance Company Globe Life Notifying 850,000 People of Data Breach appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/insurance-company-globe-life-notifying-850000-people-of-data-breach/
-
Texas AG warns Kia about sharing driver information with data brokers
Texas told the auto manufacturer Kia America that it is violating the state’s new data privacy law because it allegedly sells sensitive driver information to third parties without informing consumers that the data can be used to hike their insurance premiums. First seen on therecord.media Jump to article: therecord.media/texas-warns-kia-about-sharing-driver-info-to-data-brokers
-
National security risks in routers, modems targeted in bipartisan Senate bill
by
in SecurityNewsA separate piece of bipartisan Senate legislation would create a cyber insurance working group. First seen on cyberscoop.com Jump to article: cyberscoop.com/routers-modems-national-security-risks-senate-bill/
-
US takes aim at healthcare cybersecurity with proposed HIPAA changes
by
in SecurityNews
Tags: access, authentication, best-practice, breach, compliance, control, csf, cyber, cyberattack, cybersecurity, data, defense, detection, dora, encryption, finance, framework, government, group, healthcare, HIPAA, incident response, infrastructure, insurance, intelligence, jobs, law, malware, mfa, network, nist, penetration-testing, phishing, privacy, ransom, ransomware, regulation, resilience, risk, security-incident, service, skills, technology, threat, tool, update, usa, vulnerability, vulnerability-managementThe US Department of Health and Human Services (HHS) has launched a consultation on stricter rules for the safeguarding of electronic health records.The proposed revamp of security rules covered by the Health Insurance Portability and Accountability Act (HIPAA) is designed to address the increased risk from cyberattacks such as ransomware against healthcare environments.The revamped rules…
-
American National Insurance Company data likely stolen in MOVEit hack exposed
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/american-national-insurance-company-data-likely-stolen-in-moveit-hack-exposed
-
Change Healthcare Now Counts 190 Million Data Breach Victims
by
in SecurityNewsCost of Attack Has Reached $3.1 Billion for Parent Company UnitedHealth Group. One of the biggest data breaches of 2024 is even worse than previously reported, as the tally of Change Healthcare breach victims has now reached 190 million individuals, and costs tied to the attack $3.1 billion, according to its owner, U.S. health insurance…
-
Everything is connected to security
by
in SecurityNewsJoe shares his recent experience presenting at the 32nd Crop Insurance Conference and how it’s important to stay curious, be a forever student, and keep learning. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/everything-is-connected-to-security/
-
Alarmierender Anstieg der Schwere und Häufigkeit von Cyberschäden
by
in SecurityNewsKnowBe4 gab die Veröffentlichung eines detaillierten Forschungspapiers mit dem Titel bekannt. Die Studie befasst sich mit der immer wichtiger werdenden Schnittstelle zwischen Cybersicherheit und Versicherung und untersucht die sich ständig weiterentwickelnde Bedrohungslandschaft, mit der Unternehmen weltweit konfrontiert sind. Da die digitale Infrastruktur für den Geschäftsbetrieb immer wichtiger […] First seen on netzpalaver.de Jump to article:…
-
Midsize firms universally behind in slog toward DORA compliance
by
in SecurityNews
Tags: ai, business, ciso, compliance, cybersecurity, dora, finance, germany, insurance, intelligence, monitoring, resilience, risk, service, skills, technology, toolBeginning Friday, Jan. 17, all EU financial institutions are now required to operate in compliance with the Digital Operational Resilience Act (DORA). The EU directive aims to increase cybersecurity in the financial industry. However, studies show that many companies are still struggling with implementation.According to a November 2024 survey from metafinanz, the average level of…
-
How a Global Insurer Protects Customer Data Achieves Compliance With DataDome
by
in SecurityNewsDiscover how a global insurance leader leverages DataDome to protect endpoints from sophisticated bots, achieve GDPR compliance, block brute-force attacks, and gain actionable threat insights. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/how-a-global-insurer-protects-customer-data-achieves-compliance-with-datadome/
-
Personal liability sours 70% of CISOs on their role
by
in SecurityNews
Tags: breach, business, ceo, ciso, control, corporate, cybersecurity, group, insurance, jobs, ransomware, risk, technologyWith legal accountability tightening around those charged with maintaining enterprise cybersecurity, security leaders appear to be increasingly frustrated with their roles, eyeing the exit, and hesitant to pursue CISO gigs in the future. More than two thirds (70%) of CISOs recently surveyed said that “stories of CISOs being held personally liable for cybersecurity incidents has negatively…
-
12 cybersecurity resolutions for 2025
by
in SecurityNews
Tags: advisory, ai, api, attack, awareness, breach, business, ceo, chatgpt, china, ciso, communications, control, crowdstrike, cyber, cyberattack, cybersecurity, data, data-breach, deep-fake, defense, detection, email, identity, insurance, jobs, law, malicious, phishing, ransomware, risk, risk-assessment, risk-management, strategy, supply-chain, technology, threat, tool, training, vulnerabilityAs cyber threats continue to evolve, CISOs must prepare for an increasingly complex threat landscape. From dealing with AI-driven attacks to managing changing regulatory requirements, it’s clear that 2025 will be another big year for CISOs.But staying ahead requires more than just implementing the next cutting-edge set of tools or technologies. It demands a shift…
-
Massive healthcare breaches prompt US cybersecurity rules overhaul
by
in SecurityNewsThe U.S. Department of Health and Human Services (HHS) has proposed updates to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to secure patients’ health data following a surge in massive healthcare data leaks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/massive-healthcare-breaches-prompt-us-cybersecurity-rules-overhaul/
-
How to Get the Most Out of Cyber Insurance
by
in SecurityNewsCyber insurance should augment your cybersecurity strategy, not replace it. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/get-most-out-cyber-insurance
-
HIPAA to be updated with cybersecurity regulations, White House says
by
in SecurityNewsThe Biden administration is proposing an overhaul of the data security rules under the landmark Health Insurance Portability and Accountability Act (HIPAA).]]> First seen on therecord.media Jump to article: therecord.media/hipaa-cybersecurity-regulations-update